LDAPStorage

class gafaelfawr.storage.ldap.LDAPStorage(config, pool, logger)

Bases: object

LDAP storage layer.

Parameters:

• config (LDAPConfig) – Configuration for LDAP searches.

• pool (AIOConnectionPool) – Connection pool for LDAP searches.

• logger (BoundLogger) – Logger for debug messages and errors.

Methods Summary

get_all_groups()	Get all groups found in LDAP.
get_all_users()	List all users found in LDAP.
get_data(username)	Get the data for an LDAP user.
get_group_names(username, primary_gid)	Get names of groups for a user from LDAP.
get_groups(username, primary_gid)	Get groups for a user from LDAP.

Methods Documentation

async get_all_groups()

Get all groups found in LDAP.

Returns:

All groups found in LDAP.

Return type:

list of LDAPGroup

Raises:

LDAPError – Raised if some error occurred when searching LDAP.

async get_all_users()

List all users found in LDAP.

This operation is not cached.

Returns:

Mapping from usernames to LDAPUserData.

Return type:

dict of LDAPUserData

Raises:

LDAPError – Raised if the lookup of user_search_attr at user_base_dn in the LDAP server was not valid (connection to the LDAP server failed, attribute not found in LDAP, UID result value not an integer).

async get_data(username)

Get the data for an LDAP user.

Parameters:

username (str) – Username of the user.

Returns:

The data for an LDAP user. Which fields are filled in will be determined by the configuration.

Return type:

LDAPUserData

Raises:

LDAPError – Raised if the lookup of user_search_attr at user_base_dn in the LDAP server was not valid (connection to the LDAP server failed, attribute not found in LDAP, UID result value not an integer).

async get_group_names(username, primary_gid)

Get names of groups for a user from LDAP.

Parameters:

• username (str) – Username of the user.

• primary_gid (Optional[int]) – Primary GID if set. If not None, search for the group with this GID and add it to the user’s group memberships. This handles LDAP configurations where the user’s primary group is represented only by their GID and not their group memberships.

Returns:

User’s group names from LDAP.

Return type:

list of str

Raises:

LDAPError – Raised if some error occurred while doing the LDAP search.

async get_groups(username, primary_gid)

Get groups for a user from LDAP.

Parameters:

• username (str) – Username of the user.

• primary_gid (Optional[int]) – Primary GID if set. If not None, the user’s groups will be checked for this GID. If it’s not found, search for the group with this GID and add it to the user’s group memberships. This handles LDAP configurations where the user’s primary group is represented only by their GID and not their group memberships.

Returns:

User’s groups from LDAP.

Return type:

list of Group

Raises:

LDAPError – Raised if some error occurred when searching LDAP.