LDAPStorage¶

class gafaelfawr.storage.ldap.LDAPStorage(config, pool, logger)¶

LDAP storage layer.

Parameters:

Methods Summary

`get_data`(username)	Get the data for an LDAP user.
`get_group_names`(username, primary_gid)	Get names of groups for a user from LDAP.
`get_groups`(username, primary_gid)	Get groups for a user from LDAP.

Methods Documentation

async get_data(username)¶

Get the data for an LDAP user.

Parameters:: username (str) – Username of the user.
Returns:: The data for an LDAP user. Which fields are filled in will be determined by the configuration.
Return type:: LDAPUserData
Raises:: LDAPError – Raised if the lookup of user_search_attr at user_base_dn in the LDAP server was not valid (connection to the LDAP server failed, attribute not found in LDAP, UID result value not an integer).

async get_group_names(username, primary_gid)¶

Get names of groups for a user from LDAP.

Parameters:

username (str) – Username of the user.
primary_gid (int | None) – Primary GID if set. If not None, search for the group with this GID and add it to the user’s group memberships. This handles LDAP configurations where the user’s primary group is represented only by their GID and not their group memberships.

Returns:

User’s group names from LDAP.

Return type:

list of str

Raises:

LDAPError – Raised if some error occurred while doing the LDAP search.

async get_groups(username, primary_gid)¶

Get groups for a user from LDAP.

Parameters:

username (str) – Username of the user.
primary_gid (int | None) – Primary GID if set. If not None, the user’s groups will be checked for this GID. If it’s not found, search for the group with this GID and add it to the user’s group memberships. This handles LDAP configurations where the user’s primary group is represented only by their GID and not their group memberships.

Returns:

User’s groups from LDAP.

Return type:

list of TokenGroup

Raises:

LDAPError – Raised if some error occurred when searching LDAP.