[IMP] Anonymous bind now triggered by empty bind dn instead of redundant 'anonymous' checkbox
bzr revid: stefan@therp.nl-20110611151853-brr3nnp427wq40i7
This commit is contained in:
Stefan Rijnhart
parent
6278811551
commit
1960be5281
|
|
@ -37,15 +37,18 @@ class CompanyLDAP(osv.osv):
|
|||
ondelete='cascade'),
|
||||
'ldap_server': fields.char('LDAP Server address', size=64, required=True),
|
||||
'ldap_server_port': fields.integer('LDAP Server port', required=True),
|
||||
'ldap_binddn': fields.char('LDAP binddn', size=64),
|
||||
'ldap_password': fields.char('LDAP password', size=64),
|
||||
'ldap_binddn': fields.char('LDAP binddn', size=64,
|
||||
help=("The user account on the LDAP server that is used to query "
|
||||
"the directory. Leave empty to connect anonymously.")),
|
||||
'ldap_password': fields.char('LDAP password', size=64,
|
||||
help=("The password of the user account on the LDAP server that is"
|
||||
" used to query the directory.")),
|
||||
'ldap_filter': fields.char('LDAP filter', size=64, required=True),
|
||||
'ldap_base': fields.char('LDAP base', size=64, required=True),
|
||||
'user': fields.many2one('res.users', 'Model User',
|
||||
help="Model used for user creation"),
|
||||
'create_user': fields.boolean('Create user',
|
||||
help="Create the user if not in database"),
|
||||
'anonymous': fields.boolean('Anonymous connection'),
|
||||
}
|
||||
_defaults = {
|
||||
'ldap_server': lambda *a: '127.0.0.1',
|
||||
|
|
@ -76,15 +79,15 @@ class users(osv.osv):
|
|||
action_obj = pool.get('ir.actions.actions')
|
||||
cr.execute("""
|
||||
SELECT id, company, ldap_server, ldap_server_port, ldap_binddn, ldap_password,
|
||||
ldap_filter, ldap_base, "user", create_user, anonymous
|
||||
ldap_filter, ldap_base, "user", create_user
|
||||
FROM res_company_ldap
|
||||
WHERE ldap_server != '' and anonymous = TRUE or ldap_binddn != '' ORDER BY sequence""")
|
||||
WHERE ldap_server != '' ORDER BY sequence""")
|
||||
for res_company_ldap in cr.dictfetchall():
|
||||
logger.debug(res_company_ldap)
|
||||
try:
|
||||
l = ldap.open(res_company_ldap['ldap_server'], res_company_ldap['ldap_server_port'])
|
||||
if (res_company_ldap['anonymous'] or
|
||||
l.simple_bind_s(res_company_ldap['ldap_binddn'], res_company_ldap['ldap_password'])):
|
||||
if l.simple_bind_s(res_company_ldap['ldap_binddn'] or '',
|
||||
res_company_ldap['ldap_password'] or ''):
|
||||
base = res_company_ldap['ldap_base']
|
||||
scope = ldap.SCOPE_SUBTREE
|
||||
filter = filter_format(res_company_ldap['ldap_filter'], (login,))
|
||||
|
|
@ -152,9 +155,8 @@ class users(osv.osv):
|
|||
for res_company_ldap in user.company_id.ldaps:
|
||||
try:
|
||||
l = ldap.open(res_company_ldap.ldap_server, res_company_ldap.ldap_server_port)
|
||||
if (res_company_ldap.anonymous or
|
||||
l.simple_bind_s(res_company_ldap.ldap_binddn,
|
||||
res_company_ldap.ldap_password)):
|
||||
if l.simple_bind_s(res_company_ldap.ldap_binddn or '',
|
||||
res_company_ldap.ldap_password or ''):
|
||||
base = res_company_ldap.ldap_base
|
||||
scope = ldap.SCOPE_SUBTREE
|
||||
filter = filter_format(res_company_ldap.ldap_filter, (user.login,))
|
||||
|
|
|
|||
|
|
@ -12,16 +12,8 @@
|
|||
<form string="LDAP Configuration">
|
||||
<field name="ldap_server"/>
|
||||
<field name="ldap_server_port"/>
|
||||
<field name="ldap_binddn" attrs="{
|
||||
'required': [('anonymous', '!=', True)],
|
||||
'readonly': [('anonymous', '=', True)],
|
||||
}"/>
|
||||
<field name="ldap_password" attrs="{
|
||||
'required': [('anonymous', '!=', True)],
|
||||
'readonly': [('anonymous', '=', True)],
|
||||
}"/>
|
||||
<field name="anonymous"/>
|
||||
<newline/>
|
||||
<field name="ldap_binddn"/>
|
||||
<field name="ldap_password"/>
|
||||
<field name="ldap_base"/>
|
||||
<field name="ldap_filter"/>
|
||||
<field name="create_user"/>
|
||||
|
|
|
|||
Loading…
Reference in New Issue