Mercurial > kallithea

changeset 1792:2afa6b8c2ade beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
code garden - added more logging to auth ldap - updated keywords for setuptools
author Marcin Kuzminski <marcin@python-works.com>
date Mon, 19 Dec 2011 19:53:08 +0200
parents 2aee0dc1784e
children 631caf880b87
files rhodecode/lib/auth_ldap.py setup.py
diffstat 2 files changed, 23 insertions(+), 19 deletions(-) [+]
line wrap: on
line diff
--- a/rhodecode/lib/auth_ldap.py	Mon Dec 19 02:31:22 2011 +0200
+++ b/rhodecode/lib/auth_ldap.py	Mon Dec 19 19:53:08 2011 +0200
@@ -43,7 +43,7 @@
     def __init__(self, server, base_dn, port=389, bind_dn='', bind_pass='',
                  tls_kind='PLAIN', tls_reqcert='DEMAND', ldap_version=3,
                  ldap_filter='(&(objectClass=user)(!(objectClass=computer)))',
-                 search_scope = 'SUBTREE', attr_login = 'uid'):
+                 search_scope='SUBTREE', attr_login='uid'):
         self.ldap_version = ldap_version
         ldap_server_type = 'ldap'
 
@@ -52,9 +52,9 @@
         if self.TLS_KIND == 'LDAPS':
             port = port or 689
             ldap_server_type = ldap_server_type + 's'
-        
+
         OPT_X_TLS_DEMAND = 2
-        self.TLS_REQCERT = getattr(ldap, 'OPT_X_TLS_%s' % tls_reqcert, 
+        self.TLS_REQCERT = getattr(ldap, 'OPT_X_TLS_%s' % tls_reqcert,
                                    OPT_X_TLS_DEMAND)
         self.LDAP_SERVER_ADDRESS = server
         self.LDAP_SERVER_PORT = port
@@ -73,7 +73,8 @@
         self.attr_login = attr_login
 
     def authenticate_ldap(self, username, password):
-        """Authenticate a user via LDAP and return his/her LDAP properties.
+        """
+        Authenticate a user via LDAP and return his/her LDAP properties.
 
         Raises AuthenticationError if the credentials are rejected, or
         EnvironmentError if the LDAP server can't be reached.
@@ -87,13 +88,14 @@
         uid = chop_at(username, "@%s" % self.LDAP_SERVER_ADDRESS)
 
         if not password:
-            log.debug("Attempt to authenticate LDAP user with blank password rejected.")
+            log.debug("Attempt to authenticate LDAP user "
+                      "with blank password rejected.")
             raise LdapPasswordError()
         if "," in username:
             raise LdapUsernameError("invalid character in username: ,")
         try:
-            if hasattr(ldap,'OPT_X_TLS_CACERTDIR'):
-                ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, 
+            if hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
+                ldap.set_option(ldap.OPT_X_TLS_CACERTDIR,
                                 '/etc/openldap/cacerts')
             ldap.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
             ldap.set_option(ldap.OPT_RESTART, ldap.OPT_ON)
@@ -114,12 +116,12 @@
             if self.LDAP_BIND_DN and self.LDAP_BIND_PASS:
                 server.simple_bind_s(self.LDAP_BIND_DN, self.LDAP_BIND_PASS)
 
-            filt = '(&%s(%s=%s))' % (self.LDAP_FILTER, self.attr_login,
+            filter_ = '(&%s(%s=%s))' % (self.LDAP_FILTER, self.attr_login,
                                      username)
-            log.debug("Authenticating %r filt %s at %s", self.BASE_DN,
-                      filt, self.LDAP_SERVER)
+            log.debug("Authenticating %r filter %s at %s", self.BASE_DN,
+                      filter_, self.LDAP_SERVER)
             lobjects = server.search_ext_s(self.BASE_DN, self.SEARCH_SCOPE,
-                                           filt)
+                                           filter_)
 
             if not lobjects:
                 raise ldap.NO_SUCH_OBJECT()
@@ -129,12 +131,13 @@
                     continue
 
                 try:
+                    log.debug('Trying simple bind with %s' % dn)
                     server.simple_bind_s(dn, password)
                     attrs = server.search_ext_s(dn, ldap.SCOPE_BASE,
                                                 '(objectClass=*)')[0][1]
                     break
 
-                except ldap.INVALID_CREDENTIALS, e:
+                except ldap.INVALID_CREDENTIALS:
                     log.debug("LDAP rejected password for user '%s' (%s): %s",
                               uid, username, dn)
 
@@ -143,10 +146,10 @@
                           "of '%s' (%s)", uid, username)
                 raise LdapPasswordError()
 
-        except ldap.NO_SUCH_OBJECT, e:
+        except ldap.NO_SUCH_OBJECT:
             log.debug("LDAP says no such user '%s' (%s)", uid, username)
             raise LdapUsernameError()
-        except ldap.SERVER_DOWN, e:
+        except ldap.SERVER_DOWN:
             raise LdapConnectionError("LDAP can't access "
                                       "authentication server")
 
--- a/setup.py	Mon Dec 19 02:31:22 2011 +0200
+++ b/setup.py	Mon Dec 19 19:53:08 2011 +0200
@@ -53,19 +53,20 @@
     requirements.append("py-bcrypt")
 
 
-#additional files from project that goes somewhere in the filesystem
-#relative to sys.prefix
+# additional files from project that goes somewhere in the filesystem
+# relative to sys.prefix
 data_files = []
 
-#additional files that goes into package itself
+# additional files that goes into package itself
 package_data = {'rhodecode': ['i18n/*/LC_MESSAGES/*.mo', ], }
 
 description = ('Mercurial repository browser/management with '
                'build in push/pull server and full text search')
 keywords = ' '.join(['rhodecode', 'rhodiumcode', 'mercurial', 'git',
+                     'code review', 'repo groups', 'ldap'
                       'repository management', 'hgweb replacement'
                       'hgwebdir', 'gitweb replacement', 'serving hgweb', ])
-#long description
+# long description
 try:
     readme_file = 'README.rst'
     changelog_file = 'docs/changelog.rst'
@@ -85,7 +86,7 @@
     from ez_setup import use_setuptools
     use_setuptools()
     from setuptools import setup, find_packages
-#packages
+# packages
 packages = find_packages(exclude=['ez_setup'])
 
 setup(