forked from proxmox-mirrors/proxmox
ldap: add helpers for constructing LDAP filters
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
This commit is contained in:
Lukas Wagner
Wolfgang Bumiller
parent
6fd77c9a5e
commit
b9ab0ba4fa
@ -1,13 +1,12 @@
|
|||||||
use std::{
|
use std::{
|
||||||
|
fmt::{Display, Formatter},
|
||||||
fs,
|
fs,
|
||||||
path::{Path, PathBuf},
|
path::{Path, PathBuf},
|
||||||
time::Duration,
|
time::Duration,
|
||||||
};
|
};
|
||||||
|
|
||||||
use anyhow::{bail, Error};
|
use anyhow::{bail, Error};
|
||||||
use ldap3::{
|
use ldap3::{Ldap, LdapConnAsync, LdapConnSettings, LdapResult, Scope, SearchEntry};
|
||||||
Ldap, LdapConnAsync, LdapConnSettings, LdapResult, Scope, SearchEntry,
|
|
||||||
};
|
|
||||||
use native_tls::{Certificate, TlsConnector, TlsConnectorBuilder};
|
use native_tls::{Certificate, TlsConnector, TlsConnectorBuilder};
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
@ -226,3 +225,77 @@ impl LdapConnection {
|
|||||||
bail!("user not found")
|
bail!("user not found")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[allow(dead_code)]
|
||||||
|
enum FilterElement<'a> {
|
||||||
|
And(Vec<FilterElement<'a>>),
|
||||||
|
Or(Vec<FilterElement<'a>>),
|
||||||
|
Condition(&'a str, &'a str),
|
||||||
|
Not(Box<FilterElement<'a>>),
|
||||||
|
Verbatim(&'a str),
|
||||||
|
}
|
||||||
|
|
||||||
|
impl<'a> Display for FilterElement<'a> {
|
||||||
|
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
|
||||||
|
fn write_children(f: &mut Formatter<'_>, children: &[FilterElement]) -> std::fmt::Result {
|
||||||
|
for child in children {
|
||||||
|
write!(f, "{child}")?;
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
match self {
|
||||||
|
FilterElement::And(children) => {
|
||||||
|
write!(f, "(&")?;
|
||||||
|
write_children(f, children)?;
|
||||||
|
write!(f, ")")?;
|
||||||
|
}
|
||||||
|
FilterElement::Or(children) => {
|
||||||
|
write!(f, "(|")?;
|
||||||
|
write_children(f, children)?;
|
||||||
|
write!(f, ")")?;
|
||||||
|
}
|
||||||
|
FilterElement::Not(element) => {
|
||||||
|
write!(f, "(!{})", element)?;
|
||||||
|
}
|
||||||
|
FilterElement::Condition(attr, value) => {
|
||||||
|
write!(f, "({attr}={value})")?;
|
||||||
|
}
|
||||||
|
FilterElement::Verbatim(verbatim) => write!(f, "{verbatim}")?,
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
mod tests {
|
||||||
|
use super::FilterElement::*;
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_filter_elements_to_string() {
|
||||||
|
assert_eq!("(uid=john)", Condition("uid", "john").to_string());
|
||||||
|
assert_eq!(
|
||||||
|
"(!(uid=john))",
|
||||||
|
Not(Box::new(Condition("uid", "john"))).to_string()
|
||||||
|
);
|
||||||
|
|
||||||
|
assert_eq!("(foo=bar)", &Verbatim("(foo=bar)").to_string());
|
||||||
|
|
||||||
|
let filter_string = And(vec![
|
||||||
|
Condition("givenname", "john"),
|
||||||
|
Condition("sn", "doe"),
|
||||||
|
Or(vec![
|
||||||
|
Condition("email", "john@foo"),
|
||||||
|
Condition("email", "john@bar"),
|
||||||
|
]),
|
||||||
|
])
|
||||||
|
.to_string();
|
||||||
|
|
||||||
|
assert_eq!(
|
||||||
|
"(&(givenname=john)(sn=doe)(|(email=john@foo)(email=john@bar)))",
|
||||||
|
&filter_string
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user