svn commit: r1607953 - in /labs/panopticon: pan-commands/bin/moderator pan-utils/src/asf/data/ldap.py pan-utils/src/asf/utils/test.py pan-utils/tests/conftest.py

Fri, 04 Jul 2014 15:02:30 -0700 

Author: adc
Date: Fri Jul  4 22:01:13 2014
New Revision: 1607953

URL: http://svn.apache.org/r1607953
Log:
Default for ldap should be minotaur.apache.org

Modified:
    labs/panopticon/pan-commands/bin/moderator
    labs/panopticon/pan-utils/src/asf/data/ldap.py
    labs/panopticon/pan-utils/src/asf/utils/test.py
    labs/panopticon/pan-utils/tests/conftest.py

Modified: labs/panopticon/pan-commands/bin/moderator
URL: 
http://svn.apache.org/viewvc/labs/panopticon/pan-commands/bin/moderator?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-commands/bin/moderator (original)
+++ labs/panopticon/pan-commands/bin/moderator Fri Jul  4 22:01:13 2014
@@ -23,8 +23,7 @@ Mailing list moderator tool used to mana
 import restkit
 
 from asf.cli import entrypoint
-from asf.data import aliases
-from asf.data import lists
+from asf.data import aliases, lists
 from asf.utils import committers
 from asf.utils.emails import email_from_alias, is_apache_email_address, 
username_from_apache_email
 

Modified: labs/panopticon/pan-utils/src/asf/data/ldap.py
URL: 
http://svn.apache.org/viewvc/labs/panopticon/pan-utils/src/asf/data/ldap.py?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-utils/src/asf/data/ldap.py (original)
+++ labs/panopticon/pan-utils/src/asf/data/ldap.py Fri Jul  4 22:01:13 2014
@@ -28,17 +28,20 @@ import os
 import ldap
 
 
-LDAP_URL = 'ldaps://ldap-tunnel.apache.org:6636'
-LDAP_TLS_CACERTFILE = '/etc/openldap/asf-ldap-client.pem'
+LDAP_URL = 'ldaps://minotaur.apache.org:636'
+LDAP_TLS_CACERTFILE = None
 LDAP_BASE = 'ou=people,dc=apache,dc=org'
 
+TUNNEL_LDAP_URL = 'ldaps://ldap-tunnel.apache.org:6636'
+TUNNEL_LDAP_TLS_CACERTFILE = '/etc/openldap/asf-ldap-client.pem'
+
 log = getLogger(__name__)
 
 
 def check_user_password(username, password):
     if not username or not password:
         return False
-    cnx = _ldap_cnx()
+    cnx = generate_ldap_context()
     try:
         cnx.simple_bind_s('uid=%s,ou=people,dc=apache,dc=org' % username, 
password)
     except ldap.INVALID_CREDENTIALS:
@@ -63,15 +66,15 @@ class LDAP(object):
           ...
     """
 
-    def __init__(self, LDAP_URL=None, TLS_CA_cert_file=None):
+    def __init__(self, ldap_url=None, tls_ca_cert_file=None):
         """
           Connect to ASF Active Directory Server.
 
-          :param LDAP_URL: LDAP URL to use to connect to ASF Active Directory 
Server
-          :param TLS_CA_cert_file: TLS CA certificate file to use to connect 
to ASF Active Directory Server
+          :param ldap_url: LDAP URL to use to connect to ASF Active Directory 
Server
+          :param tls_ca_cert_file: TLS CA certificate file to use to connect 
to ASF Active Directory Server
         """
         self.base = LDAP_BASE
-        self.ldap = _ldap_cnx(LDAP_URL, TLS_CA_cert_file)
+        self.ldap = generate_ldap_context(ldap_url, tls_ca_cert_file)
         self.ldap.simple_bind_s()
 
     def search(self, search_filter, attributes=None):
@@ -152,7 +155,7 @@ class LDAP(object):
         return False
 
 
-def cacert_file():
+def default_cacert_file():
     """ Return the path to the CA Cert file to validate the TLS connection. """
     tls_cacert_file = os.environ.get('PANOPTICON_LDAP_TLS_CACERTFILE', 
LDAP_TLS_CACERTFILE)
 
@@ -161,7 +164,7 @@ def cacert_file():
     return tls_cacert_file
 
 
-def ldap_url():
+def default_ldap_url():
     """ Return the path to the CA Cert file to validate the TLS connection. """
     url = os.environ.get('PANOPTICON_LDAP_URL', LDAP_URL)
 
@@ -170,14 +173,14 @@ def ldap_url():
     return url
 
 
-def _ldap_cnx(LDAP_URL=None, TLS_CA_cert_file=None):
+def generate_ldap_context(ldap_url=None, tls_ca_cert_file=None):
     """ Gets an LDAP connection and makes sure the cert file option is set. """
-    TLS_CA_cert_file = TLS_CA_cert_file or cacert_file()
-    ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, TLS_CA_cert_file)
 
-    LDAP_URL = LDAP_URL or ldap_url()
+    tls_ca_cert_file = tls_ca_cert_file or default_cacert_file()
+    if tls_ca_cert_file:
+        ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, tls_ca_cert_file)
 
-    cnx = ldap.initialize(LDAP_URL)
-    cnx.set_option(ldap.OPT_REFERRALS, 0)
+    context = ldap.initialize(ldap_url or default_ldap_url())
+    context.set_option(ldap.OPT_REFERRALS, 0)
 
-    return cnx
+    return context

Modified: labs/panopticon/pan-utils/src/asf/utils/test.py
URL: 
http://svn.apache.org/viewvc/labs/panopticon/pan-utils/src/asf/utils/test.py?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-utils/src/asf/utils/test.py (original)
+++ labs/panopticon/pan-utils/src/asf/utils/test.py Fri Jul  4 22:01:13 2014
@@ -39,11 +39,18 @@ ensure_credentials_stored = pytest.mark.
 
 
 def test_ldap():
+    saved_ldap_url = ldap.LDAP_URL
+    ldap.LDAP_URL = ldap.TUNNEL_LDAP_URL
+    saved_ldap_cacertfile = ldap.LDAP_TLS_CACERTFILE
+    ldap.LDAP_TLS_CACERTFILE = ldap.TUNNEL_LDAP_TLS_CACERTFILE
     try:
         ldap.LDAP()
         return False
     except Exception:
         return True
+    finally:
+        ldap.LDAP_URL = saved_ldap_url
+        ldap.LDAP_TLS_CACERTFILE = saved_ldap_cacertfile
 
 
 ensure_ldap = pytest.mark.skipif(test_ldap(),

Modified: labs/panopticon/pan-utils/tests/conftest.py
URL: 
http://svn.apache.org/viewvc/labs/panopticon/pan-utils/tests/conftest.py?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-utils/tests/conftest.py (original)
+++ labs/panopticon/pan-utils/tests/conftest.py Fri Jul  4 22:01:13 2014
@@ -17,16 +17,35 @@
 # under the License.
 #
 import pytest
+
+from asf.data import ldap
 from asf.utils.auth import get_stored_credentials
 
 
-@pytest.fixture
+@pytest.fixture(scope='module')
 def password():
     u, p = get_stored_credentials()
     return p
 
 
-@pytest.fixture
+@pytest.fixture(scope='module')
 def username():
     u, p = get_stored_credentials()
     return u
+
+
+SAVED_LDAP_URL = None
+SAVED_LDAP_CACERTFILE = None
+
+
+def pytest_runtest_setup(item):
+    global SAVED_LDAP_URL, SAVED_LDAP_CACERTFILE
+    SAVED_LDAP_URL = ldap.LDAP_URL
+    ldap.LDAP_URL = ldap.TUNNEL_LDAP_URL
+    SAVED_LDAP_CACERTFILE = ldap.LDAP_TLS_CACERTFILE
+    ldap.LDAP_TLS_CACERTFILE = ldap.TUNNEL_LDAP_TLS_CACERTFILE
+
+
+def pytest_runtest_teardown(item):
+    ldap.LDAP_URL = SAVED_LDAP_URL
+    ldap.LDAP_TLS_CACERTFILE = SAVED_LDAP_CACERTFILE



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@labs.apache.org
For additional commands, e-mail: commits-h...@labs.apache.org

Reply via email to