Added experimental support for pattern in group names (using pat:... as group name)

2025-02-08 05:57:39 +03:00 · 2015-01-23 08:54:52 +01:00 · 2015-01-23 08:54:52 +01:00 · 9a529b8f5b
commit 9a529b8f5b
parent 4a2401b622
3 changed files with 36 additions and 14 deletions
--- a/server/src/uds/REST/methods/users_groups.py
+++ b/server/src/uds/REST/methods/users_groups.py
@ -237,9 +237,10 @@ class Groups(DetailHandler):
            logger.debug('Meta any {}'.format(meta_if_any))
            valid_fields = ['name', 'comments', 'state']
            fields = self.readFieldsFromParams(valid_fields)
+            is_pattern = fields.get('name', '').find('pat:') == 0
            auth = parent.getInstance()
            if item is None:  # Create new
-                if not is_meta:
+                if not is_meta and not is_pattern:
                    auth.createGroup(fields)  # this throws an exception if there is an error (for example, this auth can't create groups)
                toSave = {}
                for k in valid_fields:
@ -249,7 +250,7 @@ class Groups(DetailHandler):
                toSave['meta_if_any'] = meta_if_any
                group = parent.groups.create(**toSave)
            else:
-                if not is_meta:
+                if not is_meta and not is_pattern:
                    auth.modifyGroup(fields)
                toSave = {}
                for k in valid_fields:
--- a/server/src/uds/auths/RegexLdap/Authenticator.py
+++ b/server/src/uds/auths/RegexLdap/Authenticator.py
@ -44,7 +44,7 @@ import ldap.filter
 import re
 import logging

-__updated__ = '2015-01-15'
+__updated__ = '2015-01-23'

 logger = logging.getLogger(__name__)

@ -144,6 +144,7 @@ class RegexLdap(auths.Authenticator):

    def __processField(self, field, attributes):
        res = []
+        logger.debug('Attributes: {}'.format(attributes))
        for line in field.splitlines():
            equalPos = line.find('=')
            if equalPos == -1:
@ -163,12 +164,13 @@ class RegexLdap(auths.Authenticator):
            for vv in val:
                try:
                    v = vv.decode('utf-8')
+                    logger.debug('v, vv: {}, {}'.format(v, vv))
                    srch = re.search(pattern, v, re.IGNORECASE)
                    logger.debug("Found against {0}: {1} ".format(v, srch.groups()))
                    if srch is None:
                        continue
                    res.append(''.join(srch.groups()))
-                except:
+                except Exception:
                    pass  # Ignore exceptions here
        return res

@ -352,8 +354,7 @@ class RegexLdap(auths.Authenticator):
        if user is None:
            raise AuthenticatorException(_('Username not found'))
        groups = self.__getGroups(user)
-        for g in groups:
-            _ = groupsManager.validate(g)
+        groupsManager.validate(groups)

    def searchUsers(self, pattern):
        try:
--- a/server/src/uds/core/auths/GroupsManager.py
+++ b/server/src/uds/core/auths/GroupsManager.py
@ -35,10 +35,12 @@ from __future__ import unicode_literals
 from uds.core.util.State import State
 from uds.models import Group as dbGroup
 from uds.core.auths.Group import Group
+
+import re
 import inspect
 import logging

-__updated__ = '2014-11-11'
+__updated__ = '2015-01-23'

 logger = logging.getLogger(__name__)

@ -72,13 +74,30 @@ class GroupsManager(object):
        self._dbAuthenticator = dbAuthenticator
        self._groups = {}  # We just get active groups, inactive aren't visible to this class
        for g in dbAuthenticator.groups.filter(state=State.ACTIVE, is_meta=False):
-            self._groups[g.name.lower()] = {'group': Group(g), 'valid': False}
+            name = g.name.lower()
+            isPattern = name.find('pat:') == 0  # Is a pattern?
+            self._groups[name] = {'name': g.name, 'group': Group(g), 'valid': False, 'pattern': isPattern}

-    def contains(self, groupName):
+    def checkAllGroups(self, groupName):
        '''
        Returns true if this groups manager contains the specified group name (string)
        '''
-        return groupName.lower() in self._groups
+        name = groupName.lower()
+        res = []
+        for gName, grp in self._groups.iteritems():
+            if grp['pattern'] is True:
+                logger.debug('Group is a pattern: {}'.format(grp))
+                try:
+                    logger.debug('Match: {}->{}'.format(grp['name'][4:], name))
+                    if re.search(grp['name'][4:], name, re.IGNORECASE) is not None:
+                        res.append(grp)  # Stop searching, one group at least matches
+                except Exception:
+                    logger.exception('Exception in RE')
+            else:
+                logger.debug('Group NORMAL: {}=={}'.format(name, gName))
+                if name == gName:
+                    res.append(grp)
+        return res

    def getGroupsNames(self):
        '''
@ -142,16 +161,17 @@ class GroupsManager(object):
            for n in groupName:
                self.validate(n)
        else:
-            if groupName.lower() in self._groups:
-                self._groups[groupName.lower()]['valid'] = True
+            for grp in self.checkAllGroups(groupName):
+                grp['valid'] = True

    def isValid(self, groupName):
        '''
        Checks if this group name is marked as valid inside this groups manager.
        Returns True if group name is marked as valid, False if it isn't.
        '''
-        if groupName.lower() in self._groups:
-            return self._groups[groupName.lower()]['valid']
+        for grp in self.checkAllGroup(groupName):
+            if grp['valid']:
+                return True
        return False

    def __str__(self):