Skip to content
Snippets Groups Projects

support impersonating other users.

Merged support impersonating other users.
impersonating-other-users into master
All threads resolved!
Merged Andrea Callia D'Iddio requested to merge impersonating-other-users into master
All threads resolved!
Compare
and
Show latest version
1 file
+ 6
6
Compare changes
  • Side-by-side
  • Inline
app/ldap_authentication/authenticator.py
+ 6
6
@@ -9,7 +9,7 @@ from ldap.ldapobject import SimpleLDAPObject
from app.protocols import Authenticator
# Impersonation constants
IMPERSONATION_OPERATOR = ".as."
IMPERSONATION_PATTERN = r"([a-z0-9]+) as ([a-z0-9]+)"
IMPERSONATORS = ["ac4014", "infosys", "ip914", "jsbailey", "ld507", "rbc"]
@@ -77,11 +77,11 @@ class DocLdapAuthenticator(Authenticator):
:return: attr_name -> attr_value dict for given username
"""
logging_in_as = username
if IMPERSONATION_OPERATOR in username:
users = username.split(IMPERSONATION_OPERATOR)
if users[0] in IMPERSONATORS:
username = users[0]
logging_in_as = users[1]
users = re.match(IMPERSONATION_PATTERN, username)
if users:
impersonator, impersonated = users.groups()
username = impersonator
logging_in_as = impersonated if impersonator in IMPERSONATORS else impersonator
connection = ldap.initialize(self.server_url)
connection.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
connection.set_option(ldap.OPT_X_TLS_NEWCTX, 0)