-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathsettings.py
1729 lines (1379 loc) · 49.7 KB
/
settings.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
import sys
if sys.version_info > (3, 4):
from enum import Enum
else:
class Enum(object):
pass
class UserRemappingRule(object):
def __init__(self, rule_from=None, rule_to=None):
"""
A class representing a User Remapping Rule
:param str rule_from: Rule From
:param str rule_to: Rule To
"""
self.rule_from = rule_from
self.rule_to = rule_to
class SSOProtocol(Enum):
SAML = "SAML"
SPNEGO = "SPNEGO"
OPENID = "OPENID"
class TokenEndpointAuthMethod(Enum):
CLIENT_SECRET_BASIC = "CLIENT_SECRET_BASIC"
CLIENT_SECRET_POST = "CLIENT_SECRET_POST"
class OpenIDParams(dict):
def __init__(self, data):
"""
A class holding OpenID parameters for SSO settings
Do not create this directly.
:param dict data: Initial OpenID parameters
"""
super(OpenIDParams, self).__init__(data)
def set_client_id(self, client_id):
"""
Set the OpenID client ID.
:param str client_id: OpenID client ID
:return: self
:rtype: OpenIDParams
"""
self["clientId"] = client_id
return self
def set_client_secret(self, client_secret):
"""
Set the OpenID client secret.
:param str client_secret: OpenID client secret
:return: self
:rtype: OpenIDParams
"""
self["clientSecret"] = client_secret
return self
def set_scope(self, scope):
"""
Set the OpenID scope.
:param str scope: OpenID scope
:return: self
:rtype: OpenIDParams
"""
self["scope"] = scope
return self
def set_issuer(self, issuer):
"""
Set the OpenID issuer.
:param str issuer: OpenID issuer
:return: self
:rtype: OpenIDParams
"""
self["issuer"] = issuer
return self
def set_authorization_endpoint(self, authorization_endpoint):
"""
Set the OpenID authorization endpoint.
:param str authorization_endpoint: OpenID authorization endpoint
:return: self
:rtype: OpenIDParams
"""
self["authorizationEndpoint"] = authorization_endpoint
return self
def set_token_endpoint(self, token_endpoint):
"""
Set the OpenID token endpoint.
:param str token_endpoint: OpenID token endpoint
:return: self
:rtype: OpenIDParams
"""
self["tokenEndpoint"] = token_endpoint
return self
def set_jwks_uri(self, jwks_uri):
"""
Set the OpenID JWKS URI.
:param str jwks_uri: OpenID JWKS URI
:return: self
:rtype: OpenIDParams
"""
self["jwksUri"] = jwks_uri
return self
def set_claim_key_identifier(self, claim_key_identifier):
"""
Set the OpenID claim key for identifier.
:param str claim_key_identifier: OpenID claim key for identifier
:return: self
:rtype: OpenIDParams
"""
self["claimKeyIdentifier"] = claim_key_identifier
return self
def set_claim_key_display_name(self, claim_key_display_name):
"""
Set the OpenID claim key for display name.
:param str claim_key_display_name: OpenID claim key for display name
:return: self
:rtype: OpenIDParams
"""
self["claimKeyDisplayName"] = claim_key_display_name
return self
def set_claim_key_email(self, claim_key_email):
"""
Set the OpenID claim key for email.
:param str claim_key_email: OpenID claim key for email
:return: self
:rtype: OpenIDParams
"""
self["claimKeyEmail"] = claim_key_email
return self
def set_enable_groups(self, enable_groups):
"""
Set whether groups are enabled in OpenID.
:param bool enable_groups: True to enable groups, False otherwise
:return: self
:rtype: OpenIDParams
"""
self["enableGroups"] = enable_groups
return self
def set_claim_key_groups(self, claim_key_groups):
"""
Set the OpenID claim key for groups.
:param str claim_key_groups: OpenID claim key for groups
:return: self
:rtype: OpenIDParams
"""
self["claimKeyGroups"] = claim_key_groups
return self
def set_use_global_proxy(self, use_global_proxy):
"""
Set whether to use the global proxy in OpenID.
:param bool use_global_proxy: True to use the global proxy, False otherwise
:return: self
:rtype: OpenIDParams
"""
self["useGlobalProxy"] = use_global_proxy
return self
def set_use_pkce(self, use_pkce):
"""
Set whether to use PKCE in OpenID.
:param bool use_pkce: True to use PKCE, False otherwise
:return: self
:rtype: OpenIDParams
"""
self["usePKCE"] = use_pkce
return self
def set_token_endpoint_auth_method(self, token_endpoint_auth_method):
"""
Set the token endpoint authentication method.
:param TokenEndpointAuthMethod token_endpoint_auth_method: Token endpoint authentication method
:return: self
:rtype: OpenIDParams
"""
if not isinstance(token_endpoint_auth_method, TokenEndpointAuthMethod):
raise ValueError("Invalid value for token_endpoint_auth_method. Must be one of: CLIENT_SECRET_BASIC, CLIENT_SECRET_POST")
self["tokenEndpointAuthMethod"] = token_endpoint_auth_method.value
return self
def get_client_id(self):
"""
Get the OpenID client ID.
:return: OpenID client ID
:rtype: str
"""
return self.get("clientId")
def get_client_secret(self):
"""
Get the OpenID client secret.
:return: OpenID client secret
:rtype: str
"""
return self.get("clientSecret")
def get_scope(self):
"""
Get the OpenID scope.
:return: OpenID scope
:rtype: str
"""
return self.get("scope")
def get_issuer(self):
"""
Get the OpenID issuer.
:return: OpenID issuer
:rtype: str
"""
return self.get("issuer")
def get_authorization_endpoint(self):
"""
Get the OpenID authorization endpoint.
:return: OpenID authorization endpoint
:rtype: str
"""
return self.get("authorizationEndpoint")
def get_token_endpoint(self):
"""
Get the OpenID token endpoint.
:return: OpenID token endpoint
:rtype: str
"""
return self.get("tokenEndpoint")
def get_jwks_uri(self):
"""
Get the OpenID JWKS URI.
:return: OpenID JWKS URI
:rtype: str
"""
return self.get("jwksUri")
def get_claim_key_identifier(self):
"""
Get the OpenID claim key for identifier.
:return: OpenID claim key for identifier
:rtype: str
"""
return self.get("claimKeyIdentifier")
def get_claim_key_display_name(self):
"""
Get the OpenID claim key for display name.
:return: OpenID claim key for display name
:rtype: str
"""
return self.get("claimKeyDisplayName")
def get_claim_key_email(self):
"""
Get the OpenID claim key for email.
:return: OpenID claim key for email
:rtype: str
"""
return self.get("claimKeyEmail")
def get_enable_groups(self):
"""
Get whether groups are enabled in OpenID.
:return: True if groups are enabled, False otherwise
:rtype: bool
"""
return self.get("enableGroups")
def get_claim_key_groups(self):
"""
Get the OpenID claim key for groups.
:return: OpenID claim key for groups
:rtype: str
"""
return self.get("claimKeyGroups")
def get_use_global_proxy(self):
"""
Get whether to use the global proxy in OpenID.
:return: True if using the global proxy, False otherwise
:rtype: bool
"""
return self.get("useGlobalProxy")
def get_use_pkce(self):
"""
Get whether to use PKCE in OpenID.
:return: True if using PKCE, False otherwise
:rtype: bool
"""
return self.get("usePKCE")
def get_token_endpoint_auth_method(self):
"""
Get the token endpoint authentication method.
:return: Token endpoint authentication method
:rtype: TokenEndpointAuthMethod
"""
return TokenEndpointAuthMethod(self.get("tokenEndpointAuthMethod"))
class SAMLSPParams(dict):
def __init__(self, data):
"""
A class holding SAML Service Provider parameters for SSO settings
Do not create this directly.
:param dict data: Initial SAML SP parameters
"""
super(SAMLSPParams, self).__init__(data)
def set_sign_requests(self, sign_requests):
"""
Set whether to sign requests in SAML.
:param bool sign_requests: True to sign requests, False otherwise
:return: self
:rtype: SAMLSPParams
"""
self["signRequests"] = sign_requests
return self
def set_display_name_attribute(self, display_name_attribute):
"""
Set the display name attribute in SAML.
:param str display_name_attribute: Display name attribute
:return: self
:rtype: SAMLSPParams
"""
self["displayNameAttribute"] = display_name_attribute
return self
def set_email_attribute(self, email_attribute):
"""
Set the email attribute in SAML.
:param str email_attribute: Email attribute
:return: self
:rtype: SAMLSPParams
"""
self["emailAttribute"] = email_attribute
return self
def set_enable_groups(self, enable_groups):
"""
Set whether groups are enabled in SAML.
:param bool enable_groups: True to enable groups, False otherwise
:return: self
:rtype: SAMLSPParams
"""
self["enableGroups"] = enable_groups
return self
def set_groups_attribute(self, groups_attribute):
"""
Set the groups attribute in SAML.
:param str groups_attribute: Groups attribute
:return: self
:rtype: SAMLSPParams
"""
self["groupsAttribute"] = groups_attribute
return self
def get_sign_requests(self):
"""
Get whether to sign requests in SAML.
:return: True if signing requests, False otherwise
:rtype: bool
"""
return self.get("signRequests")
def get_display_name_attribute(self):
"""
Get the display name attribute in SAML.
:return: Display name attribute
:rtype: str
"""
return self.get("displayNameAttribute")
def get_email_attribute(self):
"""
Get the email attribute in SAML.
:return: Email attribute
:rtype: str
"""
return self.get("emailAttribute")
def get_enable_groups(self):
"""
Get whether groups are enabled in SAML.
:return: True if groups are enabled, False otherwise
:rtype: bool
"""
return self.get("enableGroups")
def get_groups_attribute(self):
"""
Get the groups attribute in SAML.
:return: Groups attribute
:rtype: str
"""
return self.get("groupsAttribute")
class SPNEGOMode(Enum):
PREAUTH_KEYTAB = "PREAUTH_KEYTAB"
CUSTOM_LOGIN_CONF = "CUSTOM_LOGIN_CONF"
class SSOSettings:
def __init__(self, client, path, sso_settings):
"""
A class holding SSO settings information
Do not create this directly.
:param client: The client associated with the SSO settings
:type client: Client
:param path: The endpoints path prefix
:param dict sso_settings: The initial SSO settings
"""
self.client = client
self.path = path
self.sso_settings = sso_settings
self.openid_params_instance = OpenIDParams(self.sso_settings.get("openIDParams", {}))
self.saml_sp_params_instance = SAMLSPParams(self.sso_settings.get("samlSPParams", {}))
def save(self):
"""
Saves back the settings to the project
"""
self.sso_settings["openIDParams"] = dict(self.openid_params_instance)
self.sso_settings["samlSPParams"] = dict(self.saml_sp_params_instance)
self.client._perform_empty(
"PUT", self.path + "/iam/sso-settings", body=self.sso_settings
)
def set_protocol(self, protocol):
"""
Set the SSO protocol.
:param SSOProtocol protocol: SSO protocol
:return: self
:rtype: SSOSettings
"""
if not isinstance(protocol, SSOProtocol):
raise ValueError("Invalid value for protocol. Must be one of: SAML, SPNEGO, OPENID")
self.sso_settings["protocol"] = protocol.value
return self
def get_protocol(self):
"""
Get the SSO protocol.
:return: SSO protocol
:rtype: SSOProtocol
"""
return SSOProtocol(self.sso_settings["protocol"])
def set_remapping_rules(self, remapping_rules):
"""
Set the remapping rules.
:param list remapping_rules: List of UserRemappingRule instances
:return: self
:rtype: SSOSettings
"""
# Convert UserRemappingRule instances to dictionaries
remapping_rules_data = [{"ruleFrom": rule.rule_from, "ruleTo": rule.rule_to} for rule in remapping_rules]
self.sso_settings["remappingRules"] = remapping_rules_data
return self
def get_remapping_rules(self):
"""
Get the remapping rules.
:return: List of UserRemappingRule instances
:rtype: list
"""
return [UserRemappingRule(rule["ruleFrom"], rule["ruleTo"]) for rule in self.sso_settings.get("remappingRules", [])]
def set_saml_sp_params(self, saml_sp_params):
"""
Set the SAML Service Provider parameters.
:param saml_sp_params: Instance of SAMLSPParams
:type saml_sp_params: SAMLSPParams
:return: self
:rtype: SSOSettings
"""
self.sso_settings["samlSPParams"] = saml_sp_params
self.saml_sp_params_instance = SAMLSPParams(self.sso_settings.get("samlSPParams", {}))
return self
def get_saml_sp_params(self):
"""
Get the SAML Service Provider parameters.
:return: Instance of SAMLSPParams
:rtype: SAMLSPParams
"""
return self.saml_sp_params_instance
def set_openid_params(self, openid_params):
"""
Set the OpenID parameters.
:param openid_params: Instance of OpenIDParams
:type openid_params: OpenIDParams
:return: self
:rtype: SSOSettings
"""
self.sso_settings["openIDParams"] = openid_params
self.openid_params_instance = OpenIDParams(self.sso_settings.get("openIDParams", {}))
return self
def get_openid_params(self):
"""
Get the OpenID parameters.
:return: Instance of OpenIDParams
:rtype: OpenIDParams
"""
return self.openid_params_instance
def set_spnego_mode(self, spnego_mode):
"""
Set the SPNEGO mode.
:param SPNEGOMode spnego_mode: SPNEGO mode
:return: self
:rtype: SSOSettings
"""
if not isinstance(spnego_mode, SPNEGOMode):
raise ValueError("Invalid value for spnego_mode. Must be one of: PREAUTH_KEYTAB, CUSTOM_LOGIN_CONF")
self.sso_settings["spnegoMode"] = spnego_mode.value
return self
def get_spnego_mode(self):
"""
Get the SPNEGO mode.
:return: SPNEGO mode
:rtype: SPNEGOMode
"""
return SPNEGOMode(self.sso_settings["spnegoMode"])
def set_sso_enabled(self, enabled):
"""
Set whether SSO is enabled.
:param bool enabled: True if SSO is enabled, False otherwise
:return: self
:rtype: SSOSettings
"""
self.sso_settings["enabled"] = enabled
return self
def get_sso_enabled(self):
"""
Get whether SSO is enabled.
:return: True if SSO is enabled, False otherwise
:rtype: bool
"""
return self.sso_settings.get("enabled", False)
def set_auto_provision_users_at_login_time(self, auto_provision):
"""
Set whether auto-provisioning of users is enabled at login time.
:param bool auto_provision: True to enable auto-provisioning, False otherwise
:return: self
:rtype: SSOSettings
"""
self.sso_settings["autoProvisionUsersAtLoginTime"] = auto_provision
return self
def get_auto_provision_users_at_login_time(self):
"""
Get whether auto-provisioning of users is enabled at login time.
:return: True if auto-provisioning is enabled, False otherwise
:rtype: bool
"""
return self.sso_settings.get("autoProvisionUsersAtLoginTime", False)
def set_auto_sync_users_at_login_time(self, auto_sync):
"""
Set whether auto-syncing of users is enabled at login time.
:param bool auto_sync: True to enable auto-syncing, False otherwise
:return: self
:rtype: SSOSettings
"""
self.sso_settings["autoSyncUsersAtLoginTime"] = auto_sync
return self
def get_auto_sync_users_at_login_time(self):
"""
Get whether auto-syncing of users is enabled at login time.
:return: True if auto-syncing is enabled, False otherwise
:rtype: bool
"""
return self.sso_settings.get("autoSyncUsersAtLoginTime", False)
def set_default_user_profile(self, default_profile):
"""
Set the default user profile.
:param str default_profile: Default user profile
:return: self
:rtype: SSOSettings
"""
self.sso_settings["defaultUserProfile"] = default_profile
return self
def get_default_user_profile(self):
"""
Get the default user profile.
:return: Default user profile
:rtype: str
"""
return self.sso_settings.get("defaultUserProfile", "")
def set_group_profiles(self, group_profiles):
"""
Set the group profiles.
:param list group_profiles: List of group profiles
:return: self
:rtype: SSOSettings
"""
self.sso_settings["groupProfiles"] = group_profiles
return self
def get_group_profiles(self):
"""
Get the group profiles.
:return: List of group profiles
:rtype: list
"""
return self.sso_settings.get("groupProfiles", [])
def set_authorized_groups(self, authorized_groups):
"""
Set the authorized groups.
:param list[str] authorized_groups: Authorized groups
:return: self
:rtype: SSOSettings
"""
# for retro-compatibility when authorized_group was a comma-separated list in a str
if isinstance(authorized_groups, str):
authorized_groups = authorized_groups.split(',')
self.sso_settings["authorizedGroups"] = authorized_groups
return self
def get_authorized_groups(self):
"""
Get the authorized groups.
:return: Authorized groups
:rtype: list[str]
"""
return self.sso_settings.get("authorizedGroups", [])
class LDAPSettings:
def __init__(self, client, path, ldap_settings):
"""
A class holding LDAP settings information
Do not create this directly.
:param client: The client associated with the LDAP settings
:type client: Client
:param path: The endpoints path prefix
:param dict ldap_settings: The initial LDAP settings
"""
self.client = client
self.path = path
self.ldap_settings = ldap_settings
def save(self):
"""
Saves back the settings
"""
self.client._perform_empty(
"PUT", self.path + "/iam/ldap-settings", body=self.ldap_settings
)
def set_url(self, url):
"""
Set the LDAP server URL.
:param str url: The LDAP server URL
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["url"] = url
return self
def get_url(self):
"""
Get the LDAP server URL.
:return: The LDAP server URL
:rtype: str
"""
return self.ldap_settings.get("url", "")
def set_use_tls(self, use_tls):
"""
Set whether to use TLS in LDAP.
:param bool use_tls: True to use TLS, False otherwise
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["useTls"] = use_tls
return self
def get_use_tls(self):
"""
Get whether to use TLS in LDAP.
:return: True if using TLS, False otherwise
:rtype: bool
"""
return self.ldap_settings.get("useTls", False)
def set_bind_dn(self, bind_dn):
"""
Set the LDAP bind DN.
:param str bind_dn: The LDAP bind DN
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["bindDN"] = bind_dn
return self
def get_bind_dn(self):
"""
Get the LDAP bind DN.
:return: The LDAP bind DN
:rtype: str
"""
return self.ldap_settings.get("bindDN", "")
def set_bind_password(self, bind_password):
"""
Set the LDAP bind password.
:param str bind_password: The LDAP bind password
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["bindPassword"] = bind_password
return self
def get_bind_password(self):
"""
Get the LDAP bind password.
:return: The LDAP bind password
:rtype: str
"""
return self.ldap_settings.get("bindPassword", "")
def set_user_filter(self, user_filter):
"""
Set the LDAP user filter.
:param str user_filter: LDAP user filter
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["userFilter"] = user_filter
return self
def get_user_filter(self):
"""
Get the LDAP user filter.
:return: LDAP user filter
:rtype: str
"""
return self.ldap_settings.get("userFilter", "")
def set_display_name_attribute(self, display_name_attribute):
"""
Set the LDAP display name attribute.
:param str display_name_attribute: The LDAP display name attribute
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["displayNameAttribute"] = display_name_attribute
return self
def get_display_name_attribute(self):
"""
Get the LDAP display name attribute.
:return: The LDAP display name attribute
:rtype: str
"""
return self.ldap_settings.get("displayNameAttribute", "")
def set_email_attribute(self, email_attribute):
"""
Set the LDAP email attribute.
:param str email_attribute: The LDAP email attribute
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["emailAttribute"] = email_attribute
return self
def get_email_attribute(self):
"""
Get the LDAP email attribute.
:return: The LDAP email attribute
:rtype: str
"""
return self.ldap_settings.get("emailAttribute", "")
def set_enable_groups(self, enable_groups):
"""
Set whether to enable groups in LDAP.
:param bool enable_groups: True to enable groups, False otherwise
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["enableGroups"] = enable_groups
return self
def get_enable_groups(self):
"""
Get whether groups are enabled in LDAP.
:return: True if groups are enabled, False otherwise
:rtype: bool
"""
return self.ldap_settings.get("enableGroups", False)
def set_group_filter(self, group_filter):
"""
Set the LDAP group filter.
:param str group_filter: LDAP group filter
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["groupFilter"] = group_filter
return self
def get_group_filter(self):
"""
Get the LDAP group filter.
:return: LDAP group filter
:rtype: str
"""
return self.ldap_settings.get("groupFilter", "")
def set_group_name_attribute(self, group_name_attribute):
"""
Set the LDAP group name attribute.
:param str group_name_attribute: The LDAP group name attribute
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["groupNameAttribute"] = group_name_attribute
return self
def get_group_name_attribute(self):
"""
Get the LDAP group name attribute.
:return: The LDAP group name attribute
:rtype: str
"""
return self.ldap_settings.get("groupNameAttribute", "")
def set_authorized_groups(self, authorized_groups):
"""
Set the authorized groups in LDAP.
:param list[str] authorized_groups: Authorized groups
:return: self
:rtype: LDAPSettings
"""
# for retro-compatibility when authorized_group was a comma-separated list in a str
if isinstance(authorized_groups, str):
authorized_groups = authorized_groups.split(',')
self.ldap_settings["authorizedGroups"] = authorized_groups
return self
def get_authorized_groups(self):
"""
Get the authorized groups in LDAP.
:return: Authorized groups
:rtype: list[str]
"""
return self.ldap_settings.get("authorizedGroups", [])
def set_enabled(self, enabled):
"""
Set whether LDAP is enabled.
:param bool enabled: True if LDAP is enabled, False otherwise
:return: self
:rtype: LDAPSettings
"""
self.ldap_settings["enabled"] = enabled
return self
def get_enabled(self):
"""
Get whether LDAP is enabled.
:return: True if LDAP is enabled, False otherwise
:rtype: bool
"""
return self.ldap_settings.get("enabled", False)
def set_auto_import_users(self, auto_import_users):
"""
Set whether to auto-import users in LDAP.
:param bool auto_import_users: True to auto-import users, False otherwise