123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145 |
- # -*- coding: utf-8 -*-
- """
- ldap.controls.simple - classes for some very simple LDAP controls
-
- See https://www.python-ldap.org/ for details.
- """
-
- import struct,ldap
- from ldap.controls import RequestControl,ResponseControl,LDAPControl,KNOWN_RESPONSE_CONTROLS
-
-
- class ValueLessRequestControl(RequestControl):
- """
- Base class for controls without a controlValue.
- The presence of the control in a LDAPv3 request changes the server's
- behaviour when processing the request simply based on the controlType.
-
- controlType
- OID of the request control
- criticality
- criticality request control
- """
-
- def __init__(self,controlType=None,criticality=False):
- self.controlType = controlType
- self.criticality = criticality
-
- def encodeControlValue(self):
- return None
-
-
- class OctetStringInteger(LDAPControl):
- """
- Base class with controlValue being unsigend integer values
-
- integerValue
- Integer to be sent as OctetString
- """
-
- def __init__(self,controlType=None,criticality=False,integerValue=None):
- self.controlType = controlType
- self.criticality = criticality
- self.integerValue = integerValue
-
- def encodeControlValue(self):
- return struct.pack('!Q',self.integerValue)
-
- def decodeControlValue(self,encodedControlValue):
- self.integerValue = struct.unpack('!Q',encodedControlValue)[0]
-
-
- class BooleanControl(LDAPControl):
- """
- Base class for simple request controls with boolean control value.
-
- Constructor argument and class attribute:
-
- booleanValue
- Boolean (True/False or 1/0) which is the boolean controlValue.
- """
- boolean2ber = { 1:'\x01\x01\xFF', 0:'\x01\x01\x00' }
- ber2boolean = { '\x01\x01\xFF':1, '\x01\x01\x00':0 }
-
- def __init__(self,controlType=None,criticality=False,booleanValue=False):
- self.controlType = controlType
- self.criticality = criticality
- self.booleanValue = booleanValue
-
- def encodeControlValue(self):
- return self.boolean2ber[int(self.booleanValue)]
-
- def decodeControlValue(self,encodedControlValue):
- self.booleanValue = self.ber2boolean[encodedControlValue]
-
-
- class ManageDSAITControl(ValueLessRequestControl):
- """
- Manage DSA IT Control
- """
-
- def __init__(self,criticality=False):
- ValueLessRequestControl.__init__(self,ldap.CONTROL_MANAGEDSAIT,criticality=False)
-
- KNOWN_RESPONSE_CONTROLS[ldap.CONTROL_MANAGEDSAIT] = ManageDSAITControl
-
-
- class RelaxRulesControl(ValueLessRequestControl):
- """
- Relax Rules Control
- """
-
- def __init__(self,criticality=False):
- ValueLessRequestControl.__init__(self,ldap.CONTROL_RELAX,criticality=False)
-
- KNOWN_RESPONSE_CONTROLS[ldap.CONTROL_RELAX] = RelaxRulesControl
-
-
- class ProxyAuthzControl(RequestControl):
- """
- Proxy Authorization Control
-
- authzId
- string containing the authorization ID indicating the identity
- on behalf which the server should process the request
- """
-
- def __init__(self,criticality,authzId):
- RequestControl.__init__(self,ldap.CONTROL_PROXY_AUTHZ,criticality,authzId)
-
-
- class AuthorizationIdentityRequestControl(ValueLessRequestControl):
- """
- Authorization Identity Request and Response Controls
- """
- controlType = '2.16.840.1.113730.3.4.16'
-
- def __init__(self,criticality):
- ValueLessRequestControl.__init__(self,self.controlType,criticality)
-
-
- class AuthorizationIdentityResponseControl(ResponseControl):
- """
- Authorization Identity Request and Response Controls
-
- Class attributes:
-
- authzId
- decoded authorization identity
- """
- controlType = '2.16.840.1.113730.3.4.15'
-
- def decodeControlValue(self,encodedControlValue):
- self.authzId = encodedControlValue
-
-
- KNOWN_RESPONSE_CONTROLS[AuthorizationIdentityResponseControl.controlType] = AuthorizationIdentityResponseControl
-
-
- class GetEffectiveRightsControl(RequestControl):
- """
- Get Effective Rights Control
- """
-
- def __init__(self,criticality,authzId=None):
- RequestControl.__init__(self,'1.3.6.1.4.1.42.2.27.9.5.2',criticality,authzId)
|