Merge pull request #12 from katedickey/feature/ldap-configurable-attribute

v411e · web-flow · commit 930dfd71f339 · 2023-11-27T08:43:58.000+01:00
Add a config option to select which attribute is used as a username
diff --git a/base-config.yaml b/base-config.yaml
@@ -29,6 +29,7 @@ ldap:
   base_dn_groups: "cn=groups,cn=accounts,dc=example,dc=com"
 
   user_filter:  "(!(memberof=cn=company_employees,cn=groups,cn=accounts,dc=example,dc=com))"
+  username_attribute: "uid"
 
 # Room for bot-administration. Commands are only accepted inside this room.
 administration_room: ""
diff --git a/inviter/ldap_connector.py b/inviter/ldap_connector.py
@@ -55,6 +55,7 @@ def get_rooms(config: Config) -> Optional[List[Room]]:
     base_dn_groups = ldap_config.get("base_dn_groups", None)
     base_dn_users = ldap_config.get("base_dn_users", None)
     user_filter = ldap_config.get("user_filter", None)
+    username_attribute = ldap_config.get("username_attribute", "uid")
     if (not homeserver
             or not ldap_config
             or not base_dn_groups
@@ -92,8 +93,8 @@ def get_rooms(config: Config) -> Optional[List[Room]]:
 
     rooms: List[Room] = []
     for group in groups:
-        group_members = get_group_members(connection, groups.get(group), base_dn_users, user_filter)
-        group_owners = get_group_members(connection, owner_groups.get(group), base_dn_users, user_filter) if group in owner_groups else []
+        group_members = get_group_members(connection, groups.get(group), base_dn_users, username_attribute, user_filter)
+        group_owners = get_group_members(connection, owner_groups.get(group), base_dn_users, username_attribute, user_filter) if group in owner_groups else []
 
         room_members: List[RoomMember] = []
         for group_member in group_members:
@@ -108,7 +109,7 @@ def get_rooms(config: Config) -> Optional[List[Room]]:
     return rooms
 
 
-def get_group_members(connection: Connection, group_dn: str, user_dn: str, search_filter: str = '(objectClass=*)')\
+def get_group_members(connection: Connection, group_dn: str, user_dn: str, username_attribute: str, search_filter: str = '(objectClass=*)')\
         -> List[Tuple[str, bool]]:
     """Return members of a given user-group.
 
@@ -120,10 +121,10 @@ def get_group_members(connection: Connection, group_dn: str, user_dn: str, searc
     """
     members: List[Tuple[str, bool]] = []
     search = f"(&(memberOf={group_dn}){search_filter})"
-    connection.search(user_dn, search, attributes=["uid", "nsAccountLock"])
+    connection.search(user_dn, search, attributes=[username_attribute, "nsAccountLock"])
     entries = connection.entries
     for element in entries:
-        members.append((str(element.uid), element.nsAccountLock.value))
+        members.append((str(getattr(element, username_attribute)), element.nsAccountLock.value))
     return members
 
 
diff --git a/maubot.yaml b/maubot.yaml
@@ -1,6 +1,6 @@
 maubot: 0.2.0
 id: de.in4md-service.inviterbot
-version: 0.1.5
+version: 0.1.6
 license: GPLv3
 modules:
  - inviter
diff --git a/requirements.txt b/requirements.txt
@@ -1,6 +1,6 @@
-mautrix~=0.15.8
+mautrix~=0.20.3
 pytz~=2022.1
-maubot~=0.3.1
+maubot~=0.4.2
 ldap3~=2.9.1
 azure-identity~=1.8.0
 msgraph-core~=0.2.2
