A LDAP database backend for Django
Project description
django-ldapdb is an LDAP database backend for Django, allowing to manipulate LDAP entries through Django models.
It supports most of the same APIs as a Django model:
MyModel.objects.create()
MyModel.objects.filter(x=1, y__contains=2)
Full admin support and browsing
django-ldapdb supports every upstream-supported Django version, based on the Django support policy.
For the current version, the following versions are supported:
Django 2.2 (LTS), under Python 3.6 - 3.8 (Python 3.5 has reached its end of life);
Django 3.0, under Python 3.6 - 3.8;
Django 3.1, under Python 3.6 - 3.8.
Installing django-ldapdb
Linux
Use pip: pip install django-ldapdb
You might also need the usual LDAP packages from your distribution, usually named openldap or ldap-utils.
Windows
django-ldapdb depends on the python-ldap <https://pypi-hypernode.com/pypi/python-ldap> project. Either follow its Windows installation guide, or install a pre-built version from https://www.lfd.uci.edu/~gohlke/pythonlibs/#python-ldap (choose the .whl file matching your Python/Windows combination, and install it with pip install python-ldap-3...whl).
You may then install django-ldapdb with
pip install django-ldapdb
Using django-ldapdb
Add the following to your settings.py:
DATABASES = {
'ldap': {
'ENGINE': 'ldapdb.backends.ldap',
'NAME': 'ldap://ldap.nodomain.org/',
'USER': 'cn=admin,dc=nodomain,dc=org',
'PASSWORD': 'some_secret_password',
},
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
},
}
DATABASE_ROUTERS = ['ldapdb.router.Router']
If you want to access posixGroup entries in your application, you can add something like this to your models.py:
from ldapdb.models.fields import CharField, IntegerField, ListField
import ldapdb.models
class LdapGroup(ldapdb.models.Model):
"""
Class for representing an LDAP group entry.
"""
# LDAP meta-data
base_dn = "ou=groups,dc=nodomain,dc=org"
object_classes = ['posixGroup']
# posixGroup attributes
gid = IntegerField(db_column='gidNumber', unique=True)
name = CharField(db_column='cn', max_length=200, primary_key=True)
members = ListField(db_column='memberUid')
def __str__(self):
return self.name
def __unicode__(self):
return self.name
and add this to your admin.py:
from django.contrib import admin
from . import models
class LDAPGroupAdmin(admin.ModelAdmin):
exclude = ['dn', 'objectClass']
list_display = ['gid', 'name']
admin.site.register(models.LDAPGroup, LDAPGroupAdmin)
- Important note:
You must declare an attribute to be used as the primary key. This attribute will play a special role, as it will be used to build the Relative Distinguished Name of the entry.
For instance in the example above, a group whose cn is foo will have the DN cn=foo,ou=groups,dc=nodomain,dc=org.
Supported fields
djanglo-ldapdb provides the following fields, all imported from ldapdb.models.fields:
Similar to Django:
IntegerField
FloatField
BooleanField
CharField
ImageField
DateTimeField
- Specific to a LDAP server:
ListField (holds a list of text values)
TimestampField (Stores a datetime as a posix timestamp, typically for posixAccount)
- Legacy:
DateField (Stores a date in an arbitrary format. A LDAP server has no notion of Date).
Tuning django-ldapdb
It is possible to adjust django-ldapdb’s behavior by defining a few parameters in the DATABASE section:
- PAGE_SIZE (default: 1000)
Define the maximum size of a results page to be returned by the server
- QUERY_TIMEOUT (default: no limit)
Define the maximum time in seconds we’ll wait to get a reply from the server (on a per-query basis).
Developing with a LDAP server
When developing against a LDAP server, having access to a development LDAP server often proves useful.
django-ldapdb uses the volatildap project for this purpose:
A LDAP server is instantiated for each TestClass;
Its content is reset at the start of each test function;
It can be customized to embark any schemas required by the application;
Starting with volatildap 1.4.0, the volatildap server can be controlled remotely, avoiding the need to install a LDAP server on the host.
Applications using django-ldapdb may use the following code snippet when setting up their tests:
# This snippet is released in the Public Domain
from django.conf import settings
from django.test import TestCase
import volatildap
class LdapEnabledTestCase(TestCase):
@classmethod
def setUpClass(cls):
super().setUpClass()
cls.ldap = volatildap.LdapServer(
# Load some initial data
initial={'ou=people': {
'ou': ['people'],
'objectClass': ['organizationalUnit'],
}},
# Enable more LDAP schemas
schemas=['core.schema', 'cosine.schema', 'inetorgperson.schema', 'nis.schema'],
)
# The volatildap server uses specific defaults, and listens on an arbitrary port.
# Copy the server-side values to Django settings
settings.DATABASES['ldap']['USER'] = cls.ldap.rootdn
settings.DATABASES['ldap']['PASSWORD'] = cls.ldap.rootpw
settings.DATABASES['ldap']['NAME'] = cls.ldap.uri
def setUp(self):
super().setUp()
# Starting an already-started volatildap server performs a data reset
self.ldap.start()
@classmethod
def tearDownClass(cls):
# Free up resources on teardown.
cls.ldap.stop()
super().tearDownClass()
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_ldapdb-1.5.1-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2daee828a7eb1ce6ad0634ce5311339d77c08128829e575ff14d62a46771b86a |
|
MD5 | 89a5effb6398af647a97c53b7b47ad5a |
|
BLAKE2b-256 | a1f248c06dc793e8b15f87df76ebe3cc84738b8a7b1af6573b2e2fb325b84711 |