Skip to main content

Temporary slapd launcher for testing purposes

Project description

https://secure.travis-ci.org/rbarrois/volatildap.png?branch=master Latest Version Supported Python versions Wheel status License

volatildap provides simple helpers for testing code against a LDAP database.

Its main features include:

  • Simple configuration: Don’t provide anything; the LDAP server will start with sane defaults

  • Built-in cleanup: As soon as the test ends / the test process exits, the server is instantly removed

  • Cross-distribution setup: Automatically discover system paths for OpenLDAP binaries, schemas, etc.

Usage

import volatildap

class MyTests(unittest.TestCase):

    @classmethod
    def setUpClass(cls):
        super(MyTests, cls).setUpClass()
        cls._slapd = volatildap.LdapServer(suffix='dc=example,dc=org')

    def setUp(self):
        # Will start the server, or reset/restart it if already started from a previous test.
        self._slapd.start()

    def test_something(self):
        conn = ldap.connection(self._slapd.uri)
        # Do some tests

    def test_with_data(self):
        # Load some data
        self._slapd.add({'ou=people': {'cn': [b'Users']}})
        # Run the tests

The volatildap.LdapServer provides a few useful methods:

start()

Start or restart the server. This will:

  • Clear all data, if any

  • Start the server if it’s not yet running

  • Populate the initial data

stop()

Stop the server.

This will clean up all data and kill the proces.

wait()

Wait until the server is asked to stop.

Mostly useful when controlling the server in another manner, or to use the volatildap server as a development instance.

add(data)

Add some data, see the initial_data structure below.

get(dn)

Retrieve an object by its distinguished name;

Returns a dictionary mapping an attribute to the list of its values, as bytes.

Raises KeyError if the distinguished name is unknown to the underlying database.

add_ldif(contents)

Add lines from a LDIF file - contents should be bytes.

get_ldif(dn)

Return an entry as a list of lines for a LDIF file

reset()

Restore the server to its pristine, initial state. This includes loading the inital_data.

It also exposes the following attributes:

uri

The URI to use to contect the server (e.g ldap://localhost:10389/)

rootdn

The distinguishedName of the admin account

rootpw

The password of the admin account

suffix

The suffix used by the LDAP server

port

The TCP port the LDAP server is listening on

host

The hostname the LDAP server is listening on

tls_config

A named tuple, containing the TLS attributes. The only guaranteed attribute is tls_config.root, which contains the PEM-formatted server certificate.

Configuration

The volatildap.LdapServer class accepts a few parameters:

suffix

The suffix to use for the LDAP tree

Default: dc=example,dc=org

rootdn

The administrator account for the LDAP server

Default: cn=testadmin,dc=example,dc=org

rootpw

The administrator password.

Default: A random value, available through LdapServer.rootpw

schemas

List of schemas to load; can be either a simple name (e.g cosine.schema; looked up in openldap installation); or a path to a custom one.

Default: ['core.schema']

initial_data

Dict mapping a distinguished name to a dict of attribute/values:

slapd(initial_data={
    'ou=people': {
        'objectClass': ['organizationalUnit'],
        'cn': ['People'],
    },
})

Note: When adding data, the suffix can be omitted on objects DNs.

Default: {}

skip_missing_schemas

When loading schemas, this flag instructs volatildap to continue if some schemas can’t be found.

Default: False

port

The port to use.

Default: An available TCP port on the system

host

The hostname or IP to listen on.

Default: localhost

slapd_debug

The debug level for slapd; see slapd.conf

Default: 0

max_server_startup_delay

The maximum delay allowed for server startup, in seconds.

Default: 30

tls_config

A set of TLS certificate files for configuring the server. A valid set for localhost is provided as volatildap.LOCALHOST_TLS_CONFIG, but users may also provide their own:

tls_config = volatildap.TLSConfig(
   root=read(ca_path),
   chain=[
      read(intermediate_path),
   ],
   certificate=read(certificate_path),
   key=read(key_path),
)

Command line

volatildap provides a command line entrypoint for simplicity: python -m volatildap.cli

Its usage follows:

usage: cli.py [-h] [--port PORT] [--host HOST] [--suffix SUFFIX]
              [--rootdn ROOTDN] [--rootpw ROOTPW] [--debug DEBUG]
              [--control CONTROL] [--initial INITIAL]
              [--schemas [SCHEMAS [SCHEMAS ...]]] [--tls]

optional arguments:
  -h, --help            show this help message and exit
  --port PORT           Port to listen on; empty for a dynamic port
  --host HOST           Host to listen on; defaults to localhost
  --suffix SUFFIX       LDAP suffix
  --rootdn ROOTDN       Distinguished Name of LDAP admin user
  --rootpw ROOTPW       Password of LDAP admin user
  --debug DEBUG         slapd debug level
  --control CONTROL     Start the HTTP control server on this address
  --initial INITIAL     Load initial objects from the provided LDIF file
  --schemas [SCHEMAS [SCHEMAS ...]]
                        Schemas to load (multi-valued)
  --tls                 Enable TLS, using a built-in stack

Remote control

Once such a server has been started, if a control server has been provided (for instance as --control :10380), it is possible to start a Python proxy to control it:

def setUpClass(cls):
    super().setUpClass()
    cls._slapd = volatildap.ProxyServer('http://localhost:10380')

All commands available on a normal instance will be available on the proxy: reset, start, stop, add, add_ldif, get, get_ldif.

The readonly attributes are also available: uri, suffix, rootdn, rootpw, port, host, tls_config.

When using TLS, the server’s root certificate authority can be accessed through proxy.tls_config.root.

Per-distribution specificities

Ubuntu

Under Ubuntu, the default AppArmor policy does not allow slapd (the LDAP daemon) to read temporary folders. Users should update the /etc/apparmor.d/usr.sbin.slapd file and add /tmp/** rwk, there. k option is used to acquire lock on files. Users must also add a line with the path to their home. Using the variable $HOME won’t work so you have to add the full path. Something like /path/to/my/home/** rw,.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

volatildap-1.5.0.tar.gz (28.4 kB view details)

Uploaded Source

Built Distribution

volatildap-1.5.0-py2.py3-none-any.whl (18.8 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file volatildap-1.5.0.tar.gz.

File metadata

  • Download URL: volatildap-1.5.0.tar.gz
  • Upload date:
  • Size: 28.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/50.3.0 requests-toolbelt/0.9.1 tqdm/4.50.1 CPython/3.7.8

File hashes

Hashes for volatildap-1.5.0.tar.gz
Algorithm Hash digest
SHA256 3d9c9cc39cfed706b9a3da3bc3a2f369987807e4d4eaaddf313a994cf8a77f3c
MD5 20f52daaff36e16d6d1907cc87cf879c
BLAKE2b-256 5e83c9b717a5e21df5be1f16d91486e10b388480d0fdc3e52a500495ee396315

See more details on using hashes here.

File details

Details for the file volatildap-1.5.0-py2.py3-none-any.whl.

File metadata

  • Download URL: volatildap-1.5.0-py2.py3-none-any.whl
  • Upload date:
  • Size: 18.8 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/50.3.0 requests-toolbelt/0.9.1 tqdm/4.50.1 CPython/3.7.8

File hashes

Hashes for volatildap-1.5.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 732dfc459dd49c75e9e13e1c7bf96cb33a835d4ee7c9716205fae3fcaee6b9e5
MD5 1ddb0f23ff2d606f5db11e2aa89cbd77
BLAKE2b-256 80b608e7989fc479a2efa10d40347acbf29eb7ba5d6f4465b770663c727b458a

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page