Python ldap3 schema json creator

ldap3_schema_json_creation.py

import unittest, functools, ldap3, ssl, os

from unittest import mock
from ldap3 import Server, Connection, MOCK_SYNC, OFFLINE_SLAPD_2_4, OFFLINE_AD_2012_R2, ALL_ATTRIBUTES

# May require some debugging to get working.

class test_ActiveDirectory(unittest.TestCase):

	@classmethod
	def setUpClass(self):
		print('TEMP Test Case Active Directory setup')

		#self.server = Server(host='ldap://my_fake_server:389', get_info=OFFLINE_AD_2012_R2)

		# Setup Mock OpenLDAP Directory
		self.ldap_dc_path = 'dc=unit,dc=testing'
		self.ldap_user_path = 'ou=Users,' + self.ldap_dc_path
		self.ldap_group_path = 'ou=Groups,' + self.ldap_dc_path
		self.base_dn = 'cn=base_dn_user,' + self.ldap_dc_path
		self.base_password = 'my_password'
		self.ldap_server = 'ldap://my_fake_server:389'

		self.server = Server(host=self.ldap_server, port=389, get_info=OFFLINE_AD_2012_R2)

		self.connection = Connection(
			self.server,
			user=self.base_dn,
			password=self.base_password,
			read_only=True,
			client_strategy=MOCK_SYNC)

		# DC
		self.connection.strategy.add_entry(self.ldap_dc_path,{
			'dc': 'testing',
			'o': 'Testing',
			'objectclass': [
				'top',
				'dcObject',
				'organization'
			]})

		# Base user / simple security object
		self.connection.strategy.add_entry(self.base_dn, {
			'userPassword': self.base_password, 
			'sn': 'user_sn',
			'objectclass': [
				'user',
				'organizationalPerson',
				'person',
				'top'
			],
			'memberOf': [
				'cn=Domain Users,' + self.ldap_group_path,
				'cn=Enterprise Administrators,' + self.ldap_group_path
			],
			'samaccountname': self.base_dn})


		# OU Users
		self.connection.strategy.add_entry(self.ldap_user_path, {
			'objectclass': [
				'top',
				'organizationalUnit'
			],
			'ou': 'Users'})

		# Domain User
		#ToDo: confirm fields gidnumber
		self.connection.strategy.add_entry('cn=Posix User1,' + self.ldap_user_path, {
			'cn': 'Posix User1',
			'description': 'ACCESS:test1,ACCESS:test2',
			#'gidnumber': 501,
			'givenname': 'Posix',
			#'homedirectory': '/home/users/posix.user',
			'mail': '[email protected]',
			'objectclass': [
				'user',
				'organizationalPerson',
				'person',
				'top'
			],
			'sn': 'User1',
			'mobile': '0421 123 456',
			'telephonenumber': '08 8912 3456',
			'samaccountname': 'posix.user',
			#'uidnumber': 1000,
			'userpassword': 'posix_user_password',
			'memberOf': [
				'cn=Domain Users,' + self.ldap_group_path,
				'cn=Domain Administrators,' + self.ldap_group_path
			]})


		#ToDo: confirm fields gidnumber
		self.connection.strategy.add_entry('cn=Posix User2,' + self.ldap_user_path, {
			'cn': 'Posix User2',
			'description': 'ACCESS:test1,ACCESS:test3',
			#'gidnumber': 501,
			'givenname': 'Posix',
			'homedirectory': '/home/users/posix.user2',
			'mail': '[email protected]',
			'objectclass': [
				'user',
				'organizationalPerson',
				'person',
				'top'
			],
			'sn': 'User2',
			'mobile': '0421 456 789',
			'telephonenumber': '08 8978 1234',
			'samaccountname': 'posix.user2',
			#'uidnumber': 1001,
			'userpassword': 'posix_user2_password',
			'memberOf': [
				'cn=Domain Users,' + self.ldap_group_path,
				'cn=Enterprise Administrators,' + self.ldap_group_path
			]})


		#OU Groups ToDo: find an ldif for ad ou
		self.connection.strategy.add_entry(self.ldap_group_path, {
			'objectclass': [
				'organizationalUnit',
				'top'
			],
			'ou': 'Groups'})

		# Group, Administrator ToDo: confirm gidnumber
		self.connection.strategy.add_entry('cn=Domain Administrators,' + self.ldap_group_path, {
			'cn': 'Domain Administrators',
			'description': 'group1 Administrators contains only posix.user only',
			#'gidnumber': 500,
			'Member': [
				'cn=Posix User1,' + self.ldap_user_path,
				self.base_dn
			],
			'objectclass': [
				'group',
				'top'
			],
			'groupType': '2147483652'})


		# Group, Users ToDo: confirm gidnumber
		self.connection.strategy.add_entry('cn=Domain Users,' + self.ldap_group_path, {
			'cn': 'Domain Users',
			'description': 'group2 Users contains only posix.user and posix.user2',
			#'gidnumber': 501,
			'Member': [
				'cn=Posix User1,' + self.ldap_user_path,
				'cn=Posix User2,' + self.ldap_user_path
			],
			'objectclass': [
				'group',
				'top'
			],
			'groupType': '2147483652'
			})


		# Group3 ToDo: confirm gidnumber
		self.connection.strategy.add_entry('cn=Enterprise Administrators,' + self.ldap_group_path, {
			'cn': 'Enterprise Administrators',
			'description': 'group contains only posix.user2',
			#'gidnumber': 502,
			'Member': [
				'cn=Posix User2,' + self.ldap_user_path
			],
			'objectclass': [
				'group',
				'top'
			],
			'groupType': '2147483652'
			})

		self.connection.bind()

		# ToDo: when test dev complete, remove the entries above and if just below as 'json file will be used for stategy
		if self.connection.search(self.ldap_dc_path, '(objectclass=*)', attributes=ALL_ATTRIBUTES):
			self.connection.response_to_file(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_activedirectory.json', raw=True)

		self.connection.unbind()



	@classmethod
	def tearDownClass(self):
		print('TEMP Test Case Active Directory tear down')
		# Clear LDAP connection
		self.connection = None


	def test_activedirectory_setup(self):
		pass


class TestLDAPSettings_OpenLDAP(unittest.TestCase):

	@classmethod
	def setUpClass(self, ldapServer='OpenLDAP'):

		print('TEMP OpenLDAP setup')
		#self.clean_test_users()
		# Save user data for restoration in tearDownClass()
		

		# Setup Mock OpenLDAP Directory
		self.ldap_dc_path = 'dc=unit,dc=testing'
		self.ldap_user_path = 'ou=users,' + self.ldap_dc_path
		self.ldap_group_path = 'ou=groups,' + self.ldap_dc_path
		self.base_dn = 'cn=base_dn_user,' + self.ldap_dc_path
		self.base_password = 'my_password'
		self.ldap_server = 'ldap://my_fake_server:389'

		self.server = Server(host=self.ldap_server, port=389, get_info=OFFLINE_SLAPD_2_4)

		self.connection = Connection(
			self.server,
			user=self.base_dn,
			password=self.base_password,
			read_only=True,
			client_strategy=MOCK_SYNC)

		# DC
		self.connection.strategy.add_entry(self.ldap_dc_path,{
			'dc': 'testing',
			'o': 'Testing',
			'objectclass': [
				'top',
				'dcObject',
				'organization'
			]})

		# Base user / simple security object
		self.connection.strategy.add_entry(self.base_dn, {
			'userPassword': self.base_password, 
			'sn': 'user_sn',
			'objectclass': [
				'simpleSecurityObject',
				'organizationalRole'
		]})

		# OU Users
		self.connection.strategy.add_entry(self.ldap_user_path, {
			'objectclass': [
				'top',
				'organizationalUnit'
			],
			'ou': 'Users'})

		# Posix / Generic User
		self.connection.strategy.add_entry('cn=Posix User1,' + self.ldap_user_path, {
			'cn': 'Posix User1',
			'description': 'ACCESS:test1,ACCESS:test2',
			'gidnumber': 501,
			'givenname': 'Posix',
			'homedirectory': '/home/users/posix.user',
			'mail': '[email protected]',
			'objectclass': [
				'inetOrgPerson',
				'posixAccount',
				'top'
			],
			'sn': 'User1',
			'mobile': '0421 123 456',
			'telephonenumber': '08 8912 3456',
			'uid': 'posix.user',
			'uidnumber': 1000,
			'userpassword': 'posix_user_password'})

		# Posix / Generic User
		self.connection.strategy.add_entry('cn=Posix User2,' + self.ldap_user_path, {
			'cn': 'Posix User2',
			'description': 'ACCESS:test1,ACCESS:test3',
			'gidnumber': 501,
			'givenname': 'Posix2',
			'homedirectory': '/home/users/posix.user2',
			'mail': '[email protected]',
			'objectclass': [
				'inetOrgPerson',
				'posixAccount',
				'top'
			],
			'sn': 'User2',
			'mobile': '0421 456 789',
			'telephonenumber': '08 8978 1234',
			'uid': 'posix.user2',
			'uidnumber': 1000,
			'userpassword': 'posix_user2_password'})


		#OU Groups
		self.connection.strategy.add_entry(self.ldap_group_path, {
			'objectclass': [
				'organizationalUnit',
				'top'
			],
			'ou': 'Users'})

		# Group, Administrator
		self.connection.strategy.add_entry('cn=Administrators,' + self.ldap_group_path, {
			'cn': 'Administrators',
			'description': 'group1 Administrators contains only posix.user only',
			'gidnumber': 500,
			'memberuid': [
				'posix.user'
			],
			'objectclass': [
				'posixGroup',
			'top']})

		# Group, Users
		self.connection.strategy.add_entry('cn=Users,' + self.ldap_group_path, {
			'cn': 'Users',
			'description': 'group2 Users contains only posix.user and posix.user2',
			'gidnumber': 501,
			'memberuid': [
				'posix.user2',
				'posix.user'
			],
			'objectclass': [
				'posixGroup',
				'top'
			]
			})

		# Group, group3
		self.connection.strategy.add_entry('cn=Group3,' + self.ldap_group_path, {
			'cn': 'Group3',
			'description': 'group3 Group3 contains only posix.user2 only',
			'gidnumber': 502,
			'memberuid': [
				'posix.user2'
			],
			'objectclass': [
				'posixGroup',
				'top'
			]
			})

		self.connection.bind()

		
		if self.connection.search(self.ldap_dc_path, '(objectclass=*)', attributes=ALL_ATTRIBUTES):
			self.connection.response_to_file(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_openldap.json', raw=True)

		self.connection.unbind()

		self.connection = Connection(
			self.server,
			user=self.base_dn,
			password=self.base_password,
			read_only=True,
			client_strategy=MOCK_SYNC)

		self.connection.strategy.entries_from_json(os.path.abspath( os.path.dirname( __file__ ) ) + '/test_data_ldif_openldap.json')

		self.connection.bind()

	@classmethod
	def tearDownClass(self):
		print('TEMP OpenLDAP tear down')
		# Clear LDAP connection
		self.connection = None


	def test_activedirectory_setup(self):
		
		pass