Commit d5faa1a7 authored by pa's avatar pa 🌊 Committed by pa
Browse files

Adds whitelist for ldap groups

parent 453a7730
......@@ -20,6 +20,14 @@ if __name__ == "__main__":
users_query_id = base.search(config["ldap"]["base"], ldap.SCOPE_ONELEVEL, "objectClass=posixAccount")
users = base.result(users_query_id)
users = [ user["uid"][0].decode('utf-8') for _, user in users[1] ]
for whitelist in config["whitelists"]:
if whitelist["type"] == "ldap-group":
wl_query_id = base.search(whitelist["base"], ldap.SCOPE_BASE)
wl = base.result(wl_query_id)[1][0][1]['memberUid']
wl = [ user.decode('utf-8') for user in wl ]
users = [ user for user in users if user not in wl ]
users = [ '"' + user + '"' for user in users ]
restricted_interfaces = config["restricted_interfaces"]
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment