Add ldap storage

[paulfariello]

Current implementation is read only.
Not sure if ldap storage is supposed to do vcard conversion.

I haven't added tests nor documentation but will if @pimutils thinks this patch is meaningful.

Other enhancement would be to allow for attributes configuration.

---

edit by @untitaker: Fix #283

[untitaker]

Cool! This looks reasonable, but:

• for VCard conversion please use https://github.com/eventable/vobject instead of your own thing, which actually has some bugs with values containing backslashes or newlines. This will also make it possible to parse VCards for uploading.
• Please specifiy ldap and vobject as dependencies here: https://github.com/pimutils/vdirsyncer/blob/master/setup.py#L69 For example, if I run pip install vdirsyncer[remotestorage], requests-oauthlib will be installed. ldap and vobject should be installed when I run pip install vdirsyncer[ldap].

[untitaker]

When implementing upload and update, we have to make it very clear which properties are even parsed and which ones are discarded.

[untitaker]

Also the __doc__ is only necessary if we need to include variables from other strings.

[untitaker]

And yes, please add tests for this, this is very meaningful! Do you have an idea how to do this? I.e., is there a simple ldap server we could use?

[paulfariello]

Thanks for the quick reply.

I'm now using vobject which is clearly cleaner. Thanks for the hint.
I've also added support for title and fax.

I changed the default filter to one that make sense since vobject
clearly states that F and FN are mandatory fields. On some dirty
ldap directory sn or givenName could be missing and I'm not sure how
to
handle it cleanly without filtering it. Maybe just provide the available
family or givenname for N.

About tests, I'm not sure how we could test it against a real ldap
server. I don't know any open ldap server but I can check.

Note that the ldap attributes I'm using are from Active Directory. Any
other ldap directory could also use it but this is not guaranteed. The
most problematic attribute is whenChanged. I've never seen it on other
classic ldap directory and it's used for etag.

Paul Fariello

PGP: 0x672CDD2031AAF49B

[untitaker]

It appears that this would be appropriate for testing: https://pypi.python.org/pypi/mockldap

See tests/storage/test_filesystem.py for how to write tests for the LDAP backend. In particular if you subclass StorageTests your storage will already be thoroughly tested, but get_storage_args has to be implemented.

EDIT: However, this would require support of update and upload.

[untitaker]

Note that the ldap attributes I'm using are from Active Directory. Any other ldap directory could also use it but this is not guaranteed. The most problematic attribute is whenChanged. I've never seen it on other classic ldap directory and it's used for etag.

Yeah I think we should make as much as possible configurable there, and also provide examples for other major LDAP providers.

[untitaker]

Regarding whenChanged, if it's not there, you'll probably have to download the item and use item.hash or something similar.

[untitaker]

I think you could just use ldap.initialize here, no?

[untitaker]

Ah, I see, you're using https://github.com/cannatag/ldap3, but I was reading the docs for https://github.com/pyldap/pyldap

Could you switch to the latter? This would make testing easier as mockldap appears to support pyldap only.

[untitaker]

Am I correct to assume that this storage type does not support multiple addressbooks?

[untitaker]

Why URI instead of URL?

[paulfariello]

URI is the right term for this since it can be an URL, a simple ip or a
hostname.

Paul Fariello

PGP: 0x672CDD2031AAF49B

[untitaker]

An IP or hostname is not a URI. URIs always have a scheme. https://tools.ietf.org/html/rfc3986#section-1.1.1

[untitaker]

I added a LDAP testcase that should work if you use pyldap instead of ldap3.

[paulfariello]

Thanks for the review. I'll fix today.

But first I have two questions:

• how am I supposed to run the test suites ? I'm running make -e test but got a bunch of errors
• how did you managed to push a commit on my fork ?

[untitaker]

You need to run "make install-test" as well. In the documentation there is a page "Contributing" that goes into details.

Regarding how my commit landed on your fork, see https://github.com/blog/2247-improving-collaboration-with-forks

On 14 September 2016 09:23:24 CEST, Paul Fariello [email protected] wrote:

Thanks for the review. I'll fix today.

But first I have two questions:

• how am I supposed to run the test suites ? I'm running make -e test
  but got a bunch of errors
• how did you managed to push a commit on my fork ?

You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
#500 (comment)

Sent from my Android device with K-9 Mail. Please excuse my brevity.

[paulfariello]

I've been trying to switch to pyldap but it doesn't natively support generator for ldap result. It makes it more complicated to cleanly integrate it.
Meanwhile I just discovered that ldap3 has a mocking component. I'll try to use it instead.

[paulfariello]

Tests with ldap3 mocking are still WIP.

[untitaker]

Ah, you need to add the new dependencies to test-requirements.txt as well.

[untitaker]

@paulfariello BTW let me know if I can help with anything or if anything is unclear.

[untitaker]

@paulfariello Any update on this? Adding tests is really important! Are you using this already for yourself?

[paulfariello]

Sorry I've been quite busy lately. I'll try to add tests by the end of next week.

Le 8 octobre 2016 14:24:04 GMT+02:00, Markus Unterwaditzer [email protected] a écrit :

@paulfariello Any update on this? Adding tests is really important! Are
you using this already for yourself?

You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
#500 (comment)

Paul Fariello

PGP: 0x672CDD2031AAF49B

[paulfariello]

I tried to add upload and update method. But I'm facing an issue with VCALENDAR. What should I do with it ? They doesn't really belong to an LDAP directory.

[untitaker]

Fantastic, please push what you have, I'll do the changes such that VCALENDARs are not used in the tests.

[paulfariello]

My last push is just a first attempt on update and upload implementation. It push to mocked server.
I also have an issue with start tls on mocked server.

[untitaker]

Are ldap://-urls SSL by default?

[untitaker]

I believe I've fixed the issue with ssl, let's just expect that the connection is fully set up if it's passed into the storage. I think ldap doesn't deal with SSL very well when mocked, but in our case SSL is not of any use anyway.

[untitaker]

Just got around to reviewing all of the LDAP storage. Unfortunately upload and update still need a lot of work.

[untitaker]

Upload needs to return the assigned href and etag. It appears that your href is dn, but the etag has to be fetched like in list and get.

Also add_entry returns a boolean that indicates whether the entry has been added, you should check for that.

[untitaker]

Here you have no fallback from whenChanged to item.hash like you have in list. I suggest a separate helper function (outside of the storage class) for this.

[untitaker]

This conversion from entry to item could be its own function (outside of storage class)

[untitaker]

add_entry will do nothing if the item already exists, but if I call update, the item always exists. update is also expected to fail if the passed etag does not match the etag of the item on the server.

I think modify or how it's called is more appropriate than add_entry, but I'm not sure since I couldn't find much docs :(

[untitaker]

Also please contact me if there are any questions at all, PM, direct email, whatever too.

[untitaker]

@paulfariello Ping!

[untitaker]

Closing this due to inactivity, but for reference, this is a good start for a successor PR.