kwargs['max_length'] = 200
super(CharField, self).__init__(*args, **kwargs)
- def get_db_prep_value(self, value):
- """Returns field's value prepared for interacting with the database
- backend.
-
- Used by the default implementations of ``get_db_prep_save``and
- `get_db_prep_lookup```
- """
- return value.replace('\\', '\\5c') \
- .replace('*', '\\2a') \
- .replace('(', '\\28') \
- .replace(')', '\\29') \
- .replace('\0', '\\00')
-
class ImageField(fields.Field):
pass
from copy import deepcopy
import ldap
-from django.db.models.fields import Field
from django.db.models.query import QuerySet as BaseQuerySet
from django.db.models.query_utils import Q
from django.db.models.sql import Query as BaseQuery
import ldapdb
+def escape_ldap_filter(value):
+ value = str(value)
+ return value.replace('\\', '\\5c') \
+ .replace('*', '\\2a') \
+ .replace('(', '\\28') \
+ .replace(')', '\\29') \
+ .replace('\0', '\\00')
+
class Constraint(BaseConstraint):
"""
An object that can be passed to WhereNode.add() and knows how to
from django.db.models.base import ObjectDoesNotExist
if lookup_type == 'endswith':
- params = ["*%s" % value]
+ params = ["*%s" % escape_ldap_filter(value)]
elif lookup_type == 'startswith':
- params = ["%s*" % value]
+ params = ["%s*" % escape_ldap_filter(value)]
elif lookup_type == 'exact':
- params = [value]
+ params = [escape_ldap_filter(value)]
elif lookup_type == 'in':
- params = [v for v in value]
+ params = [escape_ldap_filter(v) for v in value]
else:
raise TypeError("Field has invalid lookup: %s" % lookup_type)
from django.db.models.sql.where import Constraint, AND, OR
from ldapdb.models.fields import CharField
-from ldapdb.models.query import WhereNode
-
-class FieldTestCase(TestCase):
- def test_db_prep(self):
- field = CharField()
+from ldapdb.models.query import WhereNode, escape_ldap_filter
class WhereTestCase(TestCase):
+ def test_escape(self):
+ self.assertEquals(escape_ldap_filter('foo*bar'), 'foo\\2abar')
+ self.assertEquals(escape_ldap_filter('foo(bar'), 'foo\\28bar')
+ self.assertEquals(escape_ldap_filter('foo)bar'), 'foo\\29bar')
+ self.assertEquals(escape_ldap_filter('foo\\bar'), 'foo\\5cbar')
+ self.assertEquals(escape_ldap_filter('foo\\bar*wiz'), 'foo\\5cbar\\2awiz')
+
def test_single(self):
where = WhereNode()
where.add((Constraint("cn", "cn", None), 'exact', "test"), AND)
where.add((Constraint("cn", "cn", None), 'in', ["foo", "bar"]), AND)
self.assertEquals(where.as_sql(), "(|(cn=foo)(cn=bar))")
+ def test_escaped(self):
+ where = WhereNode()
+ where.add((Constraint("cn", "cn", None), 'exact', "(test)"), AND)
+ self.assertEquals(where.as_sql(), "(cn=\\28test\\29)")
+
def test_and(self):
where = WhereNode()
where.add((Constraint("cn", "cn", None), 'exact', "foo"), AND)
projects / matthijs / upstream / django-ldapdb.git / commitdiff