@@ -35,6 +35,8 @@ class AuthManagement:
3535 _URL_TEMPLATES = {
3636 "config" : "system/auth/config" ,
3737 "test" : "system/auth/test" ,
38+ "groups" : "system/auth/groups" ,
39+ "refresh" : "system/auth/refresh" ,
3840 }
3941
4042 def __init__ (self , session : Client , auto_sync = True , auto_sync_interval = 1.0 ):
@@ -167,6 +169,29 @@ def update_settings(self, settings_dict: dict | None = None, **kwargs) -> None:
167169 self ._session .put (url , json = settings )
168170 self .sync ()
169171
172+ def get_ldap_groups (self , search_filter = None ):
173+ """
174+ Get CNs of groups available on the LDAP server, optionally filtered
175+ by supplied filter.
176+
177+ :param search_filter: An optional filter applied to the search.
178+ :returns: A list of CNs of found groups.
179+ """
180+ params = {"filter" : search_filter } if search_filter else None
181+ url = self ._url_for ("groups" )
182+ response = self ._session .get (url , params = params )
183+ return response .json ()
184+
185+ def refresh_ldap_groups (self ):
186+ """
187+ Refresh the members of LDAP groups. Removes any users from the group that are
188+ not LDAP users or not a part of said group on LDAP, and adds any users that
189+ are LDAP users and are a part of said group on LDAP.
190+ """
191+ url = self ._url_for ("refresh" )
192+ response = self ._session .put (url )
193+ return response .json ()
194+
170195 def test_auth (self , config : dict , username : str , password : str ) -> dict :
171196 """
172197 Test a set of credentials against the specified authentication configuration.
@@ -185,6 +210,23 @@ def test_auth(self, config: dict, username: str, password: str) -> dict:
185210 response = self ._session .post (url , json = body )
186211 return response .json ()
187212
213+ def test_group (self , config : dict , group_name : str ) -> dict :
214+ """
215+ Test a group against the specified authentication configuration.
216+
217+ :param config: A dictionary of authentication settings to test against
218+ (including manager password).
219+ :param username: The group name to test.
220+ :returns: Results of the test.
221+ """
222+ body = {
223+ "auth-config" : config ,
224+ "auth-data" : {"group_name" : group_name },
225+ }
226+ url = self ._url_for ("test" )
227+ response = self ._session .post (url , json = body )
228+ return response .json ()
229+
188230 def test_current_auth (
189231 self , manager_password : str , username : str , password : str
190232 ) -> dict :
@@ -207,6 +249,25 @@ def test_current_auth(
207249 response = self ._session .post (url , json = body )
208250 return response .json ()
209251
252+ def test_current_group (self , manager_password : str , group_name : str ) -> dict :
253+ """
254+ Test a group against the currently applied authentication
255+ configuration.
256+
257+ :param manager_password: The manager password to allow testing.
258+ :param username: The group name to test.
259+ :returns: Results of the test.
260+ """
261+ current = self .get_settings ()
262+ current ["manager_password" ] = manager_password
263+ body = {
264+ "auth-config" : current ,
265+ "auth-data" : {"group_name" : group_name },
266+ }
267+ url = self ._url_for ("test" )
268+ response = self ._session .post (url , json = body )
269+ return response .json ()
270+
210271
211272class AuthMethodManager :
212273 """
0 commit comments