diff --git a/app/ldap_protocol/policies/network/gateway.py b/app/ldap_protocol/policies/network/gateway.py deleted file mode 100644 index 441243a18..000000000 --- a/app/ldap_protocol/policies/network/gateway.py +++ /dev/null @@ -1,136 +0,0 @@ -"""Network policies gateway. - -Copyright (c) 2025 MultiFactor -License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE -""" - -from sqlalchemy import delete, exists, func, select, update -from sqlalchemy.exc import IntegrityError -from sqlalchemy.ext.asyncio import AsyncSession -from sqlalchemy.orm import selectinload - -from entities import Group, NetworkPolicy -from ldap_protocol.policies.network.exceptions import ( - NetworkPolicyAlreadyExistsError, - NetworkPolicyNotFoundError, -) -from ldap_protocol.utils.queries import get_groups -from repo.pg.tables import queryable_attr as qa - - -class NetworkPolicyGateway: - """Network policy gateway.""" - - def __init__(self, session: AsyncSession): - """Initialize Network policy gateway.""" - self._session = session - - async def get(self, _id: int) -> NetworkPolicy: - """Get network policy.""" - policy = await self._session.scalar( - select(NetworkPolicy) - .filter_by(id=_id) - .options( - selectinload(qa(NetworkPolicy.groups)).selectinload( - qa(Group.directory), - ), - selectinload(qa(NetworkPolicy.mfa_groups)).selectinload( - qa(Group.directory), - ), - ), - ) - if not policy: - raise NetworkPolicyNotFoundError( - f"Policy with id {_id} not found.", - ) - return policy - - async def create( - self, - policy: NetworkPolicy, - ) -> NetworkPolicy: - """Get network policy.""" - try: - self._session.add(policy) - await self._session.flush() - await self._session.refresh(policy) - return policy - except IntegrityError: - raise NetworkPolicyAlreadyExistsError("Entry already exists") - - async def get_groups(self, groups: list[str]) -> list[Group]: - return await get_groups(groups, self._session) - - async def get_list_policies(self) -> list[NetworkPolicy]: - result = await self._session.scalars( - select(NetworkPolicy) - .options( - selectinload(qa(NetworkPolicy.groups)).selectinload( - qa(Group.directory), - ), - selectinload(qa(NetworkPolicy.mfa_groups)).selectinload( - qa(Group.directory), - ), - ) - .order_by(qa(NetworkPolicy.priority).asc()), - ) - return list(result) - - async def get_with_for_update(self, _id: int) -> NetworkPolicy: - policy = await self._session.scalar( - select(NetworkPolicy) - .filter_by(id=_id) - .with_for_update() - .options( - selectinload(qa(NetworkPolicy.groups)).selectinload( - qa(Group.directory), - ), - selectinload(qa(NetworkPolicy.mfa_groups)).selectinload( - qa(Group.directory), - ), - ), - ) - if not policy: - raise NetworkPolicyNotFoundError( - f"Policy with id {_id} not found.", - ) - return policy - - async def delete(self, _id: int) -> None: - await self._session.execute( - delete(NetworkPolicy) - .filter_by(id=_id), - ) # fmt: skip - await self._session.flush() - - async def get_policy_count(self) -> int: - count = await self._session.scalars( - select(func.count()) - .select_from(NetworkPolicy) - .filter_by(enabled=True), - ) - return count.one() - - async def update_priority(self, priority: int) -> None: - await self._session.execute( - update(NetworkPolicy) - .values({"priority": NetworkPolicy.priority - 1}) - .filter(qa(NetworkPolicy.priority) > priority), - ) - - async def disable_policy(self, _id: int) -> None: - await self._session.execute( - update(NetworkPolicy).filter_by(id=_id).values(enabled=False), - ) - - async def check_policy_exists(self, policy: NetworkPolicy) -> bool: - result = await self._session.scalars( - select( - exists(NetworkPolicy).where( - qa(NetworkPolicy.name) == policy.name, - qa(NetworkPolicy.netmasks) == policy.netmasks, - qa(NetworkPolicy.id) != policy.id, - ), - ), - ) - return result.one() diff --git a/app/ldap_protocol/policies/network/validator_protocol.py b/app/ldap_protocol/policies/network/validator_protocol.py deleted file mode 100644 index 5ead88a2f..000000000 --- a/app/ldap_protocol/policies/network/validator_protocol.py +++ /dev/null @@ -1,72 +0,0 @@ -"""Network policy validator protocol. - -Copyright (c) 2025 MultiFactor -License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE -""" - -from ipaddress import IPv4Address, IPv6Address -from typing import Protocol - -from entities import NetworkPolicy, User -from enums import ProtocolType - - -class NetworkPolicyValidatorProtocol(Protocol): - """Protocol for validating network policies.""" - - async def get_user_http_policy( - self, - ip: IPv4Address | IPv6Address, - user: User, - ) -> NetworkPolicy | None: - """Get user HTTP policy.""" - ... - - async def get_user_kerberos_policy( - self, - ip: IPv4Address | IPv6Address, - user: User, - ) -> NetworkPolicy | None: - """Get user Kerberos policy.""" - ... - - async def get_user_ldap_policy( - self, - ip: IPv4Address | IPv6Address, - user: User, - ) -> NetworkPolicy | None: - """Get user LDAP policy.""" - ... - - async def check_mfa_group( - self, - policy: NetworkPolicy, - user: User, - ) -> bool: - """Check if user is in a group with MFA policy.""" - ... - - async def is_user_group_valid( - self, - user: User | None, - policy: NetworkPolicy | None, - ) -> bool: - """Validate user groups, is it including to policy.""" - ... - - async def get_user_network_policy( - self, - ip: IPv4Address | IPv6Address, - user: User, - policy_type: ProtocolType, - ) -> NetworkPolicy | None: - """Get the highest priority network policy.""" - ... - - async def get_by_protocol( - self, - ip: IPv4Address | IPv6Address, - protocol_type: ProtocolType, - ) -> NetworkPolicy | None: - """Get network policy by protocol.""" - ... diff --git a/app/__main__.py b/src/__main__.py similarity index 100% rename from app/__main__.py rename to src/__main__.py diff --git a/app/abstract_dao.py b/src/abstract_db_gateway.py similarity index 94% rename from app/abstract_dao.py rename to src/abstract_db_gateway.py index 793557b4e..ec4226c75 100644 --- a/app/abstract_dao.py +++ b/src/abstract_db_gateway.py @@ -11,7 +11,7 @@ _A = TypeVar("_A", int, str, contravariant=True) -class AbstractDAO(Protocol[_T, _A]): +class AbstractDBGateWay(Protocol[_T, _A]): """Abstract Data Access Object (DAO) interface.""" @abstractmethod diff --git a/app/abstract_service.py b/src/abstract_service.py similarity index 100% rename from app/abstract_service.py rename to src/abstract_service.py diff --git a/app/alembic.ini b/src/alembic.ini similarity index 100% rename from app/alembic.ini rename to src/alembic.ini diff --git a/app/alembic/README b/src/alembic/README similarity index 100% rename from app/alembic/README rename to src/alembic/README diff --git a/app/alembic/env.py b/src/alembic/env.py similarity index 98% rename from app/alembic/env.py rename to src/alembic/env.py index 6c08a67bd..2611c5c70 100644 --- a/app/alembic/env.py +++ b/src/alembic/env.py @@ -9,6 +9,7 @@ from sqlalchemy.ext.asyncio import AsyncConnection from config import Settings +from infrastructure.pg.tables import metadata from ioc import ( HTTPProvider, MainProvider, @@ -16,7 +17,6 @@ MFAProvider, MigrationProvider, ) -from repo.pg.tables import metadata # this is the Alembic Config object, which provides # access to the values within the .ini file in use. diff --git a/app/alembic/script.py.mako b/src/alembic/script.py.mako similarity index 100% rename from app/alembic/script.py.mako rename to src/alembic/script.py.mako diff --git a/app/alembic/versions/01f3f05a5b11_add_primary_group_id.py b/src/alembic/versions/01f3f05a5b11_add_primary_group_id.py similarity index 94% rename from app/alembic/versions/01f3f05a5b11_add_primary_group_id.py rename to src/alembic/versions/01f3f05a5b11_add_primary_group_id.py index 73be02c1d..27d8b9910 100644 --- a/app/alembic/versions/01f3f05a5b11_add_primary_group_id.py +++ b/src/alembic/versions/01f3f05a5b11_add_primary_group_id.py @@ -14,22 +14,22 @@ from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession from sqlalchemy.orm import Session, selectinload -from constants import DOMAIN_COMPUTERS_GROUP_NAME -from entities import Attribute, Directory, EntityType, Group -from enums import EntityTypeNames -from extra.alembic_utils import temporary_stub_column -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, ) -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.roles.role_use_case import RoleUseCase -from ldap_protocol.utils.queries import ( +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.roles.role_use_case import RoleUseCase +from application.utils.queries import ( create_group, get_base_directories, get_filter_from_path, get_search_path, ) -from repo.pg.tables import queryable_attr as qa +from constants import DOMAIN_COMPUTERS_GROUP_NAME +from domain.entities import Attribute, Directory, EntityType, Group +from enums import EntityTypeNames +from extra.alembic_utils import temporary_stub_column +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "01f3f05a5b11" diff --git a/app/alembic/versions/05ddc0bd562a_add_roles.py b/src/alembic/versions/05ddc0bd562a_add_roles.py similarity index 97% rename from app/alembic/versions/05ddc0bd562a_add_roles.py rename to src/alembic/versions/05ddc0bd562a_add_roles.py index aff773460..70574bac4 100644 --- a/app/alembic/versions/05ddc0bd562a_add_roles.py +++ b/src/alembic/versions/05ddc0bd562a_add_roles.py @@ -11,11 +11,11 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Directory, Group +from application.roles.role_use_case import RoleUseCase +from application.utils.queries import get_base_directories +from domain.entities import Directory, Group from extra.alembic_utils import temporary_stub_column -from ldap_protocol.roles.role_use_case import RoleUseCase -from ldap_protocol.utils.queries import get_base_directories -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "05ddc0bd562a" diff --git a/app/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py b/src/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py similarity index 96% rename from app/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py rename to src/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py index 3cfbca4a2..271a07a75 100644 --- a/app/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py +++ b/src/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py @@ -14,9 +14,9 @@ from sqlalchemy.orm import Session, selectinload from constants import READ_ONLY_GROUP_NAME -from entities import Attribute, Directory +from domain.entities import Attribute, Directory from extra.alembic_utils import temporary_stub_column -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "16a9fa2c1f1e" diff --git a/app/alembic/versions/196f0d327c6a_.py b/src/alembic/versions/196f0d327c6a_.py similarity index 100% rename from app/alembic/versions/196f0d327c6a_.py rename to src/alembic/versions/196f0d327c6a_.py diff --git a/app/alembic/versions/275222846605_initial_ldap_schema.py b/src/alembic/versions/275222846605_initial_ldap_schema.py similarity index 99% rename from app/alembic/versions/275222846605_initial_ldap_schema.py rename to src/alembic/versions/275222846605_initial_ldap_schema.py index 226c9270b..14e5b466b 100644 --- a/app/alembic/versions/275222846605_initial_ldap_schema.py +++ b/src/alembic/versions/275222846605_initial_ldap_schema.py @@ -16,14 +16,14 @@ from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession from sqlalchemy.orm import Session, selectinload -from entities import Attribute, AttributeType, ObjectClass -from extra.alembic_utils import temporary_stub_column -from ldap_protocol.ldap_schema.attribute_type_dao import AttributeTypeDAO -from ldap_protocol.ldap_schema.dto import AttributeTypeDTO -from ldap_protocol.utils.raw_definition_parser import ( +from application.ldap_schema.attribute_type_dao import AttributeTypeDAO +from application.ldap_schema.dto import AttributeTypeDTO +from application.utils.raw_definition_parser import ( RawDefinitionParser as RDParser, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import Attribute, AttributeType, ObjectClass +from extra.alembic_utils import temporary_stub_column +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "275222846605" diff --git a/app/alembic/versions/35d1542d2505_add_entity_id.py b/src/alembic/versions/35d1542d2505_add_entity_id.py similarity index 100% rename from app/alembic/versions/35d1542d2505_add_entity_id.py rename to src/alembic/versions/35d1542d2505_add_entity_id.py diff --git a/app/alembic/versions/379fce54fb08_rename_base_cn_to_cc.py b/src/alembic/versions/379fce54fb08_rename_base_cn_to_cc.py similarity index 97% rename from app/alembic/versions/379fce54fb08_rename_base_cn_to_cc.py rename to src/alembic/versions/379fce54fb08_rename_base_cn_to_cc.py index 6d88c6d0f..185edfeab 100644 --- a/app/alembic/versions/379fce54fb08_rename_base_cn_to_cc.py +++ b/src/alembic/versions/379fce54fb08_rename_base_cn_to_cc.py @@ -13,8 +13,8 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Attribute, Directory -from repo.pg.tables import queryable_attr as qa +from domain.entities import Attribute, Directory +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "379fce54fb08" diff --git a/app/alembic/versions/4334e2e871a4_add_sessions_ttl.py b/src/alembic/versions/4334e2e871a4_add_sessions_ttl.py similarity index 100% rename from app/alembic/versions/4334e2e871a4_add_sessions_ttl.py rename to src/alembic/versions/4334e2e871a4_add_sessions_ttl.py diff --git a/app/alembic/versions/4442d1d982a4_remove_krb_policy.py b/src/alembic/versions/4442d1d982a4_remove_krb_policy.py similarity index 94% rename from app/alembic/versions/4442d1d982a4_remove_krb_policy.py rename to src/alembic/versions/4442d1d982a4_remove_krb_policy.py index 5673da6a8..22ad65bca 100644 --- a/app/alembic/versions/4442d1d982a4_remove_krb_policy.py +++ b/src/alembic/versions/4442d1d982a4_remove_krb_policy.py @@ -12,7 +12,7 @@ from sqlalchemy import delete from sqlalchemy.orm import Session -from entities import Attribute, Directory +from domain.entities import Attribute, Directory from extra.alembic_utils import temporary_stub_column # revision identifiers, used by Alembic. diff --git a/app/alembic/versions/4798b12b97aa_dedicated_servers.py b/src/alembic/versions/4798b12b97aa_dedicated_servers.py similarity index 96% rename from app/alembic/versions/4798b12b97aa_dedicated_servers.py rename to src/alembic/versions/4798b12b97aa_dedicated_servers.py index ae625df78..55d26163f 100644 --- a/app/alembic/versions/4798b12b97aa_dedicated_servers.py +++ b/src/alembic/versions/4798b12b97aa_dedicated_servers.py @@ -12,8 +12,8 @@ from loguru import logger from sqlalchemy.orm import Session -from entities import CatalogueSetting, DedicatedServer -from repo.pg.tables import queryable_attr as qa +from domain.entities import CatalogueSetting, DedicatedServer +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "4798b12b97aa" diff --git a/app/alembic/versions/4e8772277cfe_add_web_permissions.py b/src/alembic/versions/4e8772277cfe_add_web_permissions.py similarity index 94% rename from app/alembic/versions/4e8772277cfe_add_web_permissions.py rename to src/alembic/versions/4e8772277cfe_add_web_permissions.py index 8567f40e5..155464231 100644 --- a/app/alembic/versions/4e8772277cfe_add_web_permissions.py +++ b/src/alembic/versions/4e8772277cfe_add_web_permissions.py @@ -11,9 +11,9 @@ from sqlalchemy import Column, select, text from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Role +from domain.entities import Role from enums import AuthorizationRules, RoleConstants -from repo.pg.types import AuthorizationRulesType +from infrastructure.pg.types import AuthorizationRulesType # revision identifiers, used by Alembic. revision: None | str = "4e8772277cfe" diff --git a/app/alembic/versions/56082d7ac0d4_remove_old_templates.py b/src/alembic/versions/56082d7ac0d4_remove_old_templates.py similarity index 100% rename from app/alembic/versions/56082d7ac0d4_remove_old_templates.py rename to src/alembic/versions/56082d7ac0d4_remove_old_templates.py diff --git a/app/alembic/versions/59e98bbd8ad8_.py b/src/alembic/versions/59e98bbd8ad8_.py similarity index 100% rename from app/alembic/versions/59e98bbd8ad8_.py rename to src/alembic/versions/59e98bbd8ad8_.py diff --git a/app/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py b/src/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py similarity index 94% rename from app/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py rename to src/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py index 6d101e95a..24ec7a0fa 100644 --- a/app/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py +++ b/src/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py @@ -13,11 +13,11 @@ from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession from sqlalchemy.orm import joinedload -from entities import Attribute, Directory +from application.objects import UserAccountControlFlag +from application.utils.helpers import create_integer_hash +from domain.entities import Attribute, Directory from extra.alembic_utils import temporary_stub_column -from ldap_protocol.objects import UserAccountControlFlag -from ldap_protocol.utils.helpers import create_integer_hash -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "6303f5c706ec" diff --git a/app/alembic/versions/692ae64e0cc5_.py b/src/alembic/versions/692ae64e0cc5_.py old mode 100755 new mode 100644 similarity index 100% rename from app/alembic/versions/692ae64e0cc5_.py rename to src/alembic/versions/692ae64e0cc5_.py diff --git a/app/alembic/versions/6c858cc05da7_add_default_admin_name.py b/src/alembic/versions/6c858cc05da7_add_default_admin_name.py similarity index 93% rename from app/alembic/versions/6c858cc05da7_add_default_admin_name.py rename to src/alembic/versions/6c858cc05da7_add_default_admin_name.py index 7b1a59f1e..054931745 100644 --- a/app/alembic/versions/6c858cc05da7_add_default_admin_name.py +++ b/src/alembic/versions/6c858cc05da7_add_default_admin_name.py @@ -11,9 +11,9 @@ from dishka import AsyncContainer from sqlalchemy.orm import Session -from entities import Attribute, User +from domain.entities import Attribute, User from extra.alembic_utils import temporary_stub_column -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "6c858cc05da7" diff --git a/app/alembic/versions/6f8fe2548893_fix_read_only.py b/src/alembic/versions/6f8fe2548893_fix_read_only.py similarity index 95% rename from app/alembic/versions/6f8fe2548893_fix_read_only.py rename to src/alembic/versions/6f8fe2548893_fix_read_only.py index 8d0f87874..86a2851cf 100644 --- a/app/alembic/versions/6f8fe2548893_fix_read_only.py +++ b/src/alembic/versions/6f8fe2548893_fix_read_only.py @@ -12,10 +12,10 @@ from sqlalchemy import delete, select, update from sqlalchemy.orm import Session +from application.utils.helpers import create_integer_hash from constants import DOMAIN_USERS_GROUP_NAME -from entities import Attribute, Directory +from domain.entities import Attribute, Directory from extra.alembic_utils import temporary_stub_column -from ldap_protocol.utils.helpers import create_integer_hash # revision identifiers, used by Alembic. revision = "6f8fe2548893" diff --git a/app/alembic/versions/71e642808369_add_directory_is_system.py b/src/alembic/versions/71e642808369_add_directory_is_system.py similarity index 95% rename from app/alembic/versions/71e642808369_add_directory_is_system.py rename to src/alembic/versions/71e642808369_add_directory_is_system.py index 398d6f6df..ddfd11f07 100644 --- a/app/alembic/versions/71e642808369_add_directory_is_system.py +++ b/src/alembic/versions/71e642808369_add_directory_is_system.py @@ -13,15 +13,15 @@ from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession from sqlalchemy.orm import Session +from application.utils.queries import get_base_directories from constants import ( DOMAIN_ADMIN_GROUP_NAME, DOMAIN_COMPUTERS_GROUP_NAME, DOMAIN_USERS_GROUP_NAME, READ_ONLY_GROUP_NAME, ) -from entities import Directory -from ldap_protocol.utils.queries import get_base_directories -from repo.pg.tables import queryable_attr as qa +from domain.entities import Directory +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "71e642808369" diff --git a/app/alembic/versions/8164b4a9e1f1_add_ou_computers.py b/src/alembic/versions/8164b4a9e1f1_add_ou_computers.py similarity index 91% rename from app/alembic/versions/8164b4a9e1f1_add_ou_computers.py rename to src/alembic/versions/8164b4a9e1f1_add_ou_computers.py index a4eb7297c..99c36e915 100644 --- a/app/alembic/versions/8164b4a9e1f1_add_ou_computers.py +++ b/src/alembic/versions/8164b4a9e1f1_add_ou_computers.py @@ -12,11 +12,11 @@ from sqlalchemy import delete, exists, select from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Directory +from application.roles.role_use_case import RoleUseCase +from application.utils.queries import get_base_directories +from domain.entities import Directory from extra.alembic_utils import temporary_stub_column -from ldap_protocol.roles.role_use_case import RoleUseCase -from ldap_protocol.utils.queries import get_base_directories -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "8164b4a9e1f1" @@ -37,7 +37,7 @@ @temporary_stub_column("is_system", sa.Boolean()) def upgrade(container: AsyncContainer) -> None: """Upgrade.""" - from ldap_protocol.auth.setup_gateway import SetupGateway + from application.auth.setup_gateway import SetupGateway async def _create_ou_computers(connection: AsyncConnection) -> None: # noqa: ARG001 async with container(scope=Scope.REQUEST) as cnt: diff --git a/app/alembic/versions/8c2bd40dd809_add_protocols_attr.py b/src/alembic/versions/8c2bd40dd809_add_protocols_attr.py similarity index 100% rename from app/alembic/versions/8c2bd40dd809_add_protocols_attr.py rename to src/alembic/versions/8c2bd40dd809_add_protocols_attr.py diff --git a/app/alembic/versions/93ba193c6a53_add_hash_index_on_dir_path.py b/src/alembic/versions/93ba193c6a53_add_hash_index_on_dir_path.py similarity index 100% rename from app/alembic/versions/93ba193c6a53_add_hash_index_on_dir_path.py rename to src/alembic/versions/93ba193c6a53_add_hash_index_on_dir_path.py diff --git a/app/alembic/versions/a1b2c3d4e5f6_rename_services_to_system.py b/src/alembic/versions/a1b2c3d4e5f6_rename_services_to_system.py similarity index 97% rename from app/alembic/versions/a1b2c3d4e5f6_rename_services_to_system.py rename to src/alembic/versions/a1b2c3d4e5f6_rename_services_to_system.py index e8d480d94..ebf6884b4 100644 --- a/app/alembic/versions/a1b2c3d4e5f6_rename_services_to_system.py +++ b/src/alembic/versions/a1b2c3d4e5f6_rename_services_to_system.py @@ -11,8 +11,8 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Attribute, Directory -from repo.pg.tables import queryable_attr as qa +from domain.entities import Attribute, Directory +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "a1b2c3d4e5f6" diff --git a/app/alembic/versions/a7971f00ba4d_index_single_level.py b/src/alembic/versions/a7971f00ba4d_index_single_level.py similarity index 100% rename from app/alembic/versions/a7971f00ba4d_index_single_level.py rename to src/alembic/versions/a7971f00ba4d_index_single_level.py diff --git a/app/alembic/versions/a99f866a7e3a_add_user_pwd_reset_permission.py b/src/alembic/versions/a99f866a7e3a_add_user_pwd_reset_permission.py similarity index 98% rename from app/alembic/versions/a99f866a7e3a_add_user_pwd_reset_permission.py rename to src/alembic/versions/a99f866a7e3a_add_user_pwd_reset_permission.py index 47aece016..45d3853d0 100644 --- a/app/alembic/versions/a99f866a7e3a_add_user_pwd_reset_permission.py +++ b/src/alembic/versions/a99f866a7e3a_add_user_pwd_reset_permission.py @@ -11,7 +11,7 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Role +from domain.entities import Role from enums import AuthorizationRules, RoleConstants # revision identifiers, used by Alembic. diff --git a/app/alembic/versions/ad52bc16b87d_extend_password_policy_for_api.py b/src/alembic/versions/ad52bc16b87d_extend_password_policy_for_api.py similarity index 97% rename from app/alembic/versions/ad52bc16b87d_extend_password_policy_for_api.py rename to src/alembic/versions/ad52bc16b87d_extend_password_policy_for_api.py index 26b592787..c11c0bfd1 100644 --- a/app/alembic/versions/ad52bc16b87d_extend_password_policy_for_api.py +++ b/src/alembic/versions/ad52bc16b87d_extend_password_policy_for_api.py @@ -12,10 +12,10 @@ from sqlalchemy import update from sqlalchemy.orm import Session -from entities import PasswordPolicy -from ldap_protocol.policies.password.dataclasses import ( +from application.policies.password.dataclasses import ( DefaultDomainPasswordPolicyPreset, ) +from domain.entities import PasswordPolicy # revision identifiers, used by Alembic. revision: None | str = "ad52bc16b87d" diff --git a/app/alembic/versions/ba78cef9700a_initial_entity_type.py b/src/alembic/versions/ba78cef9700a_initial_entity_type.py similarity index 94% rename from app/alembic/versions/ba78cef9700a_initial_entity_type.py rename to src/alembic/versions/ba78cef9700a_initial_entity_type.py index 0e6744919..d450807c7 100644 --- a/app/alembic/versions/ba78cef9700a_initial_entity_type.py +++ b/src/alembic/versions/ba78cef9700a_initial_entity_type.py @@ -13,14 +13,14 @@ from sqlalchemy.dialects import postgresql from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession +from application.ldap_schema.dto import EntityTypeDTO +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.ldap_schema.entity_type_use_case import EntityTypeUseCase +from application.utils.queries import get_base_directories from constants import ENTITY_TYPE_DATAS -from entities import Attribute, Directory, User +from domain.entities import Attribute, Directory, User from extra.alembic_utils import temporary_stub_column -from ldap_protocol.ldap_schema.dto import EntityTypeDTO -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.ldap_schema.entity_type_use_case import EntityTypeUseCase -from ldap_protocol.utils.queries import get_base_directories -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "ba78cef9700a" diff --git a/app/alembic/versions/bf435bbd95ff_add_rdn_attr_name.py b/src/alembic/versions/bf435bbd95ff_add_rdn_attr_name.py similarity index 95% rename from app/alembic/versions/bf435bbd95ff_add_rdn_attr_name.py rename to src/alembic/versions/bf435bbd95ff_add_rdn_attr_name.py index 88eaf4581..5edc94061 100644 --- a/app/alembic/versions/bf435bbd95ff_add_rdn_attr_name.py +++ b/src/alembic/versions/bf435bbd95ff_add_rdn_attr_name.py @@ -11,9 +11,9 @@ from dishka import AsyncContainer from sqlalchemy.orm import Session -from entities import Attribute, Directory +from domain.entities import Attribute, Directory from extra.alembic_utils import temporary_stub_column -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "bf435bbd95ff" diff --git a/app/alembic/versions/bv546ccd35fa_fix_krbadmin_attrs.py b/src/alembic/versions/bv546ccd35fa_fix_krbadmin_attrs.py similarity index 95% rename from app/alembic/versions/bv546ccd35fa_fix_krbadmin_attrs.py rename to src/alembic/versions/bv546ccd35fa_fix_krbadmin_attrs.py index dfaa36aa0..2b4b1eb4a 100644 --- a/app/alembic/versions/bv546ccd35fa_fix_krbadmin_attrs.py +++ b/src/alembic/versions/bv546ccd35fa_fix_krbadmin_attrs.py @@ -11,9 +11,9 @@ from dishka import AsyncContainer from sqlalchemy.orm import Session -from entities import Attribute, Directory +from domain.entities import Attribute, Directory from extra.alembic_utils import temporary_stub_column -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "bv546ccd35fa" diff --git a/app/alembic/versions/c007129b7973_renew_sls_gpos_rsops.py b/src/alembic/versions/c007129b7973_renew_sls_gpos_rsops.py similarity index 100% rename from app/alembic/versions/c007129b7973_renew_sls_gpos_rsops.py rename to src/alembic/versions/c007129b7973_renew_sls_gpos_rsops.py diff --git a/app/alembic/versions/c4888c68e221_fix_admin_attr_and_policy.py b/src/alembic/versions/c4888c68e221_fix_admin_attr_and_policy.py similarity index 90% rename from app/alembic/versions/c4888c68e221_fix_admin_attr_and_policy.py rename to src/alembic/versions/c4888c68e221_fix_admin_attr_and_policy.py index dbaa321be..6ee6cb690 100644 --- a/app/alembic/versions/c4888c68e221_fix_admin_attr_and_policy.py +++ b/src/alembic/versions/c4888c68e221_fix_admin_attr_and_policy.py @@ -12,12 +12,12 @@ from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession from sqlalchemy.orm import joinedload -from entities import Attribute, Directory, NetworkPolicy +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.utils.helpers import create_integer_hash +from application.utils.queries import get_base_directories +from domain.entities import Attribute, Directory, NetworkPolicy from extra.alembic_utils import temporary_stub_column -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.utils.helpers import create_integer_hash -from ldap_protocol.utils.queries import get_base_directories -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "c4888c68e221" diff --git a/app/alembic/versions/c5a9b3f2e8d7_add_contact_object_class.py b/src/alembic/versions/c5a9b3f2e8d7_add_contact_object_class.py similarity index 88% rename from app/alembic/versions/c5a9b3f2e8d7_add_contact_object_class.py rename to src/alembic/versions/c5a9b3f2e8d7_add_contact_object_class.py index 33bd3a433..1f7b1dc46 100644 --- a/app/alembic/versions/c5a9b3f2e8d7_add_contact_object_class.py +++ b/src/alembic/versions/c5a9b3f2e8d7_add_contact_object_class.py @@ -11,12 +11,12 @@ from sqlalchemy import delete from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import EntityType +from application.ldap_schema.dto import EntityTypeDTO +from application.ldap_schema.entity_type_use_case import EntityTypeUseCase +from application.utils.queries import get_base_directories +from domain.entities import EntityType from enums import EntityTypeNames -from ldap_protocol.ldap_schema.dto import EntityTypeDTO -from ldap_protocol.ldap_schema.entity_type_use_case import EntityTypeUseCase -from ldap_protocol.utils.queries import get_base_directories -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "c5a9b3f2e8d7" diff --git a/app/alembic/versions/dafg3a4b22ab_add_preauth_princ.py b/src/alembic/versions/dafg3a4b22ab_add_preauth_princ.py similarity index 93% rename from app/alembic/versions/dafg3a4b22ab_add_preauth_princ.py rename to src/alembic/versions/dafg3a4b22ab_add_preauth_princ.py index 38d982694..0c3dd4ece 100644 --- a/app/alembic/versions/dafg3a4b22ab_add_preauth_princ.py +++ b/src/alembic/versions/dafg3a4b22ab_add_preauth_princ.py @@ -11,10 +11,10 @@ from dishka import AsyncContainer from sqlalchemy.orm import Session -from entities import Attribute, CatalogueSetting, User +from application.kerberos import KERBEROS_STATE_NAME +from domain.entities import Attribute, CatalogueSetting, User from extra.alembic_utils import temporary_stub_column -from ldap_protocol.kerberos import KERBEROS_STATE_NAME -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "dafg3a4b22ab" diff --git a/app/alembic/versions/df4c52a613e5_migrate_password_prop_from_E.py b/src/alembic/versions/df4c52a613e5_migrate_password_prop_from_E.py similarity index 98% rename from app/alembic/versions/df4c52a613e5_migrate_password_prop_from_E.py rename to src/alembic/versions/df4c52a613e5_migrate_password_prop_from_E.py index 2a2c7d436..a097c0b7b 100644 --- a/app/alembic/versions/df4c52a613e5_migrate_password_prop_from_E.py +++ b/src/alembic/versions/df4c52a613e5_migrate_password_prop_from_E.py @@ -13,10 +13,10 @@ from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession from sqlalchemy.orm import Session -from entities import PasswordPolicy -from ldap_protocol.policies.password.ban_word_repository import ( +from application.policies.password.ban_word_repository import ( PasswordBanWordRepository, ) +from domain.entities import PasswordPolicy # revision identifiers, used by Alembic. revision: None | str = "df4c52a613e5" diff --git a/app/alembic/versions/e4d6d99d32bd_add_audit_policies.py b/src/alembic/versions/e4d6d99d32bd_add_audit_policies.py similarity index 92% rename from app/alembic/versions/e4d6d99d32bd_add_audit_policies.py rename to src/alembic/versions/e4d6d99d32bd_add_audit_policies.py index 0a64e7fb7..56864965e 100644 --- a/app/alembic/versions/e4d6d99d32bd_add_audit_policies.py +++ b/src/alembic/versions/e4d6d99d32bd_add_audit_policies.py @@ -14,12 +14,12 @@ from sqlalchemy.dialects import postgresql from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession +from application.policies.audit.audit_use_case import AuditUseCase +from application.policies.audit.destination_dao import AuditDestinationDAO +from application.policies.audit.events.managers import RawAuditManager +from application.policies.audit.policies_dao import AuditPoliciesDAO +from application.utils.queries import get_base_directories from extra.alembic_utils import temporary_stub_column -from ldap_protocol.policies.audit.audit_use_case import AuditUseCase -from ldap_protocol.policies.audit.destination_dao import AuditDestinationDAO -from ldap_protocol.policies.audit.events.managers import RawAuditManager -from ldap_protocol.policies.audit.policies_dao import AuditPoliciesDAO -from ldap_protocol.utils.queries import get_base_directories # revision identifiers, used by Alembic. revision = "e4d6d99d32bd" diff --git a/app/alembic/versions/ec45e3e8aa0f_drop_password_policy_id_column.py b/src/alembic/versions/ec45e3e8aa0f_drop_password_policy_id_column.py similarity index 100% rename from app/alembic/versions/ec45e3e8aa0f_drop_password_policy_id_column.py rename to src/alembic/versions/ec45e3e8aa0f_drop_password_policy_id_column.py diff --git a/app/alembic/versions/eeaed5989eb0_group_policies.py b/src/alembic/versions/eeaed5989eb0_group_policies.py similarity index 100% rename from app/alembic/versions/eeaed5989eb0_group_policies.py rename to src/alembic/versions/eeaed5989eb0_group_policies.py diff --git a/app/alembic/versions/f1abf7ef2443_add_container_object_class.py b/src/alembic/versions/f1abf7ef2443_add_container_object_class.py similarity index 98% rename from app/alembic/versions/f1abf7ef2443_add_container_object_class.py rename to src/alembic/versions/f1abf7ef2443_add_container_object_class.py index cf1c80e1b..730bbb0e6 100644 --- a/app/alembic/versions/f1abf7ef2443_add_container_object_class.py +++ b/src/alembic/versions/f1abf7ef2443_add_container_object_class.py @@ -12,10 +12,10 @@ from sqlalchemy import delete, func, insert, select, update from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Attribute, Directory, EntityType +from domain.entities import Attribute, Directory, EntityType from enums import EntityTypeNames from extra.alembic_utils import temporary_stub_column -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "f1abf7ef2443" diff --git a/app/alembic/versions/f24ed0e49df2_add_filter_anr.py b/src/alembic/versions/f24ed0e49df2_add_filter_anr.py similarity index 95% rename from app/alembic/versions/f24ed0e49df2_add_filter_anr.py rename to src/alembic/versions/f24ed0e49df2_add_filter_anr.py index b6ec3ee1a..758f76b20 100644 --- a/app/alembic/versions/f24ed0e49df2_add_filter_anr.py +++ b/src/alembic/versions/f24ed0e49df2_add_filter_anr.py @@ -12,8 +12,8 @@ from sqlalchemy.dialects import postgresql from sqlalchemy.orm import Session -from entities import AttributeType -from repo.pg.tables import queryable_attr as qa +from domain.entities import AttributeType +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision: None | str = "f24ed0e49df2" diff --git a/app/alembic/versions/f4e6cd18a01d_add_samaccounttype.py b/src/alembic/versions/f4e6cd18a01d_add_samaccounttype.py similarity index 95% rename from app/alembic/versions/f4e6cd18a01d_add_samaccounttype.py rename to src/alembic/versions/f4e6cd18a01d_add_samaccounttype.py index efb2d0af5..e2d3b5e1a 100644 --- a/app/alembic/versions/f4e6cd18a01d_add_samaccounttype.py +++ b/src/alembic/versions/f4e6cd18a01d_add_samaccounttype.py @@ -12,9 +12,9 @@ from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession from sqlalchemy.orm import joinedload -from entities import Attribute, Directory, EntityType +from domain.entities import Attribute, Directory, EntityType from enums import EntityTypeNames, SamAccountTypeCodes -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa revision: None | str = "f4e6cd18a01d" down_revision: None | str = "379fce54fb08" diff --git a/app/alembic/versions/f68a134a3685_add_bypass.py b/src/alembic/versions/f68a134a3685_add_bypass.py similarity index 100% rename from app/alembic/versions/f68a134a3685_add_bypass.py rename to src/alembic/versions/f68a134a3685_add_bypass.py diff --git a/app/alembic/versions/fafc3d0b11ec_.py b/src/alembic/versions/fafc3d0b11ec_.py similarity index 93% rename from app/alembic/versions/fafc3d0b11ec_.py rename to src/alembic/versions/fafc3d0b11ec_.py index 1ab09b6b3..22c63dd7d 100644 --- a/app/alembic/versions/fafc3d0b11ec_.py +++ b/src/alembic/versions/fafc3d0b11ec_.py @@ -13,17 +13,17 @@ from sqlalchemy.exc import DBAPIError, IntegrityError from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession -from entities import Directory -from extra.alembic_utils import temporary_stub_column -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, ) -from ldap_protocol.utils.queries import ( +from application.utils.queries import ( create_group, get_base_directories, get_search_path, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import Directory +from extra.alembic_utils import temporary_stub_column +from infrastructure.pg.tables import queryable_attr as qa # revision identifiers, used by Alembic. revision = "fafc3d0b11ec" diff --git a/app/alembic/versions/fc8b7617c60a_attr_index.py b/src/alembic/versions/fc8b7617c60a_attr_index.py similarity index 100% rename from app/alembic/versions/fc8b7617c60a_attr_index.py rename to src/alembic/versions/fc8b7617c60a_attr_index.py diff --git a/app/api/__init__.py b/src/api/__init__.py similarity index 100% rename from app/api/__init__.py rename to src/api/__init__.py diff --git a/app/api/audit/__init__.py b/src/api/audit/__init__.py similarity index 100% rename from app/api/audit/__init__.py rename to src/api/audit/__init__.py diff --git a/app/api/audit/adapter.py b/src/api/audit/adapter.py similarity index 94% rename from app/api/audit/adapter.py rename to src/api/audit/adapter.py index e7a39665d..12447b484 100644 --- a/app/api/audit/adapter.py +++ b/src/api/audit/adapter.py @@ -5,17 +5,17 @@ """ from api.base_adapter import BaseAdapter -from ldap_protocol.policies.audit.dataclasses import ( +from application.policies.audit.dataclasses import ( AuditDestinationDTO, AuditPolicyDTO, ) -from ldap_protocol.policies.audit.schemas import ( +from application.policies.audit.schemas import ( AuditDestinationResponse, AuditDestinationSchemaRequest, AuditPolicyResponse, AuditPolicySchemaRequest, ) -from ldap_protocol.policies.audit.service import AuditService +from application.policies.audit.service import AuditService class AuditPoliciesAdapter(BaseAdapter[AuditService]): diff --git a/app/api/audit/router.py b/src/api/audit/router.py similarity index 97% rename from app/api/audit/router.py rename to src/api/audit/router.py index 6209d0740..a36e25451 100644 --- a/app/api/audit/router.py +++ b/src/api/audit/router.py @@ -16,17 +16,17 @@ DomainErrorTranslator, ) from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.policies.audit.exception import ( +from application.policies.audit.exception import ( AuditAlreadyExistsError, AuditNotFoundError, ) -from ldap_protocol.policies.audit.schemas import ( +from application.policies.audit.schemas import ( AuditDestinationResponse, AuditDestinationSchemaRequest, AuditPolicyResponse, AuditPolicySchemaRequest, ) +from enums import DomainCodes from .adapter import AuditPoliciesAdapter diff --git a/app/api/auth/adapters/__init__.py b/src/api/auth/adapters/__init__.py similarity index 100% rename from app/api/auth/adapters/__init__.py rename to src/api/auth/adapters/__init__.py diff --git a/app/api/auth/adapters/auth.py b/src/api/auth/adapters/auth.py similarity index 95% rename from app/api/auth/adapters/auth.py rename to src/api/auth/adapters/auth.py index 50ed85ee7..db8b1b67d 100644 --- a/app/api/auth/adapters/auth.py +++ b/src/api/auth/adapters/auth.py @@ -10,14 +10,14 @@ from fastapi import Request from api.base_adapter import BaseAdapter -from ldap_protocol.auth import AuthManager -from ldap_protocol.auth.dto import SetupDTO -from ldap_protocol.auth.schemas import ( +from application.auth import AuthManager +from application.auth.dto import SetupDTO +from application.auth.schemas import ( MFAChallengeResponse, OAuth2Form, SetupRequest, ) -from ldap_protocol.dialogue import UserSchema +from application.dialogue import UserSchema _convert_request_to_dto = get_converter(SetupRequest, SetupDTO) diff --git a/app/api/auth/adapters/mfa.py b/src/api/auth/adapters/mfa.py similarity index 90% rename from app/api/auth/adapters/mfa.py rename to src/api/auth/adapters/mfa.py index 9fa3b4a02..a4a25fc12 100644 --- a/app/api/auth/adapters/mfa.py +++ b/src/api/auth/adapters/mfa.py @@ -10,10 +10,10 @@ from fastapi.responses import RedirectResponse from api.base_adapter import BaseAdapter -from ldap_protocol.auth import MFAManager -from ldap_protocol.auth.exceptions.mfa import MFATokenError -from ldap_protocol.auth.schemas import MFACreateRequest, MFAGetResponse -from ldap_protocol.multifactor import MFA_HTTP_Creds, MFA_LDAP_Creds +from application.auth import MFAManager +from application.auth.exceptions.mfa import MFATokenError +from application.auth.schemas import MFACreateRequest, MFAGetResponse +from application.multifactor import MFA_HTTP_Creds, MFA_LDAP_Creds class MFAFastAPIAdapter(BaseAdapter[MFAManager]): diff --git a/app/api/auth/adapters/session_gateway.py b/src/api/auth/adapters/session_gateway.py similarity index 97% rename from app/api/auth/adapters/session_gateway.py rename to src/api/auth/adapters/session_gateway.py index 165c8db74..681723afe 100644 --- a/app/api/auth/adapters/session_gateway.py +++ b/src/api/auth/adapters/session_gateway.py @@ -6,7 +6,7 @@ from typing import Literal, ParamSpec, TypeVar from api.base_adapter import BaseAdapter -from ldap_protocol.session_storage import SessionRepository +from application.session_storage import SessionRepository _P = ParamSpec("_P") _R = TypeVar("_R") diff --git a/app/api/auth/router_auth.py b/src/api/auth/router_auth.py similarity index 95% rename from app/api/auth/router_auth.py rename to src/api/auth/router_auth.py index a5c98911f..bd639759e 100644 --- a/app/api/auth/router_auth.py +++ b/src/api/auth/router_auth.py @@ -20,20 +20,19 @@ DomainErrorTranslator, ) from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.auth.exceptions.mfa import ( +from application.auth.exceptions.mfa import ( MFAAPIError, MFAConnectError, MFARequiredError, MissingMFACredentialsError, ) -from ldap_protocol.auth.schemas import ( +from application.auth.schemas import ( MFAChallengeResponse, OAuth2Form, SetupRequest, ) -from ldap_protocol.dialogue import UserSchema -from ldap_protocol.identity.exceptions import ( +from application.dialogue import UserSchema +from application.identity.exceptions import ( AlreadyConfiguredError, AuthValidationError, ForbiddenError, @@ -42,8 +41,9 @@ UnauthorizedError, UserNotFoundError, ) -from ldap_protocol.kerberos.exceptions import KRBAPIChangePasswordError -from ldap_protocol.session_storage import SessionStorage +from application.kerberos.exceptions import KRBAPIChangePasswordError +from application.session_storage import SessionStorage +from enums import DomainCodes from .utils import verify_auth diff --git a/app/api/auth/router_mfa.py b/src/api/auth/router_mfa.py similarity index 95% rename from app/api/auth/router_mfa.py rename to src/api/auth/router_mfa.py index 8e275b242..7403c700e 100644 --- a/app/api/auth/router_mfa.py +++ b/src/api/auth/router_mfa.py @@ -25,8 +25,7 @@ DomainErrorTranslator, ) from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.auth.exceptions.mfa import ( +from application.auth.exceptions.mfa import ( ForbiddenError, InvalidCredentialsError, MFAAPIError, @@ -35,8 +34,9 @@ NetworkPolicyError, NotFoundError, ) -from ldap_protocol.auth.schemas import MFACreateRequest, MFAGetResponse -from ldap_protocol.multifactor import MFA_HTTP_Creds, MFA_LDAP_Creds +from application.auth.schemas import MFACreateRequest, MFAGetResponse +from application.multifactor import MFA_HTTP_Creds, MFA_LDAP_Creds +from enums import DomainCodes translator = DomainErrorTranslator(DomainCodes.MFA) diff --git a/app/api/auth/session_router.py b/src/api/auth/session_router.py similarity index 95% rename from app/api/auth/session_router.py rename to src/api/auth/session_router.py index 43da97542..04d113231 100644 --- a/app/api/auth/session_router.py +++ b/src/api/auth/session_router.py @@ -10,8 +10,8 @@ DishkaErrorAwareRoute, DomainErrorTranslator, ) +from application.session_storage.exceptions import SessionUserNotFoundError from enums import DomainCodes -from ldap_protocol.session_storage.exceptions import SessionUserNotFoundError from .adapters.session_gateway import ( SessionContentResponseSchema, diff --git a/app/api/auth/utils.py b/src/api/auth/utils.py similarity index 100% rename from app/api/auth/utils.py rename to src/api/auth/utils.py diff --git a/app/api/base_adapter.py b/src/api/base_adapter.py similarity index 100% rename from app/api/base_adapter.py rename to src/api/base_adapter.py diff --git a/app/api/dhcp/__init__.py b/src/api/dhcp/__init__.py similarity index 100% rename from app/api/dhcp/__init__.py rename to src/api/dhcp/__init__.py diff --git a/app/api/dhcp/adapter.py b/src/api/dhcp/adapter.py similarity index 99% rename from app/api/dhcp/adapter.py rename to src/api/dhcp/adapter.py index d063ad144..065c79491 100644 --- a/app/api/dhcp/adapter.py +++ b/src/api/dhcp/adapter.py @@ -7,7 +7,7 @@ from ipaddress import IPv4Address from api.base_adapter import BaseAdapter -from ldap_protocol.dhcp import ( +from application.dhcp import ( AbstractDHCPManager, DHCPChangeStateSchemaRequest, DHCPLeaseSchemaRequest, @@ -19,7 +19,7 @@ DHCPSubnetSchemaAddRequest, DHCPSubnetSchemaResponse, ) -from ldap_protocol.dhcp.dataclasses import ( +from application.dhcp.dataclasses import ( DHCPLease, DHCPOptionData, DHCPPool, diff --git a/app/api/dhcp/router.py b/src/api/dhcp/router.py similarity index 98% rename from app/api/dhcp/router.py rename to src/api/dhcp/router.py index a41e806a0..b9b7ec5c2 100644 --- a/app/api/dhcp/router.py +++ b/src/api/dhcp/router.py @@ -17,8 +17,7 @@ DishkaErrorAwareRoute, DomainErrorTranslator, ) -from enums import DomainCodes -from ldap_protocol.dhcp.exceptions import ( +from application.dhcp.exceptions import ( DHCPAPIError, DHCPEntryAddError, DHCPEntryDeleteError, @@ -27,7 +26,7 @@ DHCPOperationError, DHCPValidationError, ) -from ldap_protocol.dhcp.schemas import ( +from application.dhcp.schemas import ( DHCPChangeStateSchemaRequest, DHCPLeaseSchemaRequest, DHCPLeaseSchemaResponse, @@ -38,6 +37,7 @@ DHCPSubnetSchemaAddRequest, DHCPSubnetSchemaResponse, ) +from enums import DomainCodes from .adapter import DHCPAdapter diff --git a/app/api/error_routing.py b/src/api/error_routing.py similarity index 100% rename from app/api/error_routing.py rename to src/api/error_routing.py diff --git a/app/api/exception_handlers.py b/src/api/exception_handlers.py similarity index 100% rename from app/api/exception_handlers.py rename to src/api/exception_handlers.py diff --git a/app/api/ldap_schema/__init__.py b/src/api/ldap_schema/__init__.py similarity index 97% rename from app/api/ldap_schema/__init__.py rename to src/api/ldap_schema/__init__.py index a0314c320..1f57c8747 100644 --- a/app/api/ldap_schema/__init__.py +++ b/src/api/ldap_schema/__init__.py @@ -17,8 +17,7 @@ DishkaErrorAwareRoute, DomainErrorTranslator, ) -from enums import DomainCodes -from ldap_protocol.ldap_schema.exceptions import ( +from application.ldap_schema.exceptions import ( AttributeTypeAlreadyExistsError, AttributeTypeCantModifyError, AttributeTypeNotFoundError, @@ -29,6 +28,7 @@ ObjectClassCantModifyError, ObjectClassNotFoundError, ) +from enums import DomainCodes LimitedListType = Annotated[ list[str], diff --git a/app/api/ldap_schema/adapters/__init__.py b/src/api/ldap_schema/adapters/__init__.py similarity index 100% rename from app/api/ldap_schema/adapters/__init__.py rename to src/api/ldap_schema/adapters/__init__.py diff --git a/app/api/ldap_schema/adapters/attribute_type.py b/src/api/ldap_schema/adapters/attribute_type.py similarity index 93% rename from app/api/ldap_schema/adapters/attribute_type.py rename to src/api/ldap_schema/adapters/attribute_type.py index ad1ea6516..1cbfcddc6 100644 --- a/app/api/ldap_schema/adapters/attribute_type.py +++ b/src/api/ldap_schema/adapters/attribute_type.py @@ -22,15 +22,15 @@ AttributeTypeSchema, AttributeTypeUpdateSchema, ) -from ldap_protocol.ldap_schema.attribute_type_use_case import ( +from application.ldap_schema.attribute_type_use_case import ( AttributeTypeUseCase, ) -from ldap_protocol.ldap_schema.constants import ( +from application.ldap_schema.constants import ( DEFAULT_ATTRIBUTE_TYPE_IS_SYSTEM, DEFAULT_ATTRIBUTE_TYPE_NO_USER_MOD, DEFAULT_ATTRIBUTE_TYPE_SYNTAX, ) -from ldap_protocol.ldap_schema.dto import AttributeTypeDTO +from application.ldap_schema.dto import AttributeTypeDTO def _convert_update_uschema_to_dto( diff --git a/app/api/ldap_schema/adapters/base_ldap_schema_adapter.py b/src/api/ldap_schema/adapters/base_ldap_schema_adapter.py similarity index 98% rename from app/api/ldap_schema/adapters/base_ldap_schema_adapter.py rename to src/api/ldap_schema/adapters/base_ldap_schema_adapter.py index ebbe17192..497540e7a 100644 --- a/app/api/ldap_schema/adapters/base_ldap_schema_adapter.py +++ b/src/api/ldap_schema/adapters/base_ldap_schema_adapter.py @@ -12,7 +12,7 @@ from pydantic import BaseModel from api.ldap_schema import LimitedListType -from ldap_protocol.utils.pagination import ( +from application.utils.pagination import ( BasePaginationSchema, PaginationParams, PaginationResult, diff --git a/app/api/ldap_schema/adapters/entity_type.py b/src/api/ldap_schema/adapters/entity_type.py similarity index 89% rename from app/api/ldap_schema/adapters/entity_type.py rename to src/api/ldap_schema/adapters/entity_type.py index 03199b634..d6b05b7cb 100644 --- a/app/api/ldap_schema/adapters/entity_type.py +++ b/src/api/ldap_schema/adapters/entity_type.py @@ -15,9 +15,9 @@ EntityTypeSchema, EntityTypeUpdateSchema, ) -from ldap_protocol.ldap_schema.constants import DEFAULT_ENTITY_TYPE_IS_SYSTEM -from ldap_protocol.ldap_schema.dto import EntityTypeDTO -from ldap_protocol.ldap_schema.entity_type_use_case import EntityTypeUseCase +from application.ldap_schema.constants import DEFAULT_ENTITY_TYPE_IS_SYSTEM +from application.ldap_schema.dto import EntityTypeDTO +from application.ldap_schema.entity_type_use_case import EntityTypeUseCase def _convert_update_chema_to_dto( diff --git a/app/api/ldap_schema/adapters/object_class.py b/src/api/ldap_schema/adapters/object_class.py similarity index 91% rename from app/api/ldap_schema/adapters/object_class.py rename to src/api/ldap_schema/adapters/object_class.py index 7c0199a88..d239b2d26 100644 --- a/app/api/ldap_schema/adapters/object_class.py +++ b/src/api/ldap_schema/adapters/object_class.py @@ -16,10 +16,10 @@ ObjectClassSchema, ObjectClassUpdateSchema, ) +from application.ldap_schema.constants import DEFAULT_OBJECT_CLASS_IS_SYSTEM +from application.ldap_schema.dto import AttributeTypeDTO, ObjectClassDTO +from application.ldap_schema.object_class_use_case import ObjectClassUseCase from enums import KindType -from ldap_protocol.ldap_schema.constants import DEFAULT_OBJECT_CLASS_IS_SYSTEM -from ldap_protocol.ldap_schema.dto import AttributeTypeDTO, ObjectClassDTO -from ldap_protocol.ldap_schema.object_class_use_case import ObjectClassUseCase def _convert_update_schema_to_dto( diff --git a/app/api/ldap_schema/attribute_type_router.py b/src/api/ldap_schema/attribute_type_router.py similarity index 97% rename from app/api/ldap_schema/attribute_type_router.py rename to src/api/ldap_schema/attribute_type_router.py index a75a1826a..b95ff432f 100644 --- a/app/api/ldap_schema/attribute_type_router.py +++ b/src/api/ldap_schema/attribute_type_router.py @@ -17,7 +17,7 @@ AttributeTypeUpdateSchema, ) from api.utils import require_master_db -from ldap_protocol.utils.pagination import PaginationParams +from application.utils.pagination import PaginationParams @ldap_schema_router.post( diff --git a/app/api/ldap_schema/entity_type_router.py b/src/api/ldap_schema/entity_type_router.py similarity index 97% rename from app/api/ldap_schema/entity_type_router.py rename to src/api/ldap_schema/entity_type_router.py index 129230b8e..75b5906ef 100644 --- a/app/api/ldap_schema/entity_type_router.py +++ b/src/api/ldap_schema/entity_type_router.py @@ -18,7 +18,7 @@ EntityTypeUpdateSchema, ) from api.utils import require_master_db -from ldap_protocol.utils.pagination import PaginationParams +from application.utils.pagination import PaginationParams @ldap_schema_router.post( diff --git a/app/api/ldap_schema/object_class_router.py b/src/api/ldap_schema/object_class_router.py similarity index 97% rename from app/api/ldap_schema/object_class_router.py rename to src/api/ldap_schema/object_class_router.py index a6baced69..52bc59d54 100644 --- a/app/api/ldap_schema/object_class_router.py +++ b/src/api/ldap_schema/object_class_router.py @@ -18,7 +18,7 @@ ObjectClassUpdateSchema, ) from api.utils import require_master_db -from ldap_protocol.utils.pagination import PaginationParams +from application.utils.pagination import PaginationParams @ldap_schema_router.post( diff --git a/app/api/ldap_schema/schema.py b/src/api/ldap_schema/schema.py similarity index 96% rename from app/api/ldap_schema/schema.py rename to src/api/ldap_schema/schema.py index 9e6453eff..c8e5ed235 100644 --- a/app/api/ldap_schema/schema.py +++ b/src/api/ldap_schema/schema.py @@ -8,12 +8,12 @@ from pydantic import BaseModel, Field -from enums import EntityTypeNames, KindType -from ldap_protocol.ldap_schema.constants import ( +from application.ldap_schema.constants import ( DEFAULT_ENTITY_TYPE_IS_SYSTEM, OID_REGEX_PATTERN, ) -from ldap_protocol.utils.pagination import BasePaginationSchema +from application.utils.pagination import BasePaginationSchema +from enums import EntityTypeNames, KindType _IdT = TypeVar("_IdT", int, None) diff --git a/app/api/main/__init__.py b/src/api/main/__init__.py similarity index 100% rename from app/api/main/__init__.py rename to src/api/main/__init__.py diff --git a/app/api/main/adapters/__init__.py b/src/api/main/adapters/__init__.py similarity index 100% rename from app/api/main/adapters/__init__.py rename to src/api/main/adapters/__init__.py diff --git a/app/api/main/adapters/dns.py b/src/api/main/adapters/dns.py similarity index 97% rename from app/api/main/adapters/dns.py rename to src/api/main/adapters/dns.py index 352099fad..19ea9c98e 100644 --- a/app/api/main/adapters/dns.py +++ b/src/api/main/adapters/dns.py @@ -16,14 +16,14 @@ DNSServiceZoneDeleteRequest, DNSServiceZoneUpdateRequest, ) -from ldap_protocol.dns.base import ( +from application.dns.base import ( DNSForwardServerStatus, DNSForwardZone, DNSRecords, DNSServerParam, DNSZone, ) -from ldap_protocol.dns.use_cases import DNSUseCase +from application.dns.use_cases import DNSUseCase class DNSFastAPIAdapter(BaseAdapter[DNSUseCase]): diff --git a/app/api/main/adapters/kerberos.py b/src/api/main/adapters/kerberos.py similarity index 94% rename from app/api/main/adapters/kerberos.py rename to src/api/main/adapters/kerberos.py index 1bbe252e2..72e5f8f81 100644 --- a/app/api/main/adapters/kerberos.py +++ b/src/api/main/adapters/kerberos.py @@ -13,10 +13,10 @@ from api.base_adapter import BaseAdapter from api.main.schema import KerberosSetupRequest -from ldap_protocol.dialogue import LDAPSession, UserSchema -from ldap_protocol.kerberos import KerberosState -from ldap_protocol.kerberos.service import KerberosService -from ldap_protocol.ldap_requests.contexts import LDAPAddRequestContext +from application.dialogue import LDAPSession, UserSchema +from application.kerberos import KerberosState +from application.kerberos.service import KerberosService +from application.ldap_requests.contexts import LDAPAddRequestContext class KerberosFastAPIAdapter(BaseAdapter[KerberosService]): diff --git a/app/api/main/dns_router.py b/src/api/main/dns_router.py similarity index 98% rename from app/api/main/dns_router.py rename to src/api/main/dns_router.py index bf3e83e40..1945369d4 100644 --- a/app/api/main/dns_router.py +++ b/src/api/main/dns_router.py @@ -10,7 +10,7 @@ from fastapi_error_map import rule from fastapi_error_map.routing import ErrorAwareRouter -import ldap_protocol.dns.exceptions as dns_exc +import application.dns.exceptions as dns_exc from api.auth.utils import verify_auth from api.error_routing import ( ERROR_MAP_TYPE, @@ -30,14 +30,14 @@ DNSServiceZoneUpdateRequest, ) from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.dns import ( +from application.dns import ( DNSForwardServerStatus, DNSForwardZone, DNSRecords, DNSServerParam, DNSZone, ) +from enums import DomainCodes translator = DomainErrorTranslator(DomainCodes.DNS) diff --git a/app/api/main/krb5_router.py b/src/api/main/krb5_router.py similarity index 96% rename from app/api/main/krb5_router.py rename to src/api/main/krb5_router.py index 9ed36515c..b56dac423 100644 --- a/app/api/main/krb5_router.py +++ b/src/api/main/krb5_router.py @@ -25,10 +25,9 @@ from api.main.adapters.kerberos import KerberosFastAPIAdapter from api.main.schema import KerberosSetupRequest from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.kerberos import KerberosState -from ldap_protocol.kerberos.exceptions import ( +from application.dialogue import LDAPSession +from application.kerberos import KerberosState +from application.kerberos.exceptions import ( KerberosBaseDnNotFoundError, KerberosConflictError, KerberosDependencyError, @@ -36,8 +35,9 @@ KerberosUnavailableError, KRBAPIConnectionError, ) -from ldap_protocol.ldap_requests.contexts import LDAPAddRequestContext -from ldap_protocol.utils.const import EmailStr +from application.ldap_requests.contexts import LDAPAddRequestContext +from application.utils.const import EmailStr +from enums import DomainCodes from .utils import get_ldap_session diff --git a/app/api/main/router.py b/src/api/main/router.py similarity index 94% rename from app/api/main/router.py rename to src/api/main/router.py index 174a65afa..bb7bb15f7 100644 --- a/app/api/main/router.py +++ b/src/api/main/router.py @@ -17,17 +17,17 @@ DomainErrorTranslator, ) from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.custom_requests.rename import RenameRequest -from ldap_protocol.identity.exceptions import UnauthorizedError -from ldap_protocol.ldap_requests import ( +from application.custom_requests.rename import RenameRequest +from application.identity.exceptions import UnauthorizedError +from application.ldap_requests import ( AddRequest, DeleteRequest, ModifyDNRequest, ModifyRequest, ) -from ldap_protocol.ldap_responses import LDAPResult -from ldap_protocol.utils.queries import set_or_update_primary_group +from application.ldap_responses import LDAPResult +from application.utils.queries import set_or_update_primary_group +from enums import DomainCodes from .schema import ( PrimaryGroupRequest, diff --git a/app/api/main/schema.py b/src/api/main/schema.py similarity index 91% rename from app/api/main/schema.py rename to src/api/main/schema.py index 537b0af7c..a6c9afd99 100644 --- a/app/api/main/schema.py +++ b/src/api/main/schema.py @@ -11,16 +11,16 @@ from pydantic import BaseModel, Field, PrivateAttr, SecretStr from sqlalchemy.sql.elements import ColumnElement, UnaryExpression -from entities import Directory -from ldap_protocol.dns import DNSManagerState, DNSZoneParam, DNSZoneType -from ldap_protocol.filter_interpreter import ( +from application.dns import DNSManagerState, DNSZoneParam, DNSZoneType +from application.filter_interpreter import ( Filter, FilterInterpreterProtocol, StringFilterInterpreter, ) -from ldap_protocol.ldap_requests import SearchRequest as LDAPSearchRequest -from ldap_protocol.ldap_responses import SearchResultDone, SearchResultEntry -from ldap_protocol.utils.const import GRANT_DN_STRING +from application.ldap_requests import SearchRequest as LDAPSearchRequest +from application.ldap_responses import SearchResultDone, SearchResultEntry +from application.utils.const import GRANT_DN_STRING +from domain.entities import Directory class SearchRequest(LDAPSearchRequest): diff --git a/app/api/main/utils.py b/src/api/main/utils.py similarity index 90% rename from app/api/main/utils.py rename to src/api/main/utils.py index 1401bbb7b..b7d660356 100644 --- a/app/api/main/utils.py +++ b/src/api/main/utils.py @@ -4,7 +4,7 @@ from dishka.integrations.fastapi import inject from api.auth.adapters.auth import AuthFastAPIAdapter -from ldap_protocol.dialogue import LDAPSession +from application.dialogue import LDAPSession @inject diff --git a/app/api/middlewares.py b/src/api/middlewares.py similarity index 96% rename from app/api/middlewares.py rename to src/api/middlewares.py index e4ed3f600..6124039e5 100644 --- a/app/api/middlewares.py +++ b/src/api/middlewares.py @@ -9,7 +9,7 @@ from fastapi import Request, Response -from ldap_protocol.identity import IdentityProvider +from application.identity import IdentityProvider async def proc_time_header_middleware( diff --git a/app/api/network/__init__.py b/src/api/network/__init__.py similarity index 100% rename from app/api/network/__init__.py rename to src/api/network/__init__.py diff --git a/app/api/network/adapters/__init__.py b/src/api/network/adapters/__init__.py similarity index 100% rename from app/api/network/adapters/__init__.py rename to src/api/network/adapters/__init__.py diff --git a/app/api/network/adapters/network.py b/src/api/network/adapters/network.py similarity index 95% rename from app/api/network/adapters/network.py rename to src/api/network/adapters/network.py index 9316b8c7e..82d3babe4 100644 --- a/app/api/network/adapters/network.py +++ b/src/api/network/adapters/network.py @@ -19,7 +19,7 @@ PolicyUpdate, SwapResponse, ) -from ldap_protocol.policies.network import ( +from application.policies.network import ( NetworkPolicyDTO, NetworkPolicyUpdateDTO, NetworkPolicyUseCase, @@ -63,9 +63,9 @@ def _convert_raw(dto: NetworkPolicyDTO[int]) -> list[str | dict]: class NetworkPolicyFastAPIAdapter(BaseAdapter[NetworkPolicyUseCase]): """Network policy adapter.""" - async def create(self, policy: Policy) -> PolicyResponse: + async def create(self, policy: Policy) -> None: """Create network policy.""" - policy_dto = await self._service.create( + await self._service.create( NetworkPolicyDTO( id=None, name=policy.name, @@ -82,7 +82,6 @@ async def create(self, policy: Policy) -> PolicyResponse: mfa_groups=policy.mfa_groups, ), ) - return _convert_dto_to_schema(policy_dto) async def get_list_policies(self) -> list[PolicyResponse]: """Get list of network policies.""" diff --git a/app/api/network/router.py b/src/api/network/router.py similarity index 96% rename from app/api/network/router.py rename to src/api/network/router.py index 71c87cb5b..483af6995 100644 --- a/app/api/network/router.py +++ b/src/api/network/router.py @@ -19,12 +19,12 @@ ) from api.network.adapters.network import NetworkPolicyFastAPIAdapter from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.policies.network.exceptions import ( +from application.policies.network.exceptions import ( LastActivePolicyError, NetworkPolicyAlreadyExistsError, NetworkPolicyNotFoundError, ) +from enums import DomainCodes from .schema import ( Policy, @@ -70,16 +70,15 @@ async def add_network_policy( policy: Policy, adapter: FromDishka[NetworkPolicyFastAPIAdapter], -) -> PolicyResponse: +) -> None: """Add policy. \f :param Policy policy: policy to add :raises HTTPException: 422 invalid group DN :raises HTTPException: 422 Entry already exists - :return PolicyResponse: Ready policy """ - return await adapter.create(policy) + await adapter.create(policy) @network_router.get("", name="policy", error_map=error_map) diff --git a/app/api/network/schema.py b/src/api/network/schema.py similarity index 98% rename from app/api/network/schema.py rename to src/api/network/schema.py index 666869927..7a9565a4a 100644 --- a/app/api/network/schema.py +++ b/src/api/network/schema.py @@ -18,8 +18,8 @@ model_validator, ) +from application.utils.helpers import validate_entry from enums import MFAFlags -from ldap_protocol.utils.helpers import validate_entry class IPRange(BaseModel): diff --git a/app/api/network/utils.py b/src/api/network/utils.py similarity index 94% rename from app/api/network/utils.py rename to src/api/network/utils.py index a01db466d..16004381e 100644 --- a/app/api/network/utils.py +++ b/src/api/network/utils.py @@ -8,7 +8,7 @@ from sqlalchemy import func, select from sqlalchemy.ext.asyncio import AsyncSession -from entities import NetworkPolicy +from domain.entities import NetworkPolicy async def check_policy_count(session: AsyncSession) -> None: diff --git a/app/api/password_policy/__init__.py b/src/api/password_policy/__init__.py similarity index 100% rename from app/api/password_policy/__init__.py rename to src/api/password_policy/__init__.py diff --git a/app/api/password_policy/adapter.py b/src/api/password_policy/adapter.py similarity index 95% rename from app/api/password_policy/adapter.py rename to src/api/password_policy/adapter.py index 81b5d7be1..fed5b5de4 100644 --- a/app/api/password_policy/adapter.py +++ b/src/api/password_policy/adapter.py @@ -12,11 +12,11 @@ from api.base_adapter import BaseAdapter from api.password_policy.schemas import PasswordPolicySchema, PriorityT -from ldap_protocol.policies.password.dataclasses import PasswordPolicyDTO -from ldap_protocol.policies.password.exceptions import ( +from application.policies.password.dataclasses import PasswordPolicyDTO +from application.policies.password.exceptions import ( PasswordBanWordWrongFileExtensionError, ) -from ldap_protocol.policies.password.use_cases import ( +from application.policies.password.use_cases import ( PasswordBanWordUseCases, PasswordPolicyUseCases, UserPasswordHistoryUseCases, diff --git a/app/api/password_policy/error_utils.py b/src/api/password_policy/error_utils.py similarity index 93% rename from app/api/password_policy/error_utils.py rename to src/api/password_policy/error_utils.py index 201f2b823..c96cc64fc 100644 --- a/app/api/password_policy/error_utils.py +++ b/src/api/password_policy/error_utils.py @@ -8,9 +8,8 @@ from fastapi_error_map.rules import rule from api.error_routing import ERROR_MAP_TYPE, DomainErrorTranslator -from enums import DomainCodes -from ldap_protocol.permissions_checker import AuthorizationError -from ldap_protocol.policies.password.exceptions import ( +from application.permissions_checker import AuthorizationError +from application.policies.password.exceptions import ( PasswordBanWordWrongFileExtensionError, PasswordPolicyAgeDaysError, PasswordPolicyAlreadyExistsError, @@ -20,6 +19,7 @@ PasswordPolicyNotFoundError, PasswordPolicyPriorityError, ) +from enums import DomainCodes translator = DomainErrorTranslator(DomainCodes.PASSWORD_POLICY) diff --git a/app/api/password_policy/password_ban_word_router.py b/src/api/password_policy/password_ban_word_router.py similarity index 100% rename from app/api/password_policy/password_ban_word_router.py rename to src/api/password_policy/password_ban_word_router.py diff --git a/app/api/password_policy/password_policy_router.py b/src/api/password_policy/password_policy_router.py similarity index 97% rename from app/api/password_policy/password_policy_router.py rename to src/api/password_policy/password_policy_router.py index 36bd206c3..6453e08a0 100644 --- a/app/api/password_policy/password_policy_router.py +++ b/src/api/password_policy/password_policy_router.py @@ -14,7 +14,7 @@ from api.password_policy.error_utils import error_map from api.password_policy.schemas import PasswordPolicySchema from api.utils import require_master_db -from ldap_protocol.utils.const import GRANT_DN_STRING +from application.utils.const import GRANT_DN_STRING from .schemas import PriorityT diff --git a/app/api/password_policy/schemas.py b/src/api/password_policy/schemas.py similarity index 98% rename from app/api/password_policy/schemas.py rename to src/api/password_policy/schemas.py index 840383c82..de322385d 100644 --- a/app/api/password_policy/schemas.py +++ b/src/api/password_policy/schemas.py @@ -8,10 +8,10 @@ from pydantic import BaseModel, Field, model_validator -from ldap_protocol.policies.password.constants import ( +from application.policies.password.constants import ( PasswordValidatorLanguageType, ) -from ldap_protocol.policies.password.exceptions import ( +from application.policies.password.exceptions import ( PasswordPolicyAgeDaysError, PasswordPolicyPriorityError, ) diff --git a/app/api/password_policy/user_password_history_router.py b/src/api/password_policy/user_password_history_router.py similarity index 96% rename from app/api/password_policy/user_password_history_router.py rename to src/api/password_policy/user_password_history_router.py index 9af233c12..f8d0015e1 100644 --- a/app/api/password_policy/user_password_history_router.py +++ b/src/api/password_policy/user_password_history_router.py @@ -19,11 +19,11 @@ ) from api.password_policy.adapter import UserPasswordHistoryResetFastAPIAdapter from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.identity.exceptions import ( +from application.identity.exceptions import ( AuthorizationError, UserNotFoundError, ) +from enums import DomainCodes translator = DomainErrorTranslator(DomainCodes.PASSWORD_POLICY) diff --git a/app/api/shadow/__init__.py b/src/api/shadow/__init__.py similarity index 100% rename from app/api/shadow/__init__.py rename to src/api/shadow/__init__.py diff --git a/app/api/shadow/adapter.py b/src/api/shadow/adapter.py similarity index 94% rename from app/api/shadow/adapter.py rename to src/api/shadow/adapter.py index 3062a0bb4..f352a2efc 100644 --- a/app/api/shadow/adapter.py +++ b/src/api/shadow/adapter.py @@ -7,7 +7,7 @@ from ipaddress import IPv4Address from api.base_adapter import BaseAdapter -from ldap_protocol.auth import AuthManager, MFAManager +from application.auth import AuthManager, MFAManager class ShadowAdapter(BaseAdapter): diff --git a/app/api/shadow/router.py b/src/api/shadow/router.py similarity index 92% rename from app/api/shadow/router.py rename to src/api/shadow/router.py index b708babb0..0935aa09b 100644 --- a/app/api/shadow/router.py +++ b/src/api/shadow/router.py @@ -18,15 +18,15 @@ DomainErrorTranslator, ) from api.utils import require_master_db -from enums import DomainCodes -from ldap_protocol.auth.exceptions.mfa import ( +from application.auth.exceptions.mfa import ( AuthenticationError, InvalidCredentialsError, NetworkPolicyError, ) -from ldap_protocol.policies.password.exceptions import PasswordPolicyError -from ldap_protocol.rootdse.dto import DomainControllerInfo -from ldap_protocol.rootdse.reader import DCInfoReader +from application.policies.password.exceptions import PasswordPolicyError +from application.rootdse.dto import DomainControllerInfo +from application.rootdse.reader import DCInfoReader +from enums import DomainCodes from .adapter import ShadowAdapter diff --git a/app/api/utils.py b/src/api/utils.py similarity index 89% rename from app/api/utils.py rename to src/api/utils.py index 5f94d56f6..25235a66d 100644 --- a/app/api/utils.py +++ b/src/api/utils.py @@ -8,7 +8,7 @@ from dishka.integrations.fastapi import inject from fastapi import HTTPException, status -from ldap_protocol.master_check_use_case import MasterCheckUseCase +from application.master_check_use_case import MasterCheckUseCase @inject diff --git a/app/ldap_protocol/__init__.py b/src/application/__init__.py similarity index 100% rename from app/ldap_protocol/__init__.py rename to src/application/__init__.py diff --git a/app/ldap_protocol/asn1parser.py b/src/application/asn1parser.py similarity index 100% rename from app/ldap_protocol/asn1parser.py rename to src/application/asn1parser.py diff --git a/app/ldap_protocol/auth/__init__.py b/src/application/auth/__init__.py similarity index 100% rename from app/ldap_protocol/auth/__init__.py rename to src/application/auth/__init__.py diff --git a/app/ldap_protocol/auth/auth_manager.py b/src/application/auth/auth_manager.py similarity index 90% rename from app/ldap_protocol/auth/auth_manager.py rename to src/application/auth/auth_manager.py index d2e9073fd..7283c6b86 100644 --- a/app/ldap_protocol/auth/auth_manager.py +++ b/src/application/auth/auth_manager.py @@ -11,33 +11,33 @@ from starlette.datastructures import URL from abstract_service import AbstractService -from config import Settings -from entities import User -from enums import AuthorizationRules, MFAFlags -from ldap_protocol.auth.dto import SetupDTO -from ldap_protocol.auth.mfa_manager import MFAManager -from ldap_protocol.auth.schemas import LoginDTO, OAuth2Form -from ldap_protocol.auth.use_cases import SetupUseCase -from ldap_protocol.auth.utils import authenticate_user -from ldap_protocol.dialogue import UserSchema -from ldap_protocol.identity import IdentityProvider -from ldap_protocol.identity.exceptions import ( +from application.auth.dto import SetupDTO +from application.auth.mfa_manager import MFAManager +from application.auth.schemas import LoginDTO, OAuth2Form +from application.auth.use_cases import SetupUseCase +from application.auth.utils import authenticate_user +from application.dialogue import UserSchema +from application.identity import IdentityProvider +from application.identity.exceptions import ( AuthValidationError, LoginFailedError, PasswordPolicyError, UnauthorizedError, UserNotFoundError, ) -from ldap_protocol.kerberos import AbstractKadmin -from ldap_protocol.multifactor import MultifactorAPI -from ldap_protocol.objects import UserAccountControlFlag -from ldap_protocol.policies.audit.monitor import AuditMonitorUseCase -from ldap_protocol.policies.network import NetworkPolicyValidatorUseCase -from ldap_protocol.policies.password import PasswordPolicyUseCases -from ldap_protocol.session_storage import SessionStorage -from ldap_protocol.session_storage.repository import SessionRepository -from ldap_protocol.user_account_control import get_check_uac -from ldap_protocol.utils.queries import get_user +from application.kerberos import AbstractKadmin +from application.multifactor import MultifactorAPI +from application.objects import UserAccountControlFlag +from application.policies.audit.monitor import AuditMonitorUseCase +from application.policies.network import NetworkPolicyValidatorUseCase +from application.policies.password import PasswordPolicyUseCases +from application.session_storage import SessionStorage +from application.session_storage.repository import SessionRepository +from application.user_account_control import get_check_uac +from application.utils.queries import get_user +from config import Settings +from domain.entities import User +from enums import AuthorizationRules, MFAFlags from password_utils import PasswordUtils diff --git a/app/ldap_protocol/auth/dto.py b/src/application/auth/dto.py similarity index 100% rename from app/ldap_protocol/auth/dto.py rename to src/application/auth/dto.py diff --git a/app/ldap_protocol/auth/exceptions/__init__.py b/src/application/auth/exceptions/__init__.py similarity index 100% rename from app/ldap_protocol/auth/exceptions/__init__.py rename to src/application/auth/exceptions/__init__.py diff --git a/app/ldap_protocol/auth/exceptions/mfa.py b/src/application/auth/exceptions/mfa.py similarity index 100% rename from app/ldap_protocol/auth/exceptions/mfa.py rename to src/application/auth/exceptions/mfa.py diff --git a/app/ldap_protocol/auth/mfa_manager.py b/src/application/auth/mfa_manager.py similarity index 90% rename from app/ldap_protocol/auth/mfa_manager.py rename to src/application/auth/mfa_manager.py index 334a66a44..e08e4d030 100644 --- a/app/ldap_protocol/auth/mfa_manager.py +++ b/src/application/auth/mfa_manager.py @@ -18,10 +18,7 @@ from starlette.datastructures import URL from abstract_service import AbstractService -from config import Settings -from entities import CatalogueSetting, NetworkPolicy, User -from enums import AuthorizationRules, MFAChallengeStatuses, MFAFlags -from ldap_protocol.auth.exceptions.mfa import ( +from application.auth.exceptions.mfa import ( AuthenticationError, ForbiddenError, InvalidCredentialsError, @@ -31,26 +28,32 @@ MissingMFACredentialsError, NetworkPolicyError, ) -from ldap_protocol.auth.schemas import ( +from application.auth.schemas import ( MFAChallengeResponse, MFACreateRequest, MFAGetResponse, ) -from ldap_protocol.auth.utils import get_user -from ldap_protocol.identity import IdentityProvider -from ldap_protocol.multifactor import ( +from application.auth.utils import get_user +from application.identity import IdentityProvider +from application.multifactor import ( Creds, LDAPMultiFactorAPI, MFA_HTTP_Creds, MFA_LDAP_Creds, MultifactorAPI, ) -from ldap_protocol.policies.audit.monitor import AuditMonitorUseCase -from ldap_protocol.policies.network import NetworkPolicyValidatorUseCase -from ldap_protocol.session_storage import SessionStorage -from ldap_protocol.session_storage.repository import SessionRepository +from application.policies.audit.monitor import AuditMonitorUseCase +from application.policies.network import ( + NetworkPolicyValidatorUseCase, + ValidateMFARequirementUseCase, +) +from application.session_storage import SessionStorage +from application.session_storage.repository import SessionRepository +from config import Settings +from domain.entities import CatalogueSetting, NetworkPolicy, User +from enums import AuthorizationRules, MFAChallengeStatuses +from infrastructure.pg.tables import queryable_attr as qa from password_utils import PasswordUtils -from repo.pg.tables import queryable_attr as qa ALGORITHM = "HS256" @@ -70,6 +73,7 @@ def __init__( password_utils: PasswordUtils, identity_provider: IdentityProvider, network_policy_validator: NetworkPolicyValidatorUseCase, + validate_mfa_requirement: ValidateMFARequirementUseCase, ) -> None: """Initialize dependencies via DI. @@ -89,6 +93,7 @@ def __init__( self._password_utils = password_utils self._identity_provider = identity_provider self._network_policy_validator = network_policy_validator + self.validate_mfa_requirement = validate_mfa_requirement def __getattribute__(self, name: str) -> object: """Intercept attribute access.""" @@ -339,23 +344,14 @@ async def proxy_request(self, principal: str, ip: IPv4Address) -> None: f"Network policy not found for user {principal}.", ) - if ( - not self._ldap_mfa_api - or network_policy.mfa_status == MFAFlags.DISABLED - ): + if not self._ldap_mfa_api: return - elif network_policy.mfa_status in ( - MFAFlags.ENABLED, - MFAFlags.WHITELIST, - ): - if ( - network_policy.mfa_status == MFAFlags.WHITELIST - and not await self._network_policy_validator.check_mfa_group( - network_policy, - user, - ) - ): - return + + is_mfa_required = await self.validate_mfa_requirement.execute( + network_policy, + user, + ) + if not is_mfa_required: try: if await self._ldap_mfa_api.ldap_validate_mfa( user.user_principal_name, diff --git a/app/ldap_protocol/auth/schemas.py b/src/application/auth/schemas.py similarity index 98% rename from app/ldap_protocol/auth/schemas.py rename to src/application/auth/schemas.py index fe786189c..03fdd3fdd 100644 --- a/app/ldap_protocol/auth/schemas.py +++ b/src/application/auth/schemas.py @@ -21,7 +21,7 @@ field_validator, ) -from ldap_protocol.utils.const import EmailStr +from application.utils.const import EmailStr _domain_re = re.compile( "^((?!-)[A-Za-z0-9-]" + "{1,63}(? str: """Session with id.""" @@ -153,12 +153,19 @@ async def validate_conn( ProtocolType.LDAP, ) if policy is not None: - self.policy = policy + self._policy = policy await self.bind_session() return raise PermissionError + @property + def policy(self) -> NetworkPolicy: + if self._policy is None: + raise PermissionError + + return self._policy + @property def key(self) -> str: """Get key.""" diff --git a/app/ldap_protocol/dns/__init__.py b/src/application/dns/__init__.py similarity index 100% rename from app/ldap_protocol/dns/__init__.py rename to src/application/dns/__init__.py diff --git a/app/ldap_protocol/dns/base.py b/src/application/dns/base.py similarity index 99% rename from app/ldap_protocol/dns/base.py rename to src/application/dns/base.py index a323a7e0c..4ee7f9ddd 100644 --- a/app/ldap_protocol/dns/base.py +++ b/src/application/dns/base.py @@ -12,7 +12,7 @@ import httpx from loguru import logger as loguru_logger -from ldap_protocol.dns.dto import DNSSettingDTO +from application.dns.dto import DNSSettingDTO from .exceptions import DNSNotImplementedError, DNSSetupError diff --git a/app/ldap_protocol/dns/dns_gateway.py b/src/application/dns/dns_gateway.py similarity index 96% rename from app/ldap_protocol/dns/dns_gateway.py rename to src/application/dns/dns_gateway.py index c5a525f35..6f345850c 100644 --- a/app/ldap_protocol/dns/dns_gateway.py +++ b/src/application/dns/dns_gateway.py @@ -9,8 +9,7 @@ from sqlalchemy import case, select, update from sqlalchemy.ext.asyncio import AsyncSession -from entities import CatalogueSetting -from ldap_protocol.dns.base import ( +from application.dns.base import ( DNS_MANAGER_IP_ADDRESS_NAME, DNS_MANAGER_STATE_NAME, DNS_MANAGER_TSIG_KEY_NAME, @@ -18,8 +17,9 @@ DNSManagerSettings, DNSManagerState, ) -from ldap_protocol.dns.dto import DNSSettingDTO -from repo.pg.tables import queryable_attr as qa +from application.dns.dto import DNSSettingDTO +from domain.entities import CatalogueSetting +from infrastructure.pg.tables import queryable_attr as qa class DNSStateGateway: diff --git a/app/ldap_protocol/dns/dto.py b/src/application/dns/dto.py similarity index 100% rename from app/ldap_protocol/dns/dto.py rename to src/application/dns/dto.py diff --git a/app/ldap_protocol/dns/exceptions.py b/src/application/dns/exceptions.py similarity index 100% rename from app/ldap_protocol/dns/exceptions.py rename to src/application/dns/exceptions.py diff --git a/app/ldap_protocol/dns/remote.py b/src/application/dns/remote.py similarity index 100% rename from app/ldap_protocol/dns/remote.py rename to src/application/dns/remote.py diff --git a/app/ldap_protocol/dns/selfhosted.py b/src/application/dns/selfhosted.py similarity index 99% rename from app/ldap_protocol/dns/selfhosted.py rename to src/application/dns/selfhosted.py index 4870e2e70..c1f05d66d 100644 --- a/app/ldap_protocol/dns/selfhosted.py +++ b/src/application/dns/selfhosted.py @@ -10,7 +10,7 @@ import dns.asyncresolver -import ldap_protocol.dns.exceptions as dns_exc +import application.dns.exceptions as dns_exc from .base import ( AbstractDNSManager, diff --git a/app/ldap_protocol/dns/stub.py b/src/application/dns/stub.py similarity index 100% rename from app/ldap_protocol/dns/stub.py rename to src/application/dns/stub.py diff --git a/app/ldap_protocol/dns/use_cases.py b/src/application/dns/use_cases.py similarity index 98% rename from app/ldap_protocol/dns/use_cases.py rename to src/application/dns/use_cases.py index 0b5f32291..510f185f9 100644 --- a/app/ldap_protocol/dns/use_cases.py +++ b/src/application/dns/use_cases.py @@ -8,9 +8,7 @@ from typing import ClassVar from abstract_service import AbstractService -from config import Settings -from enums import AuthorizationRules -from ldap_protocol.dns.base import ( +from application.dns.base import ( AbstractDNSManager, DNSForwardServerStatus, DNSForwardZone, @@ -21,7 +19,9 @@ DNSZoneParam, DNSZoneType, ) -from ldap_protocol.dns.dns_gateway import DNSStateGateway +from application.dns.dns_gateway import DNSStateGateway +from config import Settings +from enums import AuthorizationRules class DNSUseCase(AbstractService): diff --git a/app/ldap_protocol/dns/utils.py b/src/application/dns/utils.py similarity index 100% rename from app/ldap_protocol/dns/utils.py rename to src/application/dns/utils.py diff --git a/app/ldap_protocol/filter_interpreter.py b/src/application/filter_interpreter.py similarity index 99% rename from app/ldap_protocol/filter_interpreter.py rename to src/application/filter_interpreter.py index ce0b301c5..e940fec53 100644 --- a/app/ldap_protocol/filter_interpreter.py +++ b/src/application/filter_interpreter.py @@ -22,7 +22,9 @@ ) from sqlalchemy.sql.expression import false as sql_false -from entities import ( +from application.utils.helpers import ft_to_dt +from application.utils.queries import get_path_filter, get_search_path +from domain.entities import ( Attribute, AttributeType, Directory, @@ -30,9 +32,7 @@ Group, User, ) -from ldap_protocol.utils.helpers import ft_to_dt -from ldap_protocol.utils.queries import get_path_filter, get_search_path -from repo.pg.tables import ( +from infrastructure.pg.tables import ( directory_table, groups_table, queryable_attr as qa, diff --git a/app/ldap_protocol/identity/__init__.py b/src/application/identity/__init__.py similarity index 100% rename from app/ldap_protocol/identity/__init__.py rename to src/application/identity/__init__.py diff --git a/app/ldap_protocol/identity/exceptions.py b/src/application/identity/exceptions.py similarity index 100% rename from app/ldap_protocol/identity/exceptions.py rename to src/application/identity/exceptions.py diff --git a/app/ldap_protocol/identity/provider.py b/src/application/identity/provider.py similarity index 94% rename from app/ldap_protocol/identity/provider.py rename to src/application/identity/provider.py index 156a62844..fe4bc9c57 100644 --- a/app/ldap_protocol/identity/provider.py +++ b/src/application/identity/provider.py @@ -6,14 +6,11 @@ from loguru import logger -from config import Settings -from entities import User -from enums import AuthorizationRules -from ldap_protocol.dialogue import UserSchema -from ldap_protocol.identity.exceptions import UnauthorizedError -from ldap_protocol.identity.provider_gateway import IdentityProviderGateway -from ldap_protocol.session_storage.base import SessionStorage -from ldap_protocol.session_storage.exceptions import ( +from application.dialogue import UserSchema +from application.identity.exceptions import UnauthorizedError +from application.identity.provider_gateway import IdentityProviderGateway +from application.session_storage.base import SessionStorage +from application.session_storage.exceptions import ( SessionStorageInvalidDataError, SessionStorageInvalidIpError, SessionStorageInvalidKeyError, @@ -21,6 +18,9 @@ SessionStorageInvalidUserAgentError, SessionStorageMissingDataError, ) +from config import Settings +from domain.entities import User +from enums import AuthorizationRules class IdentityProvider: diff --git a/app/ldap_protocol/identity/provider_gateway.py b/src/application/identity/provider_gateway.py similarity index 93% rename from app/ldap_protocol/identity/provider_gateway.py rename to src/application/identity/provider_gateway.py index db20ef68a..e147f3e3e 100644 --- a/app/ldap_protocol/identity/provider_gateway.py +++ b/src/application/identity/provider_gateway.py @@ -8,9 +8,9 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import joinedload, selectinload -from entities import Group, Role, User +from domain.entities import Group, Role, User from enums import AuthorizationRules -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa class IdentityProviderGateway: diff --git a/app/ldap_protocol/identity/utils.py b/src/application/identity/utils.py similarity index 95% rename from app/ldap_protocol/identity/utils.py rename to src/application/identity/utils.py index 844c0f4bf..2941a975e 100644 --- a/app/ldap_protocol/identity/utils.py +++ b/src/application/identity/utils.py @@ -9,8 +9,8 @@ from fastapi import HTTPException, Request, status from sqlalchemy.ext.asyncio import AsyncSession -from entities import User -from ldap_protocol.utils.queries import get_user +from application.utils.queries import get_user +from domain.entities import User from password_utils import PasswordUtils diff --git a/app/ldap_protocol/kerberos/__init__.py b/src/application/kerberos/__init__.py similarity index 100% rename from app/ldap_protocol/kerberos/__init__.py rename to src/application/kerberos/__init__.py diff --git a/app/ldap_protocol/kerberos/base.py b/src/application/kerberos/base.py similarity index 100% rename from app/ldap_protocol/kerberos/base.py rename to src/application/kerberos/base.py diff --git a/app/ldap_protocol/kerberos/client.py b/src/application/kerberos/client.py similarity index 98% rename from app/ldap_protocol/kerberos/client.py rename to src/application/kerberos/client.py index 8dfcb8a23..23903192f 100644 --- a/app/ldap_protocol/kerberos/client.py +++ b/src/application/kerberos/client.py @@ -2,7 +2,7 @@ import httpx -import ldap_protocol.kerberos.exceptions as krb_exc +import application.kerberos.exceptions as krb_exc from .base import AbstractKadmin from .utils import logger_wraps diff --git a/app/ldap_protocol/kerberos/exceptions.py b/src/application/kerberos/exceptions.py similarity index 100% rename from app/ldap_protocol/kerberos/exceptions.py rename to src/application/kerberos/exceptions.py diff --git a/app/ldap_protocol/kerberos/ldap_structure.py b/src/application/kerberos/ldap_structure.py similarity index 88% rename from app/ldap_protocol/kerberos/ldap_structure.py rename to src/application/kerberos/ldap_structure.py index 45228a3c8..43f19b658 100644 --- a/app/ldap_protocol/kerberos/ldap_structure.py +++ b/src/application/kerberos/ldap_structure.py @@ -7,14 +7,14 @@ from sqlalchemy import delete, or_, select from sqlalchemy.ext.asyncio import AsyncSession -from entities import Directory -from ldap_protocol.kerberos.exceptions import KerberosConflictError -from ldap_protocol.ldap_requests import AddRequest -from ldap_protocol.ldap_requests.contexts import LDAPAddRequestContext -from ldap_protocol.roles.access_manager import AccessManager -from ldap_protocol.roles.role_use_case import RoleUseCase -from ldap_protocol.utils.queries import get_filter_from_path -from repo.pg.tables import queryable_attr as qa +from application.kerberos.exceptions import KerberosConflictError +from application.ldap_requests import AddRequest +from application.ldap_requests.contexts import LDAPAddRequestContext +from application.roles.access_manager import AccessManager +from application.roles.role_use_case import RoleUseCase +from application.utils.queries import get_filter_from_path +from domain.entities import Directory +from infrastructure.pg.tables import queryable_attr as qa class KRBLDAPStructureManager: diff --git a/app/ldap_protocol/kerberos/schemas.py b/src/application/kerberos/schemas.py similarity index 95% rename from app/ldap_protocol/kerberos/schemas.py rename to src/application/kerberos/schemas.py index b3be3abb5..f58205c24 100644 --- a/app/ldap_protocol/kerberos/schemas.py +++ b/src/application/kerberos/schemas.py @@ -7,7 +7,7 @@ from dataclasses import dataclass, field from typing import Any, Callable -from ldap_protocol.ldap_requests import AddRequest +from application.ldap_requests import AddRequest @dataclass diff --git a/app/ldap_protocol/kerberos/service.py b/src/application/kerberos/service.py similarity index 97% rename from app/ldap_protocol/kerberos/service.py rename to src/application/kerberos/service.py index 985d8cdc1..8c1e64474 100644 --- a/app/ldap_protocol/kerberos/service.py +++ b/src/application/kerberos/service.py @@ -13,20 +13,20 @@ from sqlalchemy.ext.asyncio import AsyncSession from abstract_service import AbstractService -from config import Settings -from enums import AuthorizationRules -from ldap_protocol.auth.utils import authenticate_user -from ldap_protocol.dialogue import LDAPSession, UserSchema -from ldap_protocol.kerberos.exceptions import ( +from application.auth.utils import authenticate_user +from application.dialogue import LDAPSession, UserSchema +from application.kerberos.exceptions import ( KerberosBaseDnNotFoundError, KerberosDependencyError, KerberosNotFoundError, KerberosUnavailableError, ) -from ldap_protocol.ldap_requests import AddRequest -from ldap_protocol.ldap_requests.contexts import LDAPAddRequestContext -from ldap_protocol.objects import UserAccountControlFlag -from ldap_protocol.utils.queries import get_base_directories, get_dn_by_id +from application.ldap_requests import AddRequest +from application.ldap_requests.contexts import LDAPAddRequestContext +from application.objects import UserAccountControlFlag +from application.utils.queries import get_base_directories, get_dn_by_id +from config import Settings +from enums import AuthorizationRules from password_utils import PasswordUtils from .base import AbstractKadmin diff --git a/app/ldap_protocol/kerberos/stub.py b/src/application/kerberos/stub.py similarity index 95% rename from app/ldap_protocol/kerberos/stub.py rename to src/application/kerberos/stub.py index 889583c16..1653ec3f5 100644 --- a/app/ldap_protocol/kerberos/stub.py +++ b/src/application/kerberos/stub.py @@ -2,7 +2,7 @@ from typing import NoReturn -from ldap_protocol.kerberos import KRBAPIPrincipalNotFoundError +from application.kerberos import KRBAPIPrincipalNotFoundError from .base import AbstractKadmin from .utils import logger_wraps diff --git a/app/ldap_protocol/kerberos/template_render.py b/src/application/kerberos/template_render.py similarity index 100% rename from app/ldap_protocol/kerberos/template_render.py rename to src/application/kerberos/template_render.py diff --git a/app/ldap_protocol/kerberos/utils.py b/src/application/kerberos/utils.py similarity index 96% rename from app/ldap_protocol/kerberos/utils.py rename to src/application/kerberos/utils.py index c6278ed95..c9e8e6794 100644 --- a/app/ldap_protocol/kerberos/utils.py +++ b/src/application/kerberos/utils.py @@ -8,9 +8,9 @@ from sqlalchemy import delete, select, update from sqlalchemy.ext.asyncio import AsyncSession -from entities import Attribute, CatalogueSetting, Directory, EntityType +from domain.entities import Attribute, CatalogueSetting, Directory, EntityType from enums import EntityTypeNames, StrEnum -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa from .exceptions import KRBAPIConnectionError, KRBAPIError diff --git a/app/ldap_protocol/ldap_codes.py b/src/application/ldap_codes.py similarity index 100% rename from app/ldap_protocol/ldap_codes.py rename to src/application/ldap_codes.py diff --git a/app/ldap_protocol/ldap_requests/__init__.py b/src/application/ldap_requests/__init__.py similarity index 100% rename from app/ldap_protocol/ldap_requests/__init__.py rename to src/application/ldap_requests/__init__.py diff --git a/app/ldap_protocol/ldap_requests/abandon.py b/src/application/ldap_requests/abandon.py similarity index 83% rename from app/ldap_protocol/ldap_requests/abandon.py rename to src/application/ldap_requests/abandon.py index b9569ca0e..fe715de00 100644 --- a/app/ldap_protocol/ldap_requests/abandon.py +++ b/src/application/ldap_requests/abandon.py @@ -7,9 +7,9 @@ import asyncio from typing import AsyncGenerator, ClassVar -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.ldap_requests.contexts import LDAPAbandonRequestContext -from ldap_protocol.objects import ProtocolRequests +from application.asn1parser import ASN1Row +from application.ldap_requests.contexts import LDAPAbandonRequestContext +from application.objects import ProtocolRequests from .base import BaseRequest diff --git a/app/ldap_protocol/ldap_requests/add.py b/src/application/ldap_requests/add.py similarity index 97% rename from app/ldap_protocol/ldap_requests/add.py rename to src/application/ldap_requests/add.py index f3169ea13..d41d85810 100644 --- a/app/ldap_protocol/ldap_requests/add.py +++ b/src/application/ldap_requests/add.py @@ -11,30 +11,27 @@ from sqlalchemy import select from sqlalchemy.exc import IntegrityError -from constants import DOMAIN_COMPUTERS_GROUP_NAME, DOMAIN_USERS_GROUP_NAME -from entities import Attribute, Directory, Group, User -from enums import AceType, EntityTypeNames, SamAccountTypeCodes -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.kerberos.exceptions import ( +from application.asn1parser import ASN1Row +from application.kerberos.exceptions import ( KRBAPIAddPrincipalError, KRBAPIConnectionError, KRBAPIDeletePrincipalError, KRBAPIPrincipalNotFoundError, ) -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import INVALID_ACCESS_RESPONSE, AddResponse -from ldap_protocol.objects import ( +from application.ldap_codes import LDAPCodes +from application.ldap_responses import INVALID_ACCESS_RESPONSE, AddResponse +from application.objects import ( PartialAttribute, ProtocolRequests, UserAccountControlFlag, ) -from ldap_protocol.utils.helpers import ( +from application.utils.helpers import ( create_integer_hash, create_user_name, ft_now, is_dn_in_base_directory, ) -from ldap_protocol.utils.queries import ( +from application.utils.queries import ( create_object_sid, get_base_directories, get_group, @@ -43,6 +40,9 @@ get_search_path, validate_entry, ) +from constants import DOMAIN_COMPUTERS_GROUP_NAME, DOMAIN_USERS_GROUP_NAME +from domain.entities import Attribute, Directory, Group, User +from enums import AceType, EntityTypeNames, SamAccountTypeCodes from .base import BaseRequest from .contexts import LDAPAddRequestContext diff --git a/app/ldap_protocol/ldap_requests/base.py b/src/application/ldap_requests/base.py similarity index 93% rename from app/ldap_protocol/ldap_requests/base.py rename to src/application/ldap_requests/base.py index 63667f034..5125ef252 100644 --- a/app/ldap_protocol/ldap_requests/base.py +++ b/src/application/ldap_requests/base.py @@ -20,18 +20,16 @@ from pydantic import BaseModel from sqlalchemy.exc import OperationalError +from application.dependency import resolve_deps +from application.dialogue import LDAPSession +from application.ldap_codes import LDAPCodes +from application.ldap_responses import BaseResponse, LDAPResult +from application.objects import ProtocolRequests +from application.policies.audit.audit_use_case import AuditUseCase +from application.policies.audit.events.factory import RawAuditEventBuilderRedis +from application.utils.helpers import get_class_name from config import Settings -from entities import Directory -from ldap_protocol.dependency import resolve_deps -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import BaseResponse, LDAPResult -from ldap_protocol.objects import ProtocolRequests -from ldap_protocol.policies.audit.audit_use_case import AuditUseCase -from ldap_protocol.policies.audit.events.factory import ( - RawAuditEventBuilderRedis, -) -from ldap_protocol.utils.helpers import get_class_name +from domain.entities import Directory log_api = logger.bind(name="admin") diff --git a/app/ldap_protocol/ldap_requests/bind.py b/src/application/ldap_requests/bind.py similarity index 79% rename from app/ldap_protocol/ldap_requests/bind.py rename to src/application/ldap_requests/bind.py index 7f4af0e5c..55c15bd10 100644 --- a/app/ldap_protocol/ldap_requests/bind.py +++ b/src/application/ldap_requests/bind.py @@ -10,15 +10,13 @@ from pydantic import Field from sqlalchemy.exc import OperationalError -from entities import NetworkPolicy -from enums import MFAFlags -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.kerberos.exceptions import ( +from application.asn1parser import ASN1Row +from application.kerberos.exceptions import ( KRBAPIAddPrincipalError, KRBAPIConnectionError, ) -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.bind_methods import ( +from application.ldap_codes import LDAPCodes +from application.ldap_requests.bind_methods import ( AbstractLDAPAuth, LDAPBindErrors, SaslAuthentication, @@ -27,14 +25,15 @@ get_bad_response, sasl_mechanism_map, ) -from ldap_protocol.ldap_requests.bind_methods.sasl_spnego import ( +from application.ldap_requests.bind_methods.sasl_spnego import ( SaslSPNEGOAuthentication, ) -from ldap_protocol.ldap_responses import BaseResponse, BindResponse -from ldap_protocol.multifactor import MultifactorAPI -from ldap_protocol.objects import ProtocolRequests, UserAccountControlFlag -from ldap_protocol.user_account_control import get_check_uac -from ldap_protocol.utils.queries import set_user_logon_attrs +from application.ldap_responses import BaseResponse, BindResponse +from application.multifactor import MultifactorAPI +from application.objects import ProtocolRequests, UserAccountControlFlag +from application.user_account_control import get_check_uac +from application.utils.queries import set_user_logon_attrs +from domain.entities import NetworkPolicy from .base import BaseRequest from .contexts import LDAPBindRequestContext, LDAPUnbindRequestContext @@ -161,13 +160,12 @@ async def handle( if uac_check(UserAccountControlFlag.ACCOUNTDISABLE): yield get_bad_response(LDAPBindErrors.ACCOUNT_DISABLED) return - policy = getattr(ctx.ldap_session, "policy", None) - if ( - policy is not None - ) and not await ctx.network_policy_validator.is_user_group_valid( + + has_access = await ctx.validate_policy_access_use_case.execute( + ctx.ldap_session.policy, user, - policy, - ): + ) + if not has_access: yield get_bad_response(LDAPBindErrors.LOGON_FAILURE) return @@ -181,30 +179,21 @@ async def handle( yield get_bad_response(LDAPBindErrors.PASSWORD_MUST_CHANGE) return - if (policy is not None) and ( - policy.mfa_status in (MFAFlags.ENABLED, MFAFlags.WHITELIST) - and ctx.mfa is not None - ): - request_2fa = True - if policy.mfa_status == MFAFlags.WHITELIST: - request_2fa = ( - await ctx.network_policy_validator.check_mfa_group( - policy, - user, - ) - ) - - if request_2fa: - mfa_status = await self.check_mfa( - ctx.mfa, - user.user_principal_name, - self.authentication_choice.otpassword, - policy, - ) + is_mfa_required = await ctx.validate_mfa_requirement.execute( + ctx.ldap_session.policy, + user, + ) - if mfa_status is False: - yield get_bad_response(LDAPBindErrors.LOGON_FAILURE) - return + if is_mfa_required and ctx.mfa is not None: + mfa_status = await self.check_mfa( + ctx.mfa, + user.user_principal_name, + self.authentication_choice.otpassword, + ctx.ldap_session.policy, + ) + if mfa_status is False: + yield get_bad_response(LDAPBindErrors.LOGON_FAILURE) + return with contextlib.suppress( KRBAPIAddPrincipalError, diff --git a/app/ldap_protocol/ldap_requests/bind_methods/__init__.py b/src/application/ldap_requests/bind_methods/__init__.py similarity index 100% rename from app/ldap_protocol/ldap_requests/bind_methods/__init__.py rename to src/application/ldap_requests/bind_methods/__init__.py diff --git a/app/ldap_protocol/ldap_requests/bind_methods/base.py b/src/application/ldap_requests/bind_methods/base.py similarity index 94% rename from app/ldap_protocol/ldap_requests/bind_methods/base.py rename to src/application/ldap_requests/bind_methods/base.py index 0713e3554..255064b9b 100644 --- a/app/ldap_protocol/ldap_requests/bind_methods/base.py +++ b/src/application/ldap_requests/bind_methods/base.py @@ -11,10 +11,10 @@ from pydantic import BaseModel, Field, SecretStr from sqlalchemy.ext.asyncio import AsyncSession -from entities import User -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import BindResponse +from application.asn1parser import ASN1Row +from application.ldap_codes import LDAPCodes +from application.ldap_responses import BindResponse +from domain.entities import User from password_utils import PasswordUtils diff --git a/app/ldap_protocol/ldap_requests/bind_methods/sasl_gssapi.py b/src/application/ldap_requests/bind_methods/sasl_gssapi.py similarity index 96% rename from app/ldap_protocol/ldap_requests/bind_methods/sasl_gssapi.py rename to src/application/ldap_requests/bind_methods/sasl_gssapi.py index d18510f1b..7630e0989 100644 --- a/app/ldap_protocol/ldap_requests/bind_methods/sasl_gssapi.py +++ b/src/application/ldap_requests/bind_methods/sasl_gssapi.py @@ -11,13 +11,13 @@ from pydantic import Field, SecretStr from sqlalchemy.ext.asyncio import AsyncSession +from application.asn1parser import ASN1Row +from application.dialogue import LDAPSession +from application.ldap_codes import LDAPCodes +from application.ldap_responses import BindResponse +from application.utils.queries import get_base_directories, get_user from config import Settings -from entities import User -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import BindResponse -from ldap_protocol.utils.queries import get_base_directories, get_user +from domain.entities import User from password_utils import PasswordUtils from .base import ( diff --git a/app/ldap_protocol/ldap_requests/bind_methods/sasl_plain.py b/src/application/ldap_requests/bind_methods/sasl_plain.py similarity index 92% rename from app/ldap_protocol/ldap_requests/bind_methods/sasl_plain.py rename to src/application/ldap_requests/bind_methods/sasl_plain.py index 631182881..90fc155b9 100644 --- a/app/ldap_protocol/ldap_requests/bind_methods/sasl_plain.py +++ b/src/application/ldap_requests/bind_methods/sasl_plain.py @@ -8,9 +8,9 @@ from sqlalchemy.ext.asyncio import AsyncSession -from entities import User -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.utils.queries import get_user +from application.asn1parser import ASN1Row +from application.utils.queries import get_user +from domain.entities import User from password_utils import PasswordUtils from .base import SaslAuthentication, SASLMethod diff --git a/app/ldap_protocol/ldap_requests/bind_methods/sasl_spnego.py b/src/application/ldap_requests/bind_methods/sasl_spnego.py similarity index 94% rename from app/ldap_protocol/ldap_requests/bind_methods/sasl_spnego.py rename to src/application/ldap_requests/bind_methods/sasl_spnego.py index f7b8da7b6..13a135522 100644 --- a/app/ldap_protocol/ldap_requests/bind_methods/sasl_spnego.py +++ b/src/application/ldap_requests/bind_methods/sasl_spnego.py @@ -8,10 +8,10 @@ from sqlalchemy.ext.asyncio import AsyncSession +from application.dialogue import LDAPSession +from application.ldap_codes import LDAPCodes +from application.ldap_responses import BindResponse from config import Settings -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import BindResponse from .base import LDAPBindErrors, SASLMethod, get_bad_response from .sasl_gssapi import GSSAPISL, GSSAPIAuthStatus, SaslGSSAPIAuthentication diff --git a/app/ldap_protocol/ldap_requests/bind_methods/simple.py b/src/application/ldap_requests/bind_methods/simple.py similarity index 94% rename from app/ldap_protocol/ldap_requests/bind_methods/simple.py rename to src/application/ldap_requests/bind_methods/simple.py index daada64dc..18d40cc37 100644 --- a/app/ldap_protocol/ldap_requests/bind_methods/simple.py +++ b/src/application/ldap_requests/bind_methods/simple.py @@ -8,8 +8,8 @@ from sqlalchemy.ext.asyncio import AsyncSession -from entities import User -from ldap_protocol.utils.queries import get_user +from application.utils.queries import get_user +from domain.entities import User from password_utils import PasswordUtils from .base import AbstractLDAPAuth diff --git a/app/ldap_protocol/ldap_requests/compare.py b/src/application/ldap_requests/compare.py similarity index 86% rename from app/ldap_protocol/ldap_requests/compare.py rename to src/application/ldap_requests/compare.py index 264ff2169..09a80dc74 100644 --- a/app/ldap_protocol/ldap_requests/compare.py +++ b/src/application/ldap_requests/compare.py @@ -6,7 +6,7 @@ from typing import ClassVar -from ldap_protocol.objects import ProtocolRequests +from application.objects import ProtocolRequests from .base import BaseRequest diff --git a/app/ldap_protocol/ldap_requests/contexts.py b/src/application/ldap_requests/contexts.py similarity index 77% rename from app/ldap_protocol/ldap_requests/contexts.py rename to src/application/ldap_requests/contexts.py index 98f6e1a9b..2804225df 100644 --- a/app/ldap_protocol/ldap_requests/contexts.py +++ b/src/application/ldap_requests/contexts.py @@ -8,20 +8,23 @@ from sqlalchemy.ext.asyncio import AsyncSession -from config import Settings -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.kerberos import AbstractKadmin -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.dialogue import LDAPSession +from application.kerberos import AbstractKadmin +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, ) -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.multifactor import LDAPMultiFactorAPI -from ldap_protocol.policies.network import NetworkPolicyValidatorUseCase -from ldap_protocol.policies.password import PasswordPolicyUseCases -from ldap_protocol.roles.access_manager import AccessManager -from ldap_protocol.roles.role_use_case import RoleUseCase -from ldap_protocol.rootdse.reader import RootDSEReader -from ldap_protocol.session_storage import SessionStorage +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.multifactor import LDAPMultiFactorAPI +from application.policies.network import ( + ValidateMFARequirementUseCase, + ValidatePolicyAccessUseCase, +) +from application.policies.password import PasswordPolicyUseCases +from application.roles.access_manager import AccessManager +from application.roles.role_use_case import RoleUseCase +from application.rootdse.reader import RootDSEReader +from application.session_storage import SessionStorage +from config import Settings from password_utils import PasswordUtils @@ -67,7 +70,8 @@ class LDAPBindRequestContext: password_use_cases: PasswordPolicyUseCases password_utils: PasswordUtils mfa: LDAPMultiFactorAPI - network_policy_validator: NetworkPolicyValidatorUseCase + validate_policy_access_use_case: ValidatePolicyAccessUseCase + validate_mfa_requirement: ValidateMFARequirementUseCase @dataclass diff --git a/app/ldap_protocol/ldap_requests/delete.py b/src/application/ldap_requests/delete.py similarity index 92% rename from app/ldap_protocol/ldap_requests/delete.py rename to src/application/ldap_requests/delete.py index 70062918b..eb3b541d1 100644 --- a/app/ldap_protocol/ldap_requests/delete.py +++ b/src/application/ldap_requests/delete.py @@ -9,28 +9,25 @@ from sqlalchemy import delete, exists, select from sqlalchemy.orm import joinedload, selectinload -from entities import Directory, Group -from enums import AceType -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.kerberos.exceptions import ( +from application.asn1parser import ASN1Row +from application.kerberos.exceptions import ( KRBAPIConnectionError, KRBAPIDeletePrincipalError, KRBAPIPrincipalNotFoundError, ) -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import ( - INVALID_ACCESS_RESPONSE, - DeleteResponse, -) -from ldap_protocol.objects import ProtocolRequests -from ldap_protocol.utils.helpers import is_dn_in_base_directory -from ldap_protocol.utils.queries import ( +from application.ldap_codes import LDAPCodes +from application.ldap_responses import INVALID_ACCESS_RESPONSE, DeleteResponse +from application.objects import ProtocolRequests +from application.utils.helpers import is_dn_in_base_directory +from application.utils.queries import ( get_base_directories, get_filter_from_path, is_computer, validate_entry, ) -from repo.pg.tables import Attribute, queryable_attr as qa +from domain.entities import Directory, Group +from enums import AceType +from infrastructure.pg.tables import Attribute, queryable_attr as qa from .base import BaseRequest from .contexts import LDAPDeleteRequestContext diff --git a/app/ldap_protocol/ldap_requests/exceptions.py b/src/application/ldap_requests/exceptions.py similarity index 100% rename from app/ldap_protocol/ldap_requests/exceptions.py rename to src/application/ldap_requests/exceptions.py diff --git a/app/ldap_protocol/ldap_requests/extended.py b/src/application/ldap_requests/extended.py similarity index 96% rename from app/ldap_protocol/ldap_requests/extended.py rename to src/application/ldap_requests/extended.py index a3e74ad28..430b4a7cb 100644 --- a/app/ldap_protocol/ldap_requests/extended.py +++ b/src/application/ldap_requests/extended.py @@ -12,15 +12,14 @@ from pydantic import BaseModel, SecretStr, SerializeAsAny from sqlalchemy import update -from entities import Directory, User -from ldap_protocol.asn1parser import LDAPOID, ASN1Row, asn1todict -from ldap_protocol.kerberos.exceptions import ( +from application.asn1parser import LDAPOID, ASN1Row, asn1todict +from application.kerberos.exceptions import ( KRBAPIChangePasswordError, KRBAPIConnectionError, KRBAPIPrincipalNotFoundError, ) -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.exceptions import ( +from application.ldap_codes import LDAPCodes +from application.ldap_requests.exceptions import ( PasswordModifyKadminError, PasswordModifyNoPasswordModifyAccessError, PasswordModifyNoUserProvidedError, @@ -28,12 +27,13 @@ PasswordModifyUserNotAllowedError, PasswordModifyUserNotFoundError, ) -from ldap_protocol.ldap_responses import ( +from application.ldap_responses import ( BaseExtendedResponseValue, ExtendedResponse, ) -from ldap_protocol.objects import ProtocolRequests -from ldap_protocol.utils.queries import get_user +from application.objects import ProtocolRequests +from application.utils.queries import get_user +from domain.entities import Directory, User from .base import BaseRequest from .contexts import LDAPExtendedRequestContext diff --git a/app/ldap_protocol/ldap_requests/modify.py b/src/application/ldap_requests/modify.py similarity index 97% rename from app/ldap_protocol/ldap_requests/modify.py rename to src/application/ldap_requests/modify.py index 9f5b8789d..ab9ef78ca 100644 --- a/app/ldap_protocol/ldap_requests/modify.py +++ b/src/application/ldap_requests/modify.py @@ -14,37 +14,33 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import joinedload, selectinload -from config import Settings -from constants import DOMAIN_ADMIN_GROUP_NAME -from entities import Attribute, Directory, Group, User -from enums import AceType, EntityTypeNames -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.dialogue import UserSchema -from ldap_protocol.kerberos import AbstractKadmin, unlock_principal -from ldap_protocol.kerberos.exceptions import ( +from application.asn1parser import ASN1Row +from application.dialogue import UserSchema +from application.kerberos import AbstractKadmin, unlock_principal +from application.kerberos.exceptions import ( KRBAPIConnectionError, KRBAPIForcePasswordChangeError, KRBAPILockPrincipalError, KRBAPIPrincipalNotFoundError, KRBAPIRenamePrincipalError, ) -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import ModifyResponse, PartialAttribute -from ldap_protocol.objects import ( +from application.ldap_codes import LDAPCodes +from application.ldap_responses import ModifyResponse, PartialAttribute +from application.objects import ( Changes, Operation, ProtocolRequests, UserAccountControlFlag, ) -from ldap_protocol.policies.password import PasswordPolicyUseCases -from ldap_protocol.session_storage import SessionStorage -from ldap_protocol.utils.cte import check_root_group_membership_intersection -from ldap_protocol.utils.helpers import ( +from application.policies.password import PasswordPolicyUseCases +from application.session_storage import SessionStorage +from application.utils.cte import check_root_group_membership_intersection +from application.utils.helpers import ( ft_to_dt, is_dn_in_base_directory, validate_entry, ) -from ldap_protocol.utils.queries import ( +from application.utils.queries import ( add_lock_and_expire_attributes, clear_group_membership, extend_group_membership, @@ -56,12 +52,16 @@ remove_disallowed_group_members, remove_from_group_membership, ) -from password_utils import PasswordUtils -from repo.pg.tables import ( +from config import Settings +from constants import DOMAIN_ADMIN_GROUP_NAME +from domain.entities import Attribute, Directory, Group, User +from enums import AceType, EntityTypeNames +from infrastructure.pg.tables import ( directory_memberships_table, directory_table, queryable_attr as qa, ) +from password_utils import PasswordUtils from .base import BaseRequest from .contexts import LDAPModifyRequestContext diff --git a/app/ldap_protocol/ldap_requests/modify_dn.py b/src/application/ldap_requests/modify_dn.py similarity index 96% rename from app/ldap_protocol/ldap_requests/modify_dn.py rename to src/application/ldap_requests/modify_dn.py index dc4421d49..446c63db4 100644 --- a/app/ldap_protocol/ldap_requests/modify_dn.py +++ b/src/application/ldap_requests/modify_dn.py @@ -10,17 +10,17 @@ from sqlalchemy.exc import IntegrityError from sqlalchemy.orm import joinedload, selectinload -from entities import AccessControlEntry, Attribute, Directory -from enums import AceType -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import ( +from application.asn1parser import ASN1Row +from application.ldap_codes import LDAPCodes +from application.ldap_responses import ( INVALID_ACCESS_RESPONSE, ModifyDNResponse, ) -from ldap_protocol.objects import ProtocolRequests -from ldap_protocol.utils.queries import get_filter_from_path, validate_entry -from repo.pg.tables import ( +from application.objects import ProtocolRequests +from application.utils.queries import get_filter_from_path, validate_entry +from domain.entities import AccessControlEntry, Attribute, Directory +from enums import AceType +from infrastructure.pg.tables import ( ace_directory_memberships_table, queryable_attr as qa, ) diff --git a/app/ldap_protocol/ldap_requests/search.py b/src/application/ldap_requests/search.py similarity index 97% rename from app/ldap_protocol/ldap_requests/search.py rename to src/application/ldap_requests/search.py index d5ff4e679..13e8d582e 100644 --- a/app/ldap_protocol/ldap_requests/search.py +++ b/src/application/ldap_requests/search.py @@ -23,45 +23,45 @@ from sqlalchemy.sql.elements import ColumnElement, UnaryExpression from sqlalchemy.sql.expression import Select -from entities import ( - Attribute, - AttributeType, - Directory, - Group, - ObjectClass, - User, -) -from enums import AceType -from ldap_protocol.asn1parser import ASN1Row -from ldap_protocol.dialogue import UserSchema -from ldap_protocol.filter_interpreter import ( +from application.asn1parser import ASN1Row +from application.dialogue import UserSchema +from application.filter_interpreter import ( FilterInterpreterProtocol, LDAPFilterInterpreter, ) -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_responses import ( +from application.ldap_codes import LDAPCodes +from application.ldap_responses import ( INVALID_ACCESS_RESPONSE, PartialAttribute, SearchResultDone, SearchResultEntry, SearchResultReference, ) -from ldap_protocol.objects import DerefAliases, ProtocolRequests, Scope -from ldap_protocol.roles.access_manager import AccessManager -from ldap_protocol.rootdse.netlogon import NetLogonAttributeHandler -from ldap_protocol.utils.cte import get_all_parent_group_directories -from ldap_protocol.utils.helpers import ( +from application.objects import DerefAliases, ProtocolRequests, Scope +from application.roles.access_manager import AccessManager +from application.rootdse.netlogon import NetLogonAttributeHandler +from application.utils.cte import get_all_parent_group_directories +from application.utils.helpers import ( dt_to_ft, get_windows_timestamp, string_to_sid, ) -from ldap_protocol.utils.queries import ( +from application.utils.queries import ( dn_is_base_directory, get_base_directories, get_path_filter, get_search_path, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import ( + Attribute, + AttributeType, + Directory, + Group, + ObjectClass, + User, +) +from enums import AceType +from infrastructure.pg.tables import queryable_attr as qa from .base import BaseRequest from .contexts import LDAPSearchRequestContext diff --git a/app/ldap_protocol/ldap_responses.py b/src/application/ldap_responses.py similarity index 99% rename from app/ldap_protocol/ldap_responses.py rename to src/application/ldap_responses.py index 24467b318..b5e49eeea 100644 --- a/app/ldap_protocol/ldap_responses.py +++ b/src/application/ldap_responses.py @@ -10,7 +10,7 @@ from asn1 import Classes, Encoder, Numbers from pydantic import AnyUrl, BaseModel, Field, SerializeAsAny -from ldap_protocol.asn1parser import LDAPOID +from application.asn1parser import LDAPOID from .ldap_codes import LDAPCodes from .objects import PartialAttribute, ProtocolResponse diff --git a/app/ldap_protocol/ldap_schema/__init__.py b/src/application/ldap_schema/__init__.py similarity index 100% rename from app/ldap_protocol/ldap_schema/__init__.py rename to src/application/ldap_schema/__init__.py diff --git a/app/ldap_protocol/ldap_schema/attribute_type_dao.py b/src/application/ldap_schema/attribute_type_dao.py similarity index 93% rename from app/ldap_protocol/ldap_schema/attribute_type_dao.py rename to src/application/ldap_schema/attribute_type_dao.py index 30211f74c..fceb8e5b4 100644 --- a/app/ldap_protocol/ldap_schema/attribute_type_dao.py +++ b/src/application/ldap_schema/attribute_type_dao.py @@ -14,19 +14,19 @@ from sqlalchemy.exc import IntegrityError from sqlalchemy.ext.asyncio import AsyncSession -from abstract_dao import AbstractDAO -from entities import AttributeType -from ldap_protocol.ldap_schema.dto import AttributeTypeDTO -from ldap_protocol.ldap_schema.exceptions import ( +from abstract_db_gateway import AbstractDBGateWay +from application.ldap_schema.dto import AttributeTypeDTO +from application.ldap_schema.exceptions import ( AttributeTypeAlreadyExistsError, AttributeTypeNotFoundError, ) -from ldap_protocol.utils.pagination import ( +from application.utils.pagination import ( PaginationParams, PaginationResult, build_paginated_search_query, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import AttributeType +from infrastructure.pg.tables import queryable_attr as qa _convert_model_to_dto = get_converter( AttributeType, @@ -47,7 +47,7 @@ ) -class AttributeTypeDAO(AbstractDAO[AttributeTypeDTO, str]): +class AttributeTypeDAO(AbstractDBGateWay[AttributeTypeDTO, str]): """Attribute Type DAO.""" __session: AsyncSession diff --git a/app/ldap_protocol/ldap_schema/attribute_type_use_case.py b/src/application/ldap_schema/attribute_type_use_case.py similarity index 90% rename from app/ldap_protocol/ldap_schema/attribute_type_use_case.py rename to src/application/ldap_schema/attribute_type_use_case.py index ebaf1f986..027c9aae7 100644 --- a/app/ldap_protocol/ldap_schema/attribute_type_use_case.py +++ b/src/application/ldap_schema/attribute_type_use_case.py @@ -7,11 +7,11 @@ from typing import ClassVar from abstract_service import AbstractService +from application.ldap_schema.attribute_type_dao import AttributeTypeDAO +from application.ldap_schema.dto import AttributeTypeDTO +from application.ldap_schema.object_class_dao import ObjectClassDAO +from application.utils.pagination import PaginationParams, PaginationResult from enums import AuthorizationRules -from ldap_protocol.ldap_schema.attribute_type_dao import AttributeTypeDAO -from ldap_protocol.ldap_schema.dto import AttributeTypeDTO -from ldap_protocol.ldap_schema.object_class_dao import ObjectClassDAO -from ldap_protocol.utils.pagination import PaginationParams, PaginationResult class AttributeTypeUseCase(AbstractService): diff --git a/app/ldap_protocol/ldap_schema/attribute_value_validator.py b/src/application/ldap_schema/attribute_value_validator.py similarity index 98% rename from app/ldap_protocol/ldap_schema/attribute_value_validator.py rename to src/application/ldap_schema/attribute_value_validator.py index 9c7c77f56..62594b677 100644 --- a/app/ldap_protocol/ldap_schema/attribute_value_validator.py +++ b/src/application/ldap_schema/attribute_value_validator.py @@ -8,9 +8,9 @@ from collections import defaultdict from typing import Callable, cast as tcast -from entities import Attribute, Directory, User +from application.objects import PartialAttribute +from domain.entities import Attribute, Directory, User from enums import EntityTypeNames -from ldap_protocol.objects import PartialAttribute type _AttrNameType = str type _ValueType = str diff --git a/app/ldap_protocol/ldap_schema/constants.py b/src/application/ldap_schema/constants.py similarity index 100% rename from app/ldap_protocol/ldap_schema/constants.py rename to src/application/ldap_schema/constants.py diff --git a/app/ldap_protocol/ldap_schema/dto.py b/src/application/ldap_schema/dto.py similarity index 100% rename from app/ldap_protocol/ldap_schema/dto.py rename to src/application/ldap_schema/dto.py diff --git a/app/ldap_protocol/ldap_schema/entity_type_dao.py b/src/application/ldap_schema/entity_type_dao.py similarity index 95% rename from app/ldap_protocol/ldap_schema/entity_type_dao.py rename to src/application/ldap_schema/entity_type_dao.py index abfdc49d1..0597c1b9b 100644 --- a/app/ldap_protocol/ldap_schema/entity_type_dao.py +++ b/src/application/ldap_schema/entity_type_dao.py @@ -14,25 +14,25 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import selectinload -from abstract_dao import AbstractDAO -from entities import Attribute, Directory, EntityType, ObjectClass -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from abstract_db_gateway import AbstractDBGateWay +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, AttributeValueValidatorError, ) -from ldap_protocol.ldap_schema.dto import EntityTypeDTO -from ldap_protocol.ldap_schema.exceptions import ( +from application.ldap_schema.dto import EntityTypeDTO +from application.ldap_schema.exceptions import ( EntityTypeAlreadyExistsError, EntityTypeCantModifyError, EntityTypeNotFoundError, ) -from ldap_protocol.ldap_schema.object_class_dao import ObjectClassDAO -from ldap_protocol.utils.pagination import ( +from application.ldap_schema.object_class_dao import ObjectClassDAO +from application.utils.pagination import ( PaginationParams, PaginationResult, build_paginated_search_query, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import Attribute, Directory, EntityType, ObjectClass +from infrastructure.pg.tables import queryable_attr as qa _convert = get_converter( EntityType, @@ -43,7 +43,7 @@ ) -class EntityTypeDAO(AbstractDAO[EntityTypeDTO, str]): +class EntityTypeDAO(AbstractDBGateWay[EntityTypeDTO, str]): """Entity Type DAO.""" __session: AsyncSession diff --git a/app/ldap_protocol/ldap_schema/entity_type_use_case.py b/src/application/ldap_schema/entity_type_use_case.py similarity index 91% rename from app/ldap_protocol/ldap_schema/entity_type_use_case.py rename to src/application/ldap_schema/entity_type_use_case.py index 5958e6a99..c5bce79b9 100644 --- a/app/ldap_protocol/ldap_schema/entity_type_use_case.py +++ b/src/application/ldap_schema/entity_type_use_case.py @@ -7,16 +7,16 @@ from typing import ClassVar from abstract_service import AbstractService -from constants import ENTITY_TYPE_DATAS -from enums import AuthorizationRules, EntityTypeNames -from ldap_protocol.ldap_schema.dto import EntityTypeDTO -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.ldap_schema.exceptions import ( +from application.ldap_schema.dto import EntityTypeDTO +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.ldap_schema.exceptions import ( EntityTypeCantModifyError, EntityTypeNotFoundError, ) -from ldap_protocol.ldap_schema.object_class_dao import ObjectClassDAO -from ldap_protocol.utils.pagination import PaginationParams, PaginationResult +from application.ldap_schema.object_class_dao import ObjectClassDAO +from application.utils.pagination import PaginationParams, PaginationResult +from constants import ENTITY_TYPE_DATAS +from enums import AuthorizationRules, EntityTypeNames class EntityTypeUseCase(AbstractService): diff --git a/app/ldap_protocol/ldap_schema/exceptions.py b/src/application/ldap_schema/exceptions.py similarity index 100% rename from app/ldap_protocol/ldap_schema/exceptions.py rename to src/application/ldap_schema/exceptions.py diff --git a/app/ldap_protocol/ldap_schema/object_class_dao.py b/src/application/ldap_schema/object_class_dao.py similarity index 97% rename from app/ldap_protocol/ldap_schema/object_class_dao.py rename to src/application/ldap_schema/object_class_dao.py index 9bc29644e..16111cec0 100644 --- a/app/ldap_protocol/ldap_schema/object_class_dao.py +++ b/src/application/ldap_schema/object_class_dao.py @@ -17,14 +17,14 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import selectinload -from abstract_dao import AbstractDAO -from entities import AttributeType, EntityType, ObjectClass -from ldap_protocol.utils.pagination import ( +from abstract_db_gateway import AbstractDBGateWay +from application.utils.pagination import ( PaginationParams, PaginationResult, build_paginated_search_query, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import AttributeType, EntityType, ObjectClass +from infrastructure.pg.tables import queryable_attr as qa from .dto import AttributeTypeDTO, ObjectClassDTO from .exceptions import ( @@ -45,7 +45,7 @@ ) -class ObjectClassDAO(AbstractDAO[ObjectClassDTO, str]): +class ObjectClassDAO(AbstractDBGateWay[ObjectClassDTO, str]): """Object Class DAO.""" def __init__(self, session: AsyncSession) -> None: diff --git a/app/ldap_protocol/ldap_schema/object_class_use_case.py b/src/application/ldap_schema/object_class_use_case.py similarity index 90% rename from app/ldap_protocol/ldap_schema/object_class_use_case.py rename to src/application/ldap_schema/object_class_use_case.py index c35a845ac..cbb7acab6 100644 --- a/app/ldap_protocol/ldap_schema/object_class_use_case.py +++ b/src/application/ldap_schema/object_class_use_case.py @@ -7,11 +7,11 @@ from typing import ClassVar from abstract_service import AbstractService +from application.ldap_schema.dto import AttributeTypeDTO, ObjectClassDTO +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.ldap_schema.object_class_dao import ObjectClassDAO +from application.utils.pagination import PaginationParams, PaginationResult from enums import AuthorizationRules -from ldap_protocol.ldap_schema.dto import AttributeTypeDTO, ObjectClassDTO -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.ldap_schema.object_class_dao import ObjectClassDAO -from ldap_protocol.utils.pagination import PaginationParams, PaginationResult class ObjectClassUseCase(AbstractService): diff --git a/app/ldap_protocol/master_check_use_case.py b/src/application/master_check_use_case.py similarity index 100% rename from app/ldap_protocol/master_check_use_case.py rename to src/application/master_check_use_case.py diff --git a/app/ldap_protocol/messages.py b/src/application/messages.py similarity index 100% rename from app/ldap_protocol/messages.py rename to src/application/messages.py diff --git a/app/ldap_protocol/multifactor.py b/src/application/multifactor.py similarity index 98% rename from app/ldap_protocol/multifactor.py rename to src/application/multifactor.py index e3730b257..d29d81b1b 100644 --- a/app/ldap_protocol/multifactor.py +++ b/src/application/multifactor.py @@ -15,8 +15,8 @@ from sqlalchemy.ext.asyncio import AsyncSession from config import Settings -from entities import CatalogueSetting -from repo.pg.tables import queryable_attr as qa +from domain.entities import CatalogueSetting +from infrastructure.pg.tables import queryable_attr as qa @dataclass(frozen=True) diff --git a/app/ldap_protocol/objects.py b/src/application/objects.py similarity index 100% rename from app/ldap_protocol/objects.py rename to src/application/objects.py diff --git a/app/ldap_protocol/permissions_checker.py b/src/application/permissions_checker.py similarity index 94% rename from app/ldap_protocol/permissions_checker.py rename to src/application/permissions_checker.py index e41ae3cbf..394e71be3 100644 --- a/app/ldap_protocol/permissions_checker.py +++ b/src/application/permissions_checker.py @@ -3,9 +3,9 @@ from functools import wraps from typing import Awaitable, Callable, ParamSpec, TypeVar +from application.identity import IdentityProvider +from application.identity.exceptions import AuthorizationError from enums import AuthorizationRules -from ldap_protocol.identity import IdentityProvider -from ldap_protocol.identity.exceptions import AuthorizationError _P = ParamSpec("_P") _R = TypeVar("_R") diff --git a/app/ldap_protocol/policies/__init__.py b/src/application/policies/__init__.py similarity index 100% rename from app/ldap_protocol/policies/__init__.py rename to src/application/policies/__init__.py diff --git a/app/ldap_protocol/policies/audit/__init__.py b/src/application/policies/audit/__init__.py similarity index 100% rename from app/ldap_protocol/policies/audit/__init__.py rename to src/application/policies/audit/__init__.py diff --git a/app/ldap_protocol/policies/audit/audit_use_case.py b/src/application/policies/audit/audit_use_case.py similarity index 99% rename from app/ldap_protocol/policies/audit/audit_use_case.py rename to src/application/policies/audit/audit_use_case.py index 2f16beb44..22992a4fd 100644 --- a/app/ldap_protocol/policies/audit/audit_use_case.py +++ b/src/application/policies/audit/audit_use_case.py @@ -4,9 +4,9 @@ License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE """ -from entities import AuditSeverity -from ldap_protocol.asn1parser import LDAPOID -from ldap_protocol.objects import OperationEvent, UserAccountControlFlag +from application.asn1parser import LDAPOID +from application.objects import OperationEvent, UserAccountControlFlag +from domain.entities import AuditSeverity from .dataclasses import ( AuditDestinationDTO, diff --git a/app/ldap_protocol/policies/audit/dataclasses.py b/src/application/policies/audit/dataclasses.py similarity index 97% rename from app/ldap_protocol/policies/audit/dataclasses.py rename to src/application/policies/audit/dataclasses.py index 093b92ff7..deaf9089a 100644 --- a/app/ldap_protocol/policies/audit/dataclasses.py +++ b/src/application/policies/audit/dataclasses.py @@ -6,12 +6,12 @@ from dataclasses import dataclass, field +from application.objects import OperationEvent from enums import ( AuditDestinationProtocolType, AuditDestinationServiceType, AuditSeverity, ) -from ldap_protocol.objects import OperationEvent @dataclass diff --git a/app/ldap_protocol/policies/audit/destination_dao.py b/src/application/policies/audit/destination_dao.py similarity index 93% rename from app/ldap_protocol/policies/audit/destination_dao.py rename to src/application/policies/audit/destination_dao.py index 4ce4683df..d81c2ee8b 100644 --- a/app/ldap_protocol/policies/audit/destination_dao.py +++ b/src/application/policies/audit/destination_dao.py @@ -10,8 +10,8 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession -from abstract_dao import AbstractDAO -from entities import AuditDestination +from abstract_db_gateway import AbstractDBGateWay +from domain.entities import AuditDestination from .dataclasses import AuditDestinationDTO from .exception import AuditNotFoundError @@ -19,7 +19,7 @@ _convert = get_converter(AuditDestination, AuditDestinationDTO) -class AuditDestinationDAO(AbstractDAO[AuditDestinationDTO, int]): +class AuditDestinationDAO(AbstractDBGateWay[AuditDestinationDTO, int]): """Audit destination DAO class.""" def __init__(self, session: AsyncSession): diff --git a/app/ldap_protocol/policies/audit/events/__init__.py b/src/application/policies/audit/events/__init__.py similarity index 100% rename from app/ldap_protocol/policies/audit/events/__init__.py rename to src/application/policies/audit/events/__init__.py diff --git a/app/ldap_protocol/policies/audit/events/dataclasses.py b/src/application/policies/audit/events/dataclasses.py similarity index 98% rename from app/ldap_protocol/policies/audit/events/dataclasses.py rename to src/application/policies/audit/events/dataclasses.py index 38c922043..c0e1565ae 100644 --- a/app/ldap_protocol/policies/audit/events/dataclasses.py +++ b/src/application/policies/audit/events/dataclasses.py @@ -15,8 +15,8 @@ from loguru import logger from pydantic import SecretStr -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.objects import OperationEvent +from application.ldap_codes import LDAPCodes +from application.objects import OperationEvent class AuditEvent(ABC): diff --git a/app/ldap_protocol/policies/audit/events/factory.py b/src/application/policies/audit/events/factory.py similarity index 93% rename from app/ldap_protocol/policies/audit/events/factory.py rename to src/application/policies/audit/events/factory.py index 1dacbbba6..565d61ba9 100644 --- a/app/ldap_protocol/policies/audit/events/factory.py +++ b/src/application/policies/audit/events/factory.py @@ -7,14 +7,14 @@ from ipaddress import IPv4Address, IPv6Address from typing import TYPE_CHECKING, Any, Generic, TypeVar +from application.objects import OperationEvent from config import Settings -from ldap_protocol.objects import OperationEvent from .dataclasses import RawAuditEvent, RawAuditEventRedis if TYPE_CHECKING: - from ldap_protocol.ldap_requests import BaseRequest - from ldap_protocol.ldap_responses import BaseResponse + from application.ldap_requests import BaseRequest + from application.ldap_responses import BaseResponse T = TypeVar("T", bound=RawAuditEvent) diff --git a/app/ldap_protocol/policies/audit/events/handler.py b/src/application/policies/audit/events/handler.py similarity index 97% rename from app/ldap_protocol/policies/audit/events/handler.py rename to src/application/policies/audit/events/handler.py index cd3fd36f7..a12bca3bd 100644 --- a/app/ldap_protocol/policies/audit/events/handler.py +++ b/src/application/policies/audit/events/handler.py @@ -13,10 +13,10 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import selectinload -from entities import AuditPolicy, AuditPolicyTrigger -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.objects import OperationEvent -from repo.pg.tables import queryable_attr as qa +from application.ldap_codes import LDAPCodes +from application.objects import OperationEvent +from domain.entities import AuditPolicy, AuditPolicyTrigger +from infrastructure.pg.tables import queryable_attr as qa from .dataclasses import NormalizedAuditEvent, RawAuditEvent from .managers import NormalizedAuditManager, RawAuditManager diff --git a/app/ldap_protocol/policies/audit/events/managers.py b/src/application/policies/audit/events/managers.py similarity index 100% rename from app/ldap_protocol/policies/audit/events/managers.py rename to src/application/policies/audit/events/managers.py diff --git a/app/ldap_protocol/policies/audit/events/normalizer.py b/src/application/policies/audit/events/normalizer.py similarity index 97% rename from app/ldap_protocol/policies/audit/events/normalizer.py rename to src/application/policies/audit/events/normalizer.py index 40fcb9a47..fba4419a4 100644 --- a/app/ldap_protocol/policies/audit/events/normalizer.py +++ b/src/application/policies/audit/events/normalizer.py @@ -4,8 +4,8 @@ License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE """ -from entities import AuditPolicyTrigger -from ldap_protocol.objects import OperationEvent +from application.objects import OperationEvent +from domain.entities import AuditPolicyTrigger from .dataclasses import NormalizedAuditEvent, RawAuditEvent diff --git a/app/ldap_protocol/policies/audit/events/sender.py b/src/application/policies/audit/events/sender.py similarity index 97% rename from app/ldap_protocol/policies/audit/events/sender.py rename to src/application/policies/audit/events/sender.py index a0f02a79b..bc7d03411 100644 --- a/app/ldap_protocol/policies/audit/events/sender.py +++ b/src/application/policies/audit/events/sender.py @@ -11,9 +11,9 @@ from loguru import logger from sqlalchemy.ext.asyncio import AsyncSession +from application.policies.audit.audit_use_case import AuditUseCase +from application.policies.audit.dataclasses import AuditDestinationDTO from config import Settings -from ldap_protocol.policies.audit.audit_use_case import AuditUseCase -from ldap_protocol.policies.audit.dataclasses import AuditDestinationDTO from .dataclasses import NormalizedAuditEvent from .managers import NormalizedAuditManager diff --git a/app/ldap_protocol/policies/audit/events/service_senders/__init__.py b/src/application/policies/audit/events/service_senders/__init__.py similarity index 100% rename from app/ldap_protocol/policies/audit/events/service_senders/__init__.py rename to src/application/policies/audit/events/service_senders/__init__.py diff --git a/app/ldap_protocol/policies/audit/events/service_senders/base.py b/src/application/policies/audit/events/service_senders/base.py similarity index 82% rename from app/ldap_protocol/policies/audit/events/service_senders/base.py rename to src/application/policies/audit/events/service_senders/base.py index 0d7b882df..0fc4e73e7 100644 --- a/app/ldap_protocol/policies/audit/events/service_senders/base.py +++ b/src/application/policies/audit/events/service_senders/base.py @@ -6,11 +6,9 @@ from abc import ABC, abstractmethod +from application.policies.audit.dataclasses import AuditDestinationDTO +from application.policies.audit.events.dataclasses import NormalizedAuditEvent from enums import AuditDestinationServiceType -from ldap_protocol.policies.audit.dataclasses import AuditDestinationDTO -from ldap_protocol.policies.audit.events.dataclasses import ( - NormalizedAuditEvent, -) class AuditDestinationSenderABC(ABC): diff --git a/app/ldap_protocol/policies/audit/events/service_senders/rfc5424_serializer.py b/src/application/policies/audit/events/service_senders/rfc5424_serializer.py similarity index 98% rename from app/ldap_protocol/policies/audit/events/service_senders/rfc5424_serializer.py rename to src/application/policies/audit/events/service_senders/rfc5424_serializer.py index 8ff8272ce..3947ef0ea 100644 --- a/app/ldap_protocol/policies/audit/events/service_senders/rfc5424_serializer.py +++ b/src/application/policies/audit/events/service_senders/rfc5424_serializer.py @@ -8,9 +8,7 @@ from datetime import datetime, timezone from typing import Any -from ldap_protocol.policies.audit.events.dataclasses import ( - NormalizedAuditEvent, -) +from application.policies.audit.events.dataclasses import NormalizedAuditEvent class RFC5424Serializer: diff --git a/app/ldap_protocol/policies/audit/events/service_senders/syslog.py b/src/application/policies/audit/events/service_senders/syslog.py similarity index 97% rename from app/ldap_protocol/policies/audit/events/service_senders/syslog.py rename to src/application/policies/audit/events/service_senders/syslog.py index 3f30f323b..332685af3 100644 --- a/app/ldap_protocol/policies/audit/events/service_senders/syslog.py +++ b/src/application/policies/audit/events/service_senders/syslog.py @@ -10,10 +10,8 @@ from loguru import logger +from application.policies.audit.events.dataclasses import NormalizedAuditEvent from enums import AuditDestinationProtocolType, AuditDestinationServiceType -from ldap_protocol.policies.audit.events.dataclasses import ( - NormalizedAuditEvent, -) from .base import AuditDestinationSenderABC from .rfc5424_serializer import RFC5424Serializer diff --git a/app/ldap_protocol/policies/audit/exception.py b/src/application/policies/audit/exception.py similarity index 100% rename from app/ldap_protocol/policies/audit/exception.py rename to src/application/policies/audit/exception.py diff --git a/app/ldap_protocol/policies/audit/monitor.py b/src/application/policies/audit/monitor.py similarity index 94% rename from app/ldap_protocol/policies/audit/monitor.py rename to src/application/policies/audit/monitor.py index 5ce08d0ab..9a0d755ae 100644 --- a/app/ldap_protocol/policies/audit/monitor.py +++ b/src/application/policies/audit/monitor.py @@ -12,9 +12,7 @@ from sqlalchemy.ext.asyncio import AsyncSession from starlette.datastructures import URL -from config import Settings -from entities import User -from ldap_protocol.auth.exceptions.mfa import ( +from application.auth.exceptions.mfa import ( AuthenticationError, ForbiddenError, InvalidCredentialsError, @@ -22,8 +20,8 @@ MFATokenError, NetworkPolicyError, ) -from ldap_protocol.auth.schemas import OAuth2Form -from ldap_protocol.identity.exceptions import ( +from application.auth.schemas import OAuth2Form +from application.identity.exceptions import ( AuthorizationError, AuthValidationError, LoginFailedError, @@ -31,14 +29,14 @@ UnauthorizedError, UserNotFoundError, ) -from ldap_protocol.kerberos.exceptions import KRBAPIChangePasswordError -from ldap_protocol.multifactor import MFA_HTTP_Creds -from ldap_protocol.objects import OperationEvent -from ldap_protocol.policies.audit.audit_use_case import AuditUseCase -from ldap_protocol.policies.audit.events.factory import ( - RawAuditEventBuilderRedis, -) -from ldap_protocol.session_storage import SessionStorage +from application.kerberos.exceptions import KRBAPIChangePasswordError +from application.multifactor import MFA_HTTP_Creds +from application.objects import OperationEvent +from application.policies.audit.audit_use_case import AuditUseCase +from application.policies.audit.events.factory import RawAuditEventBuilderRedis +from application.session_storage import SessionStorage +from config import Settings +from domain.entities import User _T = TypeVar("_T", bound=Callable) diff --git a/app/ldap_protocol/policies/audit/policies_dao.py b/src/application/policies/audit/policies_dao.py similarity index 94% rename from app/ldap_protocol/policies/audit/policies_dao.py rename to src/application/policies/audit/policies_dao.py index 65d2bf5ca..ad0001ea8 100644 --- a/app/ldap_protocol/policies/audit/policies_dao.py +++ b/src/application/policies/audit/policies_dao.py @@ -10,8 +10,8 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession -from abstract_dao import AbstractDAO -from entities import AuditPolicy, AuditPolicyTrigger +from abstract_db_gateway import AbstractDBGateWay +from domain.entities import AuditPolicy, AuditPolicyTrigger from .dataclasses import AuditPolicyDTO, AuditPolicySetupDTO from .exception import AuditNotFoundError @@ -19,7 +19,7 @@ _convert = get_converter(AuditPolicy, AuditPolicyDTO) -class AuditPoliciesDAO(AbstractDAO[AuditPolicyDTO, int]): +class AuditPoliciesDAO(AbstractDBGateWay[AuditPolicyDTO, int]): """Audit DAO for managing audit policies.""" def __init__(self, session: AsyncSession) -> None: diff --git a/app/ldap_protocol/policies/audit/schemas.py b/src/application/policies/audit/schemas.py similarity index 100% rename from app/ldap_protocol/policies/audit/schemas.py rename to src/application/policies/audit/schemas.py diff --git a/app/ldap_protocol/policies/audit/service.py b/src/application/policies/audit/service.py similarity index 100% rename from app/ldap_protocol/policies/audit/service.py rename to src/application/policies/audit/service.py diff --git a/app/ldap_protocol/policies/network/__init__.py b/src/application/policies/network/__init__.py similarity index 58% rename from app/ldap_protocol/policies/network/__init__.py rename to src/application/policies/network/__init__.py index c4ea76e70..0cb7f0bfd 100644 --- a/app/ldap_protocol/policies/network/__init__.py +++ b/src/application/policies/network/__init__.py @@ -6,10 +6,13 @@ NetworkPolicyAlreadyExistsError, NetworkPolicyNotFoundError, ) -from .gateway import NetworkPolicyGateway -from .use_cases import NetworkPolicyUseCase, NetworkPolicyValidatorUseCase -from .validator_gateway import NetworkPolicyValidatorGateway -from .validator_protocol import NetworkPolicyValidatorProtocol +from .gateway_protocol import NetworkPolicyGatewayProtocol +from .use_cases import ( + NetworkPolicyUseCase, + NetworkPolicyValidatorUseCase, + ValidateMFARequirementUseCase, + ValidatePolicyAccessUseCase, +) __all__ = [ "NetworkPolicyDTO", @@ -18,9 +21,9 @@ "NetworkPolicyAlreadyExistsError", "LastActivePolicyError", "NetworkPolicyNotFoundError", - "NetworkPolicyGateway", "NetworkPolicyUseCase", "NetworkPolicyValidatorUseCase", - "NetworkPolicyValidatorGateway", - "NetworkPolicyValidatorProtocol", + "NetworkPolicyGatewayProtocol", + "ValidatePolicyAccessUseCase", + "ValidateMFARequirementUseCase", ] diff --git a/app/ldap_protocol/policies/network/dto.py b/src/application/policies/network/dto.py similarity index 100% rename from app/ldap_protocol/policies/network/dto.py rename to src/application/policies/network/dto.py diff --git a/app/ldap_protocol/policies/network/exceptions.py b/src/application/policies/network/exceptions.py similarity index 100% rename from app/ldap_protocol/policies/network/exceptions.py rename to src/application/policies/network/exceptions.py diff --git a/src/application/policies/network/gateway_protocol.py b/src/application/policies/network/gateway_protocol.py new file mode 100644 index 000000000..b5be783d9 --- /dev/null +++ b/src/application/policies/network/gateway_protocol.py @@ -0,0 +1,94 @@ +"""Network policy validator protocol. + +Copyright (c) 2025 MultiFactor +License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE +""" + +from abc import abstractmethod +from ipaddress import IPv4Address, IPv6Address + +from abstract_db_gateway import AbstractDBGateWay +from domain.entities import Group, NetworkPolicy, User +from enums import ProtocolType + + +class NetworkPolicyGatewayProtocol(AbstractDBGateWay[NetworkPolicy, int]): + """Protocol for validating network policies.""" + + @abstractmethod + async def get_all(self) -> list[NetworkPolicy]: ... + + @abstractmethod + async def get_with_for_update(self, _id: int) -> NetworkPolicy: ... + + @abstractmethod + async def get_groups(self, groups: list[str]) -> list[Group]: ... + + @abstractmethod + async def get_policy_count(self) -> int: ... + + @abstractmethod + async def update_priority(self, priority: int) -> None: ... + + @abstractmethod + async def disable_policy(self, _id: int) -> None: ... + + @abstractmethod + async def check_policy_exists(self, policy: NetworkPolicy) -> bool: ... + + @abstractmethod + async def get_by_protocol( + self, + ip: IPv4Address | IPv6Address, + protocol_type: ProtocolType, + ) -> NetworkPolicy | None: + """Get network policy by protocol.""" + + @abstractmethod + async def _get_policy_by_user( + self, + ip: IPv4Address | IPv6Address, + user: User, + protocol_type: ProtocolType, + ) -> NetworkPolicy | None: + """Get user policy.""" + + async def get_http_policy_by_user( + self, + ip: IPv4Address | IPv6Address, + user: User, + ) -> NetworkPolicy | None: + """Get user HTTP policy.""" + return await self._get_policy_by_user(ip, user, ProtocolType.HTTP) + + async def get_kerberos_policy_by_user( + self, + ip: IPv4Address | IPv6Address, + user: User, + ) -> NetworkPolicy | None: + """Get user Kerberos policy.""" + return await self._get_policy_by_user(ip, user, ProtocolType.KERBEROS) + + async def get_ldap_policy_by_user( + self, + ip: IPv4Address | IPv6Address, + user: User, + ) -> NetworkPolicy | None: + """Get user LDAP policy.""" + return await self._get_policy_by_user(ip, user, ProtocolType.LDAP) + + @abstractmethod + async def check_mfa_group( # халивар + self, + policy: NetworkPolicy, + user: User, + ) -> bool: + """Check if user is in a group with MFA policy.""" + + @abstractmethod + async def has_access_to_policy( + self, + policy: NetworkPolicy, + user: User, + ) -> bool: + """Check if user is in a valid group for the policy.""" diff --git a/app/ldap_protocol/policies/network/use_cases.py b/src/application/policies/network/use_cases.py similarity index 61% rename from app/ldap_protocol/policies/network/use_cases.py rename to src/application/policies/network/use_cases.py index 38dbc11cc..3d8b4601e 100644 --- a/app/ldap_protocol/policies/network/use_cases.py +++ b/src/application/policies/network/use_cases.py @@ -12,21 +12,19 @@ from sqlalchemy.ext.asyncio import AsyncSession from abstract_service import AbstractService -from entities import NetworkPolicy, User -from enums import AuthorizationRules, ProtocolType -from ldap_protocol.policies.network.dto import ( +from application.policies.network.dto import ( NetworkPolicyDTO, NetworkPolicyUpdateDTO, SwapPrioritiesDTO, ) -from ldap_protocol.policies.network.exceptions import ( +from application.policies.network.exceptions import ( LastActivePolicyError, NetworkPolicyAlreadyExistsError, ) -from ldap_protocol.policies.network.gateway import NetworkPolicyGateway -from ldap_protocol.policies.network.validator_protocol import ( - NetworkPolicyValidatorProtocol, -) +from domain.entities import NetworkPolicy, User +from enums import AuthorizationRules, MFAFlags + +from .gateway_protocol import NetworkPolicyGatewayProtocol def _convert_groups(policy: NetworkPolicy) -> list[str]: @@ -65,59 +63,37 @@ class NetworkPolicyUseCase(AbstractService): def __init__( self, - network_policy_gateway: NetworkPolicyGateway, + network_policy_gateway: NetworkPolicyGatewayProtocol, session: AsyncSession, ): """Initialize Network policies use cases.""" - self._network_policy_gateway = network_policy_gateway + self.gateway = network_policy_gateway self._session = session async def create( self, dto: NetworkPolicyDTO, - ) -> NetworkPolicyDTO: + ) -> None: """Create network policy.""" policy_model = _convert_dto_to_model(dto) if dto.groups: - policy_model.groups = ( - await self._network_policy_gateway.get_groups(dto.groups) - ) + policy_model.groups = await self.gateway.get_groups(dto.groups) if dto.mfa_groups: - policy_model.mfa_groups = ( - await self._network_policy_gateway.get_groups( - dto.mfa_groups, - ) + policy_model.mfa_groups = await self.gateway.get_groups( + dto.mfa_groups, ) - policy = await self._network_policy_gateway.create( - policy_model, - ) - return NetworkPolicyDTO[int]( - id=policy.id, - name=policy.name, - netmasks=policy.netmasks, - priority=policy.priority, - raw=policy.raw, - mfa_status=policy.mfa_status, - is_http=policy.is_http, - is_ldap=policy.is_ldap, - is_kerberos=policy.is_kerberos, - bypass_no_connection=policy.bypass_no_connection, - bypass_service_failure=policy.bypass_service_failure, - enabled=policy.enabled, - groups=dto.groups, - mfa_groups=dto.mfa_groups, - ) + await self.gateway.create(policy_model) async def get(self, _id: int) -> NetworkPolicyDTO[int]: - policy = await self._network_policy_gateway.get_with_for_update(_id) + policy = await self.gateway.get_with_for_update(_id) return _convert_model_to_dto(policy) async def get_list_policies( self, ) -> list[NetworkPolicyDTO]: """Get list of network policies.""" - policies = await self._network_policy_gateway.get_list_policies() + policies = await self.gateway.get_all() return list(map(_convert_model_to_dto, policies)) async def delete(self, _id: int) -> None: @@ -125,20 +101,20 @@ async def delete(self, _id: int) -> None: policy = await self.get(_id) await self.validate_policy_count() - await self._network_policy_gateway.delete(_id) - await self._network_policy_gateway.update_priority(policy.priority) + await self.gateway.delete(_id) + await self.gateway.update_priority(policy.priority) async def switch_network_policy(self, _id: int) -> None: """Switch network policy.""" policy = await self.get(_id) if policy.enabled: await self.validate_policy_count() - await self._network_policy_gateway.disable_policy(_id) + await self.gateway.disable_policy(_id) await self._session.commit() async def validate_policy_count(self) -> None: """Validate policy count.""" - count = await self._network_policy_gateway.get_policy_count() + count = await self.gateway.get_policy_count() if count == 1: raise LastActivePolicyError("At least one policy should be active") @@ -147,13 +123,13 @@ async def update( dto: NetworkPolicyUpdateDTO, ) -> NetworkPolicyDTO: """Update network policy.""" - policy = await self._network_policy_gateway.get_with_for_update(dto.id) + policy = await self.gateway.get_with_for_update(dto.id) await self._apply_field_updates(policy, dto) await self._apply_netmask_updates(policy, dto) await self._apply_group_updates(policy, dto) - if await self._network_policy_gateway.check_policy_exists(policy): + if await self.gateway.check_policy_exists(policy): raise NetworkPolicyAlreadyExistsError("Entry already exists") await self._session.commit() @@ -189,22 +165,20 @@ async def _apply_group_updates( """Apply group updates.""" if dto.groups is not None: policy.groups = ( - await self._network_policy_gateway.get_groups(dto.groups) - if dto.groups - else [] + await self.gateway.get_groups(dto.groups) if dto.groups else [] ) if dto.mfa_groups is not None: policy.mfa_groups = ( - await self._network_policy_gateway.get_groups(dto.mfa_groups) + await self.gateway.get_groups(dto.mfa_groups) if dto.mfa_groups else [] ) async def swap_priorities(self, id1: int, id2: int) -> SwapPrioritiesDTO: """Swap priorities for network policies.""" - policy1 = await self._network_policy_gateway.get(id1) - policy2 = await self._network_policy_gateway.get(id2) + policy1 = await self.gateway.get(id1) + policy2 = await self.gateway.get(id2) policy1.priority, policy2.priority = policy2.priority, policy1.priority await self._session.commit() return SwapPrioritiesDTO( @@ -225,36 +199,14 @@ async def swap_priorities(self, id1: int, id2: int) -> SwapPrioritiesDTO: class NetworkPolicyValidatorUseCase(AbstractService): """Network policies validator use cases.""" + _gateway: NetworkPolicyGatewayProtocol + def __init__( self, - network_policy_validator_gateway: NetworkPolicyValidatorProtocol, + network_policy_gateway: NetworkPolicyGatewayProtocol, ): """Initialize Network policies validator use cases.""" - self._gateway = network_policy_validator_gateway - - async def get_by_protocol( - self, - ip: IPv4Address | IPv6Address, - protocol_type: ProtocolType, - ) -> NetworkPolicy | None: - """Get network policy by protocol.""" - return await self._gateway.get_by_protocol( - ip, - protocol_type, - ) - - async def get_user_network_policy( - self, - ip: IPv4Address | IPv6Address, - user: User, - policy_type: ProtocolType, - ) -> NetworkPolicy | None: - """Get user network policy.""" - return await self._gateway.get_user_network_policy( - ip, - user, - policy_type, - ) + self._gateway = network_policy_gateway async def get_user_http_policy( self, @@ -262,7 +214,7 @@ async def get_user_http_policy( user: User, ) -> NetworkPolicy | None: """Get user HTTP policy.""" - return await self._gateway.get_user_http_policy( + return await self._gateway.get_http_policy_by_user( ip, user, ) @@ -273,33 +225,11 @@ async def get_user_kerberos_policy( user: User, ) -> NetworkPolicy | None: """Get user Kerberos policy.""" - return await self._gateway.get_user_kerberos_policy( + return await self._gateway.get_kerberos_policy_by_user( ip, user, ) - async def get_user_ldap_policy( - self, - ip: IPv4Address | IPv6Address, - user: User, - ) -> NetworkPolicy | None: - """Get user LDAP policy.""" - return await self._gateway.get_user_ldap_policy( - ip, - user, - ) - - async def is_user_group_valid( - self, - user: User | None, - policy: NetworkPolicy | None, - ) -> bool: - """Validate user groups, is it including to policy.""" - return await self._gateway.is_user_group_valid( - user, - policy, - ) - async def check_mfa_group( self, policy: NetworkPolicy, @@ -312,11 +242,77 @@ async def check_mfa_group( ) PERMISSIONS: ClassVar[dict[str, AuthorizationRules]] = { - get_by_protocol.__name__: AuthorizationRules.NETWORK_POLICY_VALIDATOR_GET_BY_PROTOCOL, # noqa: E501 - get_user_network_policy.__name__: AuthorizationRules.NETWORK_POLICY_VALIDATOR_GET_USER_NETWORK_POLICY, # noqa: E501 get_user_http_policy.__name__: AuthorizationRules.NETWORK_POLICY_VALIDATOR_GET_USER_HTTP_POLICY, # noqa: E501 get_user_kerberos_policy.__name__: AuthorizationRules.NETWORK_POLICY_VALIDATOR_GET_USER_KERBEROS_POLICY, # noqa: E501 - get_user_ldap_policy.__name__: AuthorizationRules.NETWORK_POLICY_VALIDATOR_GET_USER_LDAP_POLICY, # noqa: E501 - is_user_group_valid.__name__: AuthorizationRules.NETWORK_POLICY_VALIDATOR_IS_USER_GROUP_VALID, # noqa: E501 check_mfa_group.__name__: AuthorizationRules.NETWORK_POLICY_VALIDATOR_CHECK_MFA_GROUP, # noqa: E501 } + + +class ValidatePolicyAccessUseCase: + """Validates user access according to network policy rules. + + This use case implements the business logic for determining whether a user + is allowed to access resources based on the configured network policy. + + Business Rules: + 1. If no policy is attached to the session, + access is DENIED (secure by default) + 2. If policy has no group restrictions, access is GRANTED + 3. Otherwise, check if user belongs to any of the policy's allowed groups + + Note: This implements a whitelist approach - only explicitly allowed + groups have access when policy has group restrictions. + """ + + _gateway: NetworkPolicyGatewayProtocol + + def __init__( + self, + network_policy_gateway: NetworkPolicyGatewayProtocol, + ): + """Initialize Validate user with network policy use case.""" + self._gateway = network_policy_gateway + + async def execute( + self, + policy: NetworkPolicy, + user: User, + ) -> bool: + """Execute use case.""" + if not policy.groups: + return True + + return await self._gateway.has_access_to_policy( + policy, + user, + ) + + +class ValidateMFARequirementUseCase: + """Validates if MFA is required according to network policy rules.""" + + _gateway: NetworkPolicyGatewayProtocol + + def __init__( + self, + network_policy_gateway: NetworkPolicyGatewayProtocol, + ) -> None: + """Initialize Validate MFA requirement use case.""" + self._gateway = network_policy_gateway + + async def execute( + self, + policy: NetworkPolicy, + user: User, + ) -> bool: + """Execute use case.""" + if policy.mfa_status == MFAFlags.DISABLED: + return False + + if policy.mfa_status == MFAFlags.WHITELIST: + return await self._gateway.check_mfa_group( + policy, + user, + ) + + return True diff --git a/app/ldap_protocol/policies/password/__init__.py b/src/application/policies/password/__init__.py similarity index 100% rename from app/ldap_protocol/policies/password/__init__.py rename to src/application/policies/password/__init__.py diff --git a/app/ldap_protocol/policies/password/ban_word_repository.py b/src/application/policies/password/ban_word_repository.py similarity index 94% rename from app/ldap_protocol/policies/password/ban_word_repository.py rename to src/application/policies/password/ban_word_repository.py index 89aed85ef..c607efe4f 100644 --- a/app/ldap_protocol/policies/password/ban_word_repository.py +++ b/src/application/policies/password/ban_word_repository.py @@ -10,11 +10,11 @@ from sqlalchemy.exc import IntegrityError from sqlalchemy.ext.asyncio import AsyncSession -from entities import PasswordBanWord -from ldap_protocol.policies.password.exceptions import ( +from application.policies.password.exceptions import ( PasswordBanWordFileHasDuplicatesError, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import PasswordBanWord +from infrastructure.pg.tables import queryable_attr as qa class PasswordBanWordRepository: diff --git a/app/ldap_protocol/policies/password/constants.py b/src/application/policies/password/constants.py similarity index 100% rename from app/ldap_protocol/policies/password/constants.py rename to src/application/policies/password/constants.py diff --git a/app/ldap_protocol/policies/password/dao.py b/src/application/policies/password/dao.py similarity index 96% rename from app/ldap_protocol/policies/password/dao.py rename to src/application/policies/password/dao.py index 5c818ca0a..98d0aa4a4 100644 --- a/app/ldap_protocol/policies/password/dao.py +++ b/src/application/policies/password/dao.py @@ -12,29 +12,29 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import attributes, selectinload -from abstract_dao import AbstractDAO -from entities import Attribute, Group, PasswordPolicy, User -from enums import EntityTypeNames -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from abstract_db_gateway import AbstractDBGateWay +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, AttributeValueValidatorError, ) -from ldap_protocol.objects import UserAccountControlFlag as UacFlag -from ldap_protocol.policies.password.exceptions import ( +from application.objects import UserAccountControlFlag as UacFlag +from application.policies.password.exceptions import ( PasswordPolicyAlreadyExistsError, PasswordPolicyBaseDnNotFoundError, PasswordPolicyCantChangeDefaultDomainError, PasswordPolicyDirIsNotUserError, PasswordPolicyNotFoundError, ) -from ldap_protocol.user_account_control import get_check_uac -from ldap_protocol.utils.helpers import ft_now -from ldap_protocol.utils.queries import ( +from application.user_account_control import get_check_uac +from application.utils.helpers import ft_now +from application.utils.queries import ( get_base_directories, get_filter_from_path, get_groups, ) -from repo.pg.tables import queryable_attr as qa +from domain.entities import Attribute, Group, PasswordPolicy, User +from enums import EntityTypeNames +from infrastructure.pg.tables import queryable_attr as qa from .dataclasses import ( DefaultDomainPasswordPolicyPreset as DefaultDomainP, @@ -64,7 +64,7 @@ def _make_group_paths(password_policy: PasswordPolicy) -> list[str]: ) -class PasswordPolicyDAO(AbstractDAO[PasswordPolicyDTO, int]): +class PasswordPolicyDAO(AbstractDBGateWay[PasswordPolicyDTO, int]): """Password Policy DAO.""" _session: AsyncSession diff --git a/app/ldap_protocol/policies/password/dataclasses.py b/src/application/policies/password/dataclasses.py similarity index 100% rename from app/ldap_protocol/policies/password/dataclasses.py rename to src/application/policies/password/dataclasses.py diff --git a/app/ldap_protocol/policies/password/error_messages.py b/src/application/policies/password/error_messages.py similarity index 100% rename from app/ldap_protocol/policies/password/error_messages.py rename to src/application/policies/password/error_messages.py diff --git a/app/ldap_protocol/policies/password/exceptions.py b/src/application/policies/password/exceptions.py similarity index 100% rename from app/ldap_protocol/policies/password/exceptions.py rename to src/application/policies/password/exceptions.py diff --git a/app/ldap_protocol/policies/password/settings.py b/src/application/policies/password/settings.py similarity index 100% rename from app/ldap_protocol/policies/password/settings.py rename to src/application/policies/password/settings.py diff --git a/app/ldap_protocol/policies/password/use_cases.py b/src/application/policies/password/use_cases.py similarity index 97% rename from app/ldap_protocol/policies/password/use_cases.py rename to src/application/policies/password/use_cases.py index e0518e4a0..76711c0f6 100644 --- a/app/ldap_protocol/policies/password/use_cases.py +++ b/src/application/policies/password/use_cases.py @@ -9,17 +9,17 @@ from sqlalchemy.ext.asyncio import AsyncSession from abstract_service import AbstractService -from entities import User -from enums import AuthorizationRules -from ldap_protocol.identity.exceptions import UserNotFoundError -from ldap_protocol.policies.password.ban_word_repository import ( +from application.identity.exceptions import UserNotFoundError +from application.policies.password.ban_word_repository import ( PasswordBanWordRepository, ) -from ldap_protocol.policies.password.constants import ( +from application.policies.password.constants import ( MAX_BANWORD_LENGTH, MIN_LENGTH_FOR_TRGM, ) -from ldap_protocol.utils.queries import get_user +from application.utils.queries import get_user +from domain.entities import User +from enums import AuthorizationRules from .dao import PasswordPolicyDAO from .dataclasses import PasswordPolicyDTO, PriorityT diff --git a/app/ldap_protocol/policies/password/validator.py b/src/application/policies/password/validator.py similarity index 99% rename from app/ldap_protocol/policies/password/validator.py rename to src/application/policies/password/validator.py index 1f116d327..a5db4b384 100644 --- a/app/ldap_protocol/policies/password/validator.py +++ b/src/application/policies/password/validator.py @@ -10,10 +10,10 @@ from passlib.exc import UnknownHashError -from ldap_protocol.policies.password.ban_word_repository import ( +from application.policies.password.ban_word_repository import ( PasswordBanWordRepository, ) -from ldap_protocol.policies.password.settings import PasswordValidatorSettings +from application.policies.password.settings import PasswordValidatorSettings from password_utils import PasswordUtils from .error_messages import ErrorMessages diff --git a/app/ldap_protocol/roles/__init__.py b/src/application/roles/__init__.py similarity index 100% rename from app/ldap_protocol/roles/__init__.py rename to src/application/roles/__init__.py diff --git a/app/ldap_protocol/roles/access_manager.py b/src/application/roles/access_manager.py similarity index 98% rename from app/ldap_protocol/roles/access_manager.py rename to src/application/roles/access_manager.py index e651e5d62..ba6a69721 100644 --- a/app/ldap_protocol/roles/access_manager.py +++ b/src/application/roles/access_manager.py @@ -9,10 +9,10 @@ from sqlalchemy import Select, and_ from sqlalchemy.orm import selectinload, with_loader_criteria -from entities import AccessControlEntry, Directory +from application.objects import Changes, Operation +from domain.entities import AccessControlEntry, Directory from enums import AceType, RoleScope -from ldap_protocol.objects import Changes, Operation -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa class AccessManager: diff --git a/app/ldap_protocol/roles/ace_dao.py b/src/application/roles/ace_dao.py similarity index 96% rename from app/ldap_protocol/roles/ace_dao.py rename to src/application/roles/ace_dao.py index 679268cfd..6f1d2612e 100644 --- a/app/ldap_protocol/roles/ace_dao.py +++ b/src/application/roles/ace_dao.py @@ -11,12 +11,12 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import joinedload, selectinload -from abstract_dao import AbstractDAO -from entities import AccessControlEntry, Directory +from abstract_db_gateway import AbstractDBGateWay +from application.utils.helpers import get_depth_by_dn +from application.utils.queries import get_path_filter, get_search_path +from domain.entities import AccessControlEntry, Directory from enums import AceType, RoleScope -from ldap_protocol.utils.helpers import get_depth_by_dn -from ldap_protocol.utils.queries import get_path_filter, get_search_path -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa from .dataclasses import AccessControlEntryDTO from .exceptions import ( @@ -48,7 +48,7 @@ ) -class AccessControlEntryDAO(AbstractDAO[AccessControlEntryDTO, int]): +class AccessControlEntryDAO(AbstractDBGateWay[AccessControlEntryDTO, int]): """Access control entry DAO.""" _session: AsyncSession diff --git a/app/ldap_protocol/roles/dataclasses.py b/src/application/roles/dataclasses.py similarity index 95% rename from app/ldap_protocol/roles/dataclasses.py rename to src/application/roles/dataclasses.py index f620281cc..1ab479022 100644 --- a/app/ldap_protocol/roles/dataclasses.py +++ b/src/application/roles/dataclasses.py @@ -7,8 +7,8 @@ from dataclasses import dataclass from datetime import datetime +from application.utils.const import GRANT_DN_STRING from enums import AceType, AuthorizationRules, RoleScope -from ldap_protocol.utils.const import GRANT_DN_STRING @dataclass diff --git a/app/ldap_protocol/roles/exceptions.py b/src/application/roles/exceptions.py similarity index 100% rename from app/ldap_protocol/roles/exceptions.py rename to src/application/roles/exceptions.py diff --git a/app/ldap_protocol/roles/role_dao.py b/src/application/roles/role_dao.py similarity index 96% rename from app/ldap_protocol/roles/role_dao.py rename to src/application/roles/role_dao.py index f1f14c83e..1a8896a9a 100644 --- a/app/ldap_protocol/roles/role_dao.py +++ b/src/application/roles/role_dao.py @@ -10,11 +10,11 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import joinedload, selectinload -from abstract_dao import AbstractDAO -from entities import AccessControlEntry, Group, Role +from abstract_db_gateway import AbstractDBGateWay +from application.utils.queries import get_groups +from domain.entities import AccessControlEntry, Group, Role from enums import AuthorizationRules, RoleConstants -from ldap_protocol.utils.queries import get_groups -from repo.pg.tables import queryable_attr as qa +from infrastructure.pg.tables import queryable_attr as qa from .ace_dao import _convert as ace_convert from .dataclasses import AccessControlEntryDTO, RoleDTO @@ -53,7 +53,7 @@ def make_aces(role: Role) -> list[AccessControlEntryDTO]: _convert_without_aces = retort_without_ace.get_converter(Role, RoleDTO) -class RoleDAO(AbstractDAO[RoleDTO, int]): +class RoleDAO(AbstractDBGateWay[RoleDTO, int]): """Role DAO.""" _session: AsyncSession diff --git a/app/ldap_protocol/roles/role_use_case.py b/src/application/roles/role_use_case.py similarity index 97% rename from app/ldap_protocol/roles/role_use_case.py rename to src/application/roles/role_use_case.py index d9c2921e0..aba181644 100644 --- a/app/ldap_protocol/roles/role_use_case.py +++ b/src/application/roles/role_use_case.py @@ -6,11 +6,11 @@ from sqlalchemy import and_, insert, literal, or_, select -from entities import AccessControlEntry, AceType, Directory, Role +from application.kerberos.utils import get_system_container_dn +from application.utils.queries import get_base_directories +from domain.entities import AccessControlEntry, AceType, Directory, Role from enums import AuthorizationRules, RoleConstants, RoleScope -from ldap_protocol.kerberos.utils import get_system_container_dn -from ldap_protocol.utils.queries import get_base_directories -from repo.pg.tables import ( +from infrastructure.pg.tables import ( access_control_entries_table, ace_directory_memberships_table, queryable_attr as qa, diff --git a/app/ldap_protocol/rootdse/__init__.py b/src/application/rootdse/__init__.py similarity index 100% rename from app/ldap_protocol/rootdse/__init__.py rename to src/application/rootdse/__init__.py diff --git a/app/ldap_protocol/rootdse/dto.py b/src/application/rootdse/dto.py similarity index 100% rename from app/ldap_protocol/rootdse/dto.py rename to src/application/rootdse/dto.py diff --git a/app/ldap_protocol/rootdse/gateway.py b/src/application/rootdse/gateway.py similarity index 93% rename from app/ldap_protocol/rootdse/gateway.py rename to src/application/rootdse/gateway.py index f6d4c79b8..cd6b07a14 100644 --- a/app/ldap_protocol/rootdse/gateway.py +++ b/src/application/rootdse/gateway.py @@ -7,7 +7,7 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession -from entities import Directory +from domain.entities import Directory class SADomainGateway: diff --git a/app/ldap_protocol/rootdse/gw_protocol.py b/src/application/rootdse/gw_protocol.py similarity index 88% rename from app/ldap_protocol/rootdse/gw_protocol.py rename to src/application/rootdse/gw_protocol.py index f8b23624c..faaca8bac 100644 --- a/app/ldap_protocol/rootdse/gw_protocol.py +++ b/src/application/rootdse/gw_protocol.py @@ -6,7 +6,7 @@ from typing import Protocol -from entities import Directory +from domain.entities import Directory class DomainReadProtocol(Protocol): diff --git a/app/ldap_protocol/rootdse/netlogon.py b/src/application/rootdse/netlogon.py similarity index 99% rename from app/ldap_protocol/rootdse/netlogon.py rename to src/application/rootdse/netlogon.py index 8efb2b78c..6df3055fe 100644 --- a/app/ldap_protocol/rootdse/netlogon.py +++ b/src/application/rootdse/netlogon.py @@ -17,8 +17,8 @@ from enum import IntEnum, IntFlag from typing import Any, Self +from application.asn1parser import ASN1Row from constants import DEFAULT_DC_POSTFIX -from ldap_protocol.asn1parser import ASN1Row _NL_DEFAULT_SITE = "Default-First-Site-Name" _ZERO_UUID = uuid.UUID(int=0) diff --git a/app/ldap_protocol/rootdse/reader.py b/src/application/rootdse/reader.py similarity index 98% rename from app/ldap_protocol/rootdse/reader.py rename to src/application/rootdse/reader.py index 5f128fb9c..b0e2d375b 100644 --- a/app/ldap_protocol/rootdse/reader.py +++ b/src/application/rootdse/reader.py @@ -6,9 +6,9 @@ from collections import defaultdict +from application.utils.helpers import get_generalized_now from config import Settings from constants import DEFAULT_DC_POSTFIX, UNC_PREFIX -from ldap_protocol.utils.helpers import get_generalized_now from .dto import DomainControllerInfo from .gw_protocol import DomainReadProtocol diff --git a/app/ldap_protocol/server.py b/src/application/server.py similarity index 98% rename from app/ldap_protocol/server.py rename to src/application/server.py index 39b633a26..3d0df9e6a 100644 --- a/app/ldap_protocol/server.py +++ b/src/application/server.py @@ -19,10 +19,10 @@ from proxyprotocol.v2 import ProxyProtocolV2 from pydantic import ValidationError +from application import LDAPRequestMessage, LDAPSession +from application.ldap_requests.bind_methods import GSSAPISL +from application.policies.network import NetworkPolicyValidatorUseCase from config import Settings -from ldap_protocol import LDAPRequestMessage, LDAPSession -from ldap_protocol.ldap_requests.bind_methods import GSSAPISL -from ldap_protocol.policies.network import NetworkPolicyValidatorUseCase from .data_logger import DataLogger diff --git a/app/ldap_protocol/session_storage/__init__.py b/src/application/session_storage/__init__.py similarity index 100% rename from app/ldap_protocol/session_storage/__init__.py rename to src/application/session_storage/__init__.py diff --git a/app/ldap_protocol/session_storage/base.py b/src/application/session_storage/base.py similarity index 100% rename from app/ldap_protocol/session_storage/base.py rename to src/application/session_storage/base.py diff --git a/app/ldap_protocol/session_storage/exceptions.py b/src/application/session_storage/exceptions.py similarity index 100% rename from app/ldap_protocol/session_storage/exceptions.py rename to src/application/session_storage/exceptions.py diff --git a/app/ldap_protocol/session_storage/redis.py b/src/application/session_storage/redis.py similarity index 100% rename from app/ldap_protocol/session_storage/redis.py rename to src/application/session_storage/redis.py diff --git a/app/ldap_protocol/session_storage/repository.py b/src/application/session_storage/repository.py similarity index 97% rename from app/ldap_protocol/session_storage/repository.py rename to src/application/session_storage/repository.py index 2e73dbc2d..a0a7ab744 100644 --- a/app/ldap_protocol/session_storage/repository.py +++ b/src/application/session_storage/repository.py @@ -9,10 +9,10 @@ from sqlalchemy.ext.asyncio import AsyncSession from abstract_service import AbstractService +from application.utils.queries import get_user, set_user_logon_attrs from config import Settings -from entities import User +from domain.entities import User from enums import AuthorizationRules -from ldap_protocol.utils.queries import get_user, set_user_logon_attrs from .exceptions import SessionUserNotFoundError from .redis import SessionStorage diff --git a/app/ldap_protocol/udp_server.py b/src/application/udp_server.py similarity index 96% rename from app/ldap_protocol/udp_server.py rename to src/application/udp_server.py index 84c69b16e..1cc477362 100644 --- a/app/ldap_protocol/udp_server.py +++ b/src/application/udp_server.py @@ -11,9 +11,9 @@ from loguru import logger from pydantic import ValidationError +from application import LDAPRequestMessage, LDAPSession +from application.policies.network import NetworkPolicyValidatorUseCase from config import Settings -from ldap_protocol import LDAPRequestMessage, LDAPSession -from ldap_protocol.policies.network import NetworkPolicyValidatorUseCase from .data_logger import DataLogger from .utils.udp import create_udp_socket diff --git a/app/repo/__init__.py b/src/application/user/__init__.py similarity index 100% rename from app/repo/__init__.py rename to src/application/user/__init__.py diff --git a/app/repo/pg/__init__.py b/src/application/user/use_cases/__init__.py similarity index 100% rename from app/repo/pg/__init__.py rename to src/application/user/use_cases/__init__.py diff --git a/app/ldap_protocol/user_account_control.py b/src/application/user_account_control.py similarity index 94% rename from app/ldap_protocol/user_account_control.py rename to src/application/user_account_control.py index f94ef7d57..fb4421548 100644 --- a/app/ldap_protocol/user_account_control.py +++ b/src/application/user_account_control.py @@ -9,11 +9,11 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession -from entities import Attribute -from ldap_protocol.objects import ( +from application.objects import ( UserAccountControlFlag as UserAccountControlFlag, ) -from ldap_protocol.utils.queries import get_user +from application.utils.queries import get_user +from domain.entities import Attribute async def get_check_uac( diff --git a/app/ldap_protocol/utils/__init__.py b/src/application/utils/__init__.py similarity index 100% rename from app/ldap_protocol/utils/__init__.py rename to src/application/utils/__init__.py diff --git a/app/ldap_protocol/utils/async_cache.py b/src/application/utils/async_cache.py similarity index 96% rename from app/ldap_protocol/utils/async_cache.py rename to src/application/utils/async_cache.py index f66f45cf3..db1da3f94 100644 --- a/app/ldap_protocol/utils/async_cache.py +++ b/src/application/utils/async_cache.py @@ -4,7 +4,7 @@ from functools import wraps from typing import Callable, Generic, TypeVar -from entities import Directory +from domain.entities import Directory T = TypeVar("T") DEFAULT_CACHE_TIME = 5 * 60 # 5 minutes diff --git a/app/ldap_protocol/utils/const.py b/src/application/utils/const.py similarity index 100% rename from app/ldap_protocol/utils/const.py rename to src/application/utils/const.py diff --git a/app/ldap_protocol/utils/cte.py b/src/application/utils/cte.py similarity index 98% rename from app/ldap_protocol/utils/cte.py rename to src/application/utils/cte.py index 7b4628254..3b7304e91 100644 --- a/app/ldap_protocol/utils/cte.py +++ b/src/application/utils/cte.py @@ -9,8 +9,8 @@ from sqlalchemy.sql.expression import select from sqlalchemy.sql.selectable import CTE -from entities import Directory, Group -from repo.pg.tables import ( +from domain.entities import Directory, Group +from infrastructure.pg.tables import ( directory_memberships_table, directory_table, groups_table, diff --git a/app/ldap_protocol/utils/helpers.py b/src/application/utils/helpers.py similarity index 99% rename from app/ldap_protocol/utils/helpers.py rename to src/application/utils/helpers.py index 296ff5978..94af7ed49 100644 --- a/app/ldap_protocol/utils/helpers.py +++ b/src/application/utils/helpers.py @@ -149,7 +149,7 @@ from sqlalchemy.sql.compiler import DDLCompiler from sqlalchemy.sql.expression import ClauseElement, Executable, Visitable -from entities import Directory +from domain.entities import Directory def validate_entry(entry: str) -> bool: diff --git a/app/ldap_protocol/utils/pagination.py b/src/application/utils/pagination.py similarity index 100% rename from app/ldap_protocol/utils/pagination.py rename to src/application/utils/pagination.py diff --git a/app/ldap_protocol/utils/queries.py b/src/application/utils/queries.py similarity index 98% rename from app/ldap_protocol/utils/queries.py rename to src/application/utils/queries.py index 39d93b016..ea8713006 100644 --- a/app/ldap_protocol/utils/queries.py +++ b/src/application/utils/queries.py @@ -15,13 +15,13 @@ from sqlalchemy.orm import InstrumentedAttribute, joinedload, selectinload from sqlalchemy.sql.expression import ColumnElement -from entities import Attribute, Directory, Group, User -from enums import SamAccountTypeCodes -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, AttributeValueValidatorError, ) -from repo.pg.tables import ( +from domain.entities import Attribute, Directory, Group, User +from enums import SamAccountTypeCodes +from infrastructure.pg.tables import ( directory_memberships_table, directory_table, queryable_attr as qa, diff --git a/app/ldap_protocol/utils/raw_definition_parser.py b/src/application/utils/raw_definition_parser.py similarity index 97% rename from app/ldap_protocol/utils/raw_definition_parser.py rename to src/application/utils/raw_definition_parser.py index 0d3ddfa27..406c8269b 100644 --- a/app/ldap_protocol/utils/raw_definition_parser.py +++ b/src/application/utils/raw_definition_parser.py @@ -8,8 +8,8 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession -from entities import AttributeType, ObjectClass -from repo.pg.tables import queryable_attr as qa +from domain.entities import AttributeType, ObjectClass +from infrastructure.pg.tables import queryable_attr as qa class RawDefinitionParser: diff --git a/app/ldap_protocol/utils/udp.py b/src/application/utils/udp.py similarity index 100% rename from app/ldap_protocol/utils/udp.py rename to src/application/utils/udp.py diff --git a/app/authorization_provider_protocol.py b/src/authorization_provider_protocol.py similarity index 100% rename from app/authorization_provider_protocol.py rename to src/authorization_provider_protocol.py diff --git a/app/config.py b/src/config.py similarity index 100% rename from app/config.py rename to src/config.py diff --git a/app/constants.py b/src/constants.py similarity index 100% rename from app/constants.py rename to src/constants.py diff --git a/app/db_routing.py b/src/db_routing.py similarity index 100% rename from app/db_routing.py rename to src/db_routing.py diff --git a/src/domain/__init__.py b/src/domain/__init__.py new file mode 100644 index 000000000..623b334b7 --- /dev/null +++ b/src/domain/__init__.py @@ -0,0 +1,5 @@ +"""Multidirectory domain layer. + +Copyright (c) 2026 MultiFactor +License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE +""" diff --git a/app/entities.py b/src/domain/entities.py similarity index 100% rename from app/entities.py rename to src/domain/entities.py diff --git a/app/enums.py b/src/enums.py similarity index 100% rename from app/enums.py rename to src/enums.py diff --git a/app/errors/__init__.py b/src/errors/__init__.py similarity index 100% rename from app/errors/__init__.py rename to src/errors/__init__.py diff --git a/app/errors/base.py b/src/errors/base.py similarity index 100% rename from app/errors/base.py rename to src/errors/base.py diff --git a/app/extra/__init__.py b/src/extra/__init__.py similarity index 100% rename from app/extra/__init__.py rename to src/extra/__init__.py diff --git a/app/extra/alembic_utils.py b/src/extra/alembic_utils.py similarity index 100% rename from app/extra/alembic_utils.py rename to src/extra/alembic_utils.py diff --git a/app/extra/common_passwords.txt b/src/extra/common_passwords.txt similarity index 100% rename from app/extra/common_passwords.txt rename to src/extra/common_passwords.txt diff --git a/app/extra/dump_acme_certs.py b/src/extra/dump_acme_certs.py similarity index 100% rename from app/extra/dump_acme_certs.py rename to src/extra/dump_acme_certs.py diff --git a/app/extra/generate_cert.sh b/src/extra/generate_cert.sh old mode 100755 new mode 100644 similarity index 100% rename from app/extra/generate_cert.sh rename to src/extra/generate_cert.sh diff --git a/app/extra/scripts/__init__.py b/src/extra/scripts/__init__.py similarity index 100% rename from app/extra/scripts/__init__.py rename to src/extra/scripts/__init__.py diff --git a/app/extra/scripts/check_ldap_principal.py b/src/extra/scripts/check_ldap_principal.py similarity index 93% rename from app/extra/scripts/check_ldap_principal.py rename to src/extra/scripts/check_ldap_principal.py index cc13bc4dc..0dbee7e53 100644 --- a/app/extra/scripts/check_ldap_principal.py +++ b/src/extra/scripts/check_ldap_principal.py @@ -9,13 +9,13 @@ from loguru import logger from sqlalchemy.ext.asyncio import AsyncSession -from config import Settings -from ldap_protocol.kerberos import ( +from application.kerberos import ( AbstractKadmin, KerberosState, get_krb_server_state, ) -from ldap_protocol.utils.queries import get_base_directories +from application.utils.queries import get_base_directories +from config import Settings async def check_ldap_principal( diff --git a/app/extra/scripts/principal_block_user_sync.py b/src/extra/scripts/principal_block_user_sync.py similarity index 92% rename from app/extra/scripts/principal_block_user_sync.py rename to src/extra/scripts/principal_block_user_sync.py index d4c483728..cd7cc7710 100644 --- a/app/extra/scripts/principal_block_user_sync.py +++ b/src/extra/scripts/principal_block_user_sync.py @@ -10,14 +10,14 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.sql import select -from config import Settings -from entities import Attribute, Directory, User -from ldap_protocol.objects import UserAccountControlFlag -from ldap_protocol.user_account_control import get_check_uac -from ldap_protocol.utils.queries import ( +from application.objects import UserAccountControlFlag +from application.user_account_control import get_check_uac +from application.utils.queries import ( add_lock_and_expire_attributes, get_principal_directory, ) +from config import Settings +from domain.entities import Attribute, Directory, User async def principal_block_sync( diff --git a/app/extra/scripts/uac_sync.py b/src/extra/scripts/uac_sync.py similarity index 88% rename from app/extra/scripts/uac_sync.py rename to src/extra/scripts/uac_sync.py index 8f9ce4f46..2f7c84e3d 100644 --- a/app/extra/scripts/uac_sync.py +++ b/src/extra/scripts/uac_sync.py @@ -8,12 +8,12 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.sql import func, select +from application.kerberos import AbstractKadmin +from application.objects import UserAccountControlFlag +from application.utils.queries import add_lock_and_expire_attributes from config import Settings -from entities import Attribute, User -from ldap_protocol.kerberos import AbstractKadmin -from ldap_protocol.objects import UserAccountControlFlag -from ldap_protocol.utils.queries import add_lock_and_expire_attributes -from repo.pg.tables import queryable_attr as qa +from domain.entities import Attribute, User +from infrastructure.pg.tables import queryable_attr as qa async def disable_accounts( diff --git a/app/extra/scripts/update_admin_permissions.py b/src/extra/scripts/update_admin_permissions.py similarity index 87% rename from app/extra/scripts/update_admin_permissions.py rename to src/extra/scripts/update_admin_permissions.py index be2041ba8..2231fdcaa 100644 --- a/app/extra/scripts/update_admin_permissions.py +++ b/src/extra/scripts/update_admin_permissions.py @@ -4,7 +4,7 @@ License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE """ -from ldap_protocol.roles.role_use_case import RoleUseCase +from application.roles.role_use_case import RoleUseCase async def update_admin_permissions(role_use_case: RoleUseCase) -> None: diff --git a/app/extra/scripts/update_krb5_config.py b/src/extra/scripts/update_krb5_config.py similarity index 95% rename from app/extra/scripts/update_krb5_config.py rename to src/extra/scripts/update_krb5_config.py index b0ecda0f6..2a57900f6 100644 --- a/app/extra/scripts/update_krb5_config.py +++ b/src/extra/scripts/update_krb5_config.py @@ -9,9 +9,9 @@ from loguru import logger from sqlalchemy.ext.asyncio import AsyncSession +from application.kerberos.utils import get_system_container_dn +from application.utils.queries import get_base_directories from config import Settings -from ldap_protocol.kerberos.utils import get_system_container_dn -from ldap_protocol.utils.queries import get_base_directories KRB5_CONF_PATH = Path("/etc/krb5kdc/krb5.conf") KDC_CONF_PATH = Path("/etc/krb5kdc/kdc.conf") diff --git a/app/extra/scripts/update_status_proccess_events.py b/src/extra/scripts/update_status_proccess_events.py similarity index 82% rename from app/extra/scripts/update_status_proccess_events.py rename to src/extra/scripts/update_status_proccess_events.py index c289da91b..917751f5a 100644 --- a/app/extra/scripts/update_status_proccess_events.py +++ b/src/extra/scripts/update_status_proccess_events.py @@ -4,7 +4,7 @@ License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE """ -from ldap_protocol.policies.audit.audit_use_case import AuditUseCase +from application.policies.audit.audit_use_case import AuditUseCase async def update_status_process_events(audit_use_case: AuditUseCase) -> None: diff --git a/app/extra/templates/kdc.conf b/src/extra/templates/kdc.conf similarity index 100% rename from app/extra/templates/kdc.conf rename to src/extra/templates/kdc.conf diff --git a/app/extra/templates/krb5.conf b/src/extra/templates/krb5.conf similarity index 100% rename from app/extra/templates/krb5.conf rename to src/extra/templates/krb5.conf diff --git a/src/infrastructure/__init__.py b/src/infrastructure/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/src/infrastructure/pg/__init__.py b/src/infrastructure/pg/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/app/repo/pg/master_gateway.py b/src/infrastructure/pg/master_gateway.py similarity index 100% rename from app/repo/pg/master_gateway.py rename to src/infrastructure/pg/master_gateway.py diff --git a/app/ldap_protocol/policies/network/validator_gateway.py b/src/infrastructure/pg/network_policy_gateway.py similarity index 51% rename from app/ldap_protocol/policies/network/validator_gateway.py rename to src/infrastructure/pg/network_policy_gateway.py index e04cb0dbe..fe165c11e 100644 --- a/app/ldap_protocol/policies/network/validator_gateway.py +++ b/src/infrastructure/pg/network_policy_gateway.py @@ -1,4 +1,4 @@ -"""Network policy validator gateway. +"""Network policies gateway. Copyright (c) 2025 MultiFactor License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE @@ -6,26 +6,149 @@ from ipaddress import IPv4Address, IPv6Address -from sqlalchemy import exists, or_, select, text +from sqlalchemy import ( + Select, + delete, + exists, + func, + or_, + select, + text, + true, + update, +) +from sqlalchemy.exc import IntegrityError from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import selectinload -from sqlalchemy.sql.expression import Select, true -from entities import Group, NetworkPolicy, User +from application.policies.network.exceptions import ( + NetworkPolicyAlreadyExistsError, + NetworkPolicyNotFoundError, +) +from application.utils.queries import get_groups +from domain.entities import Group, NetworkPolicy, User from enums import ProtocolType -from repo.pg.tables import queryable_attr as qa +from .tables import queryable_attr as qa -class NetworkPolicyValidatorGateway: - """Gateway for validating network policies.""" - def __init__( - self, - session: AsyncSession, - ): - """Initialize validator gateway.""" +class NetworkPolicyPostgresGateway: + """Network policy gateway.""" + + def __init__(self, session: AsyncSession): + """Initialize Network policy gateway.""" self._session = session + async def get(self, _id: int) -> NetworkPolicy: + """Get network policy.""" + policy = await self._session.scalar( + select(NetworkPolicy) + .filter_by(id=_id) + .options( + selectinload(qa(NetworkPolicy.groups)).selectinload( + qa(Group.directory), + ), + selectinload(qa(NetworkPolicy.mfa_groups)).selectinload( + qa(Group.directory), + ), + ), + ) + if not policy: + raise NetworkPolicyNotFoundError( + f"Policy with id {_id} not found.", + ) + return policy + + async def create( + self, + policy: NetworkPolicy, + ) -> NetworkPolicy: + """Get network policy.""" + try: + self._session.add(policy) + await self._session.flush() + await self._session.refresh(policy) + return policy + except IntegrityError: + raise NetworkPolicyAlreadyExistsError("Entry already exists") + + async def get_groups(self, groups: list[str]) -> list[Group]: + return await get_groups(groups, self._session) + + async def get_all(self) -> list[NetworkPolicy]: + result = await self._session.scalars( + select(NetworkPolicy) + .options( + selectinload(qa(NetworkPolicy.groups)).selectinload( + qa(Group.directory), + ), + selectinload(qa(NetworkPolicy.mfa_groups)).selectinload( + qa(Group.directory), + ), + ) + .order_by(qa(NetworkPolicy.priority).asc()), + ) + return list(result) + + async def get_with_for_update(self, _id: int) -> NetworkPolicy: + policy = await self._session.scalar( + select(NetworkPolicy) + .filter_by(id=_id) + .with_for_update() + .options( + selectinload(qa(NetworkPolicy.groups)).selectinload( + qa(Group.directory), + ), + selectinload(qa(NetworkPolicy.mfa_groups)).selectinload( + qa(Group.directory), + ), + ), + ) + if not policy: + raise NetworkPolicyNotFoundError( + f"Policy with id {_id} not found.", + ) + return policy + + async def delete(self, _id: int) -> None: + await self._session.execute( + delete(NetworkPolicy) + .filter_by(id=_id), + ) # fmt: skip + await self._session.flush() + + async def get_policy_count(self) -> int: + count = await self._session.scalars( + select(func.count()) + .select_from(NetworkPolicy) + .filter_by(enabled=True), + ) + return count.one() + + async def update_priority(self, priority: int) -> None: + await self._session.execute( + update(NetworkPolicy) + .values({"priority": NetworkPolicy.priority - 1}) + .filter(qa(NetworkPolicy.priority) > priority), + ) + + async def disable_policy(self, _id: int) -> None: + await self._session.execute( + update(NetworkPolicy).filter_by(id=_id).values(enabled=False), + ) + + async def check_policy_exists(self, policy: NetworkPolicy) -> bool: + result = await self._session.scalars( + select( + exists(NetworkPolicy).where( + qa(NetworkPolicy.name) == policy.name, + qa(NetworkPolicy.netmasks) == policy.netmasks, + qa(NetworkPolicy.id) != policy.id, + ), + ), + ) + return result.one() + def _build_base_query( self, ip: IPv4Address | IPv6Address, @@ -129,7 +252,27 @@ async def get_user_ldap_policy( ProtocolType.LDAP, ) - async def is_user_group_valid( + async def check_mfa_group( + self, + policy: NetworkPolicy, + user: User, + ) -> bool: + """Check if user is in a group with MFA policy. + + :param NetworkPolicy policy: policy object + :param User user: user object + :return bool: status + """ + return await self._session.scalar( + select( + exists().where( # type: ignore + qa(Group.mfa_policies).contains(policy), + qa(Group.users).contains(user), + ), + ), + ) + + async def has_access_to_policy( self, user: User | None, policy: NetworkPolicy | None, @@ -140,11 +283,6 @@ async def is_user_group_valid( :param NetworkPolicy policy: db policy :return bool: status """ - if not (user and policy): - return False - - if not policy.groups: - return True query = select( select(Group) .join(qa(Group.users)) @@ -156,23 +294,3 @@ async def is_user_group_valid( group = await self._session.scalar(query) return bool(group) - - async def check_mfa_group( - self, - policy: NetworkPolicy, - user: User, - ) -> bool: - """Check if user is in a group with MFA policy. - - :param NetworkPolicy policy: policy object - :param User user: user object - :return bool: status - """ - return await self._session.scalar( - select( - exists().where( # type: ignore - qa(Group.mfa_policies).contains(policy), - qa(Group.users).contains(user), - ), - ), - ) diff --git a/app/repo/pg/tables.py b/src/infrastructure/pg/tables.py similarity index 99% rename from app/repo/pg/tables.py rename to src/infrastructure/pg/tables.py index 5391c95d5..49a00f648 100644 --- a/app/repo/pg/tables.py +++ b/src/infrastructure/pg/tables.py @@ -33,7 +33,7 @@ from sqlalchemy.sql import expression from sqlalchemy.sql.compiler import DDLCompiler -from entities import ( +from domain.entities import ( AccessControlEntry, Attribute, AttributeType, @@ -61,7 +61,7 @@ MFAFlags, RoleScope, ) -from repo.pg.types import AuthorizationRulesType +from infrastructure.pg.types import AuthorizationRulesType type DistinguishedNamePrefix = Literal["cn", "ou", "dc"] UniqueConstraint.argument_for("postgresql", "nulls_not_distinct", None) diff --git a/app/repo/pg/types.py b/src/infrastructure/pg/types.py similarity index 100% rename from app/repo/pg/types.py rename to src/infrastructure/pg/types.py diff --git a/app/ioc.py b/src/ioc.py similarity index 88% rename from app/ioc.py rename to src/ioc.py index 81909c9c3..bd4540cea 100644 --- a/app/ioc.py +++ b/src/ioc.py @@ -8,7 +8,6 @@ import httpx import redis.asyncio as redis -from db_routing import EngineRegistry, RoutingSession from dishka import Provider, Scope, from_context, provide from fastapi import Request from loguru import logger @@ -38,12 +37,10 @@ UserPasswordHistoryResetFastAPIAdapter, ) from api.shadow.adapter import ShadowAdapter -from authorization_provider_protocol import AuthorizationProviderProtocol -from config import Settings -from ldap_protocol.auth import AuthManager, MFAManager -from ldap_protocol.auth.setup_gateway import SetupGateway -from ldap_protocol.auth.use_cases import SetupUseCase -from ldap_protocol.dhcp import ( +from application.auth import AuthManager, MFAManager +from application.auth.setup_gateway import SetupGateway +from application.auth.use_cases import SetupUseCase +from application.dhcp import ( AbstractDHCPManager, DHCPAPIRepository, DHCPManagerRepository, @@ -51,22 +48,22 @@ get_dhcp_api_repository_class, get_dhcp_manager_class, ) -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.dns import ( +from application.dialogue import LDAPSession +from application.dns import ( AbstractDNSManager, DNSManagerSettings, get_dns_manager_class, ) -from ldap_protocol.dns.dns_gateway import DNSStateGateway -from ldap_protocol.dns.use_cases import DNSUseCase -from ldap_protocol.dns.utils import resolve_dns_server_ip -from ldap_protocol.identity import IdentityProvider -from ldap_protocol.identity.provider_gateway import IdentityProviderGateway -from ldap_protocol.kerberos import AbstractKadmin, get_kerberos_class -from ldap_protocol.kerberos.ldap_structure import KRBLDAPStructureManager -from ldap_protocol.kerberos.service import KerberosService -from ldap_protocol.kerberos.template_render import KRBTemplateRenderer -from ldap_protocol.ldap_requests.contexts import ( +from application.dns.dns_gateway import DNSStateGateway +from application.dns.use_cases import DNSUseCase +from application.dns.utils import resolve_dns_server_ip +from application.identity import IdentityProvider +from application.identity.provider_gateway import IdentityProviderGateway +from application.kerberos import AbstractKadmin, get_kerberos_class +from application.kerberos.ldap_structure import KRBLDAPStructureManager +from application.kerberos.service import KerberosService +from application.kerberos.template_render import KRBTemplateRenderer +from application.ldap_requests.contexts import ( LDAPAbandonRequestContext, LDAPAddRequestContext, LDAPBindRequestContext, @@ -77,22 +74,22 @@ LDAPSearchRequestContext, LDAPUnbindRequestContext, ) -from ldap_protocol.ldap_schema.attribute_type_dao import AttributeTypeDAO -from ldap_protocol.ldap_schema.attribute_type_use_case import ( +from application.ldap_schema.attribute_type_dao import AttributeTypeDAO +from application.ldap_schema.attribute_type_use_case import ( AttributeTypeUseCase, ) -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, ) -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.ldap_schema.entity_type_use_case import EntityTypeUseCase -from ldap_protocol.ldap_schema.object_class_dao import ObjectClassDAO -from ldap_protocol.ldap_schema.object_class_use_case import ObjectClassUseCase -from ldap_protocol.master_check_use_case import ( +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.ldap_schema.entity_type_use_case import EntityTypeUseCase +from application.ldap_schema.object_class_dao import ObjectClassDAO +from application.ldap_schema.object_class_use_case import ObjectClassUseCase +from application.master_check_use_case import ( MasterCheckUseCase, MasterGatewayProtocol, ) -from ldap_protocol.multifactor import ( +from application.multifactor import ( Creds, LDAPMultiFactorAPI, MFA_HTTP_Creds, @@ -100,59 +97,65 @@ MultifactorAPI, get_creds, ) -from ldap_protocol.permissions_checker import AuthorizationProvider -from ldap_protocol.policies.audit.audit_use_case import AuditUseCase -from ldap_protocol.policies.audit.destination_dao import AuditDestinationDAO -from ldap_protocol.policies.audit.events.dataclasses import ( +from application.permissions_checker import AuthorizationProvider +from application.policies.audit.audit_use_case import AuditUseCase +from application.policies.audit.destination_dao import AuditDestinationDAO +from application.policies.audit.events.dataclasses import ( NormalizedAuditEvent, NormalizedAuditEventRedis, ) -from ldap_protocol.policies.audit.events.managers import ( +from application.policies.audit.events.managers import ( AuditRedisClient, NormalizedAuditManager, RawAuditManager, ) -from ldap_protocol.policies.audit.events.sender import ( +from application.policies.audit.events.sender import ( AuditEventSenderManager, AuditLogger, ) -from ldap_protocol.policies.audit.monitor import ( +from application.policies.audit.monitor import ( AuditMonitor, AuditMonitorUseCase, ) -from ldap_protocol.policies.audit.policies_dao import AuditPoliciesDAO -from ldap_protocol.policies.audit.service import AuditService -from ldap_protocol.policies.network import ( - NetworkPolicyGateway, +from application.policies.audit.policies_dao import AuditPoliciesDAO +from application.policies.audit.service import AuditService +from application.policies.network import ( + NetworkPolicyGatewayProtocol, NetworkPolicyUseCase, - NetworkPolicyValidatorGateway, - NetworkPolicyValidatorProtocol, NetworkPolicyValidatorUseCase, + ValidateMFARequirementUseCase, + ValidatePolicyAccessUseCase, ) -from ldap_protocol.policies.password import ( +from application.policies.password import ( PasswordPolicyDAO, PasswordPolicyUseCases, PasswordPolicyValidator, ) -from ldap_protocol.policies.password.ban_word_repository import ( +from application.policies.password.ban_word_repository import ( PasswordBanWordRepository, ) -from ldap_protocol.policies.password.settings import PasswordValidatorSettings -from ldap_protocol.policies.password.use_cases import ( +from application.policies.password.settings import PasswordValidatorSettings +from application.policies.password.use_cases import ( PasswordBanWordUseCases, UserPasswordHistoryUseCases, ) -from ldap_protocol.roles.access_manager import AccessManager -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.role_dao import RoleDAO -from ldap_protocol.roles.role_use_case import RoleUseCase -from ldap_protocol.rootdse.gateway import SADomainGateway -from ldap_protocol.rootdse.gw_protocol import DomainReadProtocol -from ldap_protocol.rootdse.reader import DCInfoReader, RootDSEReader -from ldap_protocol.session_storage import RedisSessionStorage, SessionStorage -from ldap_protocol.session_storage.repository import SessionRepository +from application.roles.access_manager import AccessManager +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.role_dao import RoleDAO +from application.roles.role_use_case import RoleUseCase +from application.rootdse.gateway import SADomainGateway +from application.rootdse.gw_protocol import DomainReadProtocol +from application.rootdse.reader import DCInfoReader, RootDSEReader +from application.session_storage import RedisSessionStorage, SessionStorage +from application.session_storage.repository import SessionRepository +from authorization_provider_protocol import AuthorizationProviderProtocol +from config import Settings +from db_routing import EngineRegistry, RoutingSession +from infrastructure.pg.master_gateway import PGMasterGateway +from infrastructure.pg.network_policy_gateway import ( + NetworkPolicyPostgresGateway, +) from password_utils import PasswordUtils -from repo.pg.master_gateway import PGMasterGateway SessionStorageClient = NewType("SessionStorageClient", redis.Redis) KadminHTTPClient = NewType("KadminHTTPClient", httpx.AsyncClient) @@ -499,6 +502,20 @@ def get_dhcp_mngr( rootdse_reader = provide(RootDSEReader, scope=Scope.REQUEST) dcinfo_reader = provide(DCInfoReader, scope=Scope.REQUEST) + network_policy_gateway = provide( + NetworkPolicyPostgresGateway, + provides=NetworkPolicyGatewayProtocol, + scope=Scope.REQUEST, + ) + validate_policy_access_use_case = provide( + ValidatePolicyAccessUseCase, + scope=Scope.REQUEST, + ) + validate_mfa_requirement_use_case = provide( + ValidateMFARequirementUseCase, + scope=Scope.REQUEST, + ) + class LDAPContextProvider(Provider): """Context provider.""" @@ -547,16 +564,10 @@ class HTTPProvider(LDAPContextProvider): scope = Scope.REQUEST request = from_context(provides=Request, scope=Scope.REQUEST) monitor_use_case = provide(AuditMonitorUseCase, scope=Scope.REQUEST) - network_policy_gateway = provide(NetworkPolicyGateway, scope=Scope.REQUEST) network_policy_use_case = provide( NetworkPolicyUseCase, scope=Scope.REQUEST, ) - network_policy_validator_gateway = provide( - NetworkPolicyValidatorGateway, - provides=NetworkPolicyValidatorProtocol, - scope=Scope.REQUEST, - ) network_policy_validator_use_case = provide( NetworkPolicyValidatorUseCase, scope=Scope.REQUEST, @@ -723,15 +734,11 @@ class LDAPServerProvider(LDAPContextProvider): scope = Scope.SESSION network_policy_validator_gateway = provide( - NetworkPolicyValidatorGateway, + NetworkPolicyPostgresGateway, + provides=NetworkPolicyGatewayProtocol, scope=Scope.REQUEST, ) - network_policy_validator = provide( - NetworkPolicyValidatorGateway, - provides=NetworkPolicyValidatorProtocol, - scope=Scope.REQUEST, - ) network_policy_validator_use_case = provide( NetworkPolicyValidatorUseCase, scope=Scope.REQUEST, @@ -778,11 +785,6 @@ async def get_session( scope=Scope.REQUEST, ) - network_policy_validator = provide( - NetworkPolicyValidatorGateway, - provides=NetworkPolicyValidatorProtocol, - scope=Scope.REQUEST, - ) network_policy_validator_use_case = provide( NetworkPolicyValidatorUseCase, scope=Scope.REQUEST, diff --git a/app/logs/.gitignore b/src/logs/.gitignore similarity index 100% rename from app/logs/.gitignore rename to src/logs/.gitignore diff --git a/app/multidirectory.py b/src/multidirectory.py similarity index 96% rename from app/multidirectory.py rename to src/multidirectory.py index 22a19259d..d01a6cb9f 100644 --- a/app/multidirectory.py +++ b/src/multidirectory.py @@ -38,6 +38,12 @@ ) from api.exception_handlers import handle_auth_error, handle_db_connect_error from api.middlewares import proc_time_header_middleware, set_key_middleware +from application.dependency import resolve_deps +from application.identity.exceptions import UnauthorizedError +from application.policies.audit.events.handler import AuditEventHandler +from application.policies.audit.events.sender import AuditEventSenderManager +from application.server import PoolClientHandler, ServerLogger +from application.udp_server import CLDAPUDPServer from config import Settings from extra.dump_acme_certs import dump_acme_cert from ioc import ( @@ -49,12 +55,6 @@ MFACredsProvider, MFAProvider, ) -from ldap_protocol.dependency import resolve_deps -from ldap_protocol.identity.exceptions import UnauthorizedError -from ldap_protocol.policies.audit.events.handler import AuditEventHandler -from ldap_protocol.policies.audit.events.sender import AuditEventSenderManager -from ldap_protocol.server import PoolClientHandler, ServerLogger -from ldap_protocol.udp_server import CLDAPUDPServer from schedule import scheduler_factory diff --git a/app/password_utils.py b/src/password_utils.py similarity index 96% rename from app/password_utils.py rename to src/password_utils.py index 27957757c..e71cdfc38 100644 --- a/app/password_utils.py +++ b/src/password_utils.py @@ -9,7 +9,7 @@ from passlib.context import CryptContext from pydantic import BaseModel, ConfigDict -from ldap_protocol.utils.helpers import ft_to_dt +from application.utils.helpers import ft_to_dt class PasswordUtils(BaseModel): diff --git a/app/schedule.py b/src/schedule.py similarity index 97% rename from app/schedule.py rename to src/schedule.py index 35e59a85d..f26a256b5 100644 --- a/app/schedule.py +++ b/src/schedule.py @@ -6,6 +6,7 @@ from dishka import AsyncContainer, Scope, make_async_container from loguru import logger +from application.dependency import resolve_deps from config import Settings from extra.scripts.check_ldap_principal import check_ldap_principal from extra.scripts.principal_block_user_sync import principal_block_sync @@ -16,7 +17,6 @@ update_status_process_events, ) from ioc import MainProvider -from ldap_protocol.dependency import resolve_deps type task_type = Callable[..., Coroutine] diff --git a/tests/conftest.py b/tests/conftest.py index eddfb7215..a85e06192 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -32,7 +32,6 @@ from dishka.integrations.fastapi import setup_dishka from fastapi import FastAPI, Request, Response from loguru import logger -from multidirectory import _create_basic_app from sqlalchemy import schema, text from sqlalchemy.ext.asyncio import ( AsyncConnection, @@ -61,33 +60,27 @@ PasswordPolicyFastAPIAdapter, ) from api.shadow.adapter import ShadowAdapter -from authorization_provider_protocol import AuthorizationProviderProtocol -from config import Settings -from constants import ENTITY_TYPE_DATAS -from entities import AttributeType -from enums import AuthorizationRules -from ioc import AuditRedisClient, MFACredsProvider, SessionStorageClient -from ldap_protocol.auth import AuthManager, MFAManager -from ldap_protocol.auth.setup_gateway import SetupGateway -from ldap_protocol.auth.use_cases import SetupUseCase -from ldap_protocol.dhcp import AbstractDHCPManager, StubDHCPManager -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.dns import ( +from application.auth import AuthManager, MFAManager +from application.auth.setup_gateway import SetupGateway +from application.auth.use_cases import SetupUseCase +from application.dhcp import AbstractDHCPManager, StubDHCPManager +from application.dialogue import LDAPSession +from application.dns import ( AbstractDNSManager, DNSManagerSettings, StubDNSManager, ) -from ldap_protocol.dns.dns_gateway import DNSStateGateway -from ldap_protocol.dns.dto import DNSSettingDTO -from ldap_protocol.dns.use_cases import DNSUseCase -from ldap_protocol.identity import IdentityProvider -from ldap_protocol.identity.provider_gateway import IdentityProviderGateway -from ldap_protocol.kerberos import AbstractKadmin -from ldap_protocol.kerberos.ldap_structure import KRBLDAPStructureManager -from ldap_protocol.kerberos.service import KerberosService -from ldap_protocol.kerberos.template_render import KRBTemplateRenderer -from ldap_protocol.ldap_requests.bind import BindRequest -from ldap_protocol.ldap_requests.contexts import ( +from application.dns.dns_gateway import DNSStateGateway +from application.dns.dto import DNSSettingDTO +from application.dns.use_cases import DNSUseCase +from application.identity import IdentityProvider +from application.identity.provider_gateway import IdentityProviderGateway +from application.kerberos import AbstractKadmin +from application.kerberos.ldap_structure import KRBLDAPStructureManager +from application.kerberos.service import KerberosService +from application.kerberos.template_render import KRBTemplateRenderer +from application.ldap_requests.bind import BindRequest +from application.ldap_requests.contexts import ( LDAPAbandonRequestContext, LDAPAddRequestContext, LDAPBindRequestContext, @@ -98,68 +91,75 @@ LDAPSearchRequestContext, LDAPUnbindRequestContext, ) -from ldap_protocol.ldap_schema.attribute_type_dao import AttributeTypeDAO -from ldap_protocol.ldap_schema.attribute_type_use_case import ( +from application.ldap_schema.attribute_type_dao import AttributeTypeDAO +from application.ldap_schema.attribute_type_use_case import ( AttributeTypeUseCase, ) -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, ) -from ldap_protocol.ldap_schema.dto import EntityTypeDTO -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.ldap_schema.entity_type_use_case import EntityTypeUseCase -from ldap_protocol.ldap_schema.object_class_dao import ObjectClassDAO -from ldap_protocol.ldap_schema.object_class_use_case import ObjectClassUseCase -from ldap_protocol.master_check_use_case import ( +from application.ldap_schema.dto import EntityTypeDTO +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.ldap_schema.entity_type_use_case import EntityTypeUseCase +from application.ldap_schema.object_class_dao import ObjectClassDAO +from application.ldap_schema.object_class_use_case import ObjectClassUseCase +from application.master_check_use_case import ( MasterCheckUseCase, MasterGatewayProtocol, ) -from ldap_protocol.multifactor import LDAPMultiFactorAPI, MultifactorAPI -from ldap_protocol.permissions_checker import AuthorizationProvider -from ldap_protocol.policies.audit.audit_use_case import AuditUseCase -from ldap_protocol.policies.audit.destination_dao import AuditDestinationDAO -from ldap_protocol.policies.audit.events.managers import ( +from application.multifactor import LDAPMultiFactorAPI, MultifactorAPI +from application.permissions_checker import AuthorizationProvider +from application.policies.audit.audit_use_case import AuditUseCase +from application.policies.audit.destination_dao import AuditDestinationDAO +from application.policies.audit.events.managers import ( NormalizedAuditManager, RawAuditManager, ) -from ldap_protocol.policies.audit.monitor import ( +from application.policies.audit.monitor import ( AuditMonitor, AuditMonitorUseCase, ) -from ldap_protocol.policies.audit.policies_dao import AuditPoliciesDAO -from ldap_protocol.policies.audit.service import AuditService -from ldap_protocol.policies.network import ( +from application.policies.audit.policies_dao import AuditPoliciesDAO +from application.policies.audit.service import AuditService +from application.policies.network import ( NetworkPolicyGateway, NetworkPolicyUseCase, NetworkPolicyValidatorGateway, NetworkPolicyValidatorProtocol, NetworkPolicyValidatorUseCase, ) -from ldap_protocol.policies.password import ( +from application.policies.password import ( PasswordPolicyDAO, PasswordPolicyUseCases, PasswordPolicyValidator, ) -from ldap_protocol.policies.password.ban_word_repository import ( +from application.policies.password.ban_word_repository import ( PasswordBanWordRepository, ) -from ldap_protocol.policies.password.settings import PasswordValidatorSettings -from ldap_protocol.policies.password.use_cases import ( +from application.policies.password.settings import PasswordValidatorSettings +from application.policies.password.use_cases import ( PasswordBanWordUseCases, UserPasswordHistoryUseCases, ) -from ldap_protocol.roles.access_manager import AccessManager -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.dataclasses import RoleDTO -from ldap_protocol.roles.role_dao import RoleDAO -from ldap_protocol.roles.role_use_case import RoleUseCase -from ldap_protocol.rootdse.gateway import SADomainGateway -from ldap_protocol.rootdse.gw_protocol import DomainReadProtocol -from ldap_protocol.rootdse.reader import DCInfoReader, RootDSEReader -from ldap_protocol.server import PoolClientHandler -from ldap_protocol.session_storage import RedisSessionStorage, SessionStorage -from ldap_protocol.session_storage.repository import SessionRepository -from ldap_protocol.utils.queries import get_user +from application.roles.access_manager import AccessManager +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.dataclasses import RoleDTO +from application.roles.role_dao import RoleDAO +from application.roles.role_use_case import RoleUseCase +from application.rootdse.gateway import SADomainGateway +from application.rootdse.gw_protocol import DomainReadProtocol +from application.rootdse.reader import DCInfoReader, RootDSEReader +from application.server import PoolClientHandler +from application.session_storage import RedisSessionStorage, SessionStorage +from application.session_storage.repository import SessionRepository +from application.utils.queries import get_user +from authorization_provider_protocol import AuthorizationProviderProtocol +from config import Settings +from constants import ENTITY_TYPE_DATAS +from domain.entities import AttributeType +from enums import AuthorizationRules +from ioc import AuditRedisClient, MFACredsProvider, SessionStorageClient +from multidirectory import _create_basic_app from password_utils import PasswordUtils from repo.pg.master_gateway import PGMasterGateway from tests.constants import TEST_DATA diff --git a/tests/constants.py b/tests/constants.py index 2163898ed..4120d9cd7 100644 --- a/tests/constants.py +++ b/tests/constants.py @@ -4,6 +4,7 @@ License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE """ +from application.objects import UserAccountControlFlag from constants import ( DOMAIN_ADMIN_GROUP_NAME, DOMAIN_COMPUTERS_GROUP_NAME, @@ -12,7 +13,6 @@ USERS_CONTAINER_NAME, ) from enums import SamAccountTypeCodes -from ldap_protocol.objects import UserAccountControlFlag TEST_DATA = [ { diff --git a/tests/search_request_datasets.py b/tests/search_request_datasets.py index cb1e7a317..c2595901d 100644 --- a/tests/search_request_datasets.py +++ b/tests/search_request_datasets.py @@ -4,7 +4,7 @@ License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE. """ -from ldap_protocol.objects import UserAccountControlFlag +from application.objects import UserAccountControlFlag test_search_filter_account_expires_dataset = [ "(accountExpires=*)", diff --git a/tests/test_api/test_audit/test_router.py b/tests/test_api/test_audit/test_router.py index 2abc682b6..2af1ea778 100644 --- a/tests/test_api/test_audit/test_router.py +++ b/tests/test_api/test_audit/test_router.py @@ -10,15 +10,15 @@ from fastapi import status from httpx import AsyncClient -from enums import AuditDestinationProtocolType, AuditDestinationServiceType -from ldap_protocol.policies.audit.dataclasses import ( +from application.policies.audit.dataclasses import ( AuditDestinationDTO, AuditPolicyDTO, ) -from ldap_protocol.policies.audit.schemas import ( +from application.policies.audit.schemas import ( AuditDestinationSchemaRequest, AuditPolicySchemaRequest, ) +from enums import AuditDestinationProtocolType, AuditDestinationServiceType @pytest.mark.asyncio diff --git a/tests/test_api/test_auth/test_identity_provider.py b/tests/test_api/test_auth/test_identity_provider.py index 788da08e5..2eafcab69 100644 --- a/tests/test_api/test_auth/test_identity_provider.py +++ b/tests/test_api/test_auth/test_identity_provider.py @@ -18,15 +18,15 @@ from starlette.requests import Request from api.auth.utils import get_ip_from_request, get_user_agent_from_request -from config import Settings -from ldap_protocol.dialogue import UserSchema -from ldap_protocol.identity import IdentityProvider -from ldap_protocol.identity.exceptions import ErrorCodes, UnauthorizedError -from ldap_protocol.identity.provider_gateway import IdentityProviderGateway -from ldap_protocol.session_storage.base import SessionStorage -from ldap_protocol.session_storage.exceptions import ( +from application.dialogue import UserSchema +from application.identity import IdentityProvider +from application.identity.exceptions import ErrorCodes, UnauthorizedError +from application.identity.provider_gateway import IdentityProviderGateway +from application.session_storage.base import SessionStorage +from application.session_storage.exceptions import ( SessionStorageInvalidDataError, ) +from config import Settings from tests.conftest import TestProvider diff --git a/tests/test_api/test_auth/test_router.py b/tests/test_api/test_auth/test_router.py index 0256c0463..ff35f91f7 100644 --- a/tests/test_api/test_auth/test_router.py +++ b/tests/test_api/test_auth/test_router.py @@ -17,14 +17,20 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import joinedload -from entities import CatalogueSetting, Directory, Group, NetworkPolicy, Role +from application.auth.utils import authenticate_user +from application.kerberos import AbstractKadmin +from application.ldap_codes import LDAPCodes +from application.ldap_requests.modify import Operation +from application.session_storage import SessionStorage +from application.utils.queries import get_filter_from_path +from domain.entities import ( + CatalogueSetting, + Directory, + Group, + NetworkPolicy, + Role, +) from enums import AceType, MFAChallengeStatuses, MFAFlags, RoleScope -from ldap_protocol.auth.utils import authenticate_user -from ldap_protocol.kerberos import AbstractKadmin -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.modify import Operation -from ldap_protocol.session_storage import SessionStorage -from ldap_protocol.utils.queries import get_filter_from_path from password_utils import PasswordUtils from repo.pg.tables import queryable_attr as qa from tests.conftest import TestCreds diff --git a/tests/test_api/test_auth/test_router_mfa.py b/tests/test_api/test_auth/test_router_mfa.py index d68f92d63..ca2ce4062 100644 --- a/tests/test_api/test_auth/test_router_mfa.py +++ b/tests/test_api/test_auth/test_router_mfa.py @@ -9,7 +9,7 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession -from entities import CatalogueSetting +from domain.entities import CatalogueSetting @pytest.mark.asyncio diff --git a/tests/test_api/test_auth/test_sessions.py b/tests/test_api/test_auth/test_sessions.py index e2c6d3fd9..28c243be1 100644 --- a/tests/test_api/test_auth/test_sessions.py +++ b/tests/test_api/test_auth/test_sessions.py @@ -7,11 +7,11 @@ from httpx import AsyncClient from sqlalchemy.ext.asyncio import AsyncSession +from application.ldap_codes import LDAPCodes +from application.ldap_requests.modify import Operation +from application.session_storage import SessionStorage +from application.utils.queries import get_user from config import Settings -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.modify import Operation -from ldap_protocol.session_storage import SessionStorage -from ldap_protocol.utils.queries import get_user from tests.conftest import TestCreds diff --git a/tests/test_api/test_dhcp/test_adapter.py b/tests/test_api/test_dhcp/test_adapter.py index 5d2dd4b26..a919d776e 100644 --- a/tests/test_api/test_dhcp/test_adapter.py +++ b/tests/test_api/test_dhcp/test_adapter.py @@ -10,19 +10,19 @@ import pytest from api.dhcp.adapter import DHCPAdapter -from authorization_provider_protocol import AuthorizationProviderProtocol -from ldap_protocol.dhcp.dataclasses import ( +from application.dhcp.dataclasses import ( DHCPLease, DHCPOptionData, DHCPPool, DHCPReservation, DHCPSubnet, ) -from ldap_protocol.dhcp.schemas import ( +from application.dhcp.schemas import ( DHCPLeaseSchemaRequest, DHCPReservationSchemaRequest, DHCPSubnetSchemaAddRequest, ) +from authorization_provider_protocol import AuthorizationProviderProtocol @pytest.fixture diff --git a/tests/test_api/test_dhcp/test_router.py b/tests/test_api/test_dhcp/test_router.py index 2ea89d0de..9dec91690 100644 --- a/tests/test_api/test_dhcp/test_router.py +++ b/tests/test_api/test_dhcp/test_router.py @@ -11,7 +11,7 @@ from fastapi import status from httpx import AsyncClient -from ldap_protocol.dhcp.dataclasses import ( +from application.dhcp.dataclasses import ( DHCPLease, DHCPLeaseToReservationError, DHCPOptionData, @@ -19,7 +19,7 @@ DHCPReservation, DHCPSubnet, ) -from ldap_protocol.dhcp.exceptions import ( +from application.dhcp.exceptions import ( DHCPAPIError, DHCPEntryAddError, DHCPEntryNotFoundError, diff --git a/tests/test_api/test_main/conftest.py b/tests/test_api/test_main/conftest.py index 1ee2f69ba..76f0ed9eb 100644 --- a/tests/test_api/test_main/conftest.py +++ b/tests/test_api/test_main/conftest.py @@ -9,15 +9,15 @@ from httpx import ASGITransport, AsyncClient from sqlalchemy.ext.asyncio import AsyncSession -from entities import CatalogueSetting -from ldap_protocol.dns import ( +from application.dns import ( DNS_MANAGER_IP_ADDRESS_NAME, DNS_MANAGER_STATE_NAME, DNS_MANAGER_ZONE_NAME, DNSManagerState, ) -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.modify import Operation +from application.ldap_codes import LDAPCodes +from application.ldap_requests.modify import Operation +from domain.entities import CatalogueSetting @pytest_asyncio.fixture(scope="function") diff --git a/tests/test_api/test_main/test_dns.py b/tests/test_api/test_main/test_dns.py index 6d521408c..032f11325 100644 --- a/tests/test_api/test_main/test_dns.py +++ b/tests/test_api/test_main/test_dns.py @@ -6,7 +6,7 @@ from httpx import AsyncClient from starlette import status -from ldap_protocol.dns import ( +from application.dns import ( AbstractDNSManager, DNSManagerState, DNSServerParam, diff --git a/tests/test_api/test_main/test_kadmin.py b/tests/test_api/test_main/test_kadmin.py index b96d6c6c5..0d5077165 100644 --- a/tests/test_api/test_main/test_kadmin.py +++ b/tests/test_api/test_main/test_kadmin.py @@ -9,14 +9,14 @@ from fastapi import status from httpx import AsyncClient -from config import Settings -from ldap_protocol.kerberos import AbstractKadmin, KerberosState -from ldap_protocol.kerberos.exceptions import ( +from application.kerberos import AbstractKadmin, KerberosState +from application.kerberos.exceptions import ( KRBAPIChangePasswordError, KRBAPIPrincipalNotFoundError, ) -from ldap_protocol.ldap_requests.bind import LDAPCodes, SimpleAuthentication -from ldap_protocol.ldap_requests.contexts import LDAPBindRequestContext +from application.ldap_requests.bind import LDAPCodes, SimpleAuthentication +from application.ldap_requests.contexts import LDAPBindRequestContext +from config import Settings from password_utils import PasswordUtils from tests.conftest import MutePolicyBindRequest, TestCreds diff --git a/tests/test_api/test_main/test_multifactor.py b/tests/test_api/test_main/test_multifactor.py index ba2c83d41..aacea6a2c 100644 --- a/tests/test_api/test_main/test_multifactor.py +++ b/tests/test_api/test_main/test_multifactor.py @@ -5,8 +5,8 @@ import httpx import pytest +from application.multifactor import MultifactorAPI from config import Settings -from ldap_protocol.multifactor import MultifactorAPI @pytest.mark.asyncio diff --git a/tests/test_api/test_main/test_router/conftest.py b/tests/test_api/test_main/test_router/conftest.py index 5ec37b884..aac3f6482 100644 --- a/tests/test_api/test_main/test_router/conftest.py +++ b/tests/test_api/test_main/test_router/conftest.py @@ -7,13 +7,13 @@ import pytest_asyncio from sqlalchemy.ext.asyncio import AsyncSession -from ldap_protocol.auth.setup_gateway import SetupGateway -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.auth.setup_gateway import SetupGateway +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, ) -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.ldap_schema.object_class_dao import ObjectClassDAO -from ldap_protocol.utils.queries import get_base_directories +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.ldap_schema.object_class_dao import ObjectClassDAO +from application.utils.queries import get_base_directories from password_utils import PasswordUtils from tests.constants import TEST_SYSTEM_ADMIN_DATA diff --git a/tests/test_api/test_main/test_router/test_add.py b/tests/test_api/test_main/test_router/test_add.py index f20d516d2..a1e428000 100644 --- a/tests/test_api/test_main/test_router/test_add.py +++ b/tests/test_api/test_main/test_router/test_add.py @@ -8,9 +8,9 @@ from fastapi import status from httpx import AsyncClient +from application.ldap_codes import LDAPCodes +from application.objects import UserAccountControlFlag from enums import SamAccountTypeCodes -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.objects import UserAccountControlFlag from tests.api_datasets import test_api_forbidden_chars_in_attr_value diff --git a/tests/test_api/test_main/test_router/test_delete.py b/tests/test_api/test_main/test_router/test_delete.py index 0aa777cec..f65f7897b 100644 --- a/tests/test_api/test_main/test_router/test_delete.py +++ b/tests/test_api/test_main/test_router/test_delete.py @@ -7,7 +7,7 @@ import pytest from httpx import AsyncClient -from ldap_protocol.ldap_codes import LDAPCodes +from application.ldap_codes import LDAPCodes @pytest.mark.asyncio diff --git a/tests/test_api/test_main/test_router/test_login.py b/tests/test_api/test_main/test_router/test_login.py index e83f1cb64..0371b86c6 100644 --- a/tests/test_api/test_main/test_router/test_login.py +++ b/tests/test_api/test_main/test_router/test_login.py @@ -8,7 +8,7 @@ import pytest from fastapi import status -from ldap_protocol.ldap_requests.modify import Operation +from application.ldap_requests.modify import Operation from tests.conftest import TestCreds diff --git a/tests/test_api/test_main/test_router/test_modify.py b/tests/test_api/test_main/test_router/test_modify.py index 2d0dbd5af..824e50ec2 100644 --- a/tests/test_api/test_main/test_router/test_modify.py +++ b/tests/test_api/test_main/test_router/test_modify.py @@ -8,9 +8,9 @@ from httpx import AsyncClient from sqlalchemy.ext.asyncio import AsyncSession -from ldap_protocol.kerberos.base import AbstractKadmin -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.modify import Operation +from application.kerberos.base import AbstractKadmin +from application.ldap_codes import LDAPCodes +from application.ldap_requests.modify import Operation @pytest.mark.asyncio diff --git a/tests/test_api/test_main/test_router/test_modify_dn.py b/tests/test_api/test_main/test_router/test_modify_dn.py index 8313049f5..3e723f4e1 100644 --- a/tests/test_api/test_main/test_router/test_modify_dn.py +++ b/tests/test_api/test_main/test_router/test_modify_dn.py @@ -7,7 +7,7 @@ import pytest from httpx import AsyncClient -from ldap_protocol.ldap_codes import LDAPCodes +from application.ldap_codes import LDAPCodes @pytest.mark.asyncio diff --git a/tests/test_api/test_main/test_router/test_rename.py b/tests/test_api/test_main/test_router/test_rename.py index e86804f39..860fcf8c3 100644 --- a/tests/test_api/test_main/test_router/test_rename.py +++ b/tests/test_api/test_main/test_router/test_rename.py @@ -7,8 +7,8 @@ import pytest from httpx import AsyncClient -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.modify import Operation +from application.ldap_codes import LDAPCodes +from application.ldap_requests.modify import Operation @pytest.mark.asyncio diff --git a/tests/test_api/test_main/test_router/test_search.py b/tests/test_api/test_main/test_router/test_search.py index 77baea3f1..0a6729210 100644 --- a/tests/test_api/test_main/test_router/test_search.py +++ b/tests/test_api/test_main/test_router/test_search.py @@ -7,9 +7,9 @@ import pytest from httpx import AsyncClient +from application.ldap_codes import LDAPCodes +from application.ldap_requests.modify import Operation from enums import EntityTypeNames -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests.modify import Operation from tests.search_request_datasets import ( test_search_by_rule_anr_dataset, test_search_by_rule_bit_and_dataset, diff --git a/tests/test_api/test_network/test_router.py b/tests/test_api/test_network/test_router.py index b98759bcd..a8945acd7 100644 --- a/tests/test_api/test_network/test_router.py +++ b/tests/test_api/test_network/test_router.py @@ -12,7 +12,7 @@ from httpx import AsyncClient from sqlalchemy.ext.asyncio import AsyncSession -from entities import NetworkPolicy +from domain.entities import NetworkPolicy @pytest.mark.asyncio diff --git a/tests/test_api/test_password_policy/conftest.py b/tests/test_api/test_password_policy/conftest.py index 157a94725..aa2f43b18 100644 --- a/tests/test_api/test_password_policy/conftest.py +++ b/tests/test_api/test_password_policy/conftest.py @@ -20,12 +20,10 @@ PasswordPolicyFastAPIAdapter, UserPasswordHistoryResetFastAPIAdapter, ) +from application.policies.password import PasswordPolicyUseCases +from application.policies.password.dataclasses import PasswordPolicyDTO +from application.policies.password.use_cases import UserPasswordHistoryUseCases from config import Settings -from ldap_protocol.policies.password import PasswordPolicyUseCases -from ldap_protocol.policies.password.dataclasses import PasswordPolicyDTO -from ldap_protocol.policies.password.use_cases import ( - UserPasswordHistoryUseCases, -) from tests.conftest import TestProvider diff --git a/tests/test_api/test_shadow/conftest.py b/tests/test_api/test_shadow/conftest.py index 661b3a307..47361ecaf 100644 --- a/tests/test_api/test_shadow/conftest.py +++ b/tests/test_api/test_shadow/conftest.py @@ -10,8 +10,8 @@ from pydantic import BaseModel from sqlalchemy.ext.asyncio import AsyncSession -from entities import CatalogueSetting -from ldap_protocol.ldap_codes import LDAPCodes +from application.ldap_codes import LDAPCodes +from domain.entities import CatalogueSetting class ProxyRequestModel(BaseModel): diff --git a/tests/test_api/test_shadow/test_router.py b/tests/test_api/test_shadow/test_router.py index 815d19798..80f7b6ffe 100644 --- a/tests/test_api/test_shadow/test_router.py +++ b/tests/test_api/test_shadow/test_router.py @@ -10,7 +10,7 @@ from sqlalchemy import delete, update from sqlalchemy.ext.asyncio import AsyncSession -from entities import NetworkPolicy +from domain.entities import NetworkPolicy from enums import MFAFlags from .conftest import ProxyRequestModel diff --git a/tests/test_api/test_web_permissions/conftest.py b/tests/test_api/test_web_permissions/conftest.py index 9b76dab0a..44151a595 100644 --- a/tests/test_api/test_web_permissions/conftest.py +++ b/tests/test_api/test_web_permissions/conftest.py @@ -18,12 +18,12 @@ ) from abstract_service import AbstractService +from application.auth.auth_manager import AuthManager +from application.dhcp.base import AbstractDHCPManager +from application.dhcp.stub import StubDHCPManager +from application.policies.audit.service import AuditService from authorization_provider_protocol import AuthorizationProviderProtocol from config import Settings -from ldap_protocol.auth.auth_manager import AuthManager -from ldap_protocol.dhcp.base import AbstractDHCPManager -from ldap_protocol.dhcp.stub import StubDHCPManager -from ldap_protocol.policies.audit.service import AuditService from tests.conftest import TestProvider diff --git a/tests/test_api/test_web_permissions/test_permission_checker.py b/tests/test_api/test_web_permissions/test_permission_checker.py index dccc644da..62adaf8c8 100644 --- a/tests/test_api/test_web_permissions/test_permission_checker.py +++ b/tests/test_api/test_web_permissions/test_permission_checker.py @@ -7,11 +7,11 @@ from sqlalchemy.ext.asyncio import AsyncSession from abstract_service import AbstractService +from application.dialogue import UserSchema +from application.permissions_checker import AuthorizationError +from application.utils.queries import get_user from authorization_provider_protocol import AuthorizationProviderProtocol from enums import AuthorizationRules -from ldap_protocol.dialogue import UserSchema -from ldap_protocol.permissions_checker import AuthorizationError -from ldap_protocol.utils.queries import get_user from tests.conftest import TestCreds from tests.test_api.test_web_permissions.conftest import ( get_params, diff --git a/tests/test_ldap/policies/test_audit/conftest.py b/tests/test_ldap/policies/test_audit/conftest.py index 6f176fdd8..20a1eb0a0 100644 --- a/tests/test_ldap/policies/test_audit/conftest.py +++ b/tests/test_ldap/policies/test_audit/conftest.py @@ -15,10 +15,10 @@ provide, ) +from application.policies.audit.destination_dao import AuditDestinationDAO +from application.policies.audit.policies_dao import AuditPoliciesDAO +from application.policies.audit.service import AuditService from config import Settings -from ldap_protocol.policies.audit.destination_dao import AuditDestinationDAO -from ldap_protocol.policies.audit.policies_dao import AuditPoliciesDAO -from ldap_protocol.policies.audit.service import AuditService from tests.conftest import TestProvider diff --git a/tests/test_ldap/policies/test_audit/test_rfc5424_serializer.py b/tests/test_ldap/policies/test_audit/test_rfc5424_serializer.py index 34db31bd5..d4cfe1aad 100644 --- a/tests/test_ldap/policies/test_audit/test_rfc5424_serializer.py +++ b/tests/test_ldap/policies/test_audit/test_rfc5424_serializer.py @@ -9,7 +9,7 @@ import pytest -from ldap_protocol.policies.audit.events.service_senders.rfc5424_serializer import ( # noqa: E501 +from application.policies.audit.events.service_senders.rfc5424_serializer import ( # noqa: E501 RFC5424Serializer, ) diff --git a/tests/test_ldap/policies/test_audit/test_service.py b/tests/test_ldap/policies/test_audit/test_service.py index f1601dc91..e3a4810cd 100644 --- a/tests/test_ldap/policies/test_audit/test_service.py +++ b/tests/test_ldap/policies/test_audit/test_service.py @@ -7,16 +7,16 @@ import pytest import pytest_asyncio -from enums import AuditDestinationProtocolType, AuditDestinationServiceType -from ldap_protocol.policies.audit.dataclasses import ( +from application.policies.audit.dataclasses import ( AuditDestinationDTO, AuditPolicyDTO, ) -from ldap_protocol.policies.audit.exception import ( +from application.policies.audit.exception import ( AuditAlreadyExistsError, AuditNotFoundError, ) -from ldap_protocol.policies.audit.service import AuditService +from application.policies.audit.service import AuditService +from enums import AuditDestinationProtocolType, AuditDestinationServiceType @pytest.mark.asyncio diff --git a/tests/test_ldap/policies/test_network/test_pool_client_handler.py b/tests/test_ldap/policies/test_network/test_pool_client_handler.py index 0d2b4c800..8d10f63b0 100644 --- a/tests/test_ldap/policies/test_network/test_pool_client_handler.py +++ b/tests/test_ldap/policies/test_network/test_pool_client_handler.py @@ -9,10 +9,10 @@ import pytest from sqlalchemy.ext.asyncio import AsyncSession -from entities import NetworkPolicy +from application.policies.network import NetworkPolicyValidatorUseCase +from application.utils.queries import get_group, get_user +from domain.entities import NetworkPolicy from enums import ProtocolType -from ldap_protocol.policies.network import NetworkPolicyValidatorUseCase -from ldap_protocol.utils.queries import get_group, get_user @pytest.mark.asyncio diff --git a/tests/test_ldap/policies/test_network/test_use_case.py b/tests/test_ldap/policies/test_network/test_use_case.py index d9714f881..866238db9 100644 --- a/tests/test_ldap/policies/test_network/test_use_case.py +++ b/tests/test_ldap/policies/test_network/test_use_case.py @@ -8,12 +8,12 @@ import pytest -from enums import MFAFlags -from ldap_protocol.policies.network import NetworkPolicyUseCase -from ldap_protocol.policies.network.dto import ( +from application.policies.network import NetworkPolicyUseCase +from application.policies.network.dto import ( NetworkPolicyDTO, NetworkPolicyUpdateDTO, ) +from enums import MFAFlags @pytest.mark.asyncio diff --git a/tests/test_ldap/policies/test_password/conftest.py b/tests/test_ldap/policies/test_password/conftest.py index e1e7e8608..c19e82126 100644 --- a/tests/test_ldap/policies/test_password/conftest.py +++ b/tests/test_ldap/policies/test_password/conftest.py @@ -15,8 +15,8 @@ provide, ) +from application.policies.password import PasswordPolicyUseCases from config import Settings -from ldap_protocol.policies.password import PasswordPolicyUseCases from tests.conftest import TestProvider diff --git a/tests/test_ldap/policies/test_password/datasets.py b/tests/test_ldap/policies/test_password/datasets.py index 5aad7bf27..b80b74581 100644 --- a/tests/test_ldap/policies/test_password/datasets.py +++ b/tests/test_ldap/policies/test_password/datasets.py @@ -4,7 +4,7 @@ License: https://github.com/MultiDirectoryLab/MultiDirectory/blob/main/LICENSE. """ -from ldap_protocol.policies.password.dataclasses import PasswordPolicyDTO +from application.policies.password.dataclasses import PasswordPolicyDTO test_get_password_policy_by_dir_path_dn_extended_dataset = [ [ diff --git a/tests/test_ldap/policies/test_password/test_use_cases.py b/tests/test_ldap/policies/test_password/test_use_cases.py index 2b03dfd1d..695696730 100644 --- a/tests/test_ldap/policies/test_password/test_use_cases.py +++ b/tests/test_ldap/policies/test_password/test_use_cases.py @@ -8,11 +8,11 @@ import pytest -from ldap_protocol.policies.password.dataclasses import ( +from application.policies.password.dataclasses import ( DefaultDomainPasswordPolicyPreset, PasswordPolicyDTO, ) -from ldap_protocol.policies.password.use_cases import PasswordPolicyUseCases +from application.policies.password.use_cases import PasswordPolicyUseCases from .datasets import test_get_password_policy_by_dir_path_dn_extended_dataset diff --git a/tests/test_ldap/policies/test_password/test_validator.py b/tests/test_ldap/policies/test_password/test_validator.py index 59e2d5787..7b5f50006 100644 --- a/tests/test_ldap/policies/test_password/test_validator.py +++ b/tests/test_ldap/policies/test_password/test_validator.py @@ -8,11 +8,11 @@ import pytest -from ldap_protocol.policies.password import PasswordPolicyValidator -from ldap_protocol.policies.password.ban_word_repository import ( +from application.policies.password import PasswordPolicyValidator +from application.policies.password.ban_word_repository import ( PasswordBanWordRepository, ) -from ldap_protocol.utils.helpers import dt_to_ft +from application.utils.helpers import dt_to_ft @pytest.mark.asyncio diff --git a/tests/test_ldap/test_access_manager/conftest.py b/tests/test_ldap/test_access_manager/conftest.py index 199d15657..596fef8cc 100644 --- a/tests/test_ldap/test_access_manager/conftest.py +++ b/tests/test_ldap/test_access_manager/conftest.py @@ -6,7 +6,7 @@ from unittest.mock import Mock -from entities import AccessControlEntry +from domain.entities import AccessControlEntry from enums import AceType diff --git a/tests/test_ldap/test_access_manager/test_entity_level_access.py b/tests/test_ldap/test_access_manager/test_entity_level_access.py index f252daaf7..60b390cce 100644 --- a/tests/test_ldap/test_access_manager/test_entity_level_access.py +++ b/tests/test_ldap/test_access_manager/test_entity_level_access.py @@ -6,8 +6,8 @@ import pytest -from entities import AccessControlEntry -from ldap_protocol.roles.access_manager import AccessManager +from application.roles.access_manager import AccessManager +from domain.entities import AccessControlEntry from .conftest import create_mock_ace diff --git a/tests/test_ldap/test_access_manager/test_modify_access.py b/tests/test_ldap/test_access_manager/test_modify_access.py index b4cac2172..a4ae097c6 100644 --- a/tests/test_ldap/test_access_manager/test_modify_access.py +++ b/tests/test_ldap/test_access_manager/test_modify_access.py @@ -6,11 +6,11 @@ import pytest -from entities import AccessControlEntry +from application.ldap_responses import PartialAttribute +from application.objects import Changes, Operation +from application.roles.access_manager import AccessManager +from domain.entities import AccessControlEntry from enums import AceType -from ldap_protocol.ldap_responses import PartialAttribute -from ldap_protocol.objects import Changes, Operation -from ldap_protocol.roles.access_manager import AccessManager from .conftest import create_mock_ace diff --git a/tests/test_ldap/test_access_manager/test_search_access.py b/tests/test_ldap/test_access_manager/test_search_access.py index c586e2fc4..1d4c2ace1 100644 --- a/tests/test_ldap/test_access_manager/test_search_access.py +++ b/tests/test_ldap/test_access_manager/test_search_access.py @@ -6,8 +6,8 @@ import pytest -from entities import AccessControlEntry -from ldap_protocol.roles.access_manager import AccessManager +from application.roles.access_manager import AccessManager +from domain.entities import AccessControlEntry from .conftest import create_mock_ace diff --git a/tests/test_ldap/test_attribute_value_validator.py b/tests/test_ldap/test_attribute_value_validator.py index 084ca0a72..16aef960c 100644 --- a/tests/test_ldap/test_attribute_value_validator.py +++ b/tests/test_ldap/test_attribute_value_validator.py @@ -6,10 +6,10 @@ import pytest -from enums import EntityTypeNames -from ldap_protocol.ldap_schema.attribute_value_validator import ( +from application.ldap_schema.attribute_value_validator import ( AttributeValueValidator, ) +from enums import EntityTypeNames @pytest.fixture diff --git a/tests/test_ldap/test_bind.py b/tests/test_ldap/test_bind.py index d43776644..a4e4cf57f 100644 --- a/tests/test_ldap/test_bind.py +++ b/tests/test_ldap/test_bind.py @@ -12,11 +12,9 @@ from dishka import AsyncContainer, Scope from sqlalchemy.ext.asyncio import AsyncSession -from config import Settings -from entities import Attribute, Directory, User -from ldap_protocol.dependency import resolve_deps -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.ldap_requests.bind import ( +from application.dependency import resolve_deps +from application.dialogue import LDAPSession +from application.ldap_requests.bind import ( BindRequest, BindResponse, LDAPCodes, @@ -24,14 +22,16 @@ SimpleAuthentication, UnbindRequest, ) -from ldap_protocol.ldap_requests.bind_methods.sasl_spnego import ( +from application.ldap_requests.bind_methods.sasl_spnego import ( SaslSPNEGOAuthentication, ) -from ldap_protocol.ldap_requests.contexts import ( +from application.ldap_requests.contexts import ( LDAPBindRequestContext, LDAPUnbindRequestContext, ) -from ldap_protocol.objects import UserAccountControlFlag +from application.objects import UserAccountControlFlag +from config import Settings +from domain.entities import Attribute, Directory, User from password_utils import PasswordUtils from tests.conftest import MutePolicyBindRequest, TestCreds diff --git a/tests/test_ldap/test_container_restrictions/conftest.py b/tests/test_ldap/test_container_restrictions/conftest.py index 57fc5e9f0..064f4b474 100644 --- a/tests/test_ldap/test_container_restrictions/conftest.py +++ b/tests/test_ldap/test_container_restrictions/conftest.py @@ -8,8 +8,8 @@ import pytest_asyncio -from entities import AccessControlEntry -from ldap_protocol.dialogue import UserSchema +from application.dialogue import UserSchema +from domain.entities import AccessControlEntry @pytest_asyncio.fixture diff --git a/tests/test_ldap/test_container_restrictions/test_container_subcontainers.py b/tests/test_ldap/test_container_restrictions/test_container_subcontainers.py index 08eca190e..aec7faa88 100644 --- a/tests/test_ldap/test_container_restrictions/test_container_subcontainers.py +++ b/tests/test_ldap/test_container_restrictions/test_container_subcontainers.py @@ -9,8 +9,8 @@ import pytest +from application.ldap_codes import LDAPCodes from config import Settings -from ldap_protocol.ldap_codes import LDAPCodes from tests.conftest import TestCreds diff --git a/tests/test_ldap/test_ldap3_definition_parse.py b/tests/test_ldap/test_ldap3_definition_parse.py index 14ce27f7a..79c2027a6 100644 --- a/tests/test_ldap/test_ldap3_definition_parse.py +++ b/tests/test_ldap/test_ldap3_definition_parse.py @@ -7,10 +7,10 @@ import pytest from sqlalchemy.ext.asyncio import AsyncSession -from entities import AttributeType, ObjectClass -from ldap_protocol.utils.raw_definition_parser import ( +from application.utils.raw_definition_parser import ( RawDefinitionParser as RDParser, ) +from domain.entities import AttributeType, ObjectClass test_ldap3_parse_attribute_types_dataset = [ [ diff --git a/tests/test_ldap/test_netlogon.py b/tests/test_ldap/test_netlogon.py index c12764df5..64780db28 100644 --- a/tests/test_ldap/test_netlogon.py +++ b/tests/test_ldap/test_netlogon.py @@ -13,7 +13,7 @@ import uuid from collections import defaultdict -from ldap_protocol.rootdse.netlogon import ( +from application.rootdse.netlogon import ( _NL_DEFAULT_SITE, _ZERO_UUID, _ZERO_VER, diff --git a/tests/test_ldap/test_passwd_change.py b/tests/test_ldap/test_passwd_change.py index f01a93e7a..075d27876 100644 --- a/tests/test_ldap/test_passwd_change.py +++ b/tests/test_ldap/test_passwd_change.py @@ -8,7 +8,7 @@ from aioldap3 import LDAPConnection from sqlalchemy.ext.asyncio import AsyncSession -from ldap_protocol.utils.queries import get_user +from application.utils.queries import get_user from password_utils import PasswordUtils from tests.conftest import TestCreds diff --git a/tests/test_ldap/test_roles/conftest.py b/tests/test_ldap/test_roles/conftest.py index 2d5959e27..b84d2c8c2 100644 --- a/tests/test_ldap/test_roles/conftest.py +++ b/tests/test_ldap/test_roles/conftest.py @@ -9,8 +9,8 @@ import pytest_asyncio +from application.roles.role_dao import RoleDAO, RoleDTO from config import Settings -from ldap_protocol.roles.role_dao import RoleDAO, RoleDTO from tests.conftest import TestCreds BASE_DN = "dc=md,dc=test" diff --git a/tests/test_ldap/test_roles/test_multiple_access.py b/tests/test_ldap/test_roles/test_multiple_access.py index 4691ba0fb..b71722ea5 100644 --- a/tests/test_ldap/test_roles/test_multiple_access.py +++ b/tests/test_ldap/test_roles/test_multiple_access.py @@ -11,14 +11,14 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import joinedload, subqueryload +from application.ldap_schema.attribute_type_dao import AttributeTypeDAO +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.dataclasses import AccessControlEntryDTO, RoleDTO +from application.utils.queries import get_filter_from_path from config import Settings -from entities import Directory +from domain.entities import Directory from enums import AceType, EntityTypeNames, RoleScope -from ldap_protocol.ldap_schema.attribute_type_dao import AttributeTypeDAO -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.dataclasses import AccessControlEntryDTO, RoleDTO -from ldap_protocol.utils.queries import get_filter_from_path from repo.pg.tables import queryable_attr as qa from tests.conftest import TestCreds diff --git a/tests/test_ldap/test_roles/test_search.py b/tests/test_ldap/test_roles/test_search.py index 0795be89b..e32477a6b 100644 --- a/tests/test_ldap/test_roles/test_search.py +++ b/tests/test_ldap/test_roles/test_search.py @@ -6,12 +6,12 @@ import pytest +from application.ldap_schema.attribute_type_dao import AttributeTypeDAO +from application.ldap_schema.entity_type_dao import EntityTypeDAO +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.dataclasses import AccessControlEntryDTO, RoleDTO from config import Settings from enums import AceType, EntityTypeNames, RoleScope -from ldap_protocol.ldap_schema.attribute_type_dao import AttributeTypeDAO -from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.dataclasses import AccessControlEntryDTO, RoleDTO from tests.conftest import TestCreds from .conftest import perform_ldap_search_and_validate diff --git a/tests/test_ldap/test_util/test_add.py b/tests/test_ldap/test_util/test_add.py index b0312bc98..a3709e6e4 100644 --- a/tests/test_ldap/test_util/test_add.py +++ b/tests/test_ldap/test_util/test_add.py @@ -13,17 +13,17 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import selectinload, subqueryload +from application.dialogue import LDAPSession +from application.ldap_codes import LDAPCodes +from application.ldap_requests import AddRequest +from application.ldap_requests.contexts import LDAPAddRequestContext +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.dataclasses import AccessControlEntryDTO, RoleDTO +from application.roles.role_dao import RoleDAO +from application.utils.queries import get_filter_from_path from config import Settings -from entities import Directory, Group, User +from domain.entities import Directory, Group, User from enums import AceType, RoleScope -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.ldap_requests import AddRequest -from ldap_protocol.ldap_requests.contexts import LDAPAddRequestContext -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.dataclasses import AccessControlEntryDTO, RoleDTO -from ldap_protocol.roles.role_dao import RoleDAO -from ldap_protocol.utils.queries import get_filter_from_path from repo.pg.tables import queryable_attr as qa from tests.conftest import TestCreds diff --git a/tests/test_ldap/test_util/test_delete.py b/tests/test_ldap/test_util/test_delete.py index bff5011c2..a84e3b024 100644 --- a/tests/test_ldap/test_util/test_delete.py +++ b/tests/test_ldap/test_util/test_delete.py @@ -11,13 +11,13 @@ from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession +from application.ldap_codes import LDAPCodes +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.dataclasses import AccessControlEntryDTO, RoleDTO +from application.roles.role_dao import RoleDAO from config import Settings -from entities import Directory +from domain.entities import Directory from enums import AceType, RoleScope -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.dataclasses import AccessControlEntryDTO, RoleDTO -from ldap_protocol.roles.role_dao import RoleDAO from tests.conftest import TestCreds diff --git a/tests/test_ldap/test_util/test_modify.py b/tests/test_ldap/test_util/test_modify.py index eda4c1fe0..b46e1045c 100644 --- a/tests/test_ldap/test_util/test_modify.py +++ b/tests/test_ldap/test_util/test_modify.py @@ -16,16 +16,16 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import joinedload, selectinload, subqueryload +from application.kerberos.base import AbstractKadmin +from application.ldap_codes import LDAPCodes +from application.objects import Operation +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.dataclasses import AccessControlEntryDTO, RoleDTO +from application.roles.role_dao import RoleDAO +from application.utils.queries import get_filter_from_path from config import Settings -from entities import Directory, Group +from domain.entities import Directory, Group from enums import AceType, RoleScope -from ldap_protocol.kerberos.base import AbstractKadmin -from ldap_protocol.ldap_codes import LDAPCodes -from ldap_protocol.objects import Operation -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.dataclasses import AccessControlEntryDTO, RoleDTO -from ldap_protocol.roles.role_dao import RoleDAO -from ldap_protocol.utils.queries import get_filter_from_path from repo.pg.tables import Attribute, directory_table, queryable_attr as qa from tests.conftest import TestCreds diff --git a/tests/test_ldap/test_util/test_search.py b/tests/test_ldap/test_util/test_search.py index 338822a62..0be7ba2b5 100644 --- a/tests/test_ldap/test_util/test_search.py +++ b/tests/test_ldap/test_util/test_search.py @@ -12,19 +12,19 @@ from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.orm import selectinload +from application.asn1parser import ASN1Row, TagNumbers +from application.dialogue import LDAPSession +from application.ldap_requests import SearchRequest +from application.ldap_requests.contexts import LDAPSearchRequestContext +from application.ldap_responses import SearchResultEntry +from application.policies.network import NetworkPolicyValidatorUseCase +from application.roles.ace_dao import AccessControlEntryDAO +from application.roles.dataclasses import AccessControlEntryDTO, RoleDTO +from application.roles.role_dao import RoleDAO +from application.utils.queries import get_group, get_groups from config import Settings -from entities import User +from domain.entities import User from enums import AceType, ProtocolType, RoleScope -from ldap_protocol.asn1parser import ASN1Row, TagNumbers -from ldap_protocol.dialogue import LDAPSession -from ldap_protocol.ldap_requests import SearchRequest -from ldap_protocol.ldap_requests.contexts import LDAPSearchRequestContext -from ldap_protocol.ldap_responses import SearchResultEntry -from ldap_protocol.policies.network import NetworkPolicyValidatorUseCase -from ldap_protocol.roles.ace_dao import AccessControlEntryDAO -from ldap_protocol.roles.dataclasses import AccessControlEntryDTO, RoleDTO -from ldap_protocol.roles.role_dao import RoleDAO -from ldap_protocol.utils.queries import get_group, get_groups from repo.pg.tables import queryable_attr as qa from tests.conftest import TestCreds from tests.search_request_datasets import ( diff --git a/tests/test_shedule.py b/tests/test_shedule.py index dc5aaaf01..cc51a28d1 100644 --- a/tests/test_shedule.py +++ b/tests/test_shedule.py @@ -7,12 +7,12 @@ import pytest from sqlalchemy.ext.asyncio import AsyncSession +from application.kerberos import AbstractKadmin from config import Settings from extra.scripts.check_ldap_principal import check_ldap_principal from extra.scripts.principal_block_user_sync import principal_block_sync from extra.scripts.uac_sync import disable_accounts from extra.scripts.update_krb5_config import update_krb5_config -from ldap_protocol.kerberos import AbstractKadmin @pytest.mark.asyncio