On Mar 23, 2015, at 08:39 PM, Andrew Stuart wrote:
Any thoughts on how we could integrate with LDAP?
The intent is that the user database could be backed by, or augmented by LDAP, although that is currently a goal, not reality.
Maybe of Mailman had some sort of event notification hook system for when users add/edit/delete. Or if there was some sort of generalised message bus within the system that funnels messages about changes to the user database. Something sort of LDAP synch process could then use those to synchronise an LDAP database. An event hook or message queue would allow changes to the users to be immediately pushed into LDAP.
Internally, Mailman does use zope.events to signal things nonlocally to other parts of the system. For example, events get fired when the configuration changes, or when a message gets accepted. Some of those events are connected to handlers, but others are just waiting to be used by some future plugin or other. It's cheap to add events and handlers.
For users though we don't have much atm. Just a PasswordChangeEvent and an unsubscribe event. There's no reason why we couldn't add more to help with external user database synchronization.
Maybe the other possibility is some sort of direct integration such that Mailman, if given details of an LDAP server, can directly make changes to the LDAP system each time a user is added/edited/deleted.
The other point is that the use of interfaces and the Zope Component Architecture (ZCA) is supposed to provide a layer of abstraction that could be used as plug points for integrating with other backends.
Think of the IUserManager. The existing implementation of that interface is mailman.model.usermanager.UserManager, and it stores user information in the local SQL database. This connection between interface and implementation is through src/mailman/config/configure.zcml. Since there's only one user manager in the system, it's defined as a utility:
<utility provides="mailman.interfaces.usermanager.IUserManager" factory="mailman.model.usermanager.UserManager" />
Thus when the code calls getUtility(IUserManager) and gets back the built-in UserManager object, after that, everything works through the interface. You could conceivably create a plugin with your own LDAP backed UserManager, change the utility connection, and then the rest of Mailman would just keep on working.
In theory of course. No one to my knowledge has actually tried to explore these ideas.
Cheers, -Barry