Add LDAP user images

powerdnsadmin/routes/user.py

@@ -1,5 +1,7 @@
 import datetime
 import hashlib
+import imghdr
+import mimetypes
 
 from flask import Blueprint, request, render_template, make_response, jsonify, redirect, url_for, g, session, \
     current_app, after_this_request, abort
@@ -115,12 +117,33 @@ def image():
             response_.cache_control.max_age = int(datetime.timedelta(days=1).total_seconds())
         return response_
 
+    def return_image(content, content_type=None):
+        """Return the given binary image content. Guess the type if not given."""
+        if not content_type:
+            guess = mimetypes.guess_type('example.' + imghdr.what(None, h=content))
+            if guess and guess[0]:
+                content_type = guess[0]
+
+        return content, 200, {'Content-Type': content_type}
+
     # To prevent "cache poisoning", the username query parameter is required
     if request.args.get('username', None) != current_user.username:
         abort(400)
 
     setting = Setting()
 
+    if session['authentication_type'] == 'LDAP':
+        search_filter = '(&({0}={1}){2})'.format(setting.get('ldap_filter_username'),
+                                                 current_user.username,
+                                                 setting.get('ldap_filter_basic'))
+        result = User().ldap_search(search_filter, setting.get('ldap_base_dn'))
+        if result and result[0] and result[0][0] and result[0][0][1]:
+            user_obj = result[0][0][1]
+            for key in ['jpegPhoto', 'thumbnailPhoto']:
+                if key in user_obj and user_obj[key] and user_obj[key][0]:
+                    current_app.logger.debug(f'Return {key} from ldap as user image')
+                    return return_image(user_obj[key][0])
+
     email = current_user.email
     if email and setting.get('gravatar_enabled'):
         hash_ = hashlib.md5(email.encode('utf-8')).hexdigest()