-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/
-- | Pure Haskell LDAP Client Library
--
-- Pure Haskell LDAP client library implementing (the parts of) RFC 4511.
@package ldap-client
@version 0.4.3
module Ldap.Asn1.Type
-- | Message envelope. (Section 4.1.1.)
data LdapMessage op
LdapMessage :: !Id -> !op -> !Maybe Controls -> LdapMessage op
[ldapMessageId] :: LdapMessage op -> !Id
[ldapMessageOp] :: LdapMessage op -> !op
[ldapMessageControls] :: LdapMessage op -> !Maybe Controls
-- | Every message being processed has a unique non-zero integer ID.
-- (Section 4.1.1.1.)
newtype Id
Id :: Int32 -> Id
[unId] :: Id -> Int32
-- | Client requests. The RFC doesn't make a difference between
-- ProtocolClientOp and ProtocolServerOp but it's useful to
-- distinguish between them in Haskell.
data ProtocolClientOp
BindRequest :: !Int8 -> !LdapDn -> !AuthenticationChoice -> ProtocolClientOp
UnbindRequest :: ProtocolClientOp
SearchRequest :: !LdapDn -> !Scope -> !DerefAliases -> !Int32 -> !Int32 -> !Bool -> !Filter -> !AttributeSelection -> ProtocolClientOp
ModifyRequest :: !LdapDn -> ![(Operation, PartialAttribute)] -> ProtocolClientOp
AddRequest :: !LdapDn -> !AttributeList -> ProtocolClientOp
DeleteRequest :: !LdapDn -> ProtocolClientOp
ModifyDnRequest :: !LdapDn -> !RelativeLdapDn -> !Bool -> !Maybe LdapDn -> ProtocolClientOp
CompareRequest :: !LdapDn -> !AttributeValueAssertion -> ProtocolClientOp
ExtendedRequest :: !LdapOid -> !Maybe ByteString -> ProtocolClientOp
-- | Server responses. The RFC doesn't make a difference between
-- ProtocolClientOp and ProtocolServerOp but it's useful to
-- distinguish between them in Haskell.
data ProtocolServerOp
BindResponse :: !LdapResult -> !Maybe ByteString -> ProtocolServerOp
SearchResultEntry :: !LdapDn -> !PartialAttributeList -> ProtocolServerOp
SearchResultReference :: !NonEmpty Uri -> ProtocolServerOp
SearchResultDone :: !LdapResult -> ProtocolServerOp
ModifyResponse :: !LdapResult -> ProtocolServerOp
AddResponse :: !LdapResult -> ProtocolServerOp
DeleteResponse :: !LdapResult -> ProtocolServerOp
ModifyDnResponse :: !LdapResult -> ProtocolServerOp
CompareResponse :: !LdapResult -> ProtocolServerOp
ExtendedResponse :: !LdapResult -> !Maybe LdapOid -> !Maybe ByteString -> ProtocolServerOp
IntermediateResponse :: !Maybe LdapOid -> !Maybe ByteString -> ProtocolServerOp
-- | Not really a choice until SASL is supported.
data AuthenticationChoice
Simple :: !ByteString -> AuthenticationChoice
Sasl :: !SaslMechanism -> !Maybe Text -> AuthenticationChoice
-- | SASL Mechanism, for now only SASL EXTERNAL is supported
data SaslMechanism
External :: SaslMechanism
-- | Scope of the search to be performed.
data Scope
-- | Constrained to the entry named by baseObject.
BaseObject :: Scope
-- | Constrained to the immediate subordinates of the entry named by
-- baseObject.
SingleLevel :: Scope
-- | Constrained to the entry named by baseObject and to all its
-- subordinates.
WholeSubtree :: Scope
-- | An indicator as to whether or not alias entries (as defined in
-- [RFC4512]) are to be dereferenced during stages of the Search
-- operation.
data DerefAliases
-- | Do not dereference aliases in searching or in locating the base object
-- of the Search.
NeverDerefAliases :: DerefAliases
-- | While searching subordinates of the base object, dereference any alias
-- within the search scope.
DerefInSearching :: DerefAliases
-- | Dereference aliases in locating the base object of the Search.
DerefFindingBaseObject :: DerefAliases
-- | Dereference aliases both in searching and in locating the base object
-- of the Search.
DerefAlways :: DerefAliases
-- | Conditions that must be fulfilled in order for the Search to match a
-- given entry.
data Filter
-- | All filters evaluate to TRUE
And :: !NonEmpty Filter -> Filter
-- | Any filter evaluates to TRUE
Or :: !NonEmpty Filter -> Filter
-- | Filter evaluates to FALSE
Not :: !Filter -> Filter
-- | EQUALITY rule returns TRUE
EqualityMatch :: !AttributeValueAssertion -> Filter
-- | SUBSTR rule returns TRUE
Substrings :: !SubstringFilter -> Filter
-- | ORDERING rule returns FALSE
GreaterOrEqual :: !AttributeValueAssertion -> Filter
-- | ORDERING or EQUALITY rule returns TRUE
LessOrEqual :: !AttributeValueAssertion -> Filter
-- | Attribute is present in the entry
Present :: !AttributeDescription -> Filter
-- | Same as EqualityMatch for most servers
ApproxMatch :: !AttributeValueAssertion -> Filter
ExtensibleMatch :: !MatchingRuleAssertion -> Filter
data SubstringFilter
SubstringFilter :: !AttributeDescription -> !NonEmpty Substring -> SubstringFilter
data Substring
Initial :: !AssertionValue -> Substring
Any :: !AssertionValue -> Substring
Final :: !AssertionValue -> Substring
data MatchingRuleAssertion
MatchingRuleAssertion :: !Maybe MatchingRuleId -> !Maybe AttributeDescription -> !AssertionValue -> !Bool -> MatchingRuleAssertion
-- | Matching rules are defined in Section 4.1.3 of [RFC4512]. A matching
-- rule is identified in the protocol by the printable representation of
-- either its numericoid or one of its short name descriptors
-- [RFC4512], e.g., caseIgnoreMatch or '2.5.13.2'. (Section
-- 4.1.8.)
newtype MatchingRuleId
MatchingRuleId :: LdapString -> MatchingRuleId
newtype AttributeSelection
AttributeSelection :: [LdapString] -> AttributeSelection
newtype AttributeList
AttributeList :: [Attribute] -> AttributeList
newtype PartialAttributeList
PartialAttributeList :: [PartialAttribute] -> PartialAttributeList
newtype Controls
Controls :: [Control] -> Controls
data Control
Control :: !LdapOid -> !Bool -> !Maybe ByteString -> Control
data LdapResult
LdapResult :: !ResultCode -> !LdapDn -> !LdapString -> !Maybe ReferralUris -> LdapResult
-- | LDAP operation's result.
data ResultCode
Success :: ResultCode
OperationError :: ResultCode
ProtocolError :: ResultCode
TimeLimitExceeded :: ResultCode
SizeLimitExceeded :: ResultCode
CompareFalse :: ResultCode
CompareTrue :: ResultCode
AuthMethodNotSupported :: ResultCode
StrongerAuthRequired :: ResultCode
Referral :: ResultCode
AdminLimitExceeded :: ResultCode
UnavailableCriticalExtension :: ResultCode
ConfidentialityRequired :: ResultCode
SaslBindInProgress :: ResultCode
NoSuchAttribute :: ResultCode
UndefinedAttributeType :: ResultCode
InappropriateMatching :: ResultCode
ConstraintViolation :: ResultCode
AttributeOrValueExists :: ResultCode
InvalidAttributeSyntax :: ResultCode
NoSuchObject :: ResultCode
AliasProblem :: ResultCode
InvalidDNSyntax :: ResultCode
AliasDereferencingProblem :: ResultCode
InappropriateAuthentication :: ResultCode
InvalidCredentials :: ResultCode
InsufficientAccessRights :: ResultCode
Busy :: ResultCode
Unavailable :: ResultCode
UnwillingToPerform :: ResultCode
LoopDetect :: ResultCode
NamingViolation :: ResultCode
ObjectClassViolation :: ResultCode
NotAllowedOnNonLeaf :: ResultCode
NotAllowedOnRDN :: ResultCode
EntryAlreadyExists :: ResultCode
ObjectClassModsProhibited :: ResultCode
AffectsMultipleDSAs :: ResultCode
Other :: ResultCode
newtype AttributeDescription
AttributeDescription :: LdapString -> AttributeDescription
newtype AttributeValue
AttributeValue :: ByteString -> AttributeValue
data AttributeValueAssertion
AttributeValueAssertion :: !AttributeDescription -> !AssertionValue -> AttributeValueAssertion
newtype AssertionValue
AssertionValue :: ByteString -> AssertionValue
data Attribute
Attribute :: !AttributeDescription -> !NonEmpty AttributeValue -> Attribute
data PartialAttribute
PartialAttribute :: !AttributeDescription -> ![AttributeValue] -> PartialAttribute
-- | An LDAPDN is defined to be the representation of a Distinguished Name
-- (DN) after encoding according to the specification in [RFC4514].
newtype LdapDn
LdapDn :: LdapString -> LdapDn
-- | A RelativeLDAPDN is defined to be the representation of a Relative
-- Distinguished Name (RDN) after encoding according to the specification
-- in [RFC4514].
newtype RelativeLdapDn
RelativeLdapDn :: LdapString -> RelativeLdapDn
newtype ReferralUris
ReferralUris :: NonEmpty Uri -> ReferralUris
newtype Uri
Uri :: LdapString -> Uri
data Operation
Add :: Operation
Delete :: Operation
Replace :: Operation
-- | The LDAPString is a notational convenience to indicate that, although
-- strings of LDAPString type encode as ASN.1 OCTET STRING types, the
-- [ISO10646] character set (a superset of [Unicode]) is used, encoded
-- following the UTF-8 [RFC3629] algorithm. (Section 4.1.2.)
newtype LdapString
LdapString :: Text -> LdapString
-- | The LDAPOID is a notational convenience to indicate that the permitted
-- value of this string is a (UTF-8 encoded) dotted-decimal
-- representation of an OBJECT IDENTIFIER. Although an LDAPOID is encoded
-- as an OCTET STRING, values are limited to the definition of
-- <numericoid> given in Section 1.4 of [RFC4512].
newtype LdapOid
LdapOid :: Text -> LdapOid
instance GHC.Classes.Ord Ldap.Asn1.Type.Id
instance GHC.Classes.Eq Ldap.Asn1.Type.Id
instance GHC.Show.Show Ldap.Asn1.Type.Id
instance GHC.Classes.Eq Ldap.Asn1.Type.SaslMechanism
instance GHC.Show.Show Ldap.Asn1.Type.SaslMechanism
instance GHC.Classes.Eq Ldap.Asn1.Type.AuthenticationChoice
instance GHC.Show.Show Ldap.Asn1.Type.AuthenticationChoice
instance GHC.Classes.Eq Ldap.Asn1.Type.Scope
instance GHC.Show.Show Ldap.Asn1.Type.Scope
instance GHC.Classes.Eq Ldap.Asn1.Type.DerefAliases
instance GHC.Show.Show Ldap.Asn1.Type.DerefAliases
instance GHC.Classes.Eq Ldap.Asn1.Type.ResultCode
instance GHC.Show.Show Ldap.Asn1.Type.ResultCode
instance GHC.Classes.Eq Ldap.Asn1.Type.AttributeValue
instance GHC.Show.Show Ldap.Asn1.Type.AttributeValue
instance GHC.Classes.Eq Ldap.Asn1.Type.AssertionValue
instance GHC.Show.Show Ldap.Asn1.Type.AssertionValue
instance GHC.Classes.Eq Ldap.Asn1.Type.Substring
instance GHC.Show.Show Ldap.Asn1.Type.Substring
instance GHC.Classes.Eq Ldap.Asn1.Type.Operation
instance GHC.Show.Show Ldap.Asn1.Type.Operation
instance GHC.Classes.Eq Ldap.Asn1.Type.LdapString
instance GHC.Show.Show Ldap.Asn1.Type.LdapString
instance GHC.Classes.Eq Ldap.Asn1.Type.Uri
instance GHC.Show.Show Ldap.Asn1.Type.Uri
instance GHC.Classes.Eq Ldap.Asn1.Type.ReferralUris
instance GHC.Show.Show Ldap.Asn1.Type.ReferralUris
instance GHC.Classes.Eq Ldap.Asn1.Type.RelativeLdapDn
instance GHC.Show.Show Ldap.Asn1.Type.RelativeLdapDn
instance GHC.Classes.Eq Ldap.Asn1.Type.LdapDn
instance GHC.Show.Show Ldap.Asn1.Type.LdapDn
instance GHC.Classes.Eq Ldap.Asn1.Type.AttributeDescription
instance GHC.Show.Show Ldap.Asn1.Type.AttributeDescription
instance GHC.Classes.Eq Ldap.Asn1.Type.PartialAttribute
instance GHC.Show.Show Ldap.Asn1.Type.PartialAttribute
instance GHC.Classes.Eq Ldap.Asn1.Type.PartialAttributeList
instance GHC.Show.Show Ldap.Asn1.Type.PartialAttributeList
instance GHC.Classes.Eq Ldap.Asn1.Type.Attribute
instance GHC.Show.Show Ldap.Asn1.Type.Attribute
instance GHC.Classes.Eq Ldap.Asn1.Type.AttributeList
instance GHC.Show.Show Ldap.Asn1.Type.AttributeList
instance GHC.Classes.Eq Ldap.Asn1.Type.AttributeValueAssertion
instance GHC.Show.Show Ldap.Asn1.Type.AttributeValueAssertion
instance GHC.Classes.Eq Ldap.Asn1.Type.SubstringFilter
instance GHC.Show.Show Ldap.Asn1.Type.SubstringFilter
instance GHC.Classes.Eq Ldap.Asn1.Type.LdapResult
instance GHC.Show.Show Ldap.Asn1.Type.LdapResult
instance GHC.Classes.Eq Ldap.Asn1.Type.AttributeSelection
instance GHC.Show.Show Ldap.Asn1.Type.AttributeSelection
instance GHC.Classes.Eq Ldap.Asn1.Type.MatchingRuleId
instance GHC.Show.Show Ldap.Asn1.Type.MatchingRuleId
instance GHC.Classes.Eq Ldap.Asn1.Type.MatchingRuleAssertion
instance GHC.Show.Show Ldap.Asn1.Type.MatchingRuleAssertion
instance GHC.Classes.Eq Ldap.Asn1.Type.Filter
instance GHC.Show.Show Ldap.Asn1.Type.Filter
instance GHC.Classes.Eq Ldap.Asn1.Type.LdapOid
instance GHC.Show.Show Ldap.Asn1.Type.LdapOid
instance GHC.Classes.Eq Ldap.Asn1.Type.Control
instance GHC.Show.Show Ldap.Asn1.Type.Control
instance GHC.Classes.Eq Ldap.Asn1.Type.Controls
instance GHC.Show.Show Ldap.Asn1.Type.Controls
instance GHC.Classes.Eq op => GHC.Classes.Eq (Ldap.Asn1.Type.LdapMessage op)
instance GHC.Show.Show op => GHC.Show.Show (Ldap.Asn1.Type.LdapMessage op)
instance GHC.Classes.Eq Ldap.Asn1.Type.ProtocolServerOp
instance GHC.Show.Show Ldap.Asn1.Type.ProtocolServerOp
instance GHC.Classes.Eq Ldap.Asn1.Type.ProtocolClientOp
instance GHC.Show.Show Ldap.Asn1.Type.ProtocolClientOp
-- | This module contains convertions from LDAP types to ASN.1.
--
-- Various hacks are employed because "asn1-encoding" only encodes to
-- DER, but LDAP demands BER-encoding. So, when a definition looks
-- suspiciously different from the spec in the comment, that's why. I
-- hope all that will be fixed eventually.
module Ldap.Asn1.ToAsn1
-- | Convert a LDAP type to ASN.1.
--
-- When it's relevant, instances include the part of RFC describing the
-- encoding.
class ToAsn1 a
toAsn1 :: ToAsn1 a => a -> Endo [ASN1]
instance Ldap.Asn1.ToAsn1.ToAsn1 op => Ldap.Asn1.ToAsn1.ToAsn1 (Ldap.Asn1.Type.LdapMessage op)
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.Id
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.LdapString
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.LdapOid
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.LdapDn
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.RelativeLdapDn
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.AttributeDescription
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.AttributeValue
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.AttributeValueAssertion
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.AssertionValue
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.PartialAttribute
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.Attribute
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.MatchingRuleId
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.Controls
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.Control
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.ProtocolClientOp
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.AuthenticationChoice
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.AttributeSelection
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.Filter
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.SubstringFilter
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.MatchingRuleAssertion
instance Ldap.Asn1.ToAsn1.ToAsn1 Ldap.Asn1.Type.AttributeList
instance Ldap.Asn1.ToAsn1.ToAsn1 a => Ldap.Asn1.ToAsn1.ToAsn1 [a]
instance Ldap.Asn1.ToAsn1.ToAsn1 a => Ldap.Asn1.ToAsn1.ToAsn1 (GHC.Base.NonEmpty a)
-- | This module contains convertions from ASN.1 to LDAP types.
module Ldap.Asn1.FromAsn1
-- | Convert a part of ASN.1 stream to a LDAP type returning the remainder
-- of the stream.
parseAsn1 :: FromAsn1 a => [ASN1] -> Maybe ([ASN1], a)
-- | ASN.1 stream parsers.
--
-- When it's relevant, instances include the part of RFC describing the
-- encoding.
class FromAsn1 a
instance Ldap.Asn1.FromAsn1.FromAsn1 op => Ldap.Asn1.FromAsn1.FromAsn1 (Ldap.Asn1.Type.LdapMessage op)
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.Id
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.LdapString
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.LdapOid
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.LdapDn
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.AttributeDescription
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.AttributeValue
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.PartialAttribute
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.LdapResult
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.ReferralUris
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.Uri
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.ProtocolServerOp
instance Ldap.Asn1.FromAsn1.FromAsn1 Ldap.Asn1.Type.PartialAttributeList
instance (Ldap.Asn1.FromAsn1.FromAsn1 a, Ldap.Asn1.FromAsn1.FromAsn1 b) => Ldap.Asn1.FromAsn1.FromAsn1 (a, b)
instance GHC.Base.Functor (Ldap.Asn1.FromAsn1.Parser s)
instance GHC.Base.Applicative (Ldap.Asn1.FromAsn1.Parser s)
instance GHC.Base.Alternative (Ldap.Asn1.FromAsn1.Parser s)
instance GHC.Base.Monad (Ldap.Asn1.FromAsn1.Parser s)
instance GHC.Base.MonadPlus (Ldap.Asn1.FromAsn1.Parser s)
instance Control.Monad.Fail.MonadFail (Ldap.Asn1.FromAsn1.Parser s)
module Ldap.Client.Internal
-- | LDAP host.
data Host
-- | Plain LDAP.
Plain :: String -> Host
-- | LDAP over TLS.
Tls :: String -> TLSSettings -> Host
-- | Port number. Use the Num instance (i.e. use a literal) to
-- create a PortNumber value.
--
--
-- >>> 1 :: PortNumber
-- 1
--
-- >>> read "1" :: PortNumber
-- 1
--
-- >>> show (12345 :: PortNumber)
-- "12345"
--
-- >>> 50000 < (51000 :: PortNumber)
-- True
--
-- >>> 50000 < (52000 :: PortNumber)
-- True
--
-- >>> 50000 + (10000 :: PortNumber)
-- 60000
--
data () => PortNumber
-- | An LDAP connection handle
data Ldap
Ldap :: !TQueue ClientMessage -> !Async Void -> !Connection -> Ldap
-- | Request queue for client messages to be send.
[reqQ] :: Ldap -> !TQueue ClientMessage
-- | Workers group for communicating with the server.
[workers] :: Ldap -> !Async Void
-- | Network connection to the server.
[conn] :: Ldap -> !Connection
data ClientMessage
New :: !Request -> !TMVar (NonEmpty ProtocolServerOp) -> ClientMessage
-- | LDAP operation's result.
data ResultCode
Success :: ResultCode
OperationError :: ResultCode
ProtocolError :: ResultCode
TimeLimitExceeded :: ResultCode
SizeLimitExceeded :: ResultCode
CompareFalse :: ResultCode
CompareTrue :: ResultCode
AuthMethodNotSupported :: ResultCode
StrongerAuthRequired :: ResultCode
Referral :: ResultCode
AdminLimitExceeded :: ResultCode
UnavailableCriticalExtension :: ResultCode
ConfidentialityRequired :: ResultCode
SaslBindInProgress :: ResultCode
NoSuchAttribute :: ResultCode
UndefinedAttributeType :: ResultCode
InappropriateMatching :: ResultCode
ConstraintViolation :: ResultCode
AttributeOrValueExists :: ResultCode
InvalidAttributeSyntax :: ResultCode
NoSuchObject :: ResultCode
AliasProblem :: ResultCode
InvalidDNSyntax :: ResultCode
AliasDereferencingProblem :: ResultCode
InappropriateAuthentication :: ResultCode
InvalidCredentials :: ResultCode
InsufficientAccessRights :: ResultCode
Busy :: ResultCode
Unavailable :: ResultCode
UnwillingToPerform :: ResultCode
LoopDetect :: ResultCode
NamingViolation :: ResultCode
ObjectClassViolation :: ResultCode
NotAllowedOnNonLeaf :: ResultCode
NotAllowedOnRDN :: ResultCode
EntryAlreadyExists :: ResultCode
ObjectClassModsProhibited :: ResultCode
AffectsMultipleDSAs :: ResultCode
Other :: ResultCode
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | List of attributes and their values. f is the structure these
-- values are in, e.g. NonEmpty.
type AttrList f = [(Attr, f AttrValue)]
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
type Response = NonEmpty InMessage
-- | Response indicates a failed operation.
data ResponseError
-- | LDAP server did not follow the protocol, so ldap-client
-- couldn't make sense of the response.
ResponseInvalid :: !Request -> !Response -> ResponseError
-- | The response contains a result code indicating failure and an error
-- message.
ResponseErrorCode :: !Request -> !ResultCode -> !Dn -> !Text -> ResponseError
type Request = ProtocolClientOp
eitherToIO :: Exception e => Either e a -> IO a
sendRequest :: Ldap -> (Response -> Either ResponseError a) -> Request -> STM (Async a)
-- | Unique identifier of an LDAP entry.
newtype Dn
Dn :: Text -> Dn
-- | Attribute name.
newtype Attr
Attr :: Text -> Attr
-- | Attribute value.
type AttrValue = ByteString
unAttr :: Attr -> Text
-- | Terminate the connection to the Directory.
--
-- Note that unbindAsync does not return an Async, because
-- LDAP server never responds to UnbindRequests, hence a call to
-- wait on a hypothetical Async would have resulted in an
-- exception anyway.
unbindAsync :: Ldap -> IO ()
-- | Terminate the connection to the Directory.
--
-- Note that unbindAsyncSTM does not return an Async,
-- because LDAP server never responds to UnbindRequests, hence a
-- call to wait on a hypothetical Async would have resulted
-- in an exception anyway.
unbindAsyncSTM :: Ldap -> STM ()
instance GHC.Show.Show Ldap.Client.Internal.Host
instance GHC.Classes.Eq Ldap.Client.Internal.Dn
instance GHC.Show.Show Ldap.Client.Internal.Dn
instance GHC.Classes.Eq Ldap.Client.Internal.ResponseError
instance GHC.Show.Show Ldap.Client.Internal.ResponseError
instance GHC.Classes.Eq Ldap.Client.Internal.Attr
instance GHC.Show.Show Ldap.Client.Internal.Attr
instance GHC.Base.Functor Ldap.Client.Internal.Async
instance GHC.Exception.Type.Exception Ldap.Client.Internal.ResponseError
-- | Extended operation.
--
-- This operation comes in four flavours:
--
--
--
-- Of those, the first one (extended) is probably the most useful
-- for the typical usecase.
module Ldap.Client.Extended
-- | Globally unique LDAP object identifier.
newtype Oid
Oid :: Text -> Oid
-- | Perform the Extended operation synchronously. Raises
-- ResponseError on failures.
extended :: Ldap -> Oid -> Maybe ByteString -> IO ()
-- | Perform the Extended operation synchronously. Returns Left e
-- where e is a ResponseError on failures.
extendedEither :: Ldap -> Oid -> Maybe ByteString -> IO (Either ResponseError ())
-- | Perform the Extended operation asynchronously. Call wait to
-- wait for its completion.
extendedAsync :: Ldap -> Oid -> Maybe ByteString -> IO (Async ())
-- | Perform the Extended operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
extendedAsyncSTM :: Ldap -> Oid -> Maybe ByteString -> STM (Async ())
-- | An example of Extended Operation, cf. extended.
startTls :: Ldap -> IO ()
-- | An example of Extended Operation, cf. extendedEither.
startTlsEither :: Ldap -> IO (Either ResponseError ())
-- | An example of Extended Operation, cf. extendedAsync.
startTlsAsync :: Ldap -> IO (Async ())
-- | An example of Extended Operation, cf.
-- extendedAsyncSTM.
startTlsAsyncSTM :: Ldap -> STM (Async ())
noticeOfDisconnectionOid :: Oid
startTlsOid :: Oid
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
instance GHC.Classes.Eq Ldap.Client.Extended.Oid
instance GHC.Show.Show Ldap.Client.Extended.Oid
instance Data.String.IsString Ldap.Client.Extended.Oid
-- | Delete operation.
--
-- This operation comes in four flavours:
--
--
--
-- Of those, the first one (delete) is probably the most useful
-- for the typical usecase.
module Ldap.Client.Delete
-- | Perform the Delete operation synchronously. Raises
-- ResponseError on failures.
delete :: Ldap -> Dn -> IO ()
-- | Perform the Delete operation synchronously. Returns Left e
-- where e is a ResponseError on failures.
deleteEither :: Ldap -> Dn -> IO (Either ResponseError ())
-- | Perform the Delete operation asynchronously. Call wait to wait
-- for its completion.
deleteAsync :: Ldap -> Dn -> IO (Async ())
-- | Perform the Delete operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
deleteAsyncSTM :: Ldap -> Dn -> STM (Async ())
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
-- | Compare operation.
--
-- This operation comes in four flavours:
--
--
--
-- Of those, the first one (compare) is probably the most useful
-- for the typical usecase.
module Ldap.Client.Compare
-- | Perform the Compare operation synchronously. Raises
-- ResponseError on failures.
compare :: Ldap -> Dn -> Attr -> AttrValue -> IO Bool
-- | Perform the Compare operation synchronously. Returns Left e
-- where e is a ResponseError on failures.
compareEither :: Ldap -> Dn -> Attr -> AttrValue -> IO (Either ResponseError Bool)
-- | Perform the Compare operation asynchronously. Call wait to wait
-- for its completion.
compareAsync :: Ldap -> Dn -> Attr -> AttrValue -> IO (Async Bool)
-- | Perform the Compare operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
compareAsyncSTM :: Ldap -> Dn -> Attr -> AttrValue -> STM (Async Bool)
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
-- | Bind operation.
--
-- This operation comes in four flavours:
--
--
--
-- Of those, the first one (bind) is probably the most useful for
-- the typical usecase.
module Ldap.Client.Bind
-- | User's password.
newtype Password
Password :: ByteString -> Password
-- | Perform the Bind operation synchronously. Raises ResponseError
-- on failures.
bind :: Ldap -> Dn -> Password -> IO ()
-- | Perform the Bind operation synchronously. Returns Left e
-- where e is a ResponseError on failures.
bindEither :: Ldap -> Dn -> Password -> IO (Either ResponseError ())
-- | Perform the Bind operation asynchronously. Call wait to wait
-- for its completion.
bindAsync :: Ldap -> Dn -> Password -> IO (Async ())
-- | Perform the Bind operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
bindAsyncSTM :: Ldap -> Dn -> Password -> STM (Async ())
-- | Perform a SASL EXTERNAL Bind operation synchronously. Raises
-- ResponseError on failures.
externalBind :: Ldap -> Dn -> Maybe Text -> IO ()
-- | Perform a SASL EXTERNAL Bind operation synchronously. Returns Left
-- e where e is a ResponseError on failures.
externalBindEither :: Ldap -> Dn -> Maybe Text -> IO (Either ResponseError ())
-- | Perform the SASL EXTERNAL Bind operation asynchronously. Call
-- wait to wait for its completion.
externalBindAsync :: Ldap -> Dn -> Maybe Text -> IO (Async ())
-- | Perform the SASL EXTERNAL Bind operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
externalBindAsyncSTM :: Ldap -> Dn -> Maybe Text -> STM (Async ())
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
instance GHC.Classes.Eq Ldap.Client.Bind.Password
instance GHC.Show.Show Ldap.Client.Bind.Password
-- | Add operation.
--
-- This operation comes in four flavours:
--
--
--
-- Of those, the first one (add) is probably the most useful for
-- the typical usecase.
module Ldap.Client.Add
-- | Perform the Add operation synchronously. Raises ResponseError
-- on failures.
add :: Ldap -> Dn -> AttrList NonEmpty -> IO ()
-- | Perform the Add operation synchronously. Returns Left e where
-- e is a ResponseError on failures.
addEither :: Ldap -> Dn -> AttrList NonEmpty -> IO (Either ResponseError ())
-- | Perform the Add operation asynchronously. Call wait to wait for
-- its completion.
addAsync :: Ldap -> Dn -> AttrList NonEmpty -> IO (Async ())
-- | Perform the Add operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
addAsyncSTM :: Ldap -> Dn -> AttrList NonEmpty -> STM (Async ())
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
-- | Modify and Modify DN operations.
--
-- These operations come in four flavours:
--
--
--
-- Of those, the first one (modify / modifyDn) is probably
-- the most useful for the typical usecase.
module Ldap.Client.Modify
-- | Type of modification being performed.
data Operation
-- | Delete values from the attribute. Deletes the attribute if the list is
-- empty or all current values are listed.
Delete :: !Attr -> ![AttrValue] -> Operation
-- | Add values to the attribute, creating it if necessary.
Add :: !Attr -> ![AttrValue] -> Operation
-- | Replace all existing values of the attribute with the new list.
-- Deletes the attribute if the list is empty.
Replace :: !Attr -> ![AttrValue] -> Operation
-- | Perform the Modify operation synchronously. Raises
-- ResponseError on failures.
modify :: Ldap -> Dn -> [Operation] -> IO ()
-- | Perform the Modify operation synchronously. Returns Left e
-- where e is a ResponseError on failures.
modifyEither :: Ldap -> Dn -> [Operation] -> IO (Either ResponseError ())
-- | Perform the Modify operation asynchronously. Call wait to wait
-- for its completion.
modifyAsync :: Ldap -> Dn -> [Operation] -> IO (Async ())
-- | Perform the Modify operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
modifyAsyncSTM :: Ldap -> Dn -> [Operation] -> STM (Async ())
-- | A component of Dn.
newtype RelativeDn
RelativeDn :: Text -> RelativeDn
-- | Perform the Modify DN operation synchronously. Raises
-- ResponseError on failures.
modifyDn :: Ldap -> Dn -> RelativeDn -> Bool -> Maybe Dn -> IO ()
-- | Perform the Modify DN operation synchronously. Returns Left e
-- where e is a ResponseError on failures.
modifyDnEither :: Ldap -> Dn -> RelativeDn -> Bool -> Maybe Dn -> IO (Either ResponseError ())
-- | Perform the Modify DN operation asynchronously. Call wait to
-- wait for its completion.
modifyDnAsync :: Ldap -> Dn -> RelativeDn -> Bool -> Maybe Dn -> IO (Async ())
-- | Perform the Modify DN operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
modifyDnAsyncSTM :: Ldap -> Dn -> RelativeDn -> Bool -> Maybe Dn -> STM (Async ())
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
instance GHC.Classes.Eq Ldap.Client.Modify.Operation
instance GHC.Show.Show Ldap.Client.Modify.Operation
instance GHC.Classes.Eq Ldap.Client.Modify.RelativeDn
instance GHC.Show.Show Ldap.Client.Modify.RelativeDn
-- | Search operation.
--
-- This operation comes in four flavours:
--
--
--
-- Of those, the first one (search) is probably the most useful
-- for the typical usecase.
module Ldap.Client.Search
-- | Perform the Search operation synchronously. Raises
-- ResponseError on failures.
search :: Ldap -> Dn -> Mod Search -> Filter -> [Attr] -> IO [SearchEntry]
-- | Perform the Search operation synchronously. Returns Left e
-- where e is a ResponseError on failures.
searchEither :: Ldap -> Dn -> Mod Search -> Filter -> [Attr] -> IO (Either ResponseError [SearchEntry])
-- | Perform the Search operation asynchronously. Call wait to wait
-- for its completion.
searchAsync :: Ldap -> Dn -> Mod Search -> Filter -> [Attr] -> IO (Async [SearchEntry])
-- | Perform the Search operation asynchronously.
--
-- Don't wait for its completion (with waitSTM) in the same
-- transaction you've performed it in.
searchAsyncSTM :: Ldap -> Dn -> Mod Search -> Filter -> [Attr] -> STM (Async [SearchEntry])
-- | Search options. Use Mod to change some of those.
data Search
-- | Search modifier. Combine using Semigroup and/or Monoid
-- instance.
data Mod a
-- | Scope of the search to be performed.
data Scope
-- | Constrained to the entry named by baseObject.
BaseObject :: Scope
-- | Constrained to the immediate subordinates of the entry named by
-- baseObject.
SingleLevel :: Scope
-- | Constrained to the entry named by baseObject and to all its
-- subordinates.
WholeSubtree :: Scope
-- | Scope of the search (default: WholeSubtree).
scope :: Scope -> Mod Search
-- | Maximum number of entries to be returned as a result of the Search. No
-- limit if the value is 0 (default: 0).
size :: Int32 -> Mod Search
-- | Maximum time (in seconds) allowed for the Search. No limit if the
-- value is 0 (default: 0).
time :: Int32 -> Mod Search
-- | Whether Search results are to contain just attribute descriptions, or
-- both attribute descriptions and values (default: False).
typesOnly :: Bool -> Mod Search
-- | An indicator as to whether or not alias entries (as defined in
-- [RFC4512]) are to be dereferenced during stages of the Search
-- operation.
data DerefAliases
-- | Do not dereference aliases in searching or in locating the base object
-- of the Search.
NeverDerefAliases :: DerefAliases
-- | While searching subordinates of the base object, dereference any alias
-- within the search scope.
DerefInSearching :: DerefAliases
-- | Dereference aliases in locating the base object of the Search.
DerefFindingBaseObject :: DerefAliases
-- | Dereference aliases both in searching and in locating the base object
-- of the Search.
DerefAlways :: DerefAliases
-- | Alias dereference policy (default: NeverDerefAliases).
derefAliases :: DerefAliases -> Mod Search
-- | Conditions that must be fulfilled in order for the Search to match a
-- given entry.
data Filter
-- | Filter does not match the entry
Not :: !Filter -> Filter
-- | All filters match the entry
And :: !NonEmpty Filter -> Filter
-- | Any filter matches the entry
Or :: !NonEmpty Filter -> Filter
-- | Attribute is present in the entry
Present :: !Attr -> Filter
-- | Attribute's value is equal to the assertion
(:=) :: !Attr -> !AttrValue -> Filter
-- | Attribute's value is equal to or greater than the assertion
(:>=) :: !Attr -> !AttrValue -> Filter
-- | Attribute's value is equal to or less than the assertion
(:<=) :: !Attr -> !AttrValue -> Filter
-- | Attribute's value approximately matches the assertion
(:~=) :: !Attr -> !AttrValue -> Filter
-- | Glob match
(:=*) :: !Attr -> !(Maybe AttrValue, [AttrValue], Maybe AttrValue) -> Filter
-- | Extensible match
(::=) :: !(Maybe Attr, Maybe Attr, Bool) -> !AttrValue -> Filter
-- | Entry found during the Search.
data SearchEntry
SearchEntry :: !Dn -> !AttrList [] -> SearchEntry
-- | Asynchronous LDAP operation. Use wait or waitSTM to wait
-- for its completion.
data Async a
-- | Wait for operation completion.
wait :: Async a -> IO (Either ResponseError a)
-- | Wait for operation completion inside STM.
--
-- Do not use this inside the same STM transaction the operation
-- was requested in! To give LDAP the chance to respond to it that
-- transaction should commit. After that, applying waitSTM to the
-- corresponding Async starts to make sense.
waitSTM :: Async a -> STM (Either ResponseError a)
instance GHC.Classes.Eq Ldap.Client.Search.Search
instance GHC.Show.Show Ldap.Client.Search.Search
instance GHC.Classes.Eq Ldap.Client.Search.SearchEntry
instance GHC.Show.Show Ldap.Client.Search.SearchEntry
instance GHC.Base.Semigroup (Ldap.Client.Search.Mod a)
instance GHC.Base.Monoid (Ldap.Client.Search.Mod a)
-- | This module is intended to be imported qualified
--
--
-- import qualified Ldap.Client as Ldap
--
module Ldap.Client
with :: Host -> PortNumber -> (Ldap -> IO a) -> IO (Either LdapError a)
-- | The entrypoint into LDAP.
with' :: Host -> PortNumber -> (Ldap -> IO a) -> IO a
-- | Provide a LdapH to a function needing an Ldap handle.
runsIn :: (Ldap -> IO a) -> LdapH -> IO a
-- | Provide a LdapH to a function needing an Ldap handle
runsInEither :: (Ldap -> IO a) -> LdapH -> IO (Either LdapError a)
-- | Creates an LDAP handle. This action is useful for creating your own
-- resource management, such as with 'resource-pool'. The handle must be
-- manually closed with close.
open :: Host -> PortNumber -> IO LdapH
openFromConnection :: Connection -> IO LdapH
-- | Closes an LDAP connection. This is to be used in together with
-- open.
close :: LdapH -> IO ()
-- | LDAP host.
data Host
-- | Plain LDAP.
Plain :: String -> Host
-- | LDAP over TLS.
Tls :: String -> TLSSettings -> Host
defaultTlsSettings :: TLSSettings
insecureTlsSettings :: TLSSettings
-- | Port number. Use the Num instance (i.e. use a literal) to
-- create a PortNumber value.
--
--
-- >>> 1 :: PortNumber
-- 1
--
-- >>> read "1" :: PortNumber
-- 1
--
-- >>> show (12345 :: PortNumber)
-- "12345"
--
-- >>> 50000 < (51000 :: PortNumber)
-- True
--
-- >>> 50000 < (52000 :: PortNumber)
-- True
--
-- >>> 50000 + (10000 :: PortNumber)
-- 60000
--
data () => PortNumber
-- | An LDAP connection handle
data Ldap
data LdapH
-- | Various failures that can happen when working with LDAP.
data LdapError
-- | Network failure.
IOError :: !IOError -> LdapError
-- | Invalid ASN.1 data received from the server.
ParseError :: !ASN1Error -> LdapError
-- | An LDAP operation failed.
ResponseError :: !ResponseError -> LdapError
-- | Notice of Disconnection has been received.
DisconnectError :: !Disconnect -> LdapError
-- | Response indicates a failed operation.
data ResponseError
-- | LDAP server did not follow the protocol, so ldap-client
-- couldn't make sense of the response.
ResponseInvalid :: !Request -> !Response -> ResponseError
-- | The response contains a result code indicating failure and an error
-- message.
ResponseErrorCode :: !Request -> !ResultCode -> !Dn -> !Text -> ResponseError
-- | LDAP operation's result.
data ResultCode
Success :: ResultCode
OperationError :: ResultCode
ProtocolError :: ResultCode
TimeLimitExceeded :: ResultCode
SizeLimitExceeded :: ResultCode
CompareFalse :: ResultCode
CompareTrue :: ResultCode
AuthMethodNotSupported :: ResultCode
StrongerAuthRequired :: ResultCode
Referral :: ResultCode
AdminLimitExceeded :: ResultCode
UnavailableCriticalExtension :: ResultCode
ConfidentialityRequired :: ResultCode
SaslBindInProgress :: ResultCode
NoSuchAttribute :: ResultCode
UndefinedAttributeType :: ResultCode
InappropriateMatching :: ResultCode
ConstraintViolation :: ResultCode
AttributeOrValueExists :: ResultCode
InvalidAttributeSyntax :: ResultCode
NoSuchObject :: ResultCode
AliasProblem :: ResultCode
InvalidDNSyntax :: ResultCode
AliasDereferencingProblem :: ResultCode
InappropriateAuthentication :: ResultCode
InvalidCredentials :: ResultCode
InsufficientAccessRights :: ResultCode
Busy :: ResultCode
Unavailable :: ResultCode
UnwillingToPerform :: ResultCode
LoopDetect :: ResultCode
NamingViolation :: ResultCode
ObjectClassViolation :: ResultCode
NotAllowedOnNonLeaf :: ResultCode
NotAllowedOnRDN :: ResultCode
EntryAlreadyExists :: ResultCode
ObjectClassModsProhibited :: ResultCode
AffectsMultipleDSAs :: ResultCode
Other :: ResultCode
-- | User's password.
newtype Password
Password :: ByteString -> Password
-- | Perform the Bind operation synchronously. Raises ResponseError
-- on failures.
bind :: Ldap -> Dn -> Password -> IO ()
-- | Perform a SASL EXTERNAL Bind operation synchronously. Raises
-- ResponseError on failures.
externalBind :: Ldap -> Dn -> Maybe Text -> IO ()
-- | Perform the Search operation synchronously. Raises
-- ResponseError on failures.
search :: Ldap -> Dn -> Mod Search -> Filter -> [Attr] -> IO [SearchEntry]
-- | Entry found during the Search.
data SearchEntry
SearchEntry :: !Dn -> !AttrList [] -> SearchEntry
-- | Search options. Use Mod to change some of those.
data Search
-- | Search modifier. Combine using Semigroup and/or Monoid
-- instance.
data Mod a
-- | Scope of the search to be performed.
data Scope
-- | Constrained to the entry named by baseObject.
BaseObject :: Scope
-- | Constrained to the immediate subordinates of the entry named by
-- baseObject.
SingleLevel :: Scope
-- | Constrained to the entry named by baseObject and to all its
-- subordinates.
WholeSubtree :: Scope
-- | Scope of the search (default: WholeSubtree).
scope :: Scope -> Mod Search
-- | Maximum number of entries to be returned as a result of the Search. No
-- limit if the value is 0 (default: 0).
size :: Int32 -> Mod Search
-- | Maximum time (in seconds) allowed for the Search. No limit if the
-- value is 0 (default: 0).
time :: Int32 -> Mod Search
-- | Whether Search results are to contain just attribute descriptions, or
-- both attribute descriptions and values (default: False).
typesOnly :: Bool -> Mod Search
-- | An indicator as to whether or not alias entries (as defined in
-- [RFC4512]) are to be dereferenced during stages of the Search
-- operation.
data DerefAliases
-- | Do not dereference aliases in searching or in locating the base object
-- of the Search.
NeverDerefAliases :: DerefAliases
-- | While searching subordinates of the base object, dereference any alias
-- within the search scope.
DerefInSearching :: DerefAliases
-- | Dereference aliases in locating the base object of the Search.
DerefFindingBaseObject :: DerefAliases
-- | Dereference aliases both in searching and in locating the base object
-- of the Search.
DerefAlways :: DerefAliases
-- | Alias dereference policy (default: NeverDerefAliases).
derefAliases :: DerefAliases -> Mod Search
-- | Conditions that must be fulfilled in order for the Search to match a
-- given entry.
data Filter
-- | Filter does not match the entry
Not :: !Filter -> Filter
-- | All filters match the entry
And :: !NonEmpty Filter -> Filter
-- | Any filter matches the entry
Or :: !NonEmpty Filter -> Filter
-- | Attribute is present in the entry
Present :: !Attr -> Filter
-- | Attribute's value is equal to the assertion
(:=) :: !Attr -> !AttrValue -> Filter
-- | Attribute's value is equal to or greater than the assertion
(:>=) :: !Attr -> !AttrValue -> Filter
-- | Attribute's value is equal to or less than the assertion
(:<=) :: !Attr -> !AttrValue -> Filter
-- | Attribute's value approximately matches the assertion
(:~=) :: !Attr -> !AttrValue -> Filter
-- | Glob match
(:=*) :: !Attr -> !(Maybe AttrValue, [AttrValue], Maybe AttrValue) -> Filter
-- | Extensible match
(::=) :: !(Maybe Attr, Maybe Attr, Bool) -> !AttrValue -> Filter
-- | Perform the Modify operation synchronously. Raises
-- ResponseError on failures.
modify :: Ldap -> Dn -> [Operation] -> IO ()
-- | Type of modification being performed.
data Operation
-- | Delete values from the attribute. Deletes the attribute if the list is
-- empty or all current values are listed.
Delete :: !Attr -> ![AttrValue] -> Operation
-- | Add values to the attribute, creating it if necessary.
Add :: !Attr -> ![AttrValue] -> Operation
-- | Replace all existing values of the attribute with the new list.
-- Deletes the attribute if the list is empty.
Replace :: !Attr -> ![AttrValue] -> Operation
-- | Perform the Add operation synchronously. Raises ResponseError
-- on failures.
add :: Ldap -> Dn -> AttrList NonEmpty -> IO ()
-- | Perform the Delete operation synchronously. Raises
-- ResponseError on failures.
delete :: Ldap -> Dn -> IO ()
-- | A component of Dn.
newtype RelativeDn
RelativeDn :: Text -> RelativeDn
-- | Perform the Modify DN operation synchronously. Raises
-- ResponseError on failures.
modifyDn :: Ldap -> Dn -> RelativeDn -> Bool -> Maybe Dn -> IO ()
-- | Perform the Compare operation synchronously. Raises
-- ResponseError on failures.
compare :: Ldap -> Dn -> Attr -> AttrValue -> IO Bool
-- | Globally unique LDAP object identifier.
newtype Oid
Oid :: Text -> Oid
-- | Perform the Extended operation synchronously. Raises
-- ResponseError on failures.
extended :: Ldap -> Oid -> Maybe ByteString -> IO ()
-- | Unique identifier of an LDAP entry.
newtype Dn
Dn :: Text -> Dn
-- | Attribute name.
newtype Attr
Attr :: Text -> Attr
-- | Attribute value.
type AttrValue = ByteString
-- | List of attributes and their values. f is the structure these
-- values are in, e.g. NonEmpty.
type AttrList f = [(Attr, f AttrValue)]
-- | Non-empty (and non-strict) list type.
data () => NonEmpty a
instance GHC.Classes.Eq Ldap.Client.Disconnect
instance GHC.Show.Show Ldap.Client.Disconnect
instance GHC.Classes.Eq Ldap.Client.LdapError
instance GHC.Show.Show Ldap.Client.LdapError
instance GHC.Exception.Type.Exception Ldap.Client.LdapError
instance GHC.Exception.Type.Exception Ldap.Client.Disconnect