Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
ldap-filters
Advanced tools
Build, generate, parse, and evaluate LDAP filters
A library for working with Lightweight Directory Access Protocol (LDAP) filters based on RFC 4515.
Although this format is typicaly used with the LDAP protocol, this library could be implemented in other applications that need portable string-based filters for the purpose of matching object data.
Use npm:
npm install ldap-filters
var Filter = require('ldap-filters');
var output = Filter.AND([
Filter.attribute('givenName').equalTo('jenny'),
Filter.attribute('sn').equalTo('jensen')
]);
console.log(output.toString());
Note: You must call the .toString()
method, to obtain the filter as a string.
Various methods can be used to build simple filters:
(attr=*)
(attr=value)
(attr=*value*)
(attr=*value)
(attr=value*)
(attr~=value)
(attr>=value)
(attr<=value)
Simple filters can be aggregated with AND, OR, and NOT:
(&(f1)(f2)..)
(|(f1)(f2)..)
(!(filter))
Aggregation and nesting can be used to build complex filters.
Parses a filter from a string, returning a Filter object.
var Filter = require('ldap-filters');
var input = '(&(givenName=jenny)(sn=jensen))';
Filter.parse(input);
Whether you've created a filter programatically or by parsing a filter, you
can output with toString()
method or by concatenating with a string, like so:
query.toString()
query + ''
If you pass a value of true
or a numeric value to toString()
, the
output will be beautified:
query.toString(true)
query.toString(2)
Will result in the following output:
(&
(givenName=jenny)
(sn=jensen)
(|
(c=us)
(st=ontario)
)
)
A value of true
will use Filter.indent
property, which defaults to 4.
Test if (object) data matches a given filter. The filter can be one
created programatically, or parsed from a text string. A boolean
true
value will be returned for a successful match.
var Filter = require('ldap-filters');
var input = '(&(givenName~=jeni)(sn=jensen))';
var parsed = Filter.parse(input);
var data = { givenName: 'Jenny', sn: 'Jensen' };
console.log(parsed.match(data));
A complete test suite is included. To run it, you will need to have mocha and chai installed. Mocha should be installed globally (need sudo?).
npm install -g mocha
npm install chai
There are three ways to run the tests:
# Run tests with npm
npm test
# Run tests with "make"
make test
# Run tests manually
mocha test/*.js
The parser is built with jison. To re-build the parser, you must have jison installed globally.
# Install jison globally (need sudo?)
npm install -g jison
# Build with "make"
make parser
# Build manually with jison
jison lib/parser.jison -o lib/parser.js
The jison parser source was originally written by tantaman found in the DATS-DAP repository.
FAQs
Library for generating, parsing, and evaluating LDAP filters
The npm package ldap-filters receives a total of 137 weekly downloads. As such, ldap-filters popularity was classified as not popular.
We found that ldap-filters demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.