Simplify search_base logic

2019-02-24 22:23:43 +01:00 · 2019-02-24 22:23:43 +01:00 · a5e91ffda2
commit a5e91ffda2
parent bf3b3b364f
2 changed files with 38 additions and 28 deletions
--- a/dal/ungleich_ldap.py
+++ b/dal/ungleich_ldap.py
@ -78,7 +78,6 @@ class LdapManager:
        while user_exists:
            user_exists, _ = self.check_user_exists(
                "",
-                True,
                '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)'
                '(objectClass=top)(uidNumber={uidNumber}))'.format(
                    uidNumber=uidNumber
@ -154,34 +153,51 @@ class LdapManager:
        :return: True if user details were updated successfully False otherwise
        """
        conn = self.get_admin_conn()
-        details_dict = {k: (ldap3.MODIFY_REPLACE, [v.encode("utf-8")]) for k, v in details.items()}
-        try:
-            return_val = conn.modify(
-                ("uid={uid}," + settings.LDAP_CUSTOMER_DN).format(uid=uid),
-                details_dict
-            )
-            msg = "success"
-        except Exception as ex:
-            msg = str(ex)
-            logger.error("Exception: " + msg)
-            return_val = False
-        finally:
-            conn.unbind()
+
+        # Make sure the user exists first to change his/her details
+        user_exists, entries = self.check_user_exists(
+            uid=uid,
+            attributes=['uid', 'givenName', 'sn', 'mail', 'gidNumber'],
+            search_base=settings.ENTIRE_SEARCH_BASE
+        )
+
+
+        if user_exists:
+            details_dict = {k: (ldap3.MODIFY_REPLACE, [v.encode("utf-8")]) for
+                            k, v in details.items()}
+            try:
+                return_val = conn.modify(
+                    ("uid={uid}," + settings.LDAP_CUSTOMER_DN
+                     if entries[0].gidNumber.value == settings.LDAP_CUSTOMER_GROUP_ID
+                     else settings.LDAP_USERS_DN).format(uid=uid),
+                    details_dict
+                )
+                msg = "success"
+            except Exception as ex:
+                msg = str(ex)
+                logger.error("Exception: " + msg)
+                return_val = False
+            finally:
+                conn.unbind()
+        else:
+            msg = "User {} not found".format(uid)
+            logger.error(msg)
+            raise Exception(msg)
+
        return return_val, msg

-    def check_user_exists(self, uid, is_customer=True, search_filter="",
-                          attributes=None):
+    def check_user_exists(self, uid, search_filter="", attributes=None,
+                          search_base=settings.LDAP_CUSTOMER_DN):
        """
        Check if the user with the given uid exists in the customer group.

        :param uid: str representing the user
-        :param is_customer: bool representing whether the current user is a
-                            customer. By default, the user is a customer (assume)
        :param search_filter: str representing the filter condition to find
                            users. If its empty, the search finds the user with
                            the given uid.
        :param attributes: list A list of str representing all the attributes
                           to be obtained in the result entries
+        :param search_base: str
        :return: tuple (bool, [ldap3.abstract.entry.Entry ..])
                       A bool indicating if the user exists
                       A list of all entries obtained in the search
@ -190,7 +206,7 @@ class LdapManager:
        entries = []
        try:
            result = conn.search(
-                settings.LDAP_CUSTOMER_DN if is_customer else settings.LDAP_USERS_DN,
+                search_base=search_base,
                search_filter=search_filter if len(search_filter)> 0 else
                '(uid={uid})'.format(uid=uid),
                attributes=attributes