bugfixing

2018-10-23 18:13:25 +02:00 · 2018-10-23 18:13:25 +02:00 · 5b7d67838b
commit 5b7d67838b
parent d12a09a98e
4 changed files with 19 additions and 10 deletions
--- a/dal/dal/settings.py
+++ b/dal/dal/settings.py
@ -23,10 +23,11 @@ config.read('userservice.conf')

 # LDAP config

+AUTH_LDAP_SERVER_URI = config['LDAP']['LDAPSERVER']
 # The search user
 AUTH_LDAP_BIND_DN = config['LDAP']['SEARCHUSER']
 # The password for the search user
-AUTH_LDAP_BIND_PASSWORD = config['LDAP']['SEARCHUSERPASSWORD']
+AUTH_LDAP_BIND_PASSWORD = config.get('LDAP','SEARCHUSERPASSWORD', raw=True)
 # Search union over two ou
 AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
        LDAPSearch("ou=users,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
--- a/dal/dal/views.py
+++ b/dal/dal/views.py
@ -100,6 +100,11 @@ class Register(View):
        if password1 != password2:
            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 
                'error': 'Your passwords did not match. Please supply the same password twice.' } )
+        # check for at least a bit of length on the password
+        if len(password1) < 8:
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 
+                'error': 'Your password is too short, please use a longer one. At least 8 characters.' } )
+
        email = request.POST.get('email')
        # Is the emailaddress valid?
        try:
--- a/dal/userservice.conf.example
+++ b/dal/userservice.conf.example
@ -10,4 +10,6 @@ RABBITMQ = guest:guest@127.0.0.1
 SEARCHUSER = uid=search,ou=system,dc=ungleich,dc=ch
 SEARCHUSERPASSWORD = fnord

+# Set up which LDAP server to query for auth

+LDAPSERVER = ldaps://ldap1.ungleich.ch
--- a/nameko-func.py
+++ b/nameko-func.py
@ -43,7 +43,7 @@ def ldapservers():
 # returns the full dn
 def user_or_customer(uid):
    server = ldapservers()
-    conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
+    conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP','LDAPMANAGERPASSWORD', raw=True))
    conn.bind()
    search_customers = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid)
    if search_customers:
@ -67,7 +67,7 @@ class UserLookUp(object):
        # Setup the search parameter and connect to LDAP
        LDAP_UID = 'uid=%s' % user
        server = ldapservers()
-        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
+        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP','LDAPMANAGERPASSWORD', raw=True))
        conn.bind()
        # Strange result. It keeps complaining LDAP_UID not set if I try to directly
        # substitute x and y to the if
@ -96,7 +96,7 @@ class CreateUser(object):
    def create_user(self, user, password, firstname, lastname, email):
        # Creates a user with some basic data
        server = ldapservers()
-        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
+        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP','LDAPMANAGERPASSWORD', raw=True))
        if not conn.bind():
            self.dispatch('ldap', '%s [Error CreateUser] Could not connect to LDAPserver\n' % datetime.now() )
            return "Could not connect to LDAP Server."
@ -132,8 +132,9 @@ class CreateUser(object):
        newuid = 0
        uidlist = []
        for c in conn.response:
-            uidlist.append(c['attribute']['uidNumber'])
-        newuid = sorted(uidlist)[len(uidlist)-1]
+            uidlist.append(c['attributes']['uidNumber'])
+        # New uid is highest old uidnumber plus one
+        newuid = (sorted(uidlist)[len(uidlist)-1] + 1)
        return newuid


@ -148,7 +149,7 @@ class GetUserData(object):
        # Setup the search parameter and connect to LDAP
        LDAP_UID = 'uid=%s' % user
        server = ldapservers()
-        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
+        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
        conn.bind()
        if not conn.bound:
            self.dispatch('ldap', '%s [Error GetUserData] Could not connect to LDAP server.\n' % datetime.now() )
@ -193,7 +194,7 @@ class ChangeUserData(object):
        LDAP_UID = 'uid=%s' % user
        server = ldapservers()
        # Establish connection with a user who can change the data
-        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
+        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
        if not conn.bind():
            self.dispatch('ldap', '%s [Error ChangeUserData] Could not connect to LDAP server.\n' % datetime.now() )
            return "Could not connect to LDAP server."
@ -241,7 +242,7 @@ class ChangePassword(object):
    def change_password(self, user, newpassword):
        LDAP_UID = 'uid=%s' % user
        server = ldapservers()
-        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
+        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
        if not conn.bind():
            self.dispatch('ldap', '%s [Error ChangePassword] Could not connect to LDAP server.\n' % datetime.now() )
            return "Could not connect to LDAP server."
@ -284,7 +285,7 @@ class DeleteUser(object):
    def delete_user(self, user):
        LDAP_UID = 'uid=%s' % user
        server = ldapservers()
-        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
+        conn = Connection(server, config['LDAP']['LDAPMANAGER'], config.get('LDAP', 'LDAPMANAGERPASSWORD', raw=True))
        conn.bind()
        if not conn.bound:
            self.dispatch('ldap', '%s [Error DeleteUser] Could not connect to LDAP server.\n' % datetime.now() )