Simplify search_base logic

This commit is contained in:
PCoder 2019-02-24 22:23:43 +01:00
parent bf3b3b364f
commit a5e91ffda2
2 changed files with 38 additions and 28 deletions

View file

@ -78,7 +78,6 @@ class LdapManager:
while user_exists: while user_exists:
user_exists, _ = self.check_user_exists( user_exists, _ = self.check_user_exists(
"", "",
True,
'(&(objectClass=inetOrgPerson)(objectClass=posixAccount)' '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)'
'(objectClass=top)(uidNumber={uidNumber}))'.format( '(objectClass=top)(uidNumber={uidNumber}))'.format(
uidNumber=uidNumber uidNumber=uidNumber
@ -154,34 +153,51 @@ class LdapManager:
:return: True if user details were updated successfully False otherwise :return: True if user details were updated successfully False otherwise
""" """
conn = self.get_admin_conn() conn = self.get_admin_conn()
details_dict = {k: (ldap3.MODIFY_REPLACE, [v.encode("utf-8")]) for k, v in details.items()}
try: # Make sure the user exists first to change his/her details
return_val = conn.modify( user_exists, entries = self.check_user_exists(
("uid={uid}," + settings.LDAP_CUSTOMER_DN).format(uid=uid), uid=uid,
details_dict attributes=['uid', 'givenName', 'sn', 'mail', 'gidNumber'],
) search_base=settings.ENTIRE_SEARCH_BASE
msg = "success" )
except Exception as ex:
msg = str(ex)
logger.error("Exception: " + msg) if user_exists:
return_val = False details_dict = {k: (ldap3.MODIFY_REPLACE, [v.encode("utf-8")]) for
finally: k, v in details.items()}
conn.unbind() try:
return_val = conn.modify(
("uid={uid}," + settings.LDAP_CUSTOMER_DN
if entries[0].gidNumber.value == settings.LDAP_CUSTOMER_GROUP_ID
else settings.LDAP_USERS_DN).format(uid=uid),
details_dict
)
msg = "success"
except Exception as ex:
msg = str(ex)
logger.error("Exception: " + msg)
return_val = False
finally:
conn.unbind()
else:
msg = "User {} not found".format(uid)
logger.error(msg)
raise Exception(msg)
return return_val, msg return return_val, msg
def check_user_exists(self, uid, is_customer=True, search_filter="", def check_user_exists(self, uid, search_filter="", attributes=None,
attributes=None): search_base=settings.LDAP_CUSTOMER_DN):
""" """
Check if the user with the given uid exists in the customer group. Check if the user with the given uid exists in the customer group.
:param uid: str representing the user :param uid: str representing the user
:param is_customer: bool representing whether the current user is a
customer. By default, the user is a customer (assume)
:param search_filter: str representing the filter condition to find :param search_filter: str representing the filter condition to find
users. If its empty, the search finds the user with users. If its empty, the search finds the user with
the given uid. the given uid.
:param attributes: list A list of str representing all the attributes :param attributes: list A list of str representing all the attributes
to be obtained in the result entries to be obtained in the result entries
:param search_base: str
:return: tuple (bool, [ldap3.abstract.entry.Entry ..]) :return: tuple (bool, [ldap3.abstract.entry.Entry ..])
A bool indicating if the user exists A bool indicating if the user exists
A list of all entries obtained in the search A list of all entries obtained in the search
@ -190,7 +206,7 @@ class LdapManager:
entries = [] entries = []
try: try:
result = conn.search( result = conn.search(
settings.LDAP_CUSTOMER_DN if is_customer else settings.LDAP_USERS_DN, search_base=search_base,
search_filter=search_filter if len(search_filter)> 0 else search_filter=search_filter if len(search_filter)> 0 else
'(uid={uid})'.format(uid=uid), '(uid={uid})'.format(uid=uid),
attributes=attributes attributes=attributes

View file

@ -102,15 +102,13 @@ class ChangeData(LoginRequiredMixin, View):
def get(self, request): def get(self, request):
urlname = 'change_data' urlname = 'change_data'
service = 'get default data for logged in user' service = 'get default data for logged in user'
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
user = request.user
user = request.user
ldap_manager = LdapManager() ldap_manager = LdapManager()
user_exists, entries = ldap_manager.check_user_exists( user_exists, entries = ldap_manager.check_user_exists(
uid=user.username, uid=user.username,
is_customer=True, attributes=['uid', 'givenName', 'sn', 'mail'],
attributes=['uid', 'givenName', 'sn', 'mail'] search_base=settings.ENTIRE_SEARCH_BASE
) )
if user_exists: if user_exists:
@ -136,10 +134,6 @@ class ChangeData(LoginRequiredMixin, View):
service = 'change user data' service = 'change user data'
urlname = 'change_data' urlname = 'change_data'
# Only logged in users may change data
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
firstname = request.POST.get('firstname') firstname = request.POST.get('firstname')
lastname = request.POST.get('lastname') lastname = request.POST.get('lastname')
email = request.POST.get('email') email = request.POST.get('email')