mravi/ungleich-user
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Also check user before password reset

Browse source
This commit is contained in:
PCoder 2019-02-24 23:25:12 +01:00
parent a5e91ffda2
commit bdb57221e5
2 changed files with 26 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
dal/ungleich_ldap.py
View file

@ -129,15 +129,29 @@ class LdapManager:
:return: True if password was changed successfully False otherwise :return: True if password was changed successfully False otherwise
""" """
conn = self.get_admin_conn() conn = self.get_admin_conn()
return_val = conn.modify(
("uid={uid}," + settings.LDAP_CUSTOMER_DN).format(uid=uid), # Make sure the user exists first to change his/her details
{ user_exists, entries = self.check_user_exists(
"userpassword": ( uid=uid,
ldap3.MODIFY_REPLACE, search_base=settings.ENTIRE_SEARCH_BASE
[self._ssha_password(new_password.encode("utf-8"))]
)
}
) )
return_val = False
if user_exists:
try:
return_val = conn.modify(
entries[0].entry_dn,
{
"userpassword": (
ldap3.MODIFY_REPLACE,
[self._ssha_password(new_password.encode("utf-8"))]
)
}
)
except Exception as ex:
logger.error("Exception: " + str(ex))
else:
logger.error("User {} not found".format(uid))
conn.unbind() conn.unbind()
return return_val return return_val
@ -157,33 +171,25 @@ class LdapManager:
# Make sure the user exists first to change his/her details # Make sure the user exists first to change his/her details
user_exists, entries = self.check_user_exists( user_exists, entries = self.check_user_exists(
uid=uid, uid=uid,
attributes=['uid', 'givenName', 'sn', 'mail', 'gidNumber'],
search_base=settings.ENTIRE_SEARCH_BASE search_base=settings.ENTIRE_SEARCH_BASE
) )
return_val = False
if user_exists: if user_exists:
details_dict = {k: (ldap3.MODIFY_REPLACE, [v.encode("utf-8")]) for details_dict = {k: (ldap3.MODIFY_REPLACE, [v.encode("utf-8")]) for
k, v in details.items()} k, v in details.items()}
try: try:
return_val = conn.modify( return_val = conn.modify(entries[0].entry_dn, details_dict)
("uid={uid}," + settings.LDAP_CUSTOMER_DN
if entries[0].gidNumber.value == settings.LDAP_CUSTOMER_GROUP_ID
else settings.LDAP_USERS_DN).format(uid=uid),
details_dict
)
msg = "success" msg = "success"
except Exception as ex: except Exception as ex:
msg = str(ex) msg = str(ex)
logger.error("Exception: " + msg) logger.error("Exception: " + msg)
return_val = False
finally: finally:
conn.unbind() conn.unbind()
else: else:
msg = "User {} not found".format(uid) msg = "User {} not found".format(uid)
logger.error(msg) logger.error(msg)
raise Exception(msg) conn.unbind()
return return_val, msg return return_val, msg
def check_user_exists(self, uid, search_filter="", attributes=None, def check_user_exists(self, uid, search_filter="", attributes=None,

1
dal/views.py
View file

@ -176,6 +176,7 @@ class ResetPassword(View):
ldap_manager = LdapManager() ldap_manager = LdapManager()
user_exists, entries = ldap_manager.check_user_exists( user_exists, entries = ldap_manager.check_user_exists(
uid=user, uid=user,
search_base=settings.ENTIRE_SEARCH_BASE,
attributes=['uid', 'givenName', 'sn', 'mail'] attributes=['uid', 'givenName', 'sn', 'mail']
) )
if user_exists: if user_exists: