From 789b6e4ecf01616452c82e52f425fce2d9d1da4d Mon Sep 17 00:00:00 2001
From: downhill <downhill@geekhabitat.de>
Date: Sun, 14 Oct 2018 19:21:17 +0200
Subject: [PATCH] Fixed typos and bugs, running okay on testenv

---
 dal/dal/settings.py                    |  6 +++---
 dal/dal/templates/changedpassword.html |  7 ++++++
 dal/dal/templates/deleteaccount.html   |  1 +
 dal/dal/templates/usercreated.html     |  7 ++++++
 dal/dal/templates/useroptions.html     |  3 +++
 dal/dal/urls.py                        |  3 ++-
 dal/dal/views.py                       | 20 +++++++++++------
 nameko-func.py                         | 30 +++++++++++++++++---------
 8 files changed, 56 insertions(+), 21 deletions(-)
 create mode 100644 dal/dal/templates/changedpassword.html
 create mode 100644 dal/dal/templates/usercreated.html

diff --git a/dal/dal/settings.py b/dal/dal/settings.py
index 0dfd7c7..2ce1abe 100644
--- a/dal/dal/settings.py
+++ b/dal/dal/settings.py
@@ -96,10 +96,10 @@ MIDDLEWARE = [
 
 # Backend for auth
 
-#AUTHENTICATION_BACKENDS = (
-#    'django_auth_ldap.backend.LDAPBackend',
+AUTHENTICATION_BACKENDS = (
+    'django_auth_ldap.backend.LDAPBackend',
 #    'django.contrib.auth.backends.ModelBackend',
-#)
+)
 
 
 ROOT_URLCONF = 'dal.urls'
diff --git a/dal/dal/templates/changedpassword.html b/dal/dal/templates/changedpassword.html
new file mode 100644
index 0000000..8ae9707
--- /dev/null
+++ b/dal/dal/templates/changedpassword.html
@@ -0,0 +1,7 @@
+<title> Password for {{user}}  changed. </title>
+
+<h2> The password for {{user}} has been changed. </h2>
+<br><br>
+<form action={% url 'index' %} method="get">
+	<input type="submit" value="Back to indexpage">
+</form>
diff --git a/dal/dal/templates/deleteaccount.html b/dal/dal/templates/deleteaccount.html
index bcc340b..b960f38 100644
--- a/dal/dal/templates/deleteaccount.html
+++ b/dal/dal/templates/deleteaccount.html
@@ -8,6 +8,7 @@
 <br><br>
 To delete an account, please type the username and password below:
 <form action={% url 'account_delete' %} method="post">
+	{% csrf_token %} 
 	<br><br>Username:<br>
 	<input type="text" name="username" id="username">
 	<br><br>Password:<br>
diff --git a/dal/dal/templates/usercreated.html b/dal/dal/templates/usercreated.html
new file mode 100644
index 0000000..a428109
--- /dev/null
+++ b/dal/dal/templates/usercreated.html
@@ -0,0 +1,7 @@
+<title> User {{ user }} created. </title>
+
+<h2> User {{ user }} was successfully created. </h2>
+<br><br>
+<form action={% url 'index' %} method="get">
+	<input type="submit" value="Back to Indexpage">
+</form>
diff --git a/dal/dal/templates/useroptions.html b/dal/dal/templates/useroptions.html
index ec60fc6..085fbe3 100644
--- a/dal/dal/templates/useroptions.html
+++ b/dal/dal/templates/useroptions.html
@@ -19,3 +19,6 @@ You have the following options:
 <form action={% url 'account_delete' %} method="get">
 	<input type="submit" value="Delete your account">
 </form>
+<form action={% url 'logout' %} method="get">
+	<input type="submit" value="Logout">
+</form>
diff --git a/dal/dal/urls.py b/dal/dal/urls.py
index efdb67c..0bf7d78 100644
--- a/dal/dal/urls.py
+++ b/dal/dal/urls.py
@@ -18,7 +18,7 @@ from django.urls import path
 from django.conf.urls import url
 from django.contrib import admin
 
-from .views import Register, ChangeData, ChangePassword, ResetPassword, DeleteAccount, Index
+from .views import Register, ChangeData, ChangePassword, ResetPassword, DeleteAccount, Index, LogOut
 
 urlpatterns = [
 #    path('admin/', admin.site.urls),
@@ -28,4 +28,5 @@ urlpatterns = [
     path('changepassword/', ChangePassword.as_view(), name="change_password"),
     path('deleteaccount/', DeleteAccount.as_view(), name="account_delete"),
     path('index/', Index.as_view(), name="index"),
+    path('logout/', LogOut.as_view(), name="logout"),
 ]
diff --git a/dal/dal/views.py b/dal/dal/views.py
index 3ac0ce5..514df85 100644
--- a/dal/dal/views.py
+++ b/dal/dal/views.py
@@ -1,6 +1,6 @@
 from django.shortcuts import render
 from django.views.generic import View
-from django.contrib.auth import authenticate, login
+from django.contrib.auth import authenticate, login, logout
 from django.contrib.auth.models import User
 from django.http import HttpResponse, HttpResponseRedirect
 from django.core.validators import validate_email, ValidationError
@@ -106,13 +106,13 @@ class ChangeData(View):
         login(request, user)
         # get basic data (firstname, lastname, email)
         with get_pool().next() as rpc:
-            (state, firstname, lastname, email) = rpc.getuserdata.get_data(user)
+            (state, firstname, lastname, email) = rpc.getuserdata.get_data(str(request.user))
         # If it throws an error, the errormessage gets put into firstname.. not great naming, but works best this way
         if state == "error":
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': firstname } )
         # The template puts the old data as standard in the fields
         else:
-            return render(request, 'changeuserdata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
+            return render(request, 'changeuserdata.html', { 'user': str(request.user), 'firstname': firstname, 'lastname': lastname, 'email': email } )
 
     # get the change request
     def post(self, request):
@@ -123,7 +123,7 @@ class ChangeData(View):
         if not request.user.is_authenticated:
             return render(request, 'mustbeloggedin.html')
         
-        user = request.user
+        user = str(request.user)
         firstname = request.POST.get('firstname')
         lastname = request.POST.get('lastname')
         email = request.POST.get('email')
@@ -199,7 +199,7 @@ class ChangePassword(View):
             return render(request, 'mustbeloggedin.html')
         login(request, request.user)
 
-        user = request.user
+        user = str(request.user)
         oldpassword = request.POST.get('oldpassword')
         check = authenticate(request, username=user, password=oldpassword)
         # Is the right password for the user supplied?
@@ -249,12 +249,18 @@ class DeleteAccount(View):
     
         # Try to delete the user
         with get_pool().next() as rpc:
-            result = rpc.deleteuser.delete_user(user)
+            result = rpc.deleteuser.delete_user(username)
         # User deleted
         if result == True:
+            logout(request)
             return render(request, 'deleteduser.html', { 'user': username } )
         # User not deleted, got some kind of error
         else:
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': result } )
 
-    
+
+class LogOut(View):
+
+    def get(self, request):
+        logout(request)
+        return HttpResponse("You have been logged out.", status=200)
diff --git a/nameko-func.py b/nameko-func.py
index 8eaee64..7b95046 100644
--- a/nameko-func.py
+++ b/nameko-func.py
@@ -44,12 +44,19 @@ def ldapservers():
 def user_or_customer(uid):
     server = ldapservers()
     conn = Connection(server)
-    if conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
+    conn.bind()
+    search_customers = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid)
+#    if conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
+    if search_customers:
+        conn.unbind()
         return '%s,ou=customers,dc=ungleich,dc=ch' % uid
-    elif conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
+    search_users = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid)
+#    elif conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
+    if search_users:
+        conn.unbind()
         return '%s,ou=customers,dc=ungleich,dc=ch' % uid
-    else:
-        return False
+    conn.unbind()
+    return False
 
 
 # checks if a user already exists in the LDAP
@@ -72,7 +79,7 @@ class UserLookUp(object):
         #if conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % LDAP_UID) or conn.search('ou=users,dc=ungleich,dc=ch', '(%s)' % LPAD_UID):
         if x or y:
             # return conn.entries[0] for first search result since we can assume uid is unique
-            self.dispatch('ldap', '%s [Info: UserLookUp] Searched for %s and found it: %s\n' % (datetime.now(), LDAP_UID, str(conn.entries[0])) )
+            self.dispatch('ldap', '%s [Info: UserLookUp] Searched for %s and found it\n' % (datetime.now(), LDAP_UID) )
             conn.unbind()
             # return True since the user is already in LDAP
             return True
@@ -132,7 +139,8 @@ class GetUserData(object):
         LDAP_UID = 'uid=%s' % user
         server = ldapservers()
         conn = Connection(server)
-        if not conn.bind():
+        conn.bind()
+        if not conn.bound:
             self.dispatch('ldap', '%s [Error GetUserData] Could not connect to LDAP server.\n' % datetime.now() )
             return ("error", "Could not connect to LDAP server.", "", "")
         rdn = user_or_customer(LDAP_UID)
@@ -234,7 +242,7 @@ class ChangePassword(object):
 
     @rpc
     def change_password(self, user, newpassword):
-        LDAP_UID = 'uid=%s'
+        LDAP_UID = 'uid=%s' % user
         server = ldapservers()
         conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
         if not conn.bind():
@@ -277,10 +285,11 @@ class DeleteUser(object):
 
     @rpc
     def delete_user(self, user):
-        LDAP_UID = user
+        LDAP_UID = 'uid=%s' % user
         server = ldapservers()
         conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
-        if not conn.bind():
+        conn.bind()
+        if not conn.bound:
             self.dispatch('ldap', '%s [Error DeleteUser] Could not connect to LDAP server.\n' % datetime.now() )
             return "Could not connect to LDAP server."
         # again, check whether the uid= is in ou=users or ou=customers
@@ -290,7 +299,8 @@ class DeleteUser(object):
             self.dispatch('ldap', '%s [Error DeleteUser] Could not find the user %s\n' % (datetime.now(), LDAP_UID) )
             return "Could not find the user."
         # Check if the delete was successfull
-        if not conn.delete(dn):
+        deleted = conn.delete(dn)
+        if not deleted:
             conn.unbind()
             self.dispatch('ldap', '%s [Error DeleteUser] Could not delete %s\n' % (datetime.now(), dn) )
             return "Could not delete the user."