Fixed typos and bugs, running okay on testenv

This commit is contained in:
downhill 2018-10-14 19:21:17 +02:00
parent 09f7d42de4
commit 789b6e4ecf
8 changed files with 56 additions and 21 deletions

View File

@ -96,10 +96,10 @@ MIDDLEWARE = [
# Backend for auth
#AUTHENTICATION_BACKENDS = (
# 'django_auth_ldap.backend.LDAPBackend',
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
# 'django.contrib.auth.backends.ModelBackend',
#)
)
ROOT_URLCONF = 'dal.urls'

View File

@ -0,0 +1,7 @@
<title> Password for {{user}} changed. </title>
<h2> The password for {{user}} has been changed. </h2>
<br><br>
<form action={% url 'index' %} method="get">
<input type="submit" value="Back to indexpage">
</form>

View File

@ -8,6 +8,7 @@
<br><br>
To delete an account, please type the username and password below:
<form action={% url 'account_delete' %} method="post">
{% csrf_token %}
<br><br>Username:<br>
<input type="text" name="username" id="username">
<br><br>Password:<br>

View File

@ -0,0 +1,7 @@
<title> User {{ user }} created. </title>
<h2> User {{ user }} was successfully created. </h2>
<br><br>
<form action={% url 'index' %} method="get">
<input type="submit" value="Back to Indexpage">
</form>

View File

@ -19,3 +19,6 @@ You have the following options:
<form action={% url 'account_delete' %} method="get">
<input type="submit" value="Delete your account">
</form>
<form action={% url 'logout' %} method="get">
<input type="submit" value="Logout">
</form>

View File

@ -18,7 +18,7 @@ from django.urls import path
from django.conf.urls import url
from django.contrib import admin
from .views import Register, ChangeData, ChangePassword, ResetPassword, DeleteAccount, Index
from .views import Register, ChangeData, ChangePassword, ResetPassword, DeleteAccount, Index, LogOut
urlpatterns = [
# path('admin/', admin.site.urls),
@ -28,4 +28,5 @@ urlpatterns = [
path('changepassword/', ChangePassword.as_view(), name="change_password"),
path('deleteaccount/', DeleteAccount.as_view(), name="account_delete"),
path('index/', Index.as_view(), name="index"),
path('logout/', LogOut.as_view(), name="logout"),
]

View File

@ -1,6 +1,6 @@
from django.shortcuts import render
from django.views.generic import View
from django.contrib.auth import authenticate, login
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.models import User
from django.http import HttpResponse, HttpResponseRedirect
from django.core.validators import validate_email, ValidationError
@ -106,13 +106,13 @@ class ChangeData(View):
login(request, user)
# get basic data (firstname, lastname, email)
with get_pool().next() as rpc:
(state, firstname, lastname, email) = rpc.getuserdata.get_data(user)
(state, firstname, lastname, email) = rpc.getuserdata.get_data(str(request.user))
# If it throws an error, the errormessage gets put into firstname.. not great naming, but works best this way
if state == "error":
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': firstname } )
# The template puts the old data as standard in the fields
else:
return render(request, 'changeuserdata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
return render(request, 'changeuserdata.html', { 'user': str(request.user), 'firstname': firstname, 'lastname': lastname, 'email': email } )
# get the change request
def post(self, request):
@ -123,7 +123,7 @@ class ChangeData(View):
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
user = request.user
user = str(request.user)
firstname = request.POST.get('firstname')
lastname = request.POST.get('lastname')
email = request.POST.get('email')
@ -199,7 +199,7 @@ class ChangePassword(View):
return render(request, 'mustbeloggedin.html')
login(request, request.user)
user = request.user
user = str(request.user)
oldpassword = request.POST.get('oldpassword')
check = authenticate(request, username=user, password=oldpassword)
# Is the right password for the user supplied?
@ -249,12 +249,18 @@ class DeleteAccount(View):
# Try to delete the user
with get_pool().next() as rpc:
result = rpc.deleteuser.delete_user(user)
result = rpc.deleteuser.delete_user(username)
# User deleted
if result == True:
logout(request)
return render(request, 'deleteduser.html', { 'user': username } )
# User not deleted, got some kind of error
else:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': result } )
class LogOut(View):
def get(self, request):
logout(request)
return HttpResponse("You have been logged out.", status=200)

View File

@ -44,12 +44,19 @@ def ldapservers():
def user_or_customer(uid):
server = ldapservers()
conn = Connection(server)
if conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
conn.bind()
search_customers = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid)
# if conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
if search_customers:
conn.unbind()
return '%s,ou=customers,dc=ungleich,dc=ch' % uid
elif conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
search_users = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid)
# elif conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid):
if search_users:
conn.unbind()
return '%s,ou=customers,dc=ungleich,dc=ch' % uid
else:
return False
conn.unbind()
return False
# checks if a user already exists in the LDAP
@ -72,7 +79,7 @@ class UserLookUp(object):
#if conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % LDAP_UID) or conn.search('ou=users,dc=ungleich,dc=ch', '(%s)' % LPAD_UID):
if x or y:
# return conn.entries[0] for first search result since we can assume uid is unique
self.dispatch('ldap', '%s [Info: UserLookUp] Searched for %s and found it: %s\n' % (datetime.now(), LDAP_UID, str(conn.entries[0])) )
self.dispatch('ldap', '%s [Info: UserLookUp] Searched for %s and found it\n' % (datetime.now(), LDAP_UID) )
conn.unbind()
# return True since the user is already in LDAP
return True
@ -132,7 +139,8 @@ class GetUserData(object):
LDAP_UID = 'uid=%s' % user
server = ldapservers()
conn = Connection(server)
if not conn.bind():
conn.bind()
if not conn.bound:
self.dispatch('ldap', '%s [Error GetUserData] Could not connect to LDAP server.\n' % datetime.now() )
return ("error", "Could not connect to LDAP server.", "", "")
rdn = user_or_customer(LDAP_UID)
@ -234,7 +242,7 @@ class ChangePassword(object):
@rpc
def change_password(self, user, newpassword):
LDAP_UID = 'uid=%s'
LDAP_UID = 'uid=%s' % user
server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
if not conn.bind():
@ -277,10 +285,11 @@ class DeleteUser(object):
@rpc
def delete_user(self, user):
LDAP_UID = user
LDAP_UID = 'uid=%s' % user
server = ldapservers()
conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
if not conn.bind():
conn.bind()
if not conn.bound:
self.dispatch('ldap', '%s [Error DeleteUser] Could not connect to LDAP server.\n' % datetime.now() )
return "Could not connect to LDAP server."
# again, check whether the uid= is in ou=users or ou=customers
@ -290,7 +299,8 @@ class DeleteUser(object):
self.dispatch('ldap', '%s [Error DeleteUser] Could not find the user %s\n' % (datetime.now(), LDAP_UID) )
return "Could not find the user."
# Check if the delete was successfull
if not conn.delete(dn):
deleted = conn.delete(dn)
if not deleted:
conn.unbind()
self.dispatch('ldap', '%s [Error DeleteUser] Could not delete %s\n' % (datetime.now(), dn) )
return "Could not delete the user."