Also check user before password reset

This commit is contained in:
PCoder 2019-02-24 23:25:12 +01:00
parent a5e91ffda2
commit bdb57221e5
2 changed files with 26 additions and 19 deletions

View File

@ -129,15 +129,29 @@ class LdapManager:
:return: True if password was changed successfully False otherwise
"""
conn = self.get_admin_conn()
return_val = conn.modify(
("uid={uid}," + settings.LDAP_CUSTOMER_DN).format(uid=uid),
{
"userpassword": (
ldap3.MODIFY_REPLACE,
[self._ssha_password(new_password.encode("utf-8"))]
)
}
# Make sure the user exists first to change his/her details
user_exists, entries = self.check_user_exists(
uid=uid,
search_base=settings.ENTIRE_SEARCH_BASE
)
return_val = False
if user_exists:
try:
return_val = conn.modify(
entries[0].entry_dn,
{
"userpassword": (
ldap3.MODIFY_REPLACE,
[self._ssha_password(new_password.encode("utf-8"))]
)
}
)
except Exception as ex:
logger.error("Exception: " + str(ex))
else:
logger.error("User {} not found".format(uid))
conn.unbind()
return return_val
@ -157,33 +171,25 @@ class LdapManager:
# Make sure the user exists first to change his/her details
user_exists, entries = self.check_user_exists(
uid=uid,
attributes=['uid', 'givenName', 'sn', 'mail', 'gidNumber'],
search_base=settings.ENTIRE_SEARCH_BASE
)
return_val = False
if user_exists:
details_dict = {k: (ldap3.MODIFY_REPLACE, [v.encode("utf-8")]) for
k, v in details.items()}
try:
return_val = conn.modify(
("uid={uid}," + settings.LDAP_CUSTOMER_DN
if entries[0].gidNumber.value == settings.LDAP_CUSTOMER_GROUP_ID
else settings.LDAP_USERS_DN).format(uid=uid),
details_dict
)
return_val = conn.modify(entries[0].entry_dn, details_dict)
msg = "success"
except Exception as ex:
msg = str(ex)
logger.error("Exception: " + msg)
return_val = False
finally:
conn.unbind()
else:
msg = "User {} not found".format(uid)
logger.error(msg)
raise Exception(msg)
conn.unbind()
return return_val, msg
def check_user_exists(self, uid, search_filter="", attributes=None,

View File

@ -176,6 +176,7 @@ class ResetPassword(View):
ldap_manager = LdapManager()
user_exists, entries = ldap_manager.check_user_exists(
uid=user,
search_base=settings.ENTIRE_SEARCH_BASE,
attributes=['uid', 'givenName', 'sn', 'mail']
)
if user_exists: