def test_reset_ldap_password(self):
user = TestUser("bill")
mock_ldap.reset()
fixture = SynchronisingUserAdapter(user)
fixture.reset_ldap_password()
self.assertEqual(mock_ldap.ldap_methods_called(), ['initialize', 'simple_bind_s', 'modify_s'])
self.assertEqual(mock_ldap.ldap_methods_called_with_arguments()[2][1], {
'who': 'uid=bill,ou=users,dc=test',
'attrs': [(2, 'userPassword', '{SSHA}!')],
})
def test_reset_ldap_password(self):
user = TestUser("bill")
mock_ldap.reset()
fixture = SynchronisingUserAdapter(user)
fixture.reset_ldap_password()
self.assertEqual(mock_ldap.ldap_methods_called(),
['initialize', 'simple_bind_s', 'modify_s'])
self.assertEqual(
mock_ldap.ldap_methods_called_with_arguments()[2][1], {
'who': 'uid=bill,ou=users,dc=test',
'attrs': [(2, 'userPassword', '{SSHA}!')],
})
def reset_ldap_password(username):
""" Set the user's ldap password to something that can never be entered,
effectively locking the account. We do not sync these passwords from
django, because django_auth_ldap sets all new accounts to these
passwords. """
from django_ldap_pixiedust.user import SynchronisingUserAdapter
backend = LDAPBackend()
user = User.objects.get(username=username)
ldap_user = backend.get_user(user.id)
sync = SynchronisingUserAdapter(ldap_user)
sync.reset_ldap_password()
