def __create_user_management(self): from cmdb.user_management.models.user import UserModel from cmdb.user_management.managers.user_manager import UserManager from cmdb.user_management.managers.group_manager import GroupManager from cmdb.user_management import __FIXED_GROUPS__ from cmdb.security.security import SecurityManager scm = SecurityManager(self.setup_database_manager) group_manager = GroupManager(self.setup_database_manager) user_manager = UserManager(self.setup_database_manager) for group in __FIXED_GROUPS__: group_manager.insert(group) # setting the initial user to admin/admin as default admin_name = 'admin' admin_pass = '******' import datetime admin_user = UserModel( public_id=1, user_name=admin_name, active=True, group_id=__FIXED_GROUPS__[0].get_public_id(), registration_time=datetime.datetime.now(), password=scm.generate_hmac(admin_pass), ) user_manager.insert(admin_user) return True
def authenticate(self, user_name: str, password: str, **kwargs) -> UserModel: __dbm = DatabaseManagerMongo( **SystemConfigReader().get_all_values_from_section('Database') ) __user_manager = UserManager(__dbm) try: ldap_connection_status = self.connect() LOGGER.debug(f'[LdapAuthenticationProvider] Connection status: {ldap_connection_status}') except Exception as e: LOGGER.error(f'[LdapAuthenticationProvider] Failed to connect to LDAP server - error: {e}') raise AuthenticationError(LdapAuthenticationProvider.get_name(), e) ldap_search_filter = self.config.search['searchfilter'].replace("%username%", user_name) LOGGER.debug(f'[LdapAuthenticationProvider] Search Filter: {ldap_search_filter}') search_result = self.__ldap_connection.search(self.config.search['basedn'], ldap_search_filter) LOGGER.debug(f'[LdapAuthenticationProvider] Search result: {search_result}') if not search_result or len(self.__ldap_connection.entries) == 0: raise AuthenticationError(LdapAuthenticationProvider.get_name(), 'No matching entry') for entry in self.__ldap_connection.entries: LOGGER.debug(f'[LdapAuthenticationProvider] Entry: {entry}') entry_dn = entry.entry_dn try: entry_connection_result = LdapAuthenticationProvider.Connection(self.__ldap_server, entry_dn, password, auto_bind=True) LOGGER.debug(f'[LdapAuthenticationProvider] UserModel connection result: {entry_connection_result}') except Exception as e: LOGGER.error(f'[LdapAuthenticationProvider] UserModel auth result: {e}') raise AuthenticationError(LdapAuthenticationProvider.get_name(), e) # Check if user exists try: user_instance: UserModel = __user_manager.get_by({'user_name': user_name}) except ManagerGetError as umge: LOGGER.warning(f'[LdapAuthenticationProvider] UserModel exists on LDAP but not in database: {umge}') LOGGER.debug(f'[LdapAuthenticationProvider] Try creating user: {user_name}') try: new_user_data = dict() new_user_data['user_name'] = user_name new_user_data['active'] = True new_user_data['group_id'] = self.config.default_group new_user_data['registration_time'] = datetime.now() new_user_data['authenticator'] = LdapAuthenticationProvider.get_name() except Exception as e: LOGGER.debug(f'[LdapAuthenticationProvider] {e}') raise AuthenticationError(LdapAuthenticationProvider.get_name(), e) LOGGER.debug(f'[LdapAuthenticationProvider] New user was init') try: user_id = __user_manager.insert(new_user_data) except ManagerInsertError as umie: LOGGER.debug(f'[LdapAuthenticationProvider] {umie}') raise AuthenticationError(LdapAuthenticationProvider.get_name(), umie) try: user_instance: UserModel = __user_manager.get(public_id=user_id) except ManagerGetError as umge: LOGGER.debug(f'[LdapAuthenticationProvider] {umge}') raise AuthenticationError(LdapAuthenticationProvider.get_name(), umge) return user_instance
def preset_database(database_manager, database_name): from cmdb.database.errors.database_errors import DatabaseNotExists from cmdb.security.key.generator import KeyGenerator from cmdb.security.security import SecurityManager from cmdb.user_management.managers.group_manager import GroupManager from cmdb.user_management.managers.user_manager import UserManager try: database_manager.drop_database(database_name) except DatabaseNotExists: pass from cmdb.user_management import __FIXED_GROUPS__ from datetime import datetime kg = KeyGenerator(database_manager=database_manager) kg.generate_rsa_keypair() kg.generate_symmetric_aes_key() group_manager = GroupManager(database_manager=database_manager) user_manager = UserManager(database_manager=database_manager) security_manager = SecurityManager(database_manager=database_manager) for group in __FIXED_GROUPS__: group_manager.insert(group) admin_name = 'admin' admin_pass = '******' from cmdb.user_management import UserModel admin_user = UserModel( public_id=1, user_name=admin_name, active=True, group_id=__FIXED_GROUPS__[0].public_id, registration_time=datetime.now(), password=security_manager.generate_hmac(admin_pass), ) user_manager.insert(admin_user)