def __create_user_management(self):
from cmdb.user_management.models.user import UserModel
from cmdb.user_management.managers.user_manager import UserManager
from cmdb.user_management.managers.group_manager import GroupManager
from cmdb.user_management import __FIXED_GROUPS__
from cmdb.security.security import SecurityManager
scm = SecurityManager(self.setup_database_manager)
group_manager = GroupManager(self.setup_database_manager)
user_manager = UserManager(self.setup_database_manager)
for group in __FIXED_GROUPS__:
group_manager.insert(group)
# setting the initial user to admin/admin as default
admin_name = 'admin'
admin_pass = '******'
import datetime
admin_user = UserModel(
public_id=1,
user_name=admin_name,
active=True,
group_id=__FIXED_GROUPS__[0].get_public_id(),
registration_time=datetime.datetime.now(),
password=scm.generate_hmac(admin_pass),
)
user_manager.insert(admin_user)
return True
def authenticate(self, user_name: str, password: str, **kwargs) -> UserModel:
__dbm = DatabaseManagerMongo(
**SystemConfigReader().get_all_values_from_section('Database')
)
__user_manager = UserManager(__dbm)
try:
ldap_connection_status = self.connect()
LOGGER.debug(f'[LdapAuthenticationProvider] Connection status: {ldap_connection_status}')
except Exception as e:
LOGGER.error(f'[LdapAuthenticationProvider] Failed to connect to LDAP server - error: {e}')
raise AuthenticationError(LdapAuthenticationProvider.get_name(), e)
ldap_search_filter = self.config.search['searchfilter'].replace("%username%", user_name)
LOGGER.debug(f'[LdapAuthenticationProvider] Search Filter: {ldap_search_filter}')
search_result = self.__ldap_connection.search(self.config.search['basedn'], ldap_search_filter)
LOGGER.debug(f'[LdapAuthenticationProvider] Search result: {search_result}')
if not search_result or len(self.__ldap_connection.entries) == 0:
raise AuthenticationError(LdapAuthenticationProvider.get_name(), 'No matching entry')
for entry in self.__ldap_connection.entries:
LOGGER.debug(f'[LdapAuthenticationProvider] Entry: {entry}')
entry_dn = entry.entry_dn
try:
entry_connection_result = LdapAuthenticationProvider.Connection(self.__ldap_server, entry_dn, password,
auto_bind=True)
LOGGER.debug(f'[LdapAuthenticationProvider] UserModel connection result: {entry_connection_result}')
except Exception as e:
LOGGER.error(f'[LdapAuthenticationProvider] UserModel auth result: {e}')
raise AuthenticationError(LdapAuthenticationProvider.get_name(), e)
# Check if user exists
try:
user_instance: UserModel = __user_manager.get_by({'user_name': user_name})
except ManagerGetError as umge:
LOGGER.warning(f'[LdapAuthenticationProvider] UserModel exists on LDAP but not in database: {umge}')
LOGGER.debug(f'[LdapAuthenticationProvider] Try creating user: {user_name}')
try:
new_user_data = dict()
new_user_data['user_name'] = user_name
new_user_data['active'] = True
new_user_data['group_id'] = self.config.default_group
new_user_data['registration_time'] = datetime.now()
new_user_data['authenticator'] = LdapAuthenticationProvider.get_name()
except Exception as e:
LOGGER.debug(f'[LdapAuthenticationProvider] {e}')
raise AuthenticationError(LdapAuthenticationProvider.get_name(), e)
LOGGER.debug(f'[LdapAuthenticationProvider] New user was init')
try:
user_id = __user_manager.insert(new_user_data)
except ManagerInsertError as umie:
LOGGER.debug(f'[LdapAuthenticationProvider] {umie}')
raise AuthenticationError(LdapAuthenticationProvider.get_name(), umie)
try:
user_instance: UserModel = __user_manager.get(public_id=user_id)
except ManagerGetError as umge:
LOGGER.debug(f'[LdapAuthenticationProvider] {umge}')
raise AuthenticationError(LdapAuthenticationProvider.get_name(), umge)
return user_instance
def preset_database(database_manager, database_name):
from cmdb.database.errors.database_errors import DatabaseNotExists
from cmdb.security.key.generator import KeyGenerator
from cmdb.security.security import SecurityManager
from cmdb.user_management.managers.group_manager import GroupManager
from cmdb.user_management.managers.user_manager import UserManager
try:
database_manager.drop_database(database_name)
except DatabaseNotExists:
pass
from cmdb.user_management import __FIXED_GROUPS__
from datetime import datetime
kg = KeyGenerator(database_manager=database_manager)
kg.generate_rsa_keypair()
kg.generate_symmetric_aes_key()
group_manager = GroupManager(database_manager=database_manager)
user_manager = UserManager(database_manager=database_manager)
security_manager = SecurityManager(database_manager=database_manager)
for group in __FIXED_GROUPS__:
group_manager.insert(group)
admin_name = 'admin'
admin_pass = '******'
from cmdb.user_management import UserModel
admin_user = UserModel(
public_id=1,
user_name=admin_name,
active=True,
group_id=__FIXED_GROUPS__[0].public_id,
registration_time=datetime.now(),
password=security_manager.generate_hmac(admin_pass),
)
user_manager.insert(admin_user)
