def fetch_user_email(l, r): # @UnusedVariable
if len(r) != 1:
logger.warn("user [%s] not found" % username)
return ""
if isinstance(attr, list):
return dict([(x, r[0][1][x])
for x in attr
if x in r[0][1]])
elif attr in r[0][1]:
if isinstance(r[0][1][attr], list):
return [decode_s(x)
for x in r[0][1][attr]]
else:
return decode_s(r[0][1][attr])
return None
def _hash_password(self, password):
# At this point the password should be unicode. We converted it into
# system encoding.
password_b = encode_s(password)
import sha
hasher = sha.new()
hasher.update(password_b)
return decode_s(hasher.hexdigest())
def index(self, path_b=b"", **kwargs):
assert isinstance(path_b, str)
_logger.debug("repo settings [%s]", decode_s(path_b, 'replace'))
# Check user permissions
try:
repo_obj = self.validate_user_path(path_b)[0]
except librdiff.FileError as e:
_logger.exception("invalid user path [%s]", decode_s(path_b, 'replace'))
return self._compile_error_template(unicode(e))
# Check if any action to process.
params = {}
action = kwargs.get('action')
if action:
try:
if action == "delete":
params.update(self._handle_delete(repo_obj, **kwargs))
elif action == "set_encoding":
params.update(self._handle_set_encoding(repo_obj, **kwargs))
else:
_logger.info("unknown action: %s", action)
raise cherrypy.NotFound("Unknown action")
except ValueError as e:
params['error'] = unicode(e)
except HTTPRedirect as e:
# Re-raise HTTPRedirect exception.
raise e
except Exception as e:
_logger.warn("unknown error processing action", exc_info=True)
params['error'] = _("Unknown error")
# Get page data.
try:
params.update(self._get_parms_for_page(repo_obj))
except librdiff.FileError:
_logger.exception("can't create page params")
return self._compile_error_template(unicode(e))
# Generate page.
return self._compile_template("settings.html", **params)
def check_crendential(l, r):
# Check results
if len(r) != 1:
logger.debug("user [%s] not found in LDAP" % username)
return None
# Bind using the user credentials. Throws an exception in case of
# error.
l.simple_bind_s(r[0][0], encode_s(password))
l.unbind_s()
logger.info("user [%s] found in LDAP" % username)
# Return the username
return decode_s(r[0][1][self.attribute][0])
def _cp_dispatch(self, vpath):
"""
Used to dispatch `/prefs/<panelid>`
The `panelid` make reference to a plugin panel.
"""
# Notice vpath contains bytes.
if len(vpath) > 0:
# /the/full/path/
path = []
while len(vpath) > 0:
path.append(decode_s(unquote_url(vpath.pop(0))))
cherrypy.request.params['panelid'] = "/".join(path)
return self
return vpath
def _execute(self, username, function):
assert isinstance(username, unicode)
"""Reusable method to run LDAP operation."""
# try STARTLS if configured
if self.tls:
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
# Check LDAP credential only.
l = ldap.initialize(self.uri)
# Set v2 or v3
if self.version == 2:
l.protocol_version = ldap.VERSION2
else:
l.protocol_version = ldap.VERSION3
try:
# Bind to the LDAP server
logger.debug("binding to ldap server {}".format(self.uri))
l.simple_bind_s(self.bind_dn, self.bind_password)
# Search the LDAP server
search_filter = "(&{}({}={}))".format(
self.filter, self.attribute, username)
logger.debug("search ldap server: {}/{}?{}?{}?{}".format(
self.uri, self.base_dn, self.attribute, self.scope,
search_filter))
r = l.search_s(encode_s(self.base_dn),
self.scope,
encode_s(search_filter))
# Execute operation
return function(l, r)
except ldap.LDAPError as e:
l.unbind_s()
logger.warn('ldap error', exc_info=1)
if isinstance(e.message, dict) and 'desc' in e.message:
raise RdiffError(decode_s(e.message['desc']))
raise RdiffError(unicode(repr(e)))
