def change_view(self, request, object_id, form_url='', extra_context=None): person = Person.objects.get(id=object_id) enable_ldap_connection = LdapConn.enable() exists_in_ldap = None groups = None suggested_ldap_name = '' suggested_ldap_email = '' if enable_ldap_connection: exists_in_ldap = Person.exists_in_ldap( person.ldap_user_name ) groups = Group.all() suggested_ldap_name = Person.suggested_name(object_id) if hasattr(settings, 'LDAP_DOMAIN_MAIL') and settings.LDAP_DOMAIN_MAIL: suggested_ldap_email = "{}@{}".format(suggested_ldap_name, settings.LDAP_DOMAIN_MAIL) else: messages.warning(request, _('ldap_without_connection')) context = {'suggested_ldap_name': suggested_ldap_name, 'suggested_ldap_email': suggested_ldap_email, 'groups': groups, 'hide_save_box': (not enable_ldap_connection), 'exists_in_ldap': exists_in_ldap } return super(PersonAdmin, self).change_view(request, object_id,'',context)
def check_ldap(request): existing_name_in_ldap = None doc_type = None result = False if 'ldap_user_name' in request.POST and request.POST['ldap_user_name']: if Person.exists_in_ldap( request.POST['ldap_user_name'] ): existing_name_in_ldap = request.POST['ldap_user_name'] if 'doc_type' in request.POST and request.POST['doc_type']: doc_type = DocumentType.objects.get(pk=request.POST['doc_type']) if 'doc_num' in request.POST and request.POST['doc_num']: existing_name_in_ldap = Person.ldap_uid_by_id( request.POST['doc_num'], doc_type.name.upper() ) if existing_name_in_ldap: result = True topic_list = json.dumps({'exists': result, 'uid_in_ldap': existing_name_in_ldap}) return HttpResponse(topic_list)
def save_model(self, request, obj, form, change): ldap_user_name = str(obj.ldap_user_name) if obj.ldap_user_name else None udn = Person.ldap_udn_for( ldap_user_name ) try: if (not ldap_user_name) or (ldap_user_name is None): logging.warning("An LDAP user was not given. It is not updated!") super(PersonAdmin, self).save_model(request, obj, form, change) return if Person.exists_in_ldap(ldap_user_name): # actualizar ldap_person = Person.get_from_ldap(ldap_user_name) # update data ldap_person.update_ldap_data_from(obj) # update password only for superuser if str(ldap_person.ldap_user_password) != str(obj.ldap_user_password) \ and request.POST.has_key('ldap_user_password_check'): if request.user.is_superuser: logging.warning("User '%s' already exists in Ldap. changing password.." % ldap_user_name) Person.update_ldap_user_password ( ldap_user_name, str(obj.ldap_user_password) ) else: raise ValidationError( _('cant_change_password') ) # update group only for superuser if str(ldap_person.group_id) != str(obj.group_id): if request.user.is_superuser: logging.warning("User '%s' already exists in Ldap. Changing group '%s' by '%s'.." % \ (ldap_user_name,ldap_person.group_id, obj.group_id ) ) Group.add_member_to(ldap_user_name, {'group_id': str(obj.group_id)}) Group.remove_member_of(ldap_user_name, ldap_person.group_id) ldap_person.update_ldap_gidgroup( str(obj.group_id) ) else: raise ValidationError( _('cant_change_group') ) else: # crear nuevo new_uid_number = Person.next_ldap_uidNumber() if not (new_uid_number > 0): logging.error( "The following 'ldap user uid' could not be determined. " \ "The value obtained was %s" % str(new_uid_number)) raise ValidationError( _('without_ldap_user_uid') ) if Person.exist_ldap_uidNumber(new_uid_number): logging.error("The ldap user uidNumber '%s' already exist!." % str(new_uid_number)) new_uid_number = 0 raise ValidationError( _('uidnumber_already_exist') % {'uidnumber':str(new_uid_number)} ) # Create new ldapp user cnuser = LdapConn.parseattr( "%s %s" % (obj.name, obj.surname) ) snuser = LdapConn.parseattr( "%s" % obj.surname ) new_user = [ ('objectclass', settings.LDAP_PEOPLE_OBJECTCLASSES), ('cn', [cnuser]), ('sn', [snuser]), ('givenName', [ LdapConn.parseattr(obj.name)] ), ('paisdoc', [settings.LDAP_PEOPLE_PAISDOC] ), ('tipodoc', [str(obj.document_type)] ), ('numdoc', [str(obj.document_number)] ), ('uidNumber', [str(new_uid_number)] ), ('userPassword', [str(obj.ldap_user_password)] ), ('homedirectory', [str('%s%s' % ( settings.LDAP_PEOPLE_HOMEDIRECTORY_PREFIX, ldap_user_name))]), ('gidNumber', [str(obj.group_id)] ), ('loginShell', [str(settings.LDAP_PEOPLE_LOGIN_SHELL)]),] if obj.position: new_user.append(('employeeType', [str(obj.position)] )) if obj.area: new_user.append(('destinationIndicator', [str(obj.area)])) if obj.floor: new_user.append(('departmentNumber', [str(obj.floor)] )) if obj.work_phone: new_user.append(('telephoneNumber', [str(obj.work_phone)])) if obj.home_phone: new_user.append(('homePhone', [str(obj.home_phone)])) if obj.office_name(): new_user.append(('physicalDeliveryOfficeName', [str(LdapConn.parseattr(obj.office_name()))])) if obj.email: mails = [] mails.append(str(obj.email)) if obj.alternative_email: mails.append(str(obj.alternative_email)) new_user.append(('mail',mails)) Person.create_ldap_user( ldap_user_name, new_user ) # Update ldap groups cn_group = Group.cn_group_by_gid(obj.group_id) cn_groups = ['%s' % str(cn_group)] if settings.LDAP_DEFAULT_GROUPS: cn_groups += settings.LDAP_DEFAULT_GROUPS Group.add_member_in_groups( ldap_user_name, cn_groups ) obj.save() except ValidationError as e: messages.set_level(request, messages.ERROR) messages.error(request,"%s" % e[0])