def change_view(self, request, object_id, form_url='', extra_context=None):
person = Person.objects.get(id=object_id)
enable_ldap_connection = LdapConn.enable()
exists_in_ldap = None
groups = None
suggested_ldap_name = ''
suggested_ldap_email = ''
if enable_ldap_connection:
exists_in_ldap = Person.exists_in_ldap( person.ldap_user_name )
groups = Group.all()
suggested_ldap_name = Person.suggested_name(object_id)
if hasattr(settings, 'LDAP_DOMAIN_MAIL') and settings.LDAP_DOMAIN_MAIL:
suggested_ldap_email = "{}@{}".format(suggested_ldap_name,
settings.LDAP_DOMAIN_MAIL)
else:
messages.warning(request, _('ldap_without_connection'))
context = {'suggested_ldap_name': suggested_ldap_name,
'suggested_ldap_email': suggested_ldap_email,
'groups': groups,
'hide_save_box': (not enable_ldap_connection),
'exists_in_ldap': exists_in_ldap }
return super(PersonAdmin, self).change_view(request, object_id,'',context)
def check_ldap(request):
existing_name_in_ldap = None
doc_type = None
result = False
if 'ldap_user_name' in request.POST and request.POST['ldap_user_name']:
if Person.exists_in_ldap( request.POST['ldap_user_name'] ):
existing_name_in_ldap = request.POST['ldap_user_name']
if 'doc_type' in request.POST and request.POST['doc_type']:
doc_type = DocumentType.objects.get(pk=request.POST['doc_type'])
if 'doc_num' in request.POST and request.POST['doc_num']:
existing_name_in_ldap = Person.ldap_uid_by_id( request.POST['doc_num'],
doc_type.name.upper() )
if existing_name_in_ldap:
result = True
topic_list = json.dumps({'exists': result, 'uid_in_ldap': existing_name_in_ldap})
return HttpResponse(topic_list)
def save_model(self, request, obj, form, change):
ldap_user_name = str(obj.ldap_user_name) if obj.ldap_user_name else None
udn = Person.ldap_udn_for( ldap_user_name )
try:
if (not ldap_user_name) or (ldap_user_name is None):
logging.warning("An LDAP user was not given. It is not updated!")
super(PersonAdmin, self).save_model(request, obj, form, change)
return
if Person.exists_in_ldap(ldap_user_name): # actualizar
ldap_person = Person.get_from_ldap(ldap_user_name)
# update data
ldap_person.update_ldap_data_from(obj)
# update password only for superuser
if str(ldap_person.ldap_user_password) != str(obj.ldap_user_password) \
and request.POST.has_key('ldap_user_password_check'):
if request.user.is_superuser:
logging.warning("User '%s' already exists in Ldap. changing password.." % ldap_user_name)
Person.update_ldap_user_password ( ldap_user_name, str(obj.ldap_user_password) )
else:
raise ValidationError( _('cant_change_password') )
# update group only for superuser
if str(ldap_person.group_id) != str(obj.group_id):
if request.user.is_superuser:
logging.warning("User '%s' already exists in Ldap. Changing group '%s' by '%s'.." % \
(ldap_user_name,ldap_person.group_id, obj.group_id ) )
Group.add_member_to(ldap_user_name, {'group_id': str(obj.group_id)})
Group.remove_member_of(ldap_user_name, ldap_person.group_id)
ldap_person.update_ldap_gidgroup( str(obj.group_id) )
else:
raise ValidationError( _('cant_change_group') )
else: # crear nuevo
new_uid_number = Person.next_ldap_uidNumber()
if not (new_uid_number > 0):
logging.error( "The following 'ldap user uid' could not be determined. " \
"The value obtained was %s" % str(new_uid_number))
raise ValidationError( _('without_ldap_user_uid') )
if Person.exist_ldap_uidNumber(new_uid_number):
logging.error("The ldap user uidNumber '%s' already exist!." % str(new_uid_number))
new_uid_number = 0
raise ValidationError( _('uidnumber_already_exist') % {'uidnumber':str(new_uid_number)} )
# Create new ldapp user
cnuser = LdapConn.parseattr( "%s %s" % (obj.name, obj.surname) )
snuser = LdapConn.parseattr( "%s" % obj.surname )
new_user = [
('objectclass', settings.LDAP_PEOPLE_OBJECTCLASSES),
('cn', [cnuser]),
('sn', [snuser]),
('givenName', [ LdapConn.parseattr(obj.name)] ),
('paisdoc', [settings.LDAP_PEOPLE_PAISDOC] ),
('tipodoc', [str(obj.document_type)] ),
('numdoc', [str(obj.document_number)] ),
('uidNumber', [str(new_uid_number)] ),
('userPassword', [str(obj.ldap_user_password)] ),
('homedirectory', [str('%s%s' % ( settings.LDAP_PEOPLE_HOMEDIRECTORY_PREFIX,
ldap_user_name))]),
('gidNumber', [str(obj.group_id)] ),
('loginShell', [str(settings.LDAP_PEOPLE_LOGIN_SHELL)]),]
if obj.position:
new_user.append(('employeeType', [str(obj.position)] ))
if obj.area:
new_user.append(('destinationIndicator', [str(obj.area)]))
if obj.floor:
new_user.append(('departmentNumber', [str(obj.floor)] ))
if obj.work_phone:
new_user.append(('telephoneNumber', [str(obj.work_phone)]))
if obj.home_phone:
new_user.append(('homePhone', [str(obj.home_phone)]))
if obj.office_name():
new_user.append(('physicalDeliveryOfficeName',
[str(LdapConn.parseattr(obj.office_name()))]))
if obj.email:
mails = []
mails.append(str(obj.email))
if obj.alternative_email:
mails.append(str(obj.alternative_email))
new_user.append(('mail',mails))
Person.create_ldap_user( ldap_user_name, new_user )
# Update ldap groups
cn_group = Group.cn_group_by_gid(obj.group_id)
cn_groups = ['%s' % str(cn_group)]
if settings.LDAP_DEFAULT_GROUPS:
cn_groups += settings.LDAP_DEFAULT_GROUPS
Group.add_member_in_groups( ldap_user_name, cn_groups )
obj.save()
except ValidationError as e:
messages.set_level(request, messages.ERROR)
messages.error(request,"%s" % e[0])
