def group_delete(request, gid): if request.method == 'POST': group = UserGroup.objects.get(id=int(gid)) auth_services.get_services().ldap_delete_group(group) auth_services.get_services().delete_data_directory(group) group.delete() response = {'deleted': True} return HttpResponse(json.dumps(response, indent=4), content_type='application/json')
def password_reset_complete(request): """ View that checks the hash in a password reset link and presents a form for entering a new password. """ user_id = request.POST.get('user_id') token = request.POST.get('token') user = User.objects.get(id=user_id) errors = '' if user is not None and default_token_generator.check_token(user, token): if request.method == 'POST': temp_pass = request.POST.get('password') user.set_password(temp_pass) user.save() auth_services.get_services().ldap_change_user_password( user, temp_pass) request.session['username'] = user.username request.session['password'] = temp_pass user = authenticate(username=user.username, password=temp_pass) if user is not None: if user.is_active: login(request, user) return redirect('home') else: errors = _("Your account has been disabled") else: errors = _( "The username and password you have entered do not match our records" ) else: errors = _( 'Invalid token. Your link has expired, you need to ask for another one.' ) return render(request, 'registration/password_reset_confirm.html', {'errors': errors})
def password_update(request): if request.method == 'POST': password1 = request.POST.get('password1') password2 = request.POST.get('password2') if password1 == password2: user = User.objects.get(id=request.user.id) user.set_password(password1) user.save() auth_services.get_services().ldap_change_user_password( user, password1) response = {'success': True} else: response = {'success': False} return HttpResponse(json.dumps(response, indent=4), content_type='application/json')
def group_add(request): if request.method == 'POST': form = UserGroupForm(request.POST) message = None if form.is_valid(): try: if form.data['name'] == 'admin': message = _("Admin is a reserved group") raise Exception if _valid_name_regex.search(form.data['name']) == None: message = _( "Invalid user group name: '{value}'. Identifiers must begin with a letter or an underscore (_). Subsequent characters can be letters, underscores or numbers" ).format(value=form.data['name']) raise Exception group = UserGroup(name=form.data['name'], description=form.data['description']) group.save() auth_services.get_services().ldap_add_group(group) auth_services.get_services().add_data_directory(group) return redirect('group_list') except Exception as e: print str(e) return render(request, 'group_add.html', { 'form': form, 'message': message }) else: return render(request, 'group_add.html', {'form': form}) else: form = UserGroupForm() return render(request, 'group_add.html', {'form': form})
def user_delete(request, uid): if request.method == 'POST': user = User.objects.get(id=uid) groups_by_user = UserGroupUser.objects.filter(user_id=user.id) for ugu in groups_by_user: user_group = UserGroup.objects.get(id=ugu.user_group.id) auth_services.get_services().ldap_delete_group_member( user, user_group) auth_services.get_services().ldap_delete_default_group_member(user) auth_services.get_services().ldap_delete_user(user) user.delete() response = {'deleted': True} return HttpResponse(json.dumps(response, indent=4), content_type='application/json')
def user_update(request, uid): if request.method == 'POST': user = User.objects.get(id=int(uid)) assigned_groups = [] for key in request.POST: if 'group-' in key: assigned_groups.append(int(key.split('-')[1])) is_staff = False if 'is_staff' in request.POST: is_staff = True is_superuser = False if 'is_superuser' in request.POST: is_superuser = True is_staff = True user.first_name = request.POST.get('first_name') user.last_name = request.POST.get('last_name') user.email = request.POST.get('email') user.is_staff = is_staff user.save() if user.is_superuser and is_superuser: admin_group = UserGroup.objects.get(name__exact='admin') assigned_groups.append(admin_group.id) if not user.is_superuser and is_superuser: user.is_superuser = True user.save() admin_group = UserGroup.objects.get(name__exact='admin') auth_services.get_services().ldap_add_group_member( user, admin_group) assigned_groups.append(admin_group.id) if user.is_superuser and not is_superuser: user.is_superuser = False user.save() admin_group = UserGroup.objects.get(name__exact='admin') auth_services.get_services().ldap_delete_group_member( user, admin_group) groups_by_user = UserGroupUser.objects.filter(user_id=user.id) for ugu in groups_by_user: user_group = UserGroup.objects.get(id=ugu.user_group.id) auth_services.get_services().ldap_delete_group_member( user, user_group) ugu.delete() for ag in assigned_groups: user_group = UserGroup.objects.get(id=ag) usergroup_user = UserGroupUser(user=user, user_group=user_group) usergroup_user.save() auth_services.get_services().ldap_add_group_member( user, user_group) return redirect('user_list') else: selected_user = User.objects.get(id=int(uid)) groups = auth_utils.get_all_groups_checked_by_user(selected_user) return render( request, 'user_update.html', { 'uid': uid, 'selected_user': selected_user, 'user': request.user, 'groups': groups })
def user_add(request): ad_suffix = GVSIGOL_LDAP['AD'] if not ad_suffix: show_pass_form = True else: show_pass_form = False if request.method == 'POST': form = UserCreateForm(request.POST) if form.is_valid(): assigned_groups = [] is_staff = False if 'is_staff' in form.data: is_staff = True is_superuser = False if 'is_superuser' in form.data: is_superuser = True is_staff = True assigned_groups = [] for key in form.data: if 'group-' in key: assigned_groups.append(int(key.split('-')[1])) try: gs = geographic_servers.get_instance().get_default_server() server_object = Server.objects.get(id=int(gs.id)) if form.data['password1'] == form.data['password2']: user = User(username=form.data['username'].lower(), first_name=u''.join( form.data['first_name']).encode('utf-8'), last_name=u''.join( form.data['last_name']).encode('utf-8'), email=form.data['email'].lower(), is_superuser=is_superuser, is_staff=is_staff) user.set_password(form.data['password1']) user.save() #admin_group = UserGroup.objects.get(name__exact='admin') aux = UserGroup.objects.filter(name="admin") if aux.count() > 1: print "WARNING: table gvsigol_auth_usergroup inconsistent !!!!!!!!!!!" admin_group = aux[0] if user.is_superuser: auth_services.get_services().ldap_add_user( user, form.data['password1'], True) auth_services.get_services().ldap_add_group_member( user, admin_group) usergroup_user = UserGroupUser(user=user, user_group=admin_group) usergroup_user.save() else: auth_services.get_services().ldap_add_user( user, form.data['password1'], False) #auth_services.get_services().ldap_add_group_member(user, admin_group) for ag in assigned_groups: user_group = UserGroup.objects.get(id=ag) usergroup_user = UserGroupUser(user=user, user_group=user_group) usergroup_user.save() auth_services.get_services().ldap_add_group_member( user, user_group) #User backend if is_superuser or is_staff: ugroup = UserGroup( name='ug_' + form.data['username'].lower(), description=_(u'User group for') + ': ' + form.data['username'].lower()) ugroup.save() ugroup_user = UserGroupUser(user=user, user_group=ugroup) ugroup_user.save() auth_services.get_services().ldap_add_group(ugroup) auth_services.get_services().add_data_directory(ugroup) auth_services.get_services().ldap_add_group_member( user, ugroup) url = server_object.frontend_url + '/' ws_name = 'ws_' + form.data['username'].lower() if gs.createWorkspace(ws_name, url + ws_name): # save it on DB if successfully created newWs = Workspace( server=server_object, name=ws_name, description='', uri=url + ws_name, wms_endpoint=url + ws_name + '/wms', wfs_endpoint=url + ws_name + '/wfs', wcs_endpoint=url + ws_name + '/wcs', wmts_endpoint=url + 'gwc/service/wmts', cache_endpoint=url + 'gwc/service/wms', created_by=user.username, is_public=False) newWs.save() ds_name = 'ds_' + form.data['username'].lower() services_utils.create_datastore( request, user.username, ds_name, newWs) gs.reload_nodes() try: auth_utils.sendMail(user, form.data['password1']) except Exception as ex: print str(ex) pass return redirect('user_list') except Exception as e: print "ERROR: Problem creating user " + str(e) errors = [] errors.append( {'message': "ERROR: Problem creating user " + str(e)}) groups = auth_utils.get_all_groups() return render( request, 'user_add.html', { 'form': form, 'groups': groups, 'errors': errors, 'show_pass_form': show_pass_form }) else: groups = auth_utils.get_all_groups() return render(request, 'user_add.html', { 'form': form, 'groups': groups, 'show_pass_form': show_pass_form }) else: form = UserCreateForm() groups = auth_utils.get_all_groups() return render(request, 'user_add.html', { 'form': form, 'groups': groups, 'show_pass_form': show_pass_form })