Python users Examples, modules.ldap.users Python Examples

Example #1

0

Show file

File: integritycheck.py Project: philleconnect/Rechnerverwaltung

def fixUser(id):
    if not es.isAuthorized("usermgmt"):
        return "ERR_ACCESS_DENIED", 403
    dbconn = db.database()
    ldapUsers = ldap.users()
    dbconn.execute(
        "SELECT P.id, P.firstname, P.lastname, P.preferredname, P.username, P.smb_homedir, P.email, H.smb_hash, H.unix_hash, P.unix_userid FROM people P INNER JOIN userpassword H ON H.people_id = P.id WHERE P.id = %s",
        (id, ))
    user = dbconn.fetchone()
    check = checkers.checkLdapUserEntry(user)
    if check == False or isinstance(check, list):
        ldapResult = ldapUsers.update(id)
        if ldapResult == -1:
            return "ERR_LDAP_ERROR", 500
        if ldapResult == -2:
            return "ERR_DATABASE_ERROR", 500
    else:
        return "ERR_ALL_DONE", 200
    try:
        removeError = requests.delete(
            url="http://localhost:25252/removeError/" + id +
            "/ERR_LDAP_ENTRY_MISSING/1")
    except:
        return "ERR_CONNECTION_ERROR", 500
    try:
        removeError = requests.delete(
            url="http://localhost:25252/removeError/" + id +
            "/ERR_LDAP_ENTRY_INCOMPLETE/1")
    except:
        return "ERR_CONNECTION_ERROR", 500
    return "SUCCESS", 200

Example #2

0

Show file

def setupAdmin():
    if os.path.exists(config.CONFIG_ADMINUSER_FILE):
        return "ERR_SETUP_ALREADY_DONE", 403
    else:
        dir = directory.directory()
        if dir.exists(request.form.get("user"), "users"):
            return "ERR_FOLDER_EXISTS", 500
        id = idsrv.getNew()
        dbconn = db.database()
        dbconn.execute("INSERT INTO people (id, firstname, lastname, username, email, smb_homedir, preferredname, persistant) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)", (id, request.form.get("firstname"), request.form.get("lastname"), request.form.get("user"), request.form.get("email"), "/home/users/" + request.form.get("user"), request.form.get("firstname") + " " + request.form.get("lastname"), 1))
        dbconn.execute("INSERT INTO userpassword (people_id, unix_hash, smb_hash, hint) VALUES (%s, %s, %s, %s)", (id, hash.unix(request.form.get("password")), hash.samba(request.form.get("password")), request.form.get("pwhint")))
        dbconn.execute("INSERT INTO people_has_groups (people_id, group_id) VALUES (%s, (SELECT id FROM groups WHERE name = 'root'))", (id,))
        if not dbconn.commit():
            return "ERR_DATABASE_ERROR", 500
        lu = ldap.users()
        if not lu.update(id) == 0:
            return "ERR_LDAP_ERROR", 500
        if not dir.create(request.form.get("user"), "users") == 0 and not dir.setMode(request.form.get("user"), "users", "511"):
            return "ERR_CREATE_HOMEFOLDER", 500
        dbconn.execute("SELECT unix_userid FROM people WHERE id = %s LIMIT 1", (id,))
        result = dbconn.fetchone()
        if not dir.setOwner(request.form.get("user"), "users", result["unix_userid"]):
            return "ERR_CREATE_HOMEFOLDER", 500
        open(config.CONFIG_ADMINUSER_FILE, "a").close()
        return "SUCCESS", 200

Example #3

0

Show file

File: public.py Project: philleconnect/Rechnerverwaltung

def checkUser(id):
    dbconn = db.database()
    ldapUsers = ldap.users()
    dbconn.execute("SELECT P.id, P.firstname, P.lastname, P.preferredname, P.username, P.smb_homedir, P.email, H.smb_hash, H.unix_hash, P.unix_userid FROM people P INNER JOIN userpassword H ON H.people_id = P.id WHERE P.id = %s", (id,))
    user = dbconn.fetchone()
    check = checkers.checkLdapUserEntry(user)
    if check == False or isinstance(check, list):
        ldapResult = ldapUsers.update(id)
        if ldapResult == -1:
            return "ERR_LDAP_ERROR", 500
        if ldapResult == -2:
            return "ERR_DATABASE_ERROR", 500
    return "SUCCESS", 200

Example #4

0

Show file

File: user.py Project: philleconnect/ServerContainers

def newPassword(id):
    if not es.isAuthorized("usermgmt"):
        return "ERR_ACCESS_DENIED", 403
    dbconn = db.database()
    lu = ldap.users()
    dbconn.execute(
        "SELECT unix_hash FROM userpassword UP INNER JOIN people P ON UP.people_id = P.id WHERE P.id = %s",
        (id, ))
    result = dbconn.fetchone()
    if not passlib.hash.ldap_salted_sha1.verify(request.form.get("old"),
                                                result["unix_hash"]):
        return "ERR_AUTH_PASSWORD", 500
    if not request.form.get("new1") == request.form.get("new2"):
        return "ERR_PASSWORDS_DIFFERENT", 500
    dbconn.execute(
        "UPDATE userpassword SET unix_hash = %s, smb_hash = %s, hint = %s, autogen = 0, cleartext = NULL WHERE people_id = %s",
        (hash.unix(request.form.get("new1")),
         hash.samba(request.form.get("new1")), request.form.get("pwhint"), id))
    if not dbconn.commit():
        return "ERR_DATABASE_ERROR", 500
    if not lu.update(id) == 0:
        return "ERR_LDAP_ERROR", 500
    return "SUCCESS", 200

Example #5

0

Show file

File: user.py Project: philleconnect/ServerContainers

def specificUser(id):
    if not es.isAuthorized("usermgmt"):
        return "ERR_ACCESS_DENIED", 403
    dbconn = db.database()
    lu = ldap.users()
    lg = ldap.groups()
    dir = directory.directory()
    if request.method == "GET":
        dbconn.execute(
            "SELECT firstname, lastname, preferredname, sex, title, short, email, DATE_FORMAT(birthdate, '%Y-%m-%d') AS birthdate, username, smb_homedir, persistant FROM people WHERE id = %s",
            (id, ))
        user = dbconn.fetchone()
        user["groups"] = []
        user["devices"] = []
        user["logins"] = []
        dbconn.execute(
            "SELECT G.name AS name, G.id AS id FROM groups G INNER JOIN people_has_groups PHG ON PHG.group_id = G.id INNER JOIN people P ON P.id = PHG.people_id WHERE P.id = %s",
            (id, ))
        for group in dbconn.fetchall():
            user["groups"].append(group)
        dbconn.execute("SELECT name, id FROM device WHERE people_id = %s",
                       (id, ))
        for device in dbconn.fetchall():
            user["devices"].append(device)
        dbconn.execute(
            "SELECT timestamp, info, type, D.name AS devicename, D.id AS deviceid, P.preferredname AS people FROM localLoginLog LLL LEFT JOIN device D ON D.id = LLL.device_id LEFT JOIN people P ON LLL.affected = P.id WHERE LLL.people_id = %s OR LLL.affected = %s",
            (id, id))
        for loginEvent in dbconn.fetchall():
            user["logins"].append(loginEvent)
        dbconn.execute(
            "SELECT autogen, cleartext FROM userpassword WHERE people_id = %s",
            (id, ))
        autogenPassword = dbconn.fetchone()
        if autogenPassword["autogen"] == 1:
            user["autogenPassword"] = autogenPassword["cleartext"]
        return jsonify(user), 200
    elif request.method == "PUT":
        short = request.form.get("short") if not request.form.get(
            "short") == "" and not request.form.get(
                "short").lower() == "null" else None
        sex = request.form.get("sex") if isinstance(request.form.get("sex"),
                                                    int) else 0
        dbconn.execute(
            "UPDATE people SET firstname = %s, lastname = %s, email = %s, title = %s, short = %s, birthdate = %s, sex = %s, persistant = %s WHERE id = %s",
            (request.form.get("firstname"), request.form.get("lastname"),
             request.form.get("email"), request.form.get("title"), short,
             request.form.get("birthdate"), sex,
             request.form.get("persistant"), id))
        if not dbconn.commit():
            return "ERR_DATABASE_ERROR", 500
        if not lu.update(id) == 0:
            return "ERR_LDAP_ERROR", 500
        return "SUCCESS", 200
    elif request.method == "DELETE":
        dbconn.execute("SELECT username FROM people WHERE id = %s", (id, ))
        user = dbconn.fetchone()["username"]
        if user == current_user.username:
            return "ERR_ACTUAL_ACCOUNT", 400
        if not lu.delete(id) == 0:
            return "ERR_LDAP_ERROR", 500
        failed = False
        dbconn.execute(
            "SELECT G.id FROM people P INNER JOIN people_has_groups PHG ON PHG.people_id = P.id INNER JOIN groups G ON G.id = PHG.group_id WHERE P.id = %s",
            (id, ))
        for group in dbconn.fetchall():
            if not lg.deleteUser(id, group["id"]) == 0:
                failed = True
        if failed:
            return "ERR_LDAP_ERROR", 500
        if dir.exists(user, "deleted"):
            if not dir.delete(user, "deleted") == 0:
                return "ERR_DELETE_PREVIOUS_FOLDER", 500
        dircode = dir.move(user, "users", user, "deleted")
        if not dircode == 0 and not dircode == -2:
            return "ERR_MOVE_DATA_FOLDER", 500
        dbconn.execute("DELETE FROM people WHERE id = %s", (id, ))
        if not dbconn.commit():
            return "ERR_DATABASE_ERROR", 500
        return "SUCCESS", 200

Example #6

0

Show file

File: user.py Project: philleconnect/ServerContainers

def createUser():
    if not es.isAuthorized("usermgmt"):
        return "ERR_ACCESS_DENIED", 403
    dir = directory.directory()
    if dir.exists(request.form.get("username"), "users"):
        return "ERR_FOLDER_EXISTS", 500
    dbconn = db.database()
    lu = ldap.users()
    lg = ldap.groups()
    id = idsrv.getNew()
    if not request.form.get("password") == request.form.get("password2"):
        return "ERR_PASSWORDS_DIFFERENT", 500
    try:
        short = request.form.get("short") if not request.form.get(
            "short") == "" and not request.form.get(
                "short").lower() == "null" else None
    except AttributeError:
        short = None
    persistant = 1 if request.form.get("persistant") else 0
    smb_homedir = "/home/users/" + request.form.get("username")
    sex = request.form.get("sex") if isinstance(request.form.get("sex"),
                                                int) else 0
    dbconn.execute(
        "INSERT INTO people (id, firstname, lastname, preferredname, sex, title, short, email, birthdate, username, smb_homedir, persistant) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
        (id, request.form.get("firstname"), request.form.get("lastname"),
         request.form.get("preferredname"), sex, request.form.get("title"),
         short, request.form.get("email"), request.form.get("birthdate"),
         request.form.get("username"), smb_homedir, persistant))
    if not dbconn.commit():
        return "ERR_DATABASE_ERROR", 500
    if not request.form.get("cleartext") is None:
        dbconn.execute(
            "INSERT INTO userpassword (people_id, unix_hash, smb_hash, hint, cleartext, autogen) VALUES (%s, %s, %s, %s, %s, 1)",
            (id, hash.unix(request.form.get("password")),
             hash.samba(request.form.get("password")),
             request.form.get("pwhint"), request.form.get("password")))
        if not dbconn.commit():
            return "ERR_DATABASE_ERROR", 500
    else:
        dbconn.execute(
            "INSERT INTO userpassword (people_id, unix_hash, smb_hash, hint, autogen) VALUES (%s, %s, %s, %s, 0)",
            (id, hash.unix(request.form.get("password")),
             hash.samba(
                 request.form.get("password")), request.form.get("pwhint")))
        if not dbconn.commit():
            return "ERR_DATABASE_ERROR", 500
    failed = False
    for group in json.loads(request.form.get("groups")):
        dbconn.execute(
            "INSERT INTO people_has_groups (people_id, group_id) VALUES (%s, %s)",
            (id, group))
        if not dbconn.commit():
            failed = True
        if not lg.addUser(id, group) == 0:
            failed = True
    if failed:
        return "ERR_DATABASE_ERROR", 500
    dircode = dir.create(request.form.get("username"), "users")
    if dircode == 0 and dir.setMode(request.form.get("username"), "users",
                                    "511"):  # 511 in octal gives 777
        if not lu.update(id) == 0:
            return "ERR_LDAP_ERROR", 500
        dbconn.execute("SELECT unix_userid FROM people WHERE id = %s LIMIT 1",
                       (id, ))
        result = dbconn.fetchone()
        if not dir.setOwner(request.form.get("username"), "users",
                            result["unix_userid"]):
            return "ERR_DATABASE_ERROR", 500
    elif dircode == -1:
        return "ERR_FOLDER_PLACE_INVALID", 500
    elif dircode == -4:
        return "ERR_FOLDER_EXISTS", 500
    else:
        return "ERR_CREATE_HOMEFOLDER", 500
    return "SUCCESS", 201

Example #7

0

Show file

File: integritycheckCheckers.py Project: philleconnect/Rechnerverwaltung

 def __init__(self):
     self.__ldapUsers = ldap.users()
     self.__ldapGroups = ldap.groups()
     self.__dir = directory.directory()