def create_account(self, person, default_project): ua = super(AccountDataStore, self).create_account(person, default_project) conn = LDAPClient() ldap_attrs = __import__(settings.LDAP_ATTRS, {}, {}, ['']) data = conn.get_user('sAMAccountName=%s' % person.username).__dict__ data['cluster_account'] = True data['objectClass'] = settings.ACCOUNT_OBJECTCLASS data['default_project'] = default_project data['person'] = person conn.update_user( 'sAMAccountName=%s' % person.username, objectClass=settings.ACCOUNT_OBJECTCLASS, uidNumber=ldap_attrs.GENERATED_USER_ATTRS['uidNumber'](data), gidNumber=ldap_attrs.GENERATED_USER_ATTRS['gidNumber'](data), unixHomeDirectory=ldap_attrs.GENERATED_USER_ATTRS['unixHomeDirectory'](data), loginShell=ldap_attrs.GENERATED_USER_ATTRS['loginShell'](data), uid=person.username, msSFU30Name=person.username, msSFU30NisDomain=settings.LDAP_NISDOMAIN, unixUserPassword='******', ) del(conn) return ua
def user_exists(self, username): conn = LDAPClient() try: conn.get_user('uid=%s' % username) return True except DoesNotExistException: return False
def test_delete_activate_user(self): logged_in = self.client.login(username='******', password='******') user = Person.objects.get(user__username='******') self.assertEqual(user.is_active, True) self.assertEqual(user.project_set.count(), 1) self.assertEqual(user.useraccount_set.count(), 1) self.assertEqual(user.useraccount_set.all()[0].date_deleted, None) lcon = LDAPClient() luser = lcon.get_user('uid=kgtestuser3') self.assertEqual(luser.givenName, 'Test') response = self.client.get(reverse('admin_delete_user', args=[user.username])) self.failUnlessEqual(response.status_code, 200) # Test deleting response = self.client.post(reverse('admin_delete_user', args=[user.username])) self.failUnlessEqual(response.status_code, 302) user = Person.objects.get(user__username='******') self.assertEqual(user.is_active, False) self.assertEqual(user.project_set.count(), 0) self.assertEqual(user.useraccount_set.count(), 1) self.assertEqual(user.useraccount_set.all()[0].date_deleted, datetime.date.today()) self.failUnlessRaises(placard_exceptions.DoesNotExistException, lcon.get_user, 'uid=kgtestuser3') # Test activating response = self.client.post(reverse('admin_activate_user', args=[user.username])) self.failUnlessEqual(response.status_code, 302) user = Person.objects.get(user__username='******') self.assertEqual(user.is_active, True) luser = lcon.get_user('uid=kgtestuser3') self.assertEqual(luser.givenName, 'Test')
def test_add_remove_user_to_project(self): lcon = LDAPClient() luser = lcon.get_user('uid=kgtestuser2') self.client.login(username='******', password='******') project = Project.objects.get(pk='TestProject1') self.assertEqual(project.users.count(), 1) response = self.client.get(reverse('kg_project_detail', args=[project.pid])) self.failUnlessEqual(response.status_code, 200) ldap_members = LDAPClient().get_group_members('cn=%s' % project.pid) self.assertFalse(luser in ldap_members) new_user = Person.objects.get(user__username='******') response = self.client.post(reverse('kg_project_detail', args=[project.pid]), { 'person': new_user.id} ) self.failUnlessEqual(response.status_code, 302) project = Project.objects.get(pk='TestProject1') self.assertEqual(project.users.count(), 2) ldap_members = LDAPClient().get_group_members('cn=%s' % project.pid) self.assertTrue(luser in ldap_members) # remove user response = self.client.post(reverse('kg_remove_project_member', args=[project.pid, new_user.username])) self.failUnlessEqual(response.status_code, 302) project = Project.objects.get(pk='TestProject1') self.assertEqual(project.users.count(), 1) ldap_members = LDAPClient().get_group_members('cn=%s' % project.pid) self.assertFalse(luser in ldap_members)
def get_members(self, software): conn = LDAPClient() try: return conn.get_group_members('gidNumber=%s' % software.gid) except: return [] del(conn)
def get_name(self, software): conn = LDAPClient() try: ldap_group = conn.get_group('gidNumber=%s' % software.gid) return ldap_group.cn except DoesNotExistException: return 'No LDAP Group'
def delete_software(self, software): conn = LDAPClient() try: conn.delete_group('cn=%s' % software.pid) except DoesNotExistException: pass del(conn)
def test_admin_edit_project(self): project = Project.objects.get(pk='TestProject1') self.assertEqual(project.is_active, True) self.assertEqual(project.name, 'Test Project 1') self.assertTrue(Person.objects.get(pk=1) in project.leaders.all()) self.assertTrue(Person.objects.get(pk=3) in project.users.all()) self.client.login(username='******', password='******') response = self.client.get(reverse('kg_edit_project', args=['TestProject1'])) self.failUnlessEqual(response.status_code, 200) form_data = { 'name': 'Test Project 1 was 4', 'description': 'Test', 'institute': 1, 'leaders': [2,3], 'machine_category': 1, 'machine_categories': [1,], 'start_date': project.start_date, } response = self.client.post(reverse('kg_edit_project', args=['TestProject1']), form_data) self.failUnlessEqual(response.status_code, 302) project = Project.objects.get(pk='TestProject1') self.assertEqual(project.is_active, True) self.assertTrue(Person.objects.get(pk=2) in project.leaders.all()) self.assertTrue(Person.objects.get(pk=3) in project.leaders.all()) lcon = LDAPClient() lgroup = lcon.get_group('cn=%s' % project.pid) self.assertEqual(lgroup.cn, project.pid)
def test_admin_add_project_pid(self): projects = Project.objects.count() self.client.login(username='******', password='******') response = self.client.get(reverse('kg_add_project')) self.failUnlessEqual(response.status_code, 200) form_data = { 'pid': "Enrico", 'name': 'Test Project 4', 'description': 'Test', 'institute': 1, 'leaders': [2,3], 'machine_category': 1, 'machine_categories': [1,], 'start_date': datetime.date.today(), } response = self.client.post(reverse('kg_add_project'), form_data) self.failUnlessEqual(response.status_code, 302) project = Project.objects.get(pid="Enrico") self.assertEqual(project.is_active, True) self.assertEqual(project.date_approved, datetime.date.today()) self.assertEqual(project.approved_by, Person.objects.get(user__username='******')) self.assertEqual(project.pid, 'Enrico') self.assertTrue(Person.objects.get(pk=2) in project.leaders.all()) self.assertTrue(Person.objects.get(pk=3) in project.leaders.all()) lcon = LDAPClient() lgroup = lcon.get_group('cn=%s' % project.pid) self.assertEqual(lgroup.cn, project.pid)
def delete_user(self, person): super(PersonalDataStore, self).delete_user(person) conn = LDAPClient() try: conn.delete_user('uid=%s' % person.user.username) except DoesNotExistException: pass
def get_next_uid(data): if 'posixAccount' in data['objectClass']: from placard.client import LDAPClient conn = LDAPClient() uidNumber = conn.get_new_uid() return str(uidNumber) else: return ''
def unlock_user(self, person): super(PersonalDataStore, self).unlock_user(person) conn = LDAPClient() conn.update_user( 'sAMAccountName=%s' % person.username, userAccountControl=512, )
def lock_user(self, person): super(PersonalDataStore, self).lock_user(person) conn = LDAPClient() conn.update_user( 'uid=%s' % person.username, nsRoleDN=settings.LDAP_LOCK_DN, ) del(conn)
def is_locked(self, person): super(ldap_datastore.PersonalDataStore, self).is_locked(person) conn = LDAPClient() try: ldap_user = conn.get_user('uid=%s' % person.username) except DoesNotExistException: return True return conn.is_locked('uid=%s' % person.username)
def loginShell(self): conn = LDAPClient() try: ldap_user = conn.get_user('uid=%s' % self.username) except: return '' try: return ldap_user.loginShell except: return ''
def test_add_existing_name(self): lcon = LDAPClient() gid = lcon.add_group(cn='testinstitute27') institute = Institute.objects.create(name='Test Institute 27') lgroup = lcon.get_group('gidNumber=%s' % institute.gid) self.assertEqual(gid, institute.gid) self.assertEqual(institute.name.lower().replace(' ' , ''), lgroup.cn)
def test_add_existing_gid(self): lcon = LDAPClient() gid = lcon.add_group(cn='testinstituteother', gidNumber=['700']) institute = Institute.objects.create(name='Test Institute 26', gid=700) lgroup = lcon.get_group('gidNumber=%s' % institute.gid) self.assertEqual(gid, institute.gid) self.assertEqual(gid, 700)
def unlock_user(self, person): super(PersonalDataStore, self).unlock_user(person) conn = LDAPClient() dn = "uid=%s,%s" % (person.username, settings.LDAP_USER_BASE) old = { 'nsRoleDN': settings.LDAP_LOCK_DN, } new = {} conn.ldap_modify(dn, old, new) del(conn)
def is_locked(self, person): super(PersonalDataStore, self).is_locked(person) conn = LDAPClient() try: ldap_user = conn.get_user('sAMAccountName=%s' % person.username) except DoesNotExistException: return True if ldap_user.userAccountControl != '512': return True return False
def stest_admin_approve_account(self): from karaage.datastores import create_new_user logged_in = self.client.login(username='******', password='******') self.failUnlessEqual(logged_in, True) project = Project.objects.get(pid='TestProject1') p_users = project.users.count() institute = Institute.objects.get(pk=1) person_data = { 'title' : 'Mr', 'first_name': 'Jim', 'last_name': 'Bob', 'position': 'Researcher', 'institute': institute, 'department': 'Maths', 'email': '*****@*****.**', 'country': 'AU', 'telephone': '4444444', 'username': '******', 'password1': 'Exaiquouxei0', 'password2': 'Exaiquouxei0', } person = create_new_user(person_data) join_request = ProjectJoinRequest.objects.create( person=person, project=project, leader_approved=True, ) lcon = LDAPClient() self.failUnlessRaises(placard_exceptions.DoesNotExistException, lcon.get_user, 'uid=jimbob') self.failUnlessEqual(person.is_active, False) response = self.client.get(reverse('kg_account_request_detail', args=[join_request.id])) self.failUnlessEqual(response.status_code, 200) self.assertEquals(len(mail.outbox), 0) response = self.client.post(reverse('kg_account_approve', args=[join_request.id])) self.failUnlessEqual(response.status_code, 302) self.assertEquals(len(mail.outbox), 1) self.assertEquals(mail.outbox[0].subject, 'TestOrg Account approval') self.assertEquals(mail.outbox[0].from_email, settings.ACCOUNTS_EMAIL) self.assertEquals(mail.outbox[0].to[0], '*****@*****.**') self.failUnlessRaises(ProjectJoinRequest.DoesNotExist, ProjectJoinRequest.objects.get, pk=join_request.id) person = Person.objects.get(user__username='******') self.failUnlessEqual(person.is_active, True) luser = lcon.get_user('uid=jimbob') self.assertEqual(luser.givenName, 'Jim')
def delete_account(self, ua): super(AccountDataStore, self).delete_account(ua) conn = LDAPClient() conn.update_user( 'uid=%s' % ua.username, gecos='', uidNumber='', gidNumber='', homeDirectory='', loginShell='', objectClass=settings.USER_OBJECTCLASS ) del(conn)
def update_user(self, person): conn = LDAPClient() conn.update_user( 'sAMAccountName=%s' % person.username, cn='%s %s' % (str(person.first_name), str(person.last_name)), givenName=str(person.first_name), sn=str(person.last_name), telephoneNumber=str(person.telephone), mail=str(person.email), o=str(person.institute.name), ) del(conn) super(PersonalDataStore, self).update_user(person)
def delete_account(self, ua): super(AccountDataStore, self).delete_account(ua) conn = LDAPClient() conn.update_user( 'sAMAccountName=%s' % ua.username, uidNumber='', gidNumber='', unixHomeDirectory='', loginShell='', msSFU30Name='', msSFU30NisDomain='', unixUserPassword='', objectClass=settings.USER_OBJECTCLASS )
def is_locked(self, person): super(PersonalDataStore, self).is_locked(person) conn = LDAPClient() try: conn.get_user('uid=%s' % person.username) except DoesNotExistException: return True output = conn.ldap_search(settings.LDAP_USER_BASE, 'uid=%s' % person.username, retrieve_attributes=['nsAccountLock']) if output[0][1]: return True return False
def create_or_update_project(self, project): conn = LDAPClient() try: conn.get_group('cn=%s' % project.pid) except: conn.add_group(cn=str(project.pid)) users = [str(person.user.username) for person in project.users.all()] if users: conn.update_group('cn=%s' % project.pid, memberUid=users) else: conn.update_group('cn=%s' % project.pid, memberUid='') del(conn)
def update_account(self, ua): super(AccountDataStore, self).update_account(ua) conn = LDAPClient() ldap_attrs = __import__(settings.LDAP_ATTRS, {}, {}, ['']) data = conn.get_user('uid=%s' % ua.username).__dict__ data['default_project'] = ua.default_project data['person'] = ua.user conn.update_user( 'uid=%s' % ua.username, homeDirectory=ldap_attrs.GENERATED_USER_ATTRS['homeDirectory'](data), gecos=ldap_attrs.GENERATED_USER_ATTRS['gecos'](data), gidNumber=ldap_attrs.GENERATED_USER_ATTRS['gidNumber'](data), ) del(conn)
def create_institute(self, institute): conn = LDAPClient() if institute.gid: try: lgroup = conn.get_group("gidNumber=%s" % institute.gid) gid = int(lgroup.gidNumber) except DoesNotExistException: gid = conn.add_group(cn=str(institute.name.lower().replace(" ", "")), gidNumber=str(institute.gid)) else: try: lgroup = conn.get_group("cn=%s" % str(institute.name.lower().replace(" ", ""))) gid = int(lgroup.gidNumber) except DoesNotExistException: gid = conn.add_group(cn=str(institute.name.lower().replace(" ", ""))) del (conn) return gid
def test_add_useraccount(self): response = self.client.get(reverse('kg_add_useraccount', args=['samtest2'])) self.failUnlessEqual(response.status_code, 200) form_data = { 'machine_category': 1, 'default_project': 'TestProject1', } response = self.client.post(reverse('kg_add_useraccount', args=['samtest2']), form_data) self.failUnlessEqual(response.status_code, 302) person = Person.objects.get(user__username="******") lcon = LDAPClient() luser = lcon.get_user('uid=samtest2') self.assertEqual(luser.objectClass, settings.ACCOUNT_OBJECTCLASS) self.assertTrue(person.has_account(MachineCategory.objects.get(pk=1)))
def create_software(self, software): conn = LDAPClient() if software.gid: try: lgroup = conn.get_group("gidNumber=%s" % software.gid) gid = int(lgroup.gidNumber) except DoesNotExistException: gid = conn.add_group(cn=str(software.name.lower().replace(' ', '')), gidNumber=str(software.gid)) else: if not software.restricted and software.softwarelicense_set.count() == 0: return None try: lgroup = conn.get_group("cn=%s" % str(software.name.lower().replace(' ', ''))) gid = int(lgroup.gidNumber) except DoesNotExistException: gid = conn.add_group(cn=str(software.name.lower().replace(' ', ''))) del(conn) return gid
def test_admin_create_user_with_account(self): users = Person.objects.count() project = Project.objects.get(pid='TestProject1') p_users = project.users.count() logged_in = self.client.login(username='******', password='******') self.failUnlessEqual(logged_in, True) response = self.client.get(reverse('kg_add_user')) self.failUnlessEqual(response.status_code, 200) form_data = { 'title' : 'Mr', 'first_name': 'Sam', 'last_name': 'Morrison', 'position': 'Sys Admin', 'institute': 1, 'department': 'eddf', 'email': '*****@*****.**', 'country': 'AU', 'telephone': '4444444', 'username': '******', 'password1': 'Exaiquouxei0', 'password2': 'Exaiquouxei0', 'project': 'TestProject1', 'needs_account': True, 'machine_category': 1, } response = self.client.post(reverse('kg_add_user'), form_data) self.failUnlessEqual(response.status_code, 302) self.assertEqual(Person.objects.count(), users+1) users = users + 1 person = Person.objects.get(pk=users) self.assertEqual(person.is_active, True) self.assertEqual(person.user.username, 'samtest') self.assertEqual(UserAccount.objects.count(), 2) self.assertEqual(project.users.count(), p_users+1) lcon = LDAPClient() luser = lcon.get_user('uid=samtest') self.assertEqual(luser.givenName, 'Sam') self.assertEqual(luser.objectClass, settings.ACCOUNT_OBJECTCLASS) self.assertEqual(luser.homeDirectory, '/vpac/TestProject1/samtest/')