def create_account(self, person, default_project):
ua = super(AccountDataStore, self).create_account(person, default_project)
conn = LDAPClient()
ldap_attrs = __import__(settings.LDAP_ATTRS, {}, {}, [''])
data = conn.get_user('sAMAccountName=%s' % person.username).__dict__
data['cluster_account'] = True
data['objectClass'] = settings.ACCOUNT_OBJECTCLASS
data['default_project'] = default_project
data['person'] = person
conn.update_user(
'sAMAccountName=%s' % person.username,
objectClass=settings.ACCOUNT_OBJECTCLASS,
uidNumber=ldap_attrs.GENERATED_USER_ATTRS['uidNumber'](data),
gidNumber=ldap_attrs.GENERATED_USER_ATTRS['gidNumber'](data),
unixHomeDirectory=ldap_attrs.GENERATED_USER_ATTRS['unixHomeDirectory'](data),
loginShell=ldap_attrs.GENERATED_USER_ATTRS['loginShell'](data),
uid=person.username,
msSFU30Name=person.username,
msSFU30NisDomain=settings.LDAP_NISDOMAIN,
unixUserPassword='******',
)
del(conn)
return ua
def user_exists(self, username):
conn = LDAPClient()
try:
conn.get_user('uid=%s' % username)
return True
except DoesNotExistException:
return False
def test_delete_activate_user(self):
logged_in = self.client.login(username='******', password='******')
user = Person.objects.get(user__username='******')
self.assertEqual(user.is_active, True)
self.assertEqual(user.project_set.count(), 1)
self.assertEqual(user.useraccount_set.count(), 1)
self.assertEqual(user.useraccount_set.all()[0].date_deleted, None)
lcon = LDAPClient()
luser = lcon.get_user('uid=kgtestuser3')
self.assertEqual(luser.givenName, 'Test')
response = self.client.get(reverse('admin_delete_user', args=[user.username]))
self.failUnlessEqual(response.status_code, 200)
# Test deleting
response = self.client.post(reverse('admin_delete_user', args=[user.username]))
self.failUnlessEqual(response.status_code, 302)
user = Person.objects.get(user__username='******')
self.assertEqual(user.is_active, False)
self.assertEqual(user.project_set.count(), 0)
self.assertEqual(user.useraccount_set.count(), 1)
self.assertEqual(user.useraccount_set.all()[0].date_deleted, datetime.date.today())
self.failUnlessRaises(placard_exceptions.DoesNotExistException, lcon.get_user, 'uid=kgtestuser3')
# Test activating
response = self.client.post(reverse('admin_activate_user', args=[user.username]))
self.failUnlessEqual(response.status_code, 302)
user = Person.objects.get(user__username='******')
self.assertEqual(user.is_active, True)
luser = lcon.get_user('uid=kgtestuser3')
self.assertEqual(luser.givenName, 'Test')
def test_add_remove_user_to_project(self):
lcon = LDAPClient()
luser = lcon.get_user('uid=kgtestuser2')
self.client.login(username='******', password='******')
project = Project.objects.get(pk='TestProject1')
self.assertEqual(project.users.count(), 1)
response = self.client.get(reverse('kg_project_detail', args=[project.pid]))
self.failUnlessEqual(response.status_code, 200)
ldap_members = LDAPClient().get_group_members('cn=%s' % project.pid)
self.assertFalse(luser in ldap_members)
new_user = Person.objects.get(user__username='******')
response = self.client.post(reverse('kg_project_detail', args=[project.pid]), { 'person': new_user.id} )
self.failUnlessEqual(response.status_code, 302)
project = Project.objects.get(pk='TestProject1')
self.assertEqual(project.users.count(), 2)
ldap_members = LDAPClient().get_group_members('cn=%s' % project.pid)
self.assertTrue(luser in ldap_members)
# remove user
response = self.client.post(reverse('kg_remove_project_member', args=[project.pid, new_user.username]))
self.failUnlessEqual(response.status_code, 302)
project = Project.objects.get(pk='TestProject1')
self.assertEqual(project.users.count(), 1)
ldap_members = LDAPClient().get_group_members('cn=%s' % project.pid)
self.assertFalse(luser in ldap_members)
def get_members(self, software):
conn = LDAPClient()
try:
return conn.get_group_members('gidNumber=%s' % software.gid)
except:
return []
del(conn)
def get_name(self, software):
conn = LDAPClient()
try:
ldap_group = conn.get_group('gidNumber=%s' % software.gid)
return ldap_group.cn
except DoesNotExistException:
return 'No LDAP Group'
def delete_software(self, software):
conn = LDAPClient()
try:
conn.delete_group('cn=%s' % software.pid)
except DoesNotExistException:
pass
del(conn)
def test_admin_edit_project(self):
project = Project.objects.get(pk='TestProject1')
self.assertEqual(project.is_active, True)
self.assertEqual(project.name, 'Test Project 1')
self.assertTrue(Person.objects.get(pk=1) in project.leaders.all())
self.assertTrue(Person.objects.get(pk=3) in project.users.all())
self.client.login(username='******', password='******')
response = self.client.get(reverse('kg_edit_project', args=['TestProject1']))
self.failUnlessEqual(response.status_code, 200)
form_data = {
'name': 'Test Project 1 was 4',
'description': 'Test',
'institute': 1,
'leaders': [2,3],
'machine_category': 1,
'machine_categories': [1,],
'start_date': project.start_date,
}
response = self.client.post(reverse('kg_edit_project', args=['TestProject1']), form_data)
self.failUnlessEqual(response.status_code, 302)
project = Project.objects.get(pk='TestProject1')
self.assertEqual(project.is_active, True)
self.assertTrue(Person.objects.get(pk=2) in project.leaders.all())
self.assertTrue(Person.objects.get(pk=3) in project.leaders.all())
lcon = LDAPClient()
lgroup = lcon.get_group('cn=%s' % project.pid)
self.assertEqual(lgroup.cn, project.pid)
def test_admin_add_project_pid(self):
projects = Project.objects.count()
self.client.login(username='******', password='******')
response = self.client.get(reverse('kg_add_project'))
self.failUnlessEqual(response.status_code, 200)
form_data = {
'pid': "Enrico",
'name': 'Test Project 4',
'description': 'Test',
'institute': 1,
'leaders': [2,3],
'machine_category': 1,
'machine_categories': [1,],
'start_date': datetime.date.today(),
}
response = self.client.post(reverse('kg_add_project'), form_data)
self.failUnlessEqual(response.status_code, 302)
project = Project.objects.get(pid="Enrico")
self.assertEqual(project.is_active, True)
self.assertEqual(project.date_approved, datetime.date.today())
self.assertEqual(project.approved_by, Person.objects.get(user__username='******'))
self.assertEqual(project.pid, 'Enrico')
self.assertTrue(Person.objects.get(pk=2) in project.leaders.all())
self.assertTrue(Person.objects.get(pk=3) in project.leaders.all())
lcon = LDAPClient()
lgroup = lcon.get_group('cn=%s' % project.pid)
self.assertEqual(lgroup.cn, project.pid)
def delete_user(self, person):
super(PersonalDataStore, self).delete_user(person)
conn = LDAPClient()
try:
conn.delete_user('uid=%s' % person.user.username)
except DoesNotExistException:
pass
def get_next_uid(data):
if 'posixAccount' in data['objectClass']:
from placard.client import LDAPClient
conn = LDAPClient()
uidNumber = conn.get_new_uid()
return str(uidNumber)
else:
return ''
def unlock_user(self, person):
super(PersonalDataStore, self).unlock_user(person)
conn = LDAPClient()
conn.update_user(
'sAMAccountName=%s' % person.username,
userAccountControl=512,
)
def lock_user(self, person):
super(PersonalDataStore, self).lock_user(person)
conn = LDAPClient()
conn.update_user(
'uid=%s' % person.username,
nsRoleDN=settings.LDAP_LOCK_DN,
)
del(conn)
def is_locked(self, person):
super(ldap_datastore.PersonalDataStore, self).is_locked(person)
conn = LDAPClient()
try:
ldap_user = conn.get_user('uid=%s' % person.username)
except DoesNotExistException:
return True
return conn.is_locked('uid=%s' % person.username)
def loginShell(self):
conn = LDAPClient()
try:
ldap_user = conn.get_user('uid=%s' % self.username)
except:
return ''
try:
return ldap_user.loginShell
except:
return ''
def test_add_existing_name(self):
lcon = LDAPClient()
gid = lcon.add_group(cn='testinstitute27')
institute = Institute.objects.create(name='Test Institute 27')
lgroup = lcon.get_group('gidNumber=%s' % institute.gid)
self.assertEqual(gid, institute.gid)
self.assertEqual(institute.name.lower().replace(' ' , ''), lgroup.cn)
def test_add_existing_gid(self):
lcon = LDAPClient()
gid = lcon.add_group(cn='testinstituteother', gidNumber=['700'])
institute = Institute.objects.create(name='Test Institute 26', gid=700)
lgroup = lcon.get_group('gidNumber=%s' % institute.gid)
self.assertEqual(gid, institute.gid)
self.assertEqual(gid, 700)
def unlock_user(self, person):
super(PersonalDataStore, self).unlock_user(person)
conn = LDAPClient()
dn = "uid=%s,%s" % (person.username, settings.LDAP_USER_BASE)
old = {
'nsRoleDN': settings.LDAP_LOCK_DN,
}
new = {}
conn.ldap_modify(dn, old, new)
del(conn)
def is_locked(self, person):
super(PersonalDataStore, self).is_locked(person)
conn = LDAPClient()
try:
ldap_user = conn.get_user('sAMAccountName=%s' % person.username)
except DoesNotExistException:
return True
if ldap_user.userAccountControl != '512':
return True
return False
def stest_admin_approve_account(self):
from karaage.datastores import create_new_user
logged_in = self.client.login(username='******', password='******')
self.failUnlessEqual(logged_in, True)
project = Project.objects.get(pid='TestProject1')
p_users = project.users.count()
institute = Institute.objects.get(pk=1)
person_data = {
'title' : 'Mr',
'first_name': 'Jim',
'last_name': 'Bob',
'position': 'Researcher',
'institute': institute,
'department': 'Maths',
'email': '*****@*****.**',
'country': 'AU',
'telephone': '4444444',
'username': '******',
'password1': 'Exaiquouxei0',
'password2': 'Exaiquouxei0',
}
person = create_new_user(person_data)
join_request = ProjectJoinRequest.objects.create(
person=person,
project=project,
leader_approved=True,
)
lcon = LDAPClient()
self.failUnlessRaises(placard_exceptions.DoesNotExistException, lcon.get_user, 'uid=jimbob')
self.failUnlessEqual(person.is_active, False)
response = self.client.get(reverse('kg_account_request_detail', args=[join_request.id]))
self.failUnlessEqual(response.status_code, 200)
self.assertEquals(len(mail.outbox), 0)
response = self.client.post(reverse('kg_account_approve', args=[join_request.id]))
self.failUnlessEqual(response.status_code, 302)
self.assertEquals(len(mail.outbox), 1)
self.assertEquals(mail.outbox[0].subject, 'TestOrg Account approval')
self.assertEquals(mail.outbox[0].from_email, settings.ACCOUNTS_EMAIL)
self.assertEquals(mail.outbox[0].to[0], '*****@*****.**')
self.failUnlessRaises(ProjectJoinRequest.DoesNotExist, ProjectJoinRequest.objects.get, pk=join_request.id)
person = Person.objects.get(user__username='******')
self.failUnlessEqual(person.is_active, True)
luser = lcon.get_user('uid=jimbob')
self.assertEqual(luser.givenName, 'Jim')
def delete_account(self, ua):
super(AccountDataStore, self).delete_account(ua)
conn = LDAPClient()
conn.update_user(
'uid=%s' % ua.username,
gecos='',
uidNumber='',
gidNumber='',
homeDirectory='',
loginShell='',
objectClass=settings.USER_OBJECTCLASS
)
del(conn)
def update_user(self, person):
conn = LDAPClient()
conn.update_user(
'sAMAccountName=%s' % person.username,
cn='%s %s' % (str(person.first_name), str(person.last_name)),
givenName=str(person.first_name),
sn=str(person.last_name),
telephoneNumber=str(person.telephone),
mail=str(person.email),
o=str(person.institute.name),
)
del(conn)
super(PersonalDataStore, self).update_user(person)
def delete_account(self, ua):
super(AccountDataStore, self).delete_account(ua)
conn = LDAPClient()
conn.update_user(
'sAMAccountName=%s' % ua.username,
uidNumber='',
gidNumber='',
unixHomeDirectory='',
loginShell='',
msSFU30Name='',
msSFU30NisDomain='',
unixUserPassword='',
objectClass=settings.USER_OBJECTCLASS
)
def is_locked(self, person):
super(PersonalDataStore, self).is_locked(person)
conn = LDAPClient()
try:
conn.get_user('uid=%s' % person.username)
except DoesNotExistException:
return True
output = conn.ldap_search(settings.LDAP_USER_BASE,
'uid=%s' % person.username,
retrieve_attributes=['nsAccountLock'])
if output[0][1]:
return True
return False
def create_or_update_project(self, project):
conn = LDAPClient()
try:
conn.get_group('cn=%s' % project.pid)
except:
conn.add_group(cn=str(project.pid))
users = [str(person.user.username) for person in project.users.all()]
if users:
conn.update_group('cn=%s' % project.pid, memberUid=users)
else:
conn.update_group('cn=%s' % project.pid, memberUid='')
del(conn)
def update_account(self, ua):
super(AccountDataStore, self).update_account(ua)
conn = LDAPClient()
ldap_attrs = __import__(settings.LDAP_ATTRS, {}, {}, [''])
data = conn.get_user('uid=%s' % ua.username).__dict__
data['default_project'] = ua.default_project
data['person'] = ua.user
conn.update_user(
'uid=%s' % ua.username,
homeDirectory=ldap_attrs.GENERATED_USER_ATTRS['homeDirectory'](data),
gecos=ldap_attrs.GENERATED_USER_ATTRS['gecos'](data),
gidNumber=ldap_attrs.GENERATED_USER_ATTRS['gidNumber'](data),
)
del(conn)
def create_institute(self, institute):
conn = LDAPClient()
if institute.gid:
try:
lgroup = conn.get_group("gidNumber=%s" % institute.gid)
gid = int(lgroup.gidNumber)
except DoesNotExistException:
gid = conn.add_group(cn=str(institute.name.lower().replace(" ", "")), gidNumber=str(institute.gid))
else:
try:
lgroup = conn.get_group("cn=%s" % str(institute.name.lower().replace(" ", "")))
gid = int(lgroup.gidNumber)
except DoesNotExistException:
gid = conn.add_group(cn=str(institute.name.lower().replace(" ", "")))
del (conn)
return gid
def test_add_useraccount(self):
response = self.client.get(reverse('kg_add_useraccount', args=['samtest2']))
self.failUnlessEqual(response.status_code, 200)
form_data = {
'machine_category': 1,
'default_project': 'TestProject1',
}
response = self.client.post(reverse('kg_add_useraccount', args=['samtest2']), form_data)
self.failUnlessEqual(response.status_code, 302)
person = Person.objects.get(user__username="******")
lcon = LDAPClient()
luser = lcon.get_user('uid=samtest2')
self.assertEqual(luser.objectClass, settings.ACCOUNT_OBJECTCLASS)
self.assertTrue(person.has_account(MachineCategory.objects.get(pk=1)))
def create_software(self, software):
conn = LDAPClient()
if software.gid:
try:
lgroup = conn.get_group("gidNumber=%s" % software.gid)
gid = int(lgroup.gidNumber)
except DoesNotExistException:
gid = conn.add_group(cn=str(software.name.lower().replace(' ', '')), gidNumber=str(software.gid))
else:
if not software.restricted and software.softwarelicense_set.count() == 0:
return None
try:
lgroup = conn.get_group("cn=%s" % str(software.name.lower().replace(' ', '')))
gid = int(lgroup.gidNumber)
except DoesNotExistException:
gid = conn.add_group(cn=str(software.name.lower().replace(' ', '')))
del(conn)
return gid
def test_admin_create_user_with_account(self):
users = Person.objects.count()
project = Project.objects.get(pid='TestProject1')
p_users = project.users.count()
logged_in = self.client.login(username='******', password='******')
self.failUnlessEqual(logged_in, True)
response = self.client.get(reverse('kg_add_user'))
self.failUnlessEqual(response.status_code, 200)
form_data = {
'title' : 'Mr',
'first_name': 'Sam',
'last_name': 'Morrison',
'position': 'Sys Admin',
'institute': 1,
'department': 'eddf',
'email': '*****@*****.**',
'country': 'AU',
'telephone': '4444444',
'username': '******',
'password1': 'Exaiquouxei0',
'password2': 'Exaiquouxei0',
'project': 'TestProject1',
'needs_account': True,
'machine_category': 1,
}
response = self.client.post(reverse('kg_add_user'), form_data)
self.failUnlessEqual(response.status_code, 302)
self.assertEqual(Person.objects.count(), users+1)
users = users + 1
person = Person.objects.get(pk=users)
self.assertEqual(person.is_active, True)
self.assertEqual(person.user.username, 'samtest')
self.assertEqual(UserAccount.objects.count(), 2)
self.assertEqual(project.users.count(), p_users+1)
lcon = LDAPClient()
luser = lcon.get_user('uid=samtest')
self.assertEqual(luser.givenName, 'Sam')
self.assertEqual(luser.objectClass, settings.ACCOUNT_OBJECTCLASS)
self.assertEqual(luser.homeDirectory, '/vpac/TestProject1/samtest/')
