def save_model(self, account):
super(Edit, self).update_model(account)
self.set_country(account)
self.append_groups(account)
settings = self.request.registry.settings
ldap = False
if 'pyvac.use_ldap' in settings:
ldap = asbool(settings.get('pyvac.use_ldap'))
if ldap:
# update in ldap
r = self.request
password = None
if 'user.password' in r.params and r.params['user.password']:
password = [hashPassword(r.params['user.password'])]
unit = None
if 'unit' in r.params and r.params['unit']:
unit = r.params['unit']
ldap = LdapCache()
ldap.update_user(account, password=password, unit=unit)
if self.user and not self.user.is_admin:
self.redirect_route = 'list_request'
def save_model(self, account):
super(Edit, self).update_model(account)
self.set_country(account)
self.append_groups(account)
settings = self.request.registry.settings
ldap = False
if 'pyvac.use_ldap' in settings:
ldap = asbool(settings.get('pyvac.use_ldap'))
if ldap:
# update in ldap
r = self.request
password = None
if 'user.password' in r.params and r.params['user.password']:
password = [hashPassword(r.params['user.password'])]
unit = None
if 'unit' in r.params and r.params['unit']:
unit = r.params['unit']
ldap = LdapCache()
ldap.update_user(account, password=password, unit=unit)
# update teams
uteams = {}
for team, members in ldap.list_teams().iteritems():
for member in members:
uteams.setdefault(member, []).append(team)
user_teams = uteams.get(account.dn, [])
# add to new teams
for team in r.params.getall('teams'):
members = ldap.get_team_members(team)
if account.dn not in members:
members.append(account.dn.encode('utf-8'))
ldap.update_team(team, members)
# remove from old teams
for team in user_teams:
if team not in r.params.getall('teams'):
members = ldap.get_team_members(team)
if account.dn in members:
members.remove(account.dn)
ldap.update_team(team, members)
if self.user and not self.user.is_admin:
self.redirect_route = 'list_request'
def render(self):
passhash = self.request.matchdict['passhash']
entry = PasswordRecovery.by_hash(self.session, passhash)
if not entry:
return HTTPFound(location=route_url('login', self.request))
if entry.expired:
msg = 'This password recovery request have expired.'
self.request.session.flash('error;%s' % msg)
self.session.delete(entry)
else:
errors = []
if 'form.submitted' in self.request.params:
r = self.request
settings = self.request.registry.settings
ldap = False
if 'pyvac.use_ldap' in settings:
ldap = asbool(settings.get('pyvac.use_ldap'))
if not len(r.params['user.password']):
errors.append(_(u'password cannot be empty'))
if r.params['user.password'] != r.params['confirm_password']:
errors.append(_(u'passwords do not match'))
if errors:
self.request.session.flash('error;%s' % ','.join(errors))
if not errors:
# change user password
if ldap:
# update in ldap
password = [hashPassword(r.params['user.password'])]
ldap = LdapCache()
ldap.update_user(entry.user, password=password)
else:
# update locally
entry.user.password = r.params['user.password']
msg = 'Password successfully changed'
self.request.session.flash('info;%s' % msg)
self.session.delete(entry)
return HTTPFound(location=route_url('login', self.request))
return {'user': entry.user}
def render(self):
passhash = self.request.matchdict['passhash']
entry = PasswordRecovery.by_hash(self.session, passhash)
if not entry:
return HTTPFound(location=route_url('login', self.request))
if entry.expired:
msg = 'This password recovery request have expired.'
self.request.session.flash('error;%s' % msg)
self.session.delete(entry)
else:
errors = []
if 'form.submitted' in self.request.params:
r = self.request
settings = self.request.registry.settings
ldap = False
if 'pyvac.use_ldap' in settings:
ldap = asbool(settings.get('pyvac.use_ldap'))
if not len(r.params['user.password']):
errors.append(_(u'password cannot be empty'))
if r.params['user.password'] != r.params['confirm_password']:
errors.append(_(u'passwords do not match'))
if errors:
self.request.session.flash('error;%s' % ','.join(errors))
if not errors:
# change user password
if ldap:
# update in ldap
password = [hashPassword(r.params['user.password'])]
ldap = LdapCache()
ldap.update_user(entry.user, password=password)
else:
# update locally
entry.user.password = r.params['user.password']
msg = 'Password successfully changed'
self.request.session.flash('info;%s' % msg)
self.session.delete(entry)
return HTTPFound(location=route_url('login', self.request))
return {'user': entry.user}
def render(self):
passhash = self.request.matchdict["passhash"]
entry = PasswordRecovery.by_hash(self.session, passhash)
if not entry:
return HTTPFound(location=route_url("login", self.request))
if entry.expired:
msg = "This password recovery request have expired."
self.request.session.flash("error;%s" % msg)
self.session.delete(entry)
else:
errors = []
if "form.submitted" in self.request.params:
r = self.request
settings = self.request.registry.settings
ldap = False
if "pyvac.use_ldap" in settings:
ldap = asbool(settings.get("pyvac.use_ldap"))
if not len(r.params["user.password"]):
errors.append(_(u"password cannot be empty"))
if r.params["user.password"] != r.params["confirm_password"]:
errors.append(_(u"passwords do not match"))
if errors:
self.request.session.flash("error;%s" % ",".join(errors))
if not errors:
# change user password
if ldap:
# update in ldap
password = [hashPassword(r.params["user.password"])]
ldap = LdapCache()
ldap.update_user(entry.user, password=password)
else:
# update locally
entry.user.password = r.params["user.password"]
msg = "Password successfully changed"
self.request.session.flash("info;%s" % msg)
self.session.delete(entry)
return HTTPFound(location=route_url("login", self.request))
return {"user": entry.user}
def save_model(self, account):
super(Edit, self).update_model(account)
self.set_country(account)
self.append_groups(account)
if 'disable_rtt' in self.request.params:
account.add_feature('disable_rtt', save=True)
else:
account.del_feature('disable_rtt', save=True)
settings = self.request.registry.settings
ldap = False
if 'pyvac.use_ldap' in settings:
ldap = asbool(settings.get('pyvac.use_ldap'))
if ldap:
# update in ldap
r = self.request
password = None
if 'user.password' in r.params and r.params['user.password']:
password = [hashPassword(r.params['user.password'])]
unit = None
if 'unit' in r.params and r.params['unit']:
unit = r.params['unit']
arrival_date = None
if 'arrival_date' in r.params and r.params['arrival_date']:
# cast to datetime
arrival_date = datetime.strptime(r.params['arrival_date'],
'%d/%m/%Y')
uid = None
if 'user.uid' in r.params and r.params['user.uid']:
uid = r.params['user.uid']
if (r.params.get('remove_photo', 'no') == 'yes'):
photo = ''
else:
try:
r.params['photofile'].file.seek(0)
photo = r.params['photofile'].file.read()
except:
photo = None
if photo:
log.info('uploading photo size: %d' % len(photo))
mobile = None
if 'mobile' in r.params:
mobile = r.params['mobile']
ldap = LdapCache()
ldap.update_user(account,
password=password,
unit=unit,
arrival_date=arrival_date,
uid=uid,
photo=photo,
mobile=mobile)
# only for admins
if self.user.is_admin:
# update teams
uteams = {}
for team, members in ldap.list_teams().iteritems():
for member in members:
uteams.setdefault(member, []).append(team)
user_teams = uteams.get(account.dn, [])
# add to new teams
for team in r.params.getall('teams'):
members = ldap.get_team_members(team)
if account.dn not in members:
members.append(account.dn.encode('utf-8'))
ldap.update_team(team, members)
# remove from old teams
for team in user_teams:
if team not in r.params.getall('teams'):
members = ldap.get_team_members(team)
if account.dn in members:
members.remove(account.dn)
ldap.update_team(team, members)
# update role for user in LDAP
old_role = account.role
if 'ldap_role' in r.params:
new_role = r.params['ldap_role']
if old_role != new_role:
log.info('LDAP role changed: %s -> %s' %
(old_role, new_role))
if new_role == 'manager':
ldap.add_manager(account.dn)
elif old_role == 'manager':
ldap.remove_manager(account.dn)
if new_role == 'admin':
ldap.add_admin(account.dn)
elif old_role == 'admin':
ldap.remove_admin(account.dn)
if self.user and not self.user.is_admin:
self.redirect_route = 'list_request'
def save_model(self, account):
super(Edit, self).update_model(account)
self.set_country(account)
self.append_groups(account)
if 'disable_rtt' in self.request.params:
account.add_feature('disable_rtt', save=True)
else:
account.del_feature('disable_rtt', save=True)
settings = self.request.registry.settings
ldap = False
if 'pyvac.use_ldap' in settings:
ldap = asbool(settings.get('pyvac.use_ldap'))
if ldap:
# update in ldap
r = self.request
password = None
if 'user.password' in r.params and r.params['user.password']:
password = [hashPassword(r.params['user.password'])]
unit = None
if 'unit' in r.params and r.params['unit']:
unit = r.params['unit']
arrival_date = None
if 'arrival_date' in r.params and r.params['arrival_date']:
# cast to datetime
arrival_date = datetime.strptime(r.params['arrival_date'],
'%d/%m/%Y')
uid = None
if 'user.uid' in r.params and r.params['user.uid']:
uid = r.params['user.uid']
if (r.params.get('remove_photo', 'no') == 'yes'):
photo = ''
else:
try:
photo = r.POST['photofile'].file.read()
except:
photo = None
ldap = LdapCache()
ldap.update_user(account,
password=password,
unit=unit,
arrival_date=arrival_date,
uid=uid,
photo=photo)
# update teams
uteams = {}
for team, members in ldap.list_teams().iteritems():
for member in members:
uteams.setdefault(member, []).append(team)
user_teams = uteams.get(account.dn, [])
# add to new teams
for team in r.params.getall('teams'):
members = ldap.get_team_members(team)
if account.dn not in members:
members.append(account.dn.encode('utf-8'))
ldap.update_team(team, members)
# remove from old teams
for team in user_teams:
if team not in r.params.getall('teams'):
members = ldap.get_team_members(team)
if account.dn in members:
members.remove(account.dn)
ldap.update_team(team, members)
if self.user and not self.user.is_admin:
self.redirect_route = 'list_request'