def change_password(conninfo, credentials, old_password, new_password):
"Unlike SetUserPassword, acts implicitly on logged in user"
method = "POST"
uri = "/v1/session/change-password"
body = {
'old_password': util.parse_ascii(old_password, 'old password'),
'new_password': util.parse_ascii(new_password, 'new password')
}
return request.rest_request(conninfo, credentials, method, uri, body=body)
def login(conninfo, credentials, username, password):
method = "POST"
uri = "/v1/session/login"
login_info = {
'username': util.parse_ascii(username, 'username'),
'password': util.parse_ascii(password, 'password'),
}
resp = request.rest_request(conninfo, credentials, method, uri,
body=login_info)
# Authorization uses deltas in time, so we store this systems unix epoch as
# the issue date. That way time deltas can be computed locally.
# Server uses its own time deltas so the clocks must tick at the same rate.
resp[0]['issue'] = int(time.time())
return resp
def leave_ad(conninfo, credentials, domain, username, password):
method = "POST"
uri = "/v1/ad/leave"
# XXX scott: support none for these in the api, also, don't call domain
# assistant script in that case
if username is None:
username = ""
if password is None:
password = ""
config = {
"domain": util.parse_ascii(domain, 'domain'),
"user": util.parse_ascii(username, 'username'),
"password": util.parse_ascii(password, 'password')
}
return request.rest_request(conninfo, credentials, method, uri, body=config)
def set_user_password(conninfo, credentials, user_id, new_password):
user_id = int(user_id)
new_password = util.parse_ascii(new_password, 'password')
method = "POST"
uri = "/v1/users/%d/setpassword" % user_id
body = { 'new_password' : new_password }
return request.rest_request(conninfo, credentials, method, uri, body=body)
def add_user(conninfo, credentials, name, primary_group, uid):
method = "POST"
uri = "/v1/users/"
user_info = {
'name': util.parse_ascii(name, 'username'),
'primary_group': str(primary_group),
'uid': '' if uid is None else str(uid)
}
return request.rest_request(conninfo, credentials, method, uri,
body=user_info)
def add_group(conninfo, credentials, name, gid):
gid = gid if gid is None else str(gid)
method = "POST"
uri = "/v1/groups/"
group_info = {
'name': util.parse_ascii(name, 'group name'),
'gid': gid if gid is not None else '',
}
return request.rest_request(conninfo, credentials, method, uri,
body=group_info)
def modify_user(conninfo, credentials, user_id, name, primary_group,
uid, if_match=None):
user_id = int(user_id)
if_match = if_match if if_match is None else str(if_match)
method = "PUT"
uri = "/v1/users/%d" % user_id
user_info = {
'id': str(user_id),
'name': util.parse_ascii(name, 'username'),
'primary_group': str(primary_group),
'uid': '' if uid is None else str(uid)
}
return request.rest_request(conninfo, credentials, method, uri,
body=user_info, if_match=if_match)
def modify_group(conninfo, credentials, group_id, name, gid, if_match=None):
group_id = int(group_id)
name = util.parse_ascii(name, 'group_name')
gid = gid if gid is None else str(gid)
if_match = if_match if if_match is None else str(if_match)
method = "PUT"
uri = "/v1/groups/%d" % group_id
group_info = {
'id': str(group_id),
'name': name,
'gid': gid if gid is not None else '',
}
return request.rest_request(conninfo, credentials, method, uri,
body=group_info, if_match=if_match)
def join_ad(
conninfo, credentials, domain, username, password,
ou=None, domain_netbios=None, enable_ldap=False, base_dn=None):
method = "POST"
uri = "/v1/ad/join"
if ou is None:
ou = ""
if domain_netbios is None:
domain_netbios = ""
if base_dn is None:
base_dn = ""
config = {
"domain": util.parse_ascii(domain, 'domain'),
"domain_netbios": util.parse_ascii(domain_netbios, 'domain_netbios'),
"user": util.parse_ascii(username, 'username'),
"password": util.parse_ascii(password, 'password'),
"ou": util.parse_ascii(ou, 'ou'),
"use_ad_posix_attributes": enable_ldap,
"base_dn": util.parse_ascii(base_dn, 'base_dn'),
}
return request.rest_request(conninfo, credentials, method, uri, body=config)
