def lookup_submit(request): ''' this method handles the form submission for a username lookup. ''' #has_permission(request) #if the user submitted the form if request.method == "POST": username = request.POST['username'].strip() '''THIS SECTION VALIDATES THE USERNAME, RETURNS ERROR PAGES IF NOT VALID.''' if not username.startswith('pdx'): return render_to_response( 'error.html', {'error_msg': 'the username: {0} doesn\'t'.format(username) + \ ' start with "pdx".<br/><br/>If its not a sponsored' + \ ' account, the ticket should go to unix team'}, ) else: try: int(username[3:]) except: return render_to_response( 'error.html', {'error_msg': 'The username: {0}'.format(username) + \ ' doesn\'t end with a number<br/><br/>If its not' + \ ' a sponsored account, the ticket should go to' + \ ' unix-team'}, ) print "looking up username: {0}".format(username) #debug '''DO THE LDAP LOOKUP HERE''' search_obj = search( 'uid={0}'.format(username), {'basedn':'dc=pdx,dc=edu'}, my_creds, ) if search_obj[1] == []: return render_to_response( 'error.html', {'error_msg': "no matching record for {0}".format(username)},) else: try: user_dn = search_obj[1][0][0] user_cn = search_obj[1][0][1]['cn'][0] current_expire_date = search_obj[1][0][1]\ ['psuAccountExpireDate'][0] account_status = search_obj[1][0][1]\ ['psuUnixAccountStatus'][0] '''THIS ERROR WILL SHOW WHEN THERE AREN'T THE ABOVE NECESSARY PARTS''' except Exception as e: render_to_response( 'error.html', {'error_msg': str(e)}, ) print 'account_status: {0}'.format(account_status) if account_status.strip() == 'active': print 'active' account_status = True else: print 'not active' account_status = False print 'account_status: {0}'.format(account_status) expire_format = current_expire_date[4:6] + '/' + \ current_expire_date[6:8] + '/' + \ current_expire_date[0:4] '''OTHERWISE, RENDER THE EXTENSION FORM.''' this_extension_form = extension_form(initial={"custom_extend":""}) return render_to_response( 'extend.html', {'extension_form': this_extension_form, 'username': username, 'dn': user_dn, 'user_cn': user_cn, 'expire_format': expire_format, 'account_status': account_status, 'current_expire_date': current_expire_date}, context_instance= RequestContext(request) ) #if the user didn't submit the form, take them back to the initial page. else: blank_lookup_form(request)
def extend(request): ''' this method displays the results of the user lookup, and the form to grant an extension. ''' #has_permission(request) if request.method == "POST": username = request.POST['username'] user_dn = request.POST['user_dn'] current_expire_date = request.POST['current_expire_date'] print 'extend form submitted for dn: {0}'.format(user_dn) #debug print 'POST dict for this request: {0}'.format(request.POST) #debug new_expire_date = '' if 'one_year' in request.POST.keys(): print 'extending for one year.' #debug new_expire_date = one_year_process() else: one_year = False custom_extend = request.POST['custom_extend'] #print 'custom extend until {0}'.format(custom_extend) #debug custom_date_format = custom_date_process(custom_extend) if custom_date_format[0] == False: return render_to_response( 'error.html', {'error_msg': custom_date_format[1]}, context_instance = RequestContext(request), ) else: new_expire_date = custom_date_format[1] print 'custom extend until {0}'.format(custom_date_format) #debug '''TODO: LDAP EXTEND CODE HERE. will use new_expire_date for the new date.''' print "new_expire_date: {0}, len: {1}, type: {2}".format(new_expire_date, len(new_expire_date), type(new_expire_date)) #debug try: modify( user_dn, {'psuAccountExpireDate': [current_expire_date]}, {'psuAccountExpireDate': [str(new_expire_date)]}, my_creds) except Exception, e: print "error: {0}".format(e) '''LOOKUP TO MAKE SURE IT WENT THROUGH.''' search_obj = search( 'uid={0}'.format(username), {'basedn':'dc=pdx,dc=edu'}, my_creds, ) if search_obj[1] == []: return render_to_response( 'error.html', {'error_msg': "no matching record for {0}".format(username)},) else: try: user_dn = search_obj[1][0][0] user_cn = search_obj[1][0][1]['cn'][0] current_expire_date = search_obj[1][0][1]\ ['psuAccountExpireDate'][0] account_reset_errors = [] # loginShell should be '/bin/scsh' current_loginShell = search_obj[1][0][1]['loginShell'][0] print "current_loginShell: {0}".format(current_loginShell) #debug if current_loginShell != '/bin/tcsh': try: modify( user_dn, {'loginShell':[current_loginShell]}, {'loginShell':['/bin/tcsh']}, my_creds, ) except Exception, ex: account_reset_errors.append( ['loginShell', ex] ) #psuUnixAccountStatus should be active current_psuUnixAccountStatus = search_obj[1][0][1]['psuUnixAccountStatus'][0] print "current_psuUnixAccountStatus: {0}".format(current_psuUnixAccountStatus) #debug if current_psuUnixAccountStatus != 'active': try: modify( user_dn, {'psuUnixAccountStatus':[current_psuUnixAccountStatus]}, {'psuUnixAccountStatus':['active']}, my_creds, ) except Exception, ex: account_reset_errors.append( ['psuUnixAccountStatus', ex] ) #account will have a list of strings with values separated by colons in the string #the 3rd value should be the new expires date, the fourth should be "active" current_account = search_obj[1][0][1]['account'] print "current_account: {0}".format(current_account) #debug modified_account = [] for i in current_account: split_account = i.split(":") modified_line = "{0}:{1}:{2}:{3}:{4}".format( split_account[0], split_account[1], new_expire_date[:8], "active", split_account[4], ) modified_account.append(modified_line) try: modify( user_dn, {'account':current_account}, {'account':modified_account}, my_creds, ) except Exception, ex: if str(ex) != "{'info': 'no modifications specified', 'desc': 'Protocol error'}": account_reset_errors.append( ['account', ex] )