def check_has_pincard(user): pins = [] otp = False self.pins_check = [] self.otp = 'none' #Convert from username to uid and if user exist check for pincardManager #We don't tell to frontend if a user exists or not to avoid exposure to security flaws/brute forcing etc uid = username_to_uid(user) user_exist = True if uid is not None else False user_has_pincard = False #If user exists we check if has a pincard if user_exist: user_has_pincard = has_pincard(uid) #If user is root / uid 0 we check also if email notifications are enabled #If not user won't be able to reset password with pincard if uid == 0: user_has_pincard = user_has_pincard and email_notification_enabled() if user_has_pincard: self.pins_user_uname = user self.pins_user_uid = uid pins = reset_random_pins(uid) for pin in pins: self.pins_check.append(pin['pin_number']) #Set current time, user will have max 3 min to reset password self.pass_reset_time = datetime.now() if uid == 0: self.otp = generate_otp(user) otp = True self.emit('pincardManager:haspincard', {'key': 'pincardManager:haspincard', 'has_pincard': user_has_pincard, 'pins_check': pins, 'otp': otp})
def delete(self, request, username): with self._handle_exception(request): if request.user.username == username: e_msg = "Cannot delete the currently logged in user." handle_exception(Exception(e_msg), request) if username in self.exclude_list: e_msg = ("Delete of restricted user ({}) is not supported." ).format(username) handle_exception(Exception(e_msg), request) gid = None if User.objects.filter(username=username).exists(): u = User.objects.get(username=username) if u.user is not None: u.user.delete() gid = u.gid u.delete() else: sysusers = combined_users() found = False for u in sysusers: if u.username == username: found = True break if found is False: e_msg = "User ({}) does not exist.".format(username) handle_exception(Exception(e_msg), request) for g in combined_groups(): if (g.gid == gid and g.admin and not User.objects.filter(gid=gid).exists()): g.delete() # When user deleted destroy all Pincard entries flush_pincard(username_to_uid(username)) try: userdel(username) except Exception as e: logger.exception(e) e_msg = ( "A low level error occurred while deleting the user ({})." ).format(username) handle_exception(Exception(e_msg), request) return Response()
def delete(self, request, username): with self._handle_exception(request): if request.user.username == username: e_msg = ('Cannot delete the currently logged in user') handle_exception(Exception(e_msg), request) if (username in self.exclude_list): e_msg = ('Delete of restricted user(%s) is not supported.' % username) handle_exception(Exception(e_msg), request) gid = None if (User.objects.filter(username=username).exists()): u = User.objects.get(username=username) if (u.user is not None): u.user.delete() gid = u.gid u.delete() else: sysusers = combined_users() found = False for u in sysusers: if (u.username == username): found = True break if (found is False): e_msg = ('User(%s) does not exist' % username) handle_exception(Exception(e_msg), request) for g in combined_groups(): if (g.gid == gid and g.admin and not User.objects.filter(gid=gid).exists()): g.delete() # When user deleted destroy all Pincard entries flush_pincard(username_to_uid(username)) try: userdel(username) except Exception as e: logger.exception(e) e_msg = ('A low level error occured while deleting ' 'the user: %s' % username) handle_exception(Exception(e_msg), request) return Response()
def check_has_pincard(user): pins = [] otp = False self.pins_check = [] self.otp = "none" # Convert from username to uid and if user exist check for # pincardManager We don't tell to frontend if a user exists or not # to avoid exposure to security flaws/brute forcing etc uid = username_to_uid(user) user_exist = True if uid is not None else False user_has_pincard = False # If user exists we check if has a pincard if user_exist: user_has_pincard = has_pincard(uid) # If user is root / uid 0 we check also if email notifications are # enabled If not user won't be able to reset password with pincard if uid == 0: user_has_pincard = (user_has_pincard and email_notification_enabled() ) # noqa E501 if user_has_pincard: self.pins_user_uname = user self.pins_user_uid = uid pins = reset_random_pins(uid) for pin in pins: self.pins_check.append(pin["pin_number"]) # Set current time, user will have max 3 min to reset password self.pass_reset_time = datetime.now() if uid == 0: self.otp = generate_otp(user) otp = True self.emit( "haspincard", { "key": "pincardManager:haspincard", "has_pincard": user_has_pincard, "pins_check": pins, "otp": otp, }, )
def check_has_pincard(user): pins = [] otp = False self.pins_check = [] self.otp = 'none' #Convert from username to uid and if user exist check for pincardManager #We don't tell to frontend if a user exists or not to avoid exposure to security flaws/brute forcing etc uid = username_to_uid(user) user_exist = True if uid is not None else False user_has_pincard = False #If user exists we check if has a pincard if user_exist: user_has_pincard = has_pincard(uid) #If user is root / uid 0 we check also if email notifications are enabled #If not user won't be able to reset password with pincard if uid == 0: user_has_pincard = user_has_pincard and email_notification_enabled( ) if user_has_pincard: self.pins_user_uname = user self.pins_user_uid = uid pins = reset_random_pins(uid) for pin in pins: self.pins_check.append(pin['pin_number']) #Set current time, user will have max 3 min to reset password self.pass_reset_time = datetime.now() if uid == 0: self.otp = generate_otp(user) otp = True self.emit( 'haspincard', { 'key': 'pincardManager:haspincard', 'has_pincard': user_has_pincard, 'pins_check': pins, 'otp': otp })