def ajax_ldap_pop_name_mail(request, cn):
try:
lists = dict()
# Get user
auth = AuthSession(request.session)
ldap_user = Ldap(auth).get_user(cn)
lists['ldap_name'] = '%s %s %s' % (ldap_user['givenName'],
ldap_user.get('initials', ''), ldap_user['sn'])
lists['ldap_email'] = ldap_user['mail']
lists['error'] = ' '
response = HttpResponse(loader.render_to_string(
AJAX_LDAP_USER_POP_NAME_MAIL, lists, context_instance=RequestContext(request)))
#render_to_response_ajax(AJAX_LDAP_USER_POP_NAME_MAIL, lists, context_instance=RequestContext(request))
response.status_code = 200
return response
except LDAPError, e:
logger.error("LDAP Error on ajax_ldap_pop_name_mail %s" % e)
lists['ldap_name'] = ' '
lists['ldap_email'] = ' '
lists[
'error'] = 'O LDAP não está disponível, não será possível associar o usuário CadVlan a um usuário do LDAP.'
def generate_token(request):
try:
lists = {}
form = forms.GenerateTokenForm(
request.POST) if request.method == 'POST' else forms.GenerateTokenForm()
if form.is_valid():
user_ldap_ass = ""
user = str(form.cleaned_data['user'])
idt = None if not form.cleaned_data[
'requestVip'] else form.cleaned_data['requestVip']
ttl = ACCESS_EXTERNAL_TTL if not form.cleaned_data[
'p'] else form.cleaned_data['p']
# Login with LDAP
if form.cleaned_data['is_ldap_user']:
username_ldap, password_ldap = str(user).split("@")
try:
user_ldap = Ldap("").get_user(username_ldap)
except LDAPNotFoundError, e:
raise Exception(auth_messages.get("user_ldap_not_found"))
pwd_ldap = user_ldap['userPassword']
activate = user_ldap.get('nsaccountlock')
pwd = password_ldap
if re.match("\{(MD|md)5\}.*", pwd_ldap, 0):
pwd = base64.b64encode(hashlib.md5(pwd).digest())
pwd_ldap = pwd_ldap[pwd_ldap.index("}") + 1:]
if pwd == pwd_ldap and (activate is None or activate.upper() == 'FALSE'):
# Valid User
client, client_user = facade.validate_user_networkapi(
user, form.cleaned_data['is_ldap_user'])
user_ldap_client = client_user.get('user')
user_ldap_ass = user_ldap_client['user_ldap']
else:
client_user = None
else:
# Valid User
client, client_user = facade.validate_user_networkapi(
user, form.cleaned_data['is_ldap_user'])
# Valid User
if client_user is None:
raise UserNotAuthenticatedError("user_invalid")
else:
# Valid idt
if idt is not None and not is_valid_int_param(idt):
raise Exception(
error_messages.get("invalid_param") % "requestVip")
# Valid ttl
if not is_valid_int_param(ttl):
raise Exception(error_messages.get("invalid_param") % "p")
if idt is not None:
client.create_vip().get_by_id(idt)
# Encrypt hash
user_hash = Encryption().Encrypt(user + "@" + str(user_ldap_ass))
# Get Authenticate User
authenticate_user = client_user.get('user')
# Get Permissions by Authenticate User
permissions = authenticate_user and authenticate_user.get('permission')
# Generates token
key = "%s:%s:%s" % (__name__, str(user), str(strftime("%Y%m%d%H%M%S")))
token = hashlib.sha1(key).hexdigest()
data_to_cache = {"user_hash": user_hash, "permissions": permissions}
# Set token in cache
cache.set(token, data_to_cache, int(ttl))
lists["token"] = token
if idt is not None:
lists["url"] = reverse("vip-request.edit.external", args=[idt])
else:
lists["url"] = reverse("vip-request.form.external")
return render_to_response(templates.VIPREQUEST_TOKEN, lists, context_instance=RequestContext(request))
except InvalidParameterError, e:
logger.error(e)
lists["error"] = error_messages.get("invalid_param") % "id"
def generate_token(request):
try:
lists = {}
form = forms.GenerateTokenForm(
request.POST
) if request.method == 'POST' else forms.GenerateTokenForm()
if form.is_valid():
user_ldap_ass = ""
user = str(form.cleaned_data['user'])
idt = None if not form.cleaned_data[
'requestVip'] else form.cleaned_data['requestVip']
ttl = ACCESS_EXTERNAL_TTL if not form.cleaned_data[
'p'] else form.cleaned_data['p']
# Login with LDAP
if form.cleaned_data['is_ldap_user']:
username_ldap, password_ldap = str(user).split("@")
try:
user_ldap = Ldap("").get_user(username_ldap)
except LDAPNotFoundError, e:
raise Exception(auth_messages.get("user_ldap_not_found"))
pwd_ldap = user_ldap['userPassword']
activate = user_ldap.get('nsaccountlock')
pwd = password_ldap
if re.match("\{(MD|md)5\}.*", pwd_ldap, 0):
pwd = base64.b64encode(hashlib.md5(pwd).digest())
pwd_ldap = pwd_ldap[pwd_ldap.index("}") + 1:]
if pwd == pwd_ldap and (activate is None
or activate.upper() == 'FALSE'):
# Valid User
client, client_user = facade.validate_user_networkapi(
user, form.cleaned_data['is_ldap_user'])
user_ldap_client = client_user.get('user')
user_ldap_ass = user_ldap_client['user_ldap']
else:
client_user = None
else:
# Valid User
client, client_user = facade.validate_user_networkapi(
user, form.cleaned_data['is_ldap_user'])
# Valid User
if client_user is None:
raise UserNotAuthenticatedError("user_invalid")
else:
# Valid idt
if idt is not None and not is_valid_int_param(idt):
raise Exception(
error_messages.get("invalid_param") % "requestVip")
# Valid ttl
if not is_valid_int_param(ttl):
raise Exception(error_messages.get("invalid_param") % "p")
if idt is not None:
client.create_vip().get_by_id(idt)
# Encrypt hash
user_hash = Encryption().Encrypt(user + "@" +
str(user_ldap_ass))
# Get Authenticate User
authenticate_user = client_user.get('user')
# Get Permissions by Authenticate User
permissions = authenticate_user and authenticate_user.get(
'permission')
# Generates token
key = "%s:%s:%s" % (__name__, str(user),
str(strftime("%Y%m%d%H%M%S")))
token = hashlib.sha1(key).hexdigest()
data_to_cache = {
"user_hash": user_hash,
"permissions": permissions
}
# Set token in cache
cache.set(token, data_to_cache, int(ttl))
lists["token"] = token
if idt is not None:
lists["url"] = reverse("vip-request.edit.external",
args=[idt])
else:
lists["url"] = reverse("vip-request.form.external")
return render_to_response(templates.VIPREQUEST_TOKEN,
lists,
context_instance=RequestContext(request))
except InvalidParameterError, e:
logger.error(e)
lists["error"] = error_messages.get("invalid_param") % "id"
