def password(self, request, username=None, relname=None):
user = self.get_object()
old_password = None
try:
password = request.DATA['password']
old_password = request.DATA['old_password']
except KeyError:
pass
# TODO: add smart error case catching
if user.is_sudo_user(request) or (old_password and test_user_ldap(user.username, old_password)) or request.user.has_perm('fum.add_users'):
try:
user.set_ldap_password(password)
return Response("Ok", status=200)
except Exception, e:
return Response("New password too similar to the username or to an old password", status=403)
def enable_superuser(request):
if request.is_ajax():
response = {}
now = datetime.utcnow()
# Check if not valid
timeout = request.session.get('sudo_timeout', None)
if timeout is not None and timeout < now:
request.session.pop('sudo_timeout')
response['desc'] = 'Sudoer timeout, please refresh.'
return HttpResponse(json.dumps(response),
status=status.HTTP_401_UNAUTHORIZED,
content_type='application/json')
if timeout is None:
try:
password = request.REQUEST['password']
except KeyError:
response['desc'] = 'No password in form.'
return HttpResponse(json.dumps(response),
status=400,
content_type='application/json')
user = Users.objects.get(username=request.user.username)
if not (user.is_in_teamit()
and test_user_ldap(user.username, password)):
response['desc'] = 'Incorrect password or unauthorized user.'
return HttpResponse(json.dumps(response),
status=401,
content_type='application/json')
# Session was valid or password was correct, start/renew session
endtime = datetime.utcnow() + timedelta(minutes=settings.SUDO_TIMEOUT)
request.session['sudo_timeout'] = endtime
# Hack to avoid timezone problems
response['desc'] = (
endtime + (datetime.now() - datetime.utcnow())).strftime('%s')
return HttpResponse(json.dumps(response),
status=200,
content_type='application/json')
return HttpResponse('Not passing Django HTTPRequest.is_ajax() check, ' +
'i.e. HTTP_X_REQUESTED_WITH XMLHttpRequest',
status=status.HTTP_400_BAD_REQUEST)
def password(self, request, username=None, relname=None):
user = self.get_object()
old_password = None
try:
password = request.DATA['password']
old_password = request.DATA['old_password']
except KeyError:
pass
# TODO: add smart error case catching
if user.is_sudo_user(request) or (old_password and test_user_ldap(
user.username,
old_password)) or request.user.has_perm('fum.add_users'):
try:
user.set_ldap_password(password)
return Response("Ok", status=200)
except Exception, e:
return Response(
"New password too similar to the username or to an old password",
status=403)
def enable_superuser(request):
if request.is_ajax():
response = {}
now = datetime.utcnow()
# Check if not valid
timeout = request.session.get('sudo_timeout', None)
if timeout is not None and timeout < now:
request.session.pop('sudo_timeout')
response['desc'] = 'Sudoer timeout, please refresh.'
return HttpResponse(json.dumps(response),
status=status.HTTP_401_UNAUTHORIZED,
content_type='application/json')
if timeout is None:
try:
password = request.REQUEST['password']
except KeyError:
response['desc'] = 'No password in form.'
return HttpResponse(json.dumps(response), status=400, content_type='application/json')
user = Users.objects.get(username=request.user.username)
if not (user.is_in_teamit() and test_user_ldap(user.username, password)):
response['desc'] = 'Incorrect password or unauthorized user.'
return HttpResponse(json.dumps(response), status=401, content_type='application/json')
# Session was valid or password was correct, start/renew session
endtime = datetime.utcnow() + timedelta(minutes=settings.SUDO_TIMEOUT)
request.session['sudo_timeout'] = endtime
# Hack to avoid timezone problems
response['desc'] = (endtime+(datetime.now()-datetime.utcnow())).strftime('%s')
return HttpResponse(json.dumps(response), status=200, content_type='application/json')
return HttpResponse('Not passing Django HTTPRequest.is_ajax() check, ' +
'i.e. HTTP_X_REQUESTED_WITH XMLHttpRequest',
status=status.HTTP_400_BAD_REQUEST)
def test_check_pwd(self):
self.assertFalse(test_user_ldap(self.user.username, 'WRONGPWD'))
def test_check_pwd(self):
self.assertFalse(test_user_ldap(self.user.username,'WRONGPWD'))