def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
self.username, self.domain = self.mail.split('@', 1)
if session.get('domainGlobalAdmin'
) is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
return (False, 'PERMISSION_DENIED')
self.dn = ldaputils.convert_keyword_to_dn(self.mail,
accountType='admin')
if self.dn[0] is False:
return self.dn
mod_attrs = []
if self.profile_type == 'general':
# Get preferredLanguage.
lang = web.safestr(data.get('preferredLanguage', 'en_US'))
mod_attrs += [(ldap.MOD_REPLACE, 'preferredLanguage', lang)]
# Get cn.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn',
value=cn,
default=self.username)
first_name = data.get('first_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='givenName',
value=first_name,
default=self.username)
last_name = data.get('last_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='sn',
value=last_name,
default=self.username)
# Get accountStatus.
if 'accountStatus' in data.keys():
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
try:
# Modify profiles.
self.conn.modify_s(self.dn, mod_attrs)
if session.get('username') == self.mail and \
session.get('lang', 'en_US') != lang:
session['lang'] = lang
except ldap.LDAPError, e:
return (False, ldaputils.getExceptionDesc(e))
def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
self.username, self.domain = self.mail.split('@', 1)
if session.get('domainGlobalAdmin') is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
return (False, 'PERMISSION_DENIED')
self.dn = ldaputils.convert_keyword_to_dn(self.mail, accountType='admin')
if self.dn[0] is False:
return self.dn
mod_attrs = []
if self.profile_type == 'general':
# Get preferredLanguage.
lang = web.safestr(data.get('preferredLanguage', 'en_US'))
mod_attrs += [(ldap.MOD_REPLACE, 'preferredLanguage', lang)]
# Get cn.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn',
value=cn,
default=self.username)
first_name = data.get('first_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='givenName',
value=first_name,
default=self.username)
last_name = data.get('last_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='sn',
value=last_name,
default=self.username)
# Get accountStatus.
if 'accountStatus' in data.keys():
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
try:
# Modify profiles.
self.conn.modify_s(self.dn, mod_attrs)
if session.get('username') == self.mail and \
session.get('lang', 'en_US') != lang:
session['lang'] = lang
except ldap.LDAPError, e:
return (False, ldaputils.getExceptionDesc(e))
def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
self.username, self.domain = self.mail.split("@", 1)
if session.get("domainGlobalAdmin") is not True and session.get("username") != self.mail:
# Don't allow to view/update other admins' profile.
return (False, "PERMISSION_DENIED")
self.dn = ldaputils.convert_keyword_to_dn(self.mail, accountType="admin")
if self.dn[0] is False:
return self.dn
mod_attrs = []
if self.profile_type == "general":
# Get preferredLanguage.
lang = web.safestr(data.get("preferredLanguage", "en_US"))
mod_attrs += [(ldap.MOD_REPLACE, "preferredLanguage", lang)]
# Get cn.
cn = data.get("cn", None)
mod_attrs += ldaputils.getSingleModAttr(attr="cn", value=cn, default=self.username)
first_name = data.get("first_name", "")
mod_attrs += ldaputils.getSingleModAttr(attr="givenName", value=first_name, default=self.username)
last_name = data.get("last_name", "")
mod_attrs += ldaputils.getSingleModAttr(attr="sn", value=last_name, default=self.username)
# Get accountStatus.
if "accountStatus" in data.keys():
accountStatus = "active"
else:
accountStatus = "disabled"
mod_attrs += [(ldap.MOD_REPLACE, "accountStatus", accountStatus)]
try:
# Modify profiles.
self.conn.modify_s(self.dn, mod_attrs)
if session.get("username") == self.mail and session.get("lang", "en_US") != lang:
session["lang"] = lang
except ldap.LDAPError, e:
return (False, ldaputils.getExceptionDesc(e))
def update(self, profile_type, domain, data):
self.profile_type = web.safestr(profile_type)
self.domain = web.safestr(domain)
self.domaindn = ldaputils.convert_keyword_to_dn(self.domain,
accountType='domain')
if self.domaindn[0] is False:
return self.domaindn
connutils = connUtils.Utils()
self.accountSetting = []
mod_attrs = []
# Allow normal admin to update profiles.
if self.profile_type == 'general':
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn',
value=cn,
default=self.domain)
# Allow global admin to update profiles.
if session.get('domainGlobalAdmin') is True:
if self.profile_type == 'general':
# Get accountStatus.
if 'accountStatus' in data.keys():
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus',
accountStatus)]
try:
dn = ldaputils.convert_keyword_to_dn(self.domain,
accountType='domain')
if dn[0] is False:
return dn
self.conn.modify_s(dn, mod_attrs)
web.logger(
msg="Update domain profile: %s (%s)." % (domain, profile_type),
domain=domain,
event='update',
)
return (True, )
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def update(self, profile_type, domain, data):
self.profile_type = web.safestr(profile_type)
self.domain = web.safestr(domain)
self.domaindn = ldaputils.convert_keyword_to_dn(self.domain, accountType='domain')
if self.domaindn[0] is False:
return self.domaindn
connutils = connUtils.Utils()
self.accountSetting = []
mod_attrs = []
# Allow normal admin to update profiles.
if self.profile_type == 'general':
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn', value=cn, default=self.domain)
# Allow global admin to update profiles.
if session.get('domainGlobalAdmin') is True:
if self.profile_type == 'general':
# Get accountStatus.
if 'accountStatus' in data.keys():
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
try:
dn = ldaputils.convert_keyword_to_dn(self.domain, accountType='domain')
if dn[0] is False:
return dn
self.conn.modify_s(dn, mod_attrs)
web.logger(msg="Update domain profile: %s (%s)." % (domain, profile_type),
domain=domain,
event='update',
)
return (True,)
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def update(self, profile_type, domain, data):
self.profile_type = web.safestr(profile_type)
self.domain = web.safestr(domain)
self.domaindn = ldaputils.convKeywordToDN(self.domain, accountType='domain')
connutils = connUtils.Utils()
self.accountSetting = []
mod_attrs = []
# Allow normal admin to update profiles.
if self.profile_type == 'general':
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn', value=cn, default=self.domain)
else:
pass
# Allow global admin to update profiles.
if session.get('domainGlobalAdmin') is True:
if self.profile_type == 'general':
# Get accountStatus.
if 'accountStatus' in data.keys():
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [ (ldap.MOD_REPLACE, 'accountStatus', accountStatus) ]
else:
pass
else:
pass
try:
dn = ldaputils.convKeywordToDN(self.domain, accountType='domain')
self.conn.modify_s(dn, mod_attrs)
return (True,)
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
# Get account dn.
self.dn = connutils.getDnWithKeyword(self.mail, accountType='user')
try:
result = domainLib.getDomainAccountSetting(domain=self.domain)
if result[0] is True:
domainAccountSetting = result[1]
except Exception, e:
pass
mod_attrs = []
if self.profile_type == 'general':
# Get cn.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn', value=cn, default=self.mail.split('@')[0])
# Update employeeNumber, mobile, title.
for tmp_attr in ['employeeNumber', 'mobile', 'title',]:
mod_attrs += ldaputils.getSingleModAttr(attr=tmp_attr, value=data.get(tmp_attr), default=None)
############
# Get quota
# Get mail quota from web form.
quota = web.safestr(data.get('mailQuota', '')).strip()
oldquota = web.safestr(data.get('oldMailQuota', '')).strip()
if not oldquota.isdigit():
oldquota = 0
else:
oldquota = int(oldquota)
def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
if session.get('domainGlobalAdmin'
) is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
return (False, 'PERMISSION_DENIED')
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')
mod_attrs = []
if self.profile_type == 'general':
# Get preferredLanguage.
self.lang = web.safestr(data.get('preferredLanguage', 'en_US'))
mod_attrs += [(ldap.MOD_REPLACE, 'preferredLanguage', self.lang)]
# Get cn.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(
attr='cn',
value=cn,
default=self.mail.split('@')[0],
)
# Get accountStatus.
if 'accountStatus' in data.keys():
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
try:
# Modify profiles.
self.conn.modify_s(self.dn, mod_attrs)
if session.get('username') == self.mail:
session['lang'] = self.lang
except ldap.LDAPError, e:
return (False, ldaputils.getExceptionDesc(e))
#########################
# Managed domains
#
if session.get('domainGlobalAdmin') is not True:
return (False, 'PERMISSION_DENIED')
# Get domains under control.
result = self.getManagedDomains(mail=self.mail,
attrs=[
'domainName',
])
if result[0] is True:
self.managedDomains = []
for d in result[1]:
if 'domainName' in d[1].keys():
self.managedDomains += d[1].get('domainName')
else:
return result
# Get domains from web form.
self.newmd = [
web.safestr(v) for v in data.get('domainName', [])
if iredutils.isDomain(v)
]
# Compare two lists, get domain list which need to remove or add domain admins.
self.domainsRemoveAdmins = [
str(v) for v in self.managedDomains
if v not in self.newmd and iredutils.isDomain(v)
]
self.domainsAddAdmins = [
str(v) for v in self.newmd
if v not in self.managedDomains and iredutils.isDomain(v)
]
connutils = connUtils.Utils()
for i in self.domainsRemoveAdmins:
result = connutils.addOrDelAttrValue(
dn=ldaputils.convKeywordToDN(i, accountType='domain'),
attr='domainAdmin',
value=self.mail,
action='delete',
)
if result[0] is False:
return result
for i in self.domainsAddAdmins:
result = connutils.addOrDelAttrValue(
dn=ldaputils.convKeywordToDN(i, accountType='domain'),
attr='domainAdmin',
value=self.mail,
action='add',
)
if result[0] is False:
return result
return (True, )
# Get account dn.
self.dn = connutils.getDnWithKeyword(self.mail, accountType='user')
try:
result = domainLib.getDomainAccountSetting(domain=self.domain)
if result[0] is True:
domainAccountSetting = result[1]
except Exception, e:
pass
mod_attrs = []
if self.profile_type == 'general':
# Get cn.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(
attr='cn', value=cn, default=self.mail.split('@')[0])
# Update employeeNumber, mobile, title.
for tmp_attr in [
'employeeNumber',
'mobile',
'title',
]:
mod_attrs += ldaputils.getSingleModAttr(
attr=tmp_attr, value=data.get(tmp_attr), default=None)
############
# Get quota
# Get mail quota from web form.
quota = web.safestr(data.get('mailQuota', '')).strip()
def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
self.username, self.domain = self.mail.split('@', 1)
if session.get('domainGlobalAdmin') is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
return (False, 'PERMISSION_DENIED')
self.dn = ldaputils.convert_keyword_to_dn(self.mail, accountType='admin')
if self.dn[0] is False:
return self.dn
mod_attrs = []
if self.profile_type == 'general':
# Get preferredLanguage.
lang = web.safestr(data.get('preferredLanguage', 'en_US'))
mod_attrs += [(ldap.MOD_REPLACE, 'preferredLanguage', lang)]
# Get cn.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn',
value=cn,
default=self.username)
first_name = data.get('first_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='givenName',
value=first_name,
default=self.username)
last_name = data.get('last_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='sn',
value=last_name,
default=self.username)
# Get accountStatus.
if 'accountStatus' in list(data.keys()):
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
try:
# Modify profiles.
self.conn.modify_s(self.dn, mod_attrs)
if session.get('username') == self.mail and \
session.get('lang', 'en_US') != lang:
session['lang'] = lang
except ldap.LDAPError as e:
return (False, ldaputils.getExceptionDesc(e))
elif self.profile_type == 'password':
self.cur_passwd = data.get('oldpw', None)
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verify_new_password(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = result[1]
else:
return result
# Change password.
if self.cur_passwd is None and session.get('domainGlobalAdmin') is True:
# Reset password without verify old password.
self.cur_passwd = None
else:
self.cur_passwd = str(self.cur_passwd)
connutils = connUtils.Utils()
result = connutils.changePasswd(dn=self.dn, cur_passwd=self.cur_passwd, newpw=self.passwd,)
if result[0] is True:
return (True,)
else:
return result
return (True,)
action='add',
)
else:
mod_attrs = [(ldap.MOD_REPLACE, 'domainGlobalAdmin', None)]
# Remove enabledService=domainadmin
connutils.addOrDelAttrValue(
dn=self.dn,
attr='enabledService',
value='domainadmin',
action='delete',
)
# Get display name.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn',
value=cn,
default=self.username)
first_name = data.get('first_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='givenName',
value=first_name,
default=self.username)
last_name = data.get('last_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='sn',
value=last_name,
default=self.username)
# Get preferred language: short lang code. e.g. en_US, de_DE.
preferred_lang = web.safestr(data.get('preferredLanguage',
'en_US'))
def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = str(mail).lower()
self.username, self.domain = self.mail.split('@', 1)
domainAccountSetting = {}
connutils = connUtils.Utils()
domainLib = domainlib.Domain()
# Get account dn.
self.dn = connutils.getDnWithKeyword(self.mail, accountType='user')
try:
result = domainLib.getDomainAccountSetting(domain=self.domain)
if result[0] is True:
domainAccountSetting = result[1]
except Exception as e:
pass
mod_attrs = []
if self.profile_type == 'general':
# Update domainGlobalAdmin=yes
if session.get('domainGlobalAdmin') is True:
# Update domainGlobalAdmin=yes
if 'domainGlobalAdmin' in data:
mod_attrs = [(ldap.MOD_REPLACE, 'domainGlobalAdmin', 'yes')
]
# Update enabledService=domainadmin
connutils.addOrDelAttrValue(
dn=self.dn,
attr='enabledService',
value='domainadmin',
action='add',
)
else:
mod_attrs = [(ldap.MOD_REPLACE, 'domainGlobalAdmin', None)]
# Remove enabledService=domainadmin
connutils.addOrDelAttrValue(
dn=self.dn,
attr='enabledService',
value='domainadmin',
action='delete',
)
# Get display name.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn',
value=cn,
default=self.username)
first_name = data.get('first_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='givenName',
value=first_name,
default=self.username)
last_name = data.get('last_name', '')
mod_attrs += ldaputils.getSingleModAttr(attr='sn',
value=last_name,
default=self.username)
# Get preferred language: short lang code. e.g. en_US, de_DE.
preferred_lang = web.safestr(data.get('preferredLanguage',
'en_US'))
# Must be equal to or less than 5 characters.
if len(preferred_lang) > 5:
preferred_lang = preferred_lang[:5]
mod_attrs += [(ldap.MOD_REPLACE, 'preferredLanguage',
preferred_lang)]
# Update language immediately.
if session.get('username') == self.mail and \
session.get('lang', 'en_US') != preferred_lang:
session['lang'] = preferred_lang
# Update employeeNumber, mobile, title.
for tmp_attr in [
'employeeNumber',
'mobile',
'title',
]:
mod_attrs += ldaputils.getSingleModAttr(
attr=tmp_attr, value=data.get(tmp_attr), default=None)
############
# Get quota
# Get mail quota from web form.
quota = web.safestr(data.get('mailQuota', '')).strip()
oldquota = web.safestr(data.get('oldMailQuota', '')).strip()
if not oldquota.isdigit():
oldquota = 0
else:
oldquota = int(oldquota)
if quota == '' or not quota.isdigit():
# Don't touch it, keep original value.
pass
else:
# Assign quota which got from web form.
mailQuota = int(quota)
# If mailQuota > domainSpareQuotaSize, use domainSpareQuotaSize.
# if mailQuota < domainSpareQuotaSize, use mailQuota
# 0 means unlimited.
domainQuotaSize, domainQuotaUnit = domainAccountSetting.get(
'domainQuota', '0:GB').split(':')
if int(domainQuotaSize) == 0:
# Unlimited. Keep quota which got from web form.
mod_attrs += [(ldap.MOD_REPLACE, 'mailQuota',
str(mailQuota * 1024 * 1024))]
else:
# Get domain quota.
if domainQuotaUnit == 'TB':
domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB
elif domainQuotaUnit == 'GB':
domainQuota = int(domainQuotaSize) * 1024 # GB
else:
domainQuota = int(domainQuotaSize) # MB
# Query LDAP and get current domain quota size.
result = connutils.getDomainCurrentQuotaSizeFromLDAP(
domain=self.domain)
if result[0] is True:
domainCurrentQuotaSizeInBytes = result[1]
else:
domainCurrentQuotaSizeInBytes = 0
# Spare quota.
domainSpareQuotaSize = (domainQuota + oldquota) - (
domainCurrentQuotaSizeInBytes / (1024 * 1024))
if domainSpareQuotaSize <= 0:
# Set to 1MB. don't exceed domain quota size.
mod_attrs += [(ldap.MOD_REPLACE, 'mailQuota',
str(1024 * 1024))]
else:
# Get FINAL mailbox quota.
if mailQuota >= domainSpareQuotaSize:
mailQuota = domainSpareQuotaSize
mod_attrs += [(ldap.MOD_REPLACE, 'mailQuota',
str(mailQuota * 1024 * 1024))]
# End quota
############
# Get telephoneNumber.
telephoneNumber = data.get('telephoneNumber', [])
nums = [str(num) for num in telephoneNumber if len(num) > 0]
mod_attrs += [(ldap.MOD_REPLACE, 'telephoneNumber', nums)]
# Get accountStatus.
if 'accountStatus' in list(data.keys()):
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
elif self.profile_type == 'password':
# Get password length from @domainAccountSetting.
minPasswordLength = domainAccountSetting.get(
'minPasswordLength', settings.min_passwd_length)
maxPasswordLength = domainAccountSetting.get(
'maxPasswordLength', settings.max_passwd_length)
# Get new passwords from user input.
self.newpw = str(data.get('newpw', None))
self.confirmpw = str(data.get('confirmpw', None))
result = iredutils.verify_new_password(
newpw=self.newpw,
confirmpw=self.confirmpw,
min_passwd_length=minPasswordLength,
max_passwd_length=maxPasswordLength,
)
if result[0] is True:
if 'storePasswordInPlainText' in data and settings.STORE_PASSWORD_IN_PLAIN_TEXT:
self.passwd = iredutils.generate_password_hash(
result[1], pwscheme='PLAIN')
else:
self.passwd = iredutils.generate_password_hash(result[1])
mod_attrs += [(ldap.MOD_REPLACE, 'userPassword', self.passwd)]
mod_attrs += [(ldap.MOD_REPLACE, 'shadowLastChange',
str(ldaputils.getDaysOfShadowLastChange()))]
else:
return result
try:
self.conn.modify_s(self.dn, mod_attrs)
return (True, )
except Exception as e:
return (False, ldaputils.getExceptionDesc(e))
def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
if session.get('domainGlobalAdmin') is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
return (False, 'PERMISSION_DENIED')
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')
mod_attrs = []
if self.profile_type == 'general':
# Get preferredLanguage.
self.lang = web.safestr(data.get('preferredLanguage', 'en_US'))
mod_attrs += [(ldap.MOD_REPLACE, 'preferredLanguage', self.lang)]
# Get cn.
cn = data.get('cn', None)
mod_attrs += ldaputils.getSingleModAttr(attr='cn', value=cn, default=self.mail.split('@')[0],)
# Get accountStatus.
if 'accountStatus' in data.keys():
accountStatus = 'active'
else:
accountStatus = 'disabled'
mod_attrs += [ (ldap.MOD_REPLACE, 'accountStatus', accountStatus) ]
try:
# Modify profiles.
self.conn.modify_s(self.dn, mod_attrs)
if session.get('username') == self.mail:
session['lang'] = self.lang
except ldap.LDAPError, e:
return (False, ldaputils.getExceptionDesc(e))
#########################
# Managed domains
#
if session.get('domainGlobalAdmin') is not True:
return (False, 'PERMISSION_DENIED')
# Get domains under control.
result = self.getManagedDomains(mail=self.mail, attrs=['domainName',])
if result[0] is True:
self.managedDomains = []
for d in result[1]:
if 'domainName' in d[1].keys():
self.managedDomains += d[1].get('domainName')
else:
return result
# Get domains from web form.
self.newmd = [web.safestr(v) for v in data.get('domainName', []) if iredutils.isDomain(v)]
# Compare two lists, get domain list which need to remove or add domain admins.
self.domainsRemoveAdmins = [str(v)
for v in self.managedDomains
if v not in self.newmd and iredutils.isDomain(v)
]
self.domainsAddAdmins = [str(v)
for v in self.newmd
if v not in self.managedDomains and iredutils.isDomain(v)
]
connutils = connUtils.Utils()
for i in self.domainsRemoveAdmins:
result = connutils.addOrDelAttrValue(
dn=ldaputils.convKeywordToDN(i, accountType='domain'),
attr='domainAdmin',
value=self.mail,
action='delete',
)
if result[0] is False:
return result
for i in self.domainsAddAdmins:
result = connutils.addOrDelAttrValue(
dn=ldaputils.convKeywordToDN(i, accountType='domain'),
attr='domainAdmin',
value=self.mail,
action='add',
)
if result[0] is False:
return result
return (True,)
if self.profile_type == "general":
# Update domainGlobalAdmin=yes
if session.get("domainGlobalAdmin") is True:
# Update domainGlobalAdmin=yes
if "domainGlobalAdmin" in data:
mod_attrs = [(ldap.MOD_REPLACE, "domainGlobalAdmin", "yes")]
# Update enabledService=domainadmin
connutils.addOrDelAttrValue(dn=self.dn, attr="enabledService", value="domainadmin", action="add")
else:
mod_attrs = [(ldap.MOD_REPLACE, "domainGlobalAdmin", None)]
# Remove enabledService=domainadmin
connutils.addOrDelAttrValue(dn=self.dn, attr="enabledService", value="domainadmin", action="delete")
# Get display name.
cn = data.get("cn", None)
mod_attrs += ldaputils.getSingleModAttr(attr="cn", value=cn, default=self.username)
first_name = data.get("first_name", "")
mod_attrs += ldaputils.getSingleModAttr(attr="givenName", value=first_name, default=self.username)
last_name = data.get("last_name", "")
mod_attrs += ldaputils.getSingleModAttr(attr="sn", value=last_name, default=self.username)
# Get preferred language: short lang code. e.g. en_US, de_DE.
preferred_lang = web.safestr(data.get("preferredLanguage", "en_US"))
# Must be equal to or less than 5 characters.
if len(preferred_lang) > 5:
preferred_lang = preferred_lang[:5]
mod_attrs += [(ldap.MOD_REPLACE, "preferredLanguage", preferred_lang)]
# Update language immediately.
if session.get("username") == self.mail and session.get("lang", "en_US") != preferred_lang:
