def change_password(username, password): try: duser = DjangoUser.objects.get(username=username) duser.set_password(password) duser.save() except: sys.exit('username: %s does not exist in the admin database' % username) try: user = User.objects.get(username=username) except: sys.exit('username: %s does not exist in the database' % username) try: pwd.getpwnam(username) except KeyError: sys.exit('username: %s does not exist in the system' % username) try: usermod(username, password) smbpasswd(username, password) except: sys.exit( 'Low level error occured while changing password of user: %s' % username)
def put(self, request, username): user = self._get_user_object(request, username) try: # if password is present in input data, change password if ('password' in request.DATA): # change password password = request.DATA['password'] usermod(username, password) smbpasswd(username, password) user.set_password(password) user.save() # check if admin attribute has changed if ('is_active' in request.DATA): is_active = request.DATA['is_active'] # put is through bacbone model save so is_active comes in # as a boolean if is_active != user.is_active: if request.user.username == username: e_msg = ('Cannot modify admin attribute of the ' 'currently logged in user') handle_exception(Exception(e_msg), request) user.is_active = is_active shell = settings.DEFAULT_SHELL if (is_active is True): shell = settings.ADMIN_SHELL update_shell(username, shell) user.save() return Response(UserSerializer(user).data) except RockStorAPIException: raise except Exception, e: handle_exception(e, request)
def put(self, request, username): with self._handle_exception(request): if (username in self.exclude_list): if (username != 'root'): e_msg = ('Editing restricted user(%s) is not supported.' % username) handle_exception(Exception(e_msg), request) email = request.data.get('email', None) new_pw = request.data.get('password', None) shell = request.data.get('shell', None) public_key = self._validate_public_key(request) admin = request.data.get('admin', False) if (User.objects.filter(username=username).exists()): u = User.objects.get(username=username) if (admin is True): if (u.user is None): if (new_pw is None): e_msg = ('password reset is required to enable admin ' 'access. please provide a new password') handle_exception(Exception(e_msg), request) auser = DjangoUser.objects.create_user(username, None, new_pw) auser.is_active = True auser.save() u.user = auser u.save() elif (new_pw is not None): u.user.set_password(new_pw) u.user.save() elif (u.user is not None): auser = u.user u.user = None auser.delete() u.public_key = public_key if (email is not None and email != ''): u.email = email if (shell is not None and shell != u.shell): u.shell = shell u.save() sysusers = combined_users() suser = None for u in sysusers: if (u.username == username): suser = u if (new_pw is not None): usermod(username, new_pw) smbpasswd(username, new_pw) if (shell is not None): update_shell(username, shell) if (public_key is not None): add_ssh_key(username, public_key) break if (suser is None): e_msg = ('User(%s) does not exist' % username) handle_exception(Exception(e_msg), request) return Response(SUserSerializer(suser).data)
def post(self, request): with self._handle_exception(request): invar = self._validate_input(request) # Check that a django user with the same name does not exist e_msg = ('User(%s) already exists. Please choose a different' ' username' % invar['username']) if (DjangoUser.objects.filter( username=invar['username']).exists() or User.objects.filter(username=invar['username']).exists()): handle_exception(Exception(e_msg), request) users = combined_users() groups = combined_groups() invar['gid'] = None admin_group = None if (invar['group'] is not None): for g in groups: if (g.groupname == invar['group']): invar['gid'] = g.gid admin_group = g invar['group'] = g break for u in users: if (u.username == invar['username']): handle_exception(Exception(e_msg), request) elif (u.uid == invar['uid']): e_msg = ('uid: %d already exists. Please choose a ' 'different one.' % invar['uid']) handle_exception(Exception(e_msg), request) if (invar['admin']): # Create Django user auser = DjangoUser.objects.create_user(invar['username'], None, invar['password']) auser.is_active = True auser.save() invar['user'] = auser useradd(invar['username'], invar['shell'], uid=invar['uid'], gid=invar['gid']) pw_entries = pwd.getpwnam(invar['username']) invar['uid'] = pw_entries[2] invar['gid'] = pw_entries[3] usermod(invar['username'], invar['password']) smbpasswd(invar['username'], invar['password']) if (invar['public_key'] is not None): add_ssh_key(invar['username'], invar['public_key']) del(invar['password']) if (admin_group is None): admin_group = Group(gid=invar['gid'], groupname=invar['username'], admin=True) admin_group.save() invar['group'] = admin_group suser = User(**invar) suser.full_clean() suser.save() return Response(SUserSerializer(suser).data)
def put(self, request, username): if username in self.exclude_list: if username != "root": e_msg = "Editing restricted user(%s) is not supported." % username handle_exception(Exception(e_msg), request) email = request.DATA.get("email", None) new_pw = request.DATA.get("password", None) shell = request.DATA.get("shell", None) public_key = self._validate_public_key(request) admin = request.DATA.get("admin", False) if User.objects.filter(username=username).exists(): u = User.objects.get(username=username) if admin is True: if u.user is None: if new_pw is None: e_msg = "password reset is required to enable admin " "access. please provide a new password" handle_exception(Exception(e_msg), request) auser = DjangoUser.objects.create_user(username, None, new_pw) auser.is_active = True auser.save() u.user = auser u.save() elif new_pw is not None: u.user.set_password(new_pw) u.user.save() elif u.user is not None: auser = u.user u.user = None auser.delete() u.public_key = public_key if email is not None and email != "": u.email = email if shell is not None and shell != u.shell: u.shell = shell u.save() sysusers = combined_users() suser = None for u in sysusers: if u.username == username: suser = u if new_pw is not None: usermod(username, new_pw) smbpasswd(username, new_pw) if shell is not None: update_shell(username, shell) if public_key is not None: add_ssh_key(username, public_key) break if suser is None: e_msg = "User(%s) does not exist" % username handle_exception(Exception(e_msg), request) return Response(SUserSerializer(suser).data)
def post(self, request): try: invar = self._validate_input(request) # Check that a django user with the same name does not exist e_msg = "user: %s already exists. Please choose a different" " username" % invar["username"] if DjangoUser.objects.filter(username=invar["username"]).exists(): handle_exception(Exception(e_msg), request) users = combined_users() for u in users: if u.username == invar["username"]: handle_exception(Exception(e_msg), request) if u.uid == invar["uid"]: e_msg = "uid: %d already exists." % invar["uid"] handle_exception(Exception(e_msg), request) groups = combined_groups() invar["gid"] = None admin_group = None if invar["group"] is not None: for g in groups: if g.groupname == invar["group"]: invar["gid"] = g.gid admin_group = g break if invar["admin"]: # Create Django user auser = DjangoUser.objects.create_user(invar["username"], None, invar["password"]) auser.is_active = True auser.save() invar["user"] = auser useradd(invar["username"], invar["shell"], uid=invar["uid"], gid=invar["gid"]) pw_entries = pwd.getpwnam(invar["username"]) invar["uid"] = pw_entries[2] invar["gid"] = pw_entries[3] usermod(invar["username"], invar["password"]) smbpasswd(invar["username"], invar["password"]) if invar["public_key"] is not None: add_ssh_key(invar["username"], invar["public_key"]) del (invar["password"]) invar["group"] = None if admin_group is None: admin_group = Group(gid=invar["gid"], groupname=invar["username"], admin=True) admin_group.save() invar["group"] = admin_group invar["admin"] = True suser = User(**invar) suser.save() return Response(SUserSerializer(suser).data) except RockStorAPIException: raise except Exception, e: handle_exception(e, request)
def post(self, request): try: username = request.DATA['username'] password = request.DATA['password'] is_active = request.DATA['is_active'] public_key = request.DATA['public_key'] # Check that a django user with the same name does not exist if (DjangoUser.objects.filter(username=username).exists() or User.objects.filter(username=username).exists()): e_msg = ('user: %s already exists. Please choose a different' ' username' % username) handle_exception(Exception(e_msg), request) # Check that a unix user with the same name does not exist unix_users = get_users(min_uid=0, uname=username) if (username in unix_users): e_msg = ('user: %s exists as a system user. Please choose a ' 'different username' % username) handle_exception(Exception(e_msg), request) # Create Django user auser = DjangoUser.objects.create_user(username, None, password) auser.is_active = is_active auser.save() # Create unix user max_uid = settings.START_UID shell = settings.DEFAULT_SHELL if (is_active): shell = settings.ADMIN_SHELL try: # Find max uid max_uid = User.objects.all().order_by('-uid')[0].uid except Exception, e: logger.exception(e) pass uid = max_uid + 1 useradd(username, uid, shell) usermod(username, password) smbpasswd(username, password) if (public_key is not None): add_ssh_key(username, public_key) suser = User(username=username, uid=uid, gid=uid, user=auser, public_key=public_key) suser.save() return Response(UserSerializer(auser).data)
def reset_password(uname, uid, pinlist): pass_change_enabled = True # Loop through pinlist, get md5 digest of every pin and # and compare with Pincard model values for pin_index, pin_value in pinlist.items(): pin_value_md5 = md5(pin_value).hexdigest() if ( not Pincard.objects.filter(user=int(uid)) .filter(pin_number=int(pin_index)) .filter(pin_code=pin_value_md5) .exists() ): pass_change_enabled = False break if pass_change_enabled: # Generate new 8 chars random password new_password = "".join( random.choice(string.letters + string.digits) for _ in range(8) ) # Reset system password usermod(uname, new_password) # If user is a managed one we have to reset smb pass too if User.objects.filter(username=uname).exists(): smbpasswd(uname, new_password) # If user is a Django user reset pass if DjangoUser.objects.filter(username=uname).exists(): duser = DjangoUser.objects.get(username=uname) duser.set_password(new_password) duser.save() password_message = ( "Password reset succeeded. New current password " "is {}".format(new_password) ) password_status = True else: password_message = "At least one pin was wrong, password reset failed" password_status = False return password_message, password_status
def reset_password(uname, uid, pinlist): pass_change_enabled = True # Loop through pinlist, get md5 digest of every pin and # and compare with Pincard model values for pin_index, pin_value in pinlist.items(): pin_value_md5 = md5(pin_value).hexdigest() if not Pincard.objects.filter( user=int(uid)).filter( pin_number=int(pin_index)).filter( pin_code=pin_value_md5).exists(): pass_change_enabled = False break if pass_change_enabled: # Generate new 8 chars random password new_password = ''.join(random.choice(string.letters + string.digits) for _ in range(8)) # Reset system password usermod(uname, new_password) # If user is a managed one we have to reset smb pass too if User.objects.filter(username=uname).exists(): smbpasswd(uname, new_password) # If user is a Django user reset pass if DjangoUser.objects.filter(username=uname).exists(): duser = DjangoUser.objects.get(username=uname) duser.set_password(new_password) duser.save() password_message = ('Password reset succeeded. New current password ' 'is {}'.format(new_password)) password_status = True else: password_message = 'At least one pin was wrong, password reset failed' password_status = False return password_message, password_status
def change_password(username, password): try: duser = DjangoUser.objects.get(username=username) duser.set_password(password) duser.save() except: sys.exit('username: %s does not exist in the admin database' % username) try: user = User.objects.get(username=username) except: sys.exit('username: %s does not exist in the database' % username) unix_users = get_users(min_uid=0, uname=username) if (username not in unix_users): sys.exit('username: %s does not exist in /etc/passwd' % username) try: usermod(username, password) smbpasswd(username, password) except: sys.exit('Low level error occured while changing password of user: %s' % username)
def change_password(username, password): try: duser = DjangoUser.objects.get(username=username) duser.set_password(password) duser.save() except: sys.exit('username: %s does not exist in the admin database' % username) try: user = User.objects.get(username=username) except: sys.exit('username: %s does not exist in the database' % username) try: pwd.getpwnam(username) except KeyError: sys.exit('username: %s does not exist in the system' % username) try: users.usermod(username, password) users.smbpasswd(username, password) except: sys.exit('Low level error occured while changing password of user: %s' % username)
def change_password(username, password): try: duser = DjangoUser.objects.get(username=username) duser.set_password(password) duser.save() except: sys.exit('username: %s does not exist in the admin database' % username) try: user = User.objects.get(username=username) except: sys.exit('username: %s does not exist in the database' % username) unix_users = get_users(min_uid=0, uname=username) if (username not in unix_users): sys.exit('username: %s does not exist in /etc/passwd' % username) try: usermod(username, password) smbpasswd(username, password) except: sys.exit( 'Low level error occured while changing password of user: %s' % username)
def put(self, request, username): with self._handle_exception(request): if username in self.exclude_list: if username != "root": e_msg = ("Editing restricted user ({}) is not supported." ).format(username) handle_exception(Exception(e_msg), request) email = request.data.get("email", None) new_pw = request.data.get("password", None) shell = request.data.get("shell", None) public_key = self._validate_public_key(request) cur_public_key = None admin = request.data.get("admin", False) if User.objects.filter(username=username).exists(): u = User.objects.get(username=username) if admin is True: if u.user is None: if new_pw is None: e_msg = ("Password reset is required to " "enable admin access. Please provide " "a new password.") handle_exception(Exception(e_msg), request) auser = DjangoUser.objects.create_user( username, None, new_pw) auser.is_active = True auser.save() u.user = auser u.full_clean() u.save() elif new_pw is not None: u.user.set_password(new_pw) u.user.save() else: if u.user is not None: auser = u.user u.user = None auser.delete() u.admin = admin if u.public_key is not None and u.public_key != public_key: cur_public_key = u.public_key u.public_key = public_key if email is not None and email != "": u.email = email if shell is not None and shell != u.shell: u.shell = shell u.full_clean() u.save() sysusers = combined_users() suser = None for u in sysusers: if u.username == username: suser = u if new_pw is not None: usermod(username, new_pw) smbpasswd(username, new_pw) if shell is not None: update_shell(username, shell) add_ssh_key(username, public_key, cur_public_key) break if suser is None: e_msg = "User ({}) does not exist.".format(username) handle_exception(Exception(e_msg), request) return Response(SUserSerializer(suser).data)
def post(self, request): with self._handle_exception(request): invar = self._validate_input(request) # Check that a django user with the same name does not exist e_msg = ( "User ({}) already exists. Please choose a different username." ).format(invar["username"]) if (DjangoUser.objects.filter(username=invar["username"]).exists() or User.objects.filter(username=invar["username"]).exists()): handle_exception(Exception(e_msg), request, status_code=400) users = combined_users() groups = combined_groups() # As we have not yet established a pre-existing group, set to None. admin_group = None if invar["group"] is not None: # We have a group setting so search for existing group name # match. Matching by group name has precedence over gid. for g in groups: if g.groupname == invar["group"]: # We have an existing group name match in invar # so overwrite requested gid to match existing gid. invar["gid"] = g.gid # Set the admin_group to our existing group object. admin_group = g admin_group.save() invar["group"] = g # exchange name for db group item. break for u in users: if u.username == invar["username"]: handle_exception(Exception(e_msg), request, status_code=400) elif u.uid == invar["uid"]: e_msg = ( "UID ({}) already exists. Please choose a different one." ).format(invar["uid"]) handle_exception(Exception(e_msg), request) if invar["admin"]: # Create Django user auser = DjangoUser.objects.create_user(invar["username"], None, invar["password"]) auser.is_active = True auser.save() invar["user"] = auser useradd(invar["username"], invar["shell"], uid=invar["uid"], gid=invar["gid"]) pw_entries = pwd.getpwnam(invar["username"]) invar["uid"] = pw_entries[2] invar["gid"] = pw_entries[3] usermod(invar["username"], invar["password"]) smbpasswd(invar["username"], invar["password"]) if invar["public_key"] is not None: add_ssh_key(invar["username"], invar["public_key"]) del invar["password"] if admin_group is None: # We have no identified pre-existing group by name but there # could still be an existing group match by gid, if so we # use that group object as our new User.group foreign key link. if Group.objects.filter(gid=invar["gid"]).exists(): admin_group = Group.objects.get(gid=invar["gid"]) else: # As we are creating a new group we set admin=True to # flag this group as administered by Rockstor. if invar["group"] is None: admin_group = Group(gid=invar["gid"], groupname=invar["username"], admin=True) else: admin_group = Group(gid=invar["gid"], groupname=invar["group"], admin=True) admin_group.save() # save our new group object. # set our invar dict group entry to our admin_group object. invar["group"] = admin_group # now we create our user object based on the contents of invar[] suser = User(**invar) # validate and save our suser object. suser.full_clean() suser.save() return Response(SUserSerializer(suser).data)
def post(self, request): with self._handle_exception(request): invar = self._validate_input(request) # Check that a django user with the same name does not exist e_msg = ('User(%s) already exists. Please choose a different' ' username' % invar['username']) if (DjangoUser.objects.filter(username=invar['username']).exists() or User.objects.filter(username=invar['username']).exists()): handle_exception(Exception(e_msg), request) users = combined_users() groups = combined_groups() invar['gid'] = None admin_group = None if (invar['group'] is not None): for g in groups: if (g.groupname == invar['group']): invar['gid'] = g.gid admin_group = g invar['group'] = g break for u in users: if (u.username == invar['username']): handle_exception(Exception(e_msg), request) elif (u.uid == invar['uid']): e_msg = ('uid: %d already exists. Please choose a ' 'different one.' % invar['uid']) handle_exception(Exception(e_msg), request) if (invar['admin']): # Create Django user auser = DjangoUser.objects.create_user(invar['username'], None, invar['password']) auser.is_active = True auser.save() invar['user'] = auser useradd(invar['username'], invar['shell'], uid=invar['uid'], gid=invar['gid']) pw_entries = pwd.getpwnam(invar['username']) invar['uid'] = pw_entries[2] invar['gid'] = pw_entries[3] usermod(invar['username'], invar['password']) smbpasswd(invar['username'], invar['password']) if (invar['public_key'] is not None): add_ssh_key(invar['username'], invar['public_key']) del (invar['password']) if (admin_group is None): admin_group = Group(gid=invar['gid'], groupname=invar['username'], admin=True) admin_group.save() invar['group'] = admin_group suser = User(**invar) suser.full_clean() suser.save() return Response(SUserSerializer(suser).data)