def save_person(changes: Changeset, database: Database, format_fields: Optional[Set[str]] = None) -> Changeset:
settings = database.settings
d = dict()
if 'password' in changes:
password = changes.get_value_as_single('password')
d["userPassword"] = ldap_passwd.encode_password(password)
if 'groups' in changes:
groups = changes.get_value_as_list('groups')
if len(groups) > 0:
raise RuntimeError("Cannot register changes in groups on people.")
if 'primary_group' in changes:
group = changes.get_value_as_single('primary_group')
assert group.get_as_single('gidNumber') is not None
d['gidNumber'] = group.get_as_single('gidNumber')
if format_fields is None:
format_fields = {'cn'}
if any(name in changes for name in format_fields):
values = {
name: changes.get_value_as_single(name)
for name in format_fields
}
spec = settings.get('DISPLAY_NAME_FORMAT', "{cn}")
d['displayName'] = spec.format(**values)
return changes.merge(d)
def _configure(self) -> List[str]:
"""
Appends slapd.conf configuration lines to cfg.
Also re-initializes any backing storage.
Feel free to subclass and override this method.
"""
ldif_dir = os.path.join(self._tmpdir, "ldif-data")
cfg = []
# Global
schema_list = os.listdir(self.PATH_SCHEMA_DIR)
schema_list.sort()
for schema in schema_list:
cfg.append("include " + quote(self.PATH_SCHEMA_DIR + schema))
cfg.append("allow bind_v2")
# Database
cfg.append("moduleload back_mdb")
cfg.append("moduleload ppolicy")
cfg.append('')
cfg.append("database mdb")
cfg.append("directory " + quote(ldif_dir))
cfg.append("suffix " + quote(self.get_dn_suffix()))
cfg.append("overlay ppolicy")
cfg.append(f'ppolicy_default {quote("cn=default,"+self.get_dn_suffix())}')
cfg.append("# rootdn " + quote(self.get_root_dn()))
cfg.append("# rootpw " + quote(
lp.encode_password(self.get_root_password())))
cfg.append('')
cfg.append(f'access to dn.sub={quote(self.get_dn_suffix())} attrs=userPassword')
cfg.append(f' by anonymous auth')
cfg.append('')
cfg.append(f'access to dn.sub={quote(self.get_dn_suffix())}')
cfg.append(f' by dn.exact={quote(self.get_root_dn())} write')
cfg.append('')
return cfg
def test_password_encode(self):
encrypted = lp.encode_password("test")
self.assertTrue(encrypted.startswith("{CRYPT}$6$"))
self.assertTrue(lp.check_password("test", encrypted))
self.assertFalse(lp.check_password("teddst", encrypted))
def test_password_ssha(self):
encrypted = lp.encode_password("test")
self.assertTrue(encrypted.startswith("{SSHA}"))
self.assertTrue(lp.check_password("test", encrypted))
self.assertFalse(lp.check_password("teddst", encrypted))
def change_password(cls, self, password):
self.userPassword = ldap_passwd.encode_password(password)
def test_password_ssha(self):
encrypted = lp.encode_password("test")
self.assertTrue(encrypted.startswith("{SSHA}"))
self.assertTrue(lp.check_password("test", encrypted))
self.assertFalse(lp.check_password("teddst", encrypted))
