def POST(self): i = web.input( domainName=[], _unicode=False, ) self.domainName = i.get('domainName', []) self.action = i.get('action', None) domainLib = domainlib.Domain() if self.action == 'delete': result = domainLib.delete(domains=self.domainName) msg = 'DELETED_SUCCESS' elif self.action == 'disable': result = domainLib.enableOrDisableAccount( domains=self.domainName, action='disable', ) msg = 'DISABLED_SUCCESS' elif self.action == 'enable': result = domainLib.enableOrDisableAccount( domains=self.domainName, action='enable', ) msg = 'ENABLED_SUCCESS' else: result = (False, 'INVALID_ACTION') msg = i.get('msg', None) if result[0] is True: return web.seeother('/domains?msg=%s' % msg) else: return web.seeother('/domains?msg=' + result[1])
def GET(self, profile_type, domain): i = web.input() self.domain = web.safestr(domain.split('/', 1)[0]) self.profile_type = web.safestr(profile_type) if not iredutils.isDomain(self.domain): return web.seeother('/domains?msg=EMPTY_DOMAIN') domainLib = domainlib.Domain() result = domainLib.profile(domain=self.domain) if result[0] is True: r = domainLib.listAccounts(attrs=['domainName']) if r[0] is True: allDomains = r[1] else: return r allAccountSettings = ldaputils.getAccountSettingFromLdapQueryResult( result[1], key='domainName', ) return web.render( 'ldap/domain/profile.html', cur_domain=self.domain, allDomains=allDomains, allAccountSettings=allAccountSettings, profile=result[1], profile_type=self.profile_type, msg=i.get('msg', None), ) else: return web.seeother('/domains?msg=' + result[1])
def POST(self, profile_type, domain): self.profile_type = web.safestr(profile_type) self.domain = web.safestr(domain) i = web.input( domainAliasName=[], enabledService=[], domainAdmin=[], defaultList=[], ) if self.domain != web.safestr(i.get('domainName', None)).lower(): raise web.seeother( '/profile/domain/%s/%s?msg=DOMAIN_NAME_MISMATCH' % (self.profile_type, self.domain)) domainLib = domainlib.Domain() result = domainLib.update(profile_type=self.profile_type, domain=self.domain, data=i) if result[0] is True: raise web.seeother('/profile/domain/%s/%s?msg=UPDATED' % (self.profile_type, self.domain)) elif result[0] is False: raise web.seeother( '/profile/domain/%s/%s?msg=%s' % (self.profile_type, self.domain, web.urlquote(result[1])))
def POST(self): i = web.input() self.domain = web.safestr(i.get('domainName')).strip().lower() domainLib = domainlib.Domain() result = domainLib.add(data=i) if result[0] is True: return web.seeother( '/profile/domain/general/%s?msg=CREATED_SUCCESS' % self.domain) else: return web.seeother('/create/domain?msg=%s' % result[1])
def GET(self, profile_type, mail): self.mail = web.safestr(mail) self.profile_type = web.safestr(profile_type) if session.get('domainGlobalAdmin') is not True and session.get('username') != self.mail: # Don't allow to view/update other admins' profile. raise web.seeother('/profile/admin/general/%s?msg=PERMISSION_DENIED' % session.get('username')) # Get admin profile. adminLib = admin.Admin() result = adminLib.profile(self.mail) if result[0] is not True: raise web.seeother('/admins?msg=' + result[1]) else: self.admin_profile = result[1] i = web.input() if self.profile_type == 'general': # Get available languages. if result[0] is True: ################### # Managed domains # # Get all domains. domainLib = domainlib.Domain() resultOfAllDomains = domainLib.listAccounts(attrs=['domainName', 'cn', ]) if resultOfAllDomains[0] is True: self.allDomains = resultOfAllDomains[1] else: return resultOfAllDomains return web.render( 'ldap/admin/profile.html', mail=self.mail, profile_type=self.profile_type, profile=self.admin_profile, languagemaps=languages.get_language_maps(), allDomains=self.allDomains, msg=i.get('msg', None), ) else: raise web.seeother('/profile/admin/%s/%s?msg=%s' % (self.profile_type, self.mail, result[1])) elif self.profile_type == 'password': return web.render('ldap/admin/profile.html', mail=self.mail, profile_type=self.profile_type, profile=self.admin_profile, min_passwd_length=settings.min_passwd_length, max_passwd_length=settings.max_passwd_length, msg=i.get('msg', None))
def GET(self, domain='', cur_page=1): domain = web.safestr(domain).split('/', 1)[0] cur_page = int(cur_page) if not iredutils.is_domain(domain): raise web.seeother('/domains?msg=INVALID_DOMAIN_NAME') if cur_page == 0: cur_page = 1 i = web.input() domainLib = domainlib.Domain() result = domainLib.listAccounts(attrs=[ 'domainName', 'accountStatus', ]) if result[0] is True: allDomains = result[1] else: return result userLib = user.User() result = userLib.listAccounts(domain=domain) if result[0] is True: connutils = connUtils.Utils() sl = connutils.getSizelimitFromAccountLists( result[1], curPage=cur_page, sizelimit=settings.PAGE_SIZE_LIMIT, accountType='user', domain=domain, ) accountList = sl.get('accountList', []) if cur_page > sl.get('totalPages'): cur_page = sl.get('totalPages') return web.render( 'ldap/user/list.html', cur_page=cur_page, total=sl.get('totalAccounts'), users=accountList, cur_domain=domain, allDomains=allDomains, accountUsedQuota={}, msg=i.get('msg'), ) else: raise web.seeother('/domains?msg=%s' % web.urlquote(result[1]))
def GET(self, profile_type, mail): i = web.input( enabledService=[], telephoneNumber=[], ) self.mail = web.safestr(mail) self.cur_domain = self.mail.split('@', 1)[-1] self.profile_type = web.safestr(profile_type) if self.mail.startswith('@') and iredutils.is_domain(self.cur_domain): # Catchall account. raise web.seeother('/profile/domain/catchall/%s' % self.cur_domain) if not iredutils.is_email(self.mail): raise web.seeother('/domains?msg=INVALID_USER') domainAccountSetting = {} userLib = user.User() result = userLib.profile(domain=self.cur_domain, mail=self.mail) if result[0] is False: raise web.seeother('/users/%s?msg=%s' % (self.cur_domain, web.urlquote(result[1]))) if self.profile_type == 'password': # Get accountSetting of current domain. domainLib = domainlib.Domain() result_setting = domainLib.getDomainAccountSetting( domain=self.cur_domain) if result_setting[0] is True: domainAccountSetting = result_setting[1] minPasswordLength = domainAccountSetting.get('minPasswordLength', '0') maxPasswordLength = domainAccountSetting.get('maxPasswordLength', '0') return web.render( 'ldap/user/profile.html', profile_type=self.profile_type, mail=self.mail, user_profile=result[1], defaultStorageBaseDirectory=settings.storage_base_directory, minPasswordLength=minPasswordLength, maxPasswordLength=maxPasswordLength, domainAccountSetting=domainAccountSetting, languagemaps=get_language_maps(), msg=i.get('msg', None), )
def update(self, profile_type, mail, data): self.profile_type = web.safestr(profile_type) self.mail = str(mail).lower() self.domain = self.mail.split('@', 1)[-1] domainAccountSetting = {} connutils = connUtils.Utils() domainLib = domainlib.Domain() # Get account dn. self.dn = connutils.getDnWithKeyword(self.mail, accountType='user') try: result = domainLib.getDomainAccountSetting(domain=self.domain) if result[0] is True: domainAccountSetting = result[1] except Exception, e: pass
def POST(self): i = web.input( domainName=[], _unicode=False, ) self.domainName = i.get('domainName', []) action = i.get('action', None) domainLib = domainlib.Domain() if action == 'delete': keep_mailbox_days = form_utils.get_single_value( form=i, input_name='keep_mailbox_days', default_value=0, is_integer=True) result = domainLib.delete(domains=self.domainName, keep_mailbox_days=keep_mailbox_days) msg = 'DELETED' elif action == 'disable': result = domainLib.enableOrDisableAccount( domains=self.domainName, action='disable', ) msg = 'DISABLED' elif action == 'enable': result = domainLib.enableOrDisableAccount( domains=self.domainName, action='enable', ) msg = 'ENABLED' else: result = (False, 'INVALID_ACTION') msg = i.get('msg', None) if result[0] is True: raise web.seeother('/domains?msg=%s' % msg) else: raise web.seeother('/domains?msg=' + web.urlquote(result[1]))
def GET(self, cur_page=1): i = web.input() cur_page = int(cur_page) if cur_page == 0: cur_page == 1 domainLib = domainlib.Domain() result = domainLib.listAccounts() if result[0] is True: allDomains = result[1] # Get value of accountSetting. allAccountSettings = ldaputils.getAccountSettingFromLdapQueryResult( allDomains, key='domainName', ) else: return result connutils = connUtils.Utils() sl = connutils.getSizelimitFromAccountLists( allDomains, curPage=cur_page, sizelimit=session.get('pageSizeLimit', 50), ) if cur_page > sl.get('totalPages'): cur_page = sl.get('totalPages') return web.render( 'ldap/domain/list.html', cur_page=cur_page, total=sl.get('totalAccounts'), allDomains=sl.get('accountList'), allAccountSettings=allAccountSettings, msg=i.get('msg', None), )
def POST(self, profile_type, domain): self.profile_type = web.safestr(profile_type) self.domain = web.safestr(domain) i = web.input() if self.domain != web.safestr(i.get('domainName', None)): return web.seeother( '/profile/domain/%s/%s?msg=DOMAIN_NAME_MISMATCH' % (self.profile_type, self.domain)) domainLib = domainlib.Domain() result = domainLib.update( profile_type=self.profile_type, domain=self.domain, data=i, ) if result[0] is True: return web.seeother( '/profile/domain/%s/%s?msg=PROFILE_UPDATED_SUCCESS' % (self.profile_type, self.domain)) elif result[0] is False: return web.seeother('/profile/domain/%s/%s?msg=%s' % (self.profile_type, self.domain, result[1]))
def GET(self, domainName=None): i = web.input() if domainName is None: self.cur_domain = '' else: self.cur_domain = web.safestr(domainName) domainLib = domainlib.Domain() result = domainLib.listAccounts(attrs=[ 'domainName', 'accountSetting', 'domainCurrentQuotaSize', ]) if result[0] is True: allDomains = result[1] if len(allDomains) == 0: raise web.seeother('/domains?msg=NO_DOMAIN_AVAILABLE') else: # Redirect to create new user under first domain, so that we # can get per-domain account settings, such as number of # account limit, password length control, etc. if self.cur_domain == '': raise web.seeother('/create/user/' + str(allDomains[0][1]['domainName'][0])) # Get accountSetting of current domain. allAccountSettings = ldaputils.getAccountSettingFromLdapQueryResult( allDomains, key='domainName') domainAccountSetting = allAccountSettings.get(self.cur_domain, {}) defaultUserQuota = domainLib.getDomainDefaultUserQuota( self.cur_domain, domainAccountSetting) else: raise web.seeother('/domains?msg=' % web.urlquote(result[1])) # Get number of account limit. connutils = connUtils.Utils() result = connutils.getNumberOfCurrentAccountsUnderDomain( self.cur_domain, accountType='user', ) if result[0] is True: numberOfCurrentAccounts = result[1] else: numberOfCurrentAccounts = 0 # Get current domain quota size. result = connutils.getDomainCurrentQuotaSizeFromLDAP( domain=self.cur_domain) if result[0] is True: domainCurrentQuotaSize = result[1] else: # -1 means temporary error. Don't allow to create new user. domainCurrentQuotaSize = -1 return web.render('ldap/user/create.html', cur_domain=self.cur_domain, allDomains=allDomains, defaultUserQuota=defaultUserQuota, domainAccountSetting=domainAccountSetting, numberOfCurrentAccounts=numberOfCurrentAccounts, domainCurrentQuotaSize=domainCurrentQuotaSize, msg=i.get('msg'))
def add(self, domain, data): # Get domain name, username, cn. self.domain = web.safestr(data.get('domainName')).strip().lower() self.username = web.safestr(data.get('username')).strip().lower() self.mail = self.username + '@' + self.domain self.groups = data.get('groups', []) if not iredutils.isDomain(self.domain) or not iredutils.isEmail( self.mail): return (False, 'MISSING_DOMAIN_OR_USERNAME') # Check account existing. connutils = connUtils.Utils() if connutils.isAccountExists(domain=self.domain, filter='(mail=%s)' % self.mail): return (False, 'ALREADY_EXISTS') # Get @domainAccountSetting. domainLib = domainlib.Domain() result_domain_profile = domainLib.profile(self.domain) # Initial parameters. domainAccountSetting = {} self.aliasDomains = [] if result_domain_profile[0] is True: domainProfile = result_domain_profile[1] domainAccountSetting = ldaputils.getAccountSettingFromLdapQueryResult( domainProfile, key='domainName').get(self.domain, {}) self.aliasDomains = domainProfile[0][1].get('domainAliasName', []) # Check password. self.newpw = web.safestr(data.get('newpw')) self.confirmpw = web.safestr(data.get('confirmpw')) result = iredutils.verifyNewPasswords( self.newpw, self.confirmpw, min_passwd_length=domainAccountSetting.get('minPasswordLength', '0'), max_passwd_length=domainAccountSetting.get('maxPasswordLength', '0'), ) if result[0] is True: self.passwd = ldaputils.generatePasswd(result[1]) else: return result # Get display name. self.cn = data.get('cn') # Get user quota. Unit is MB. # 0 or empty is not allowed if domain quota is set, set to # @defaultUserQuota or @domainSpareQuotaSize # Initial final mailbox quota. self.quota = 0 # Get mail quota from web form. defaultUserQuota = domainLib.getDomainDefaultUserQuota( self.domain, domainAccountSetting) self.mailQuota = str(data.get('mailQuota')).strip() if self.mailQuota.isdigit(): self.mailQuota = int(self.mailQuota) else: self.mailQuota = defaultUserQuota # 0 means unlimited. domainQuotaSize, domainQuotaUnit = domainAccountSetting.get( 'domainQuota', '0:GB').split(':') if int(domainQuotaSize) == 0: # Unlimited. self.quota = self.mailQuota else: # Get domain quota, convert to MB. if domainQuotaUnit == 'TB': domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB elif domainQuotaUnit == 'GB': domainQuota = int(domainQuotaSize) * 1024 # GB else: domainQuota = int(domainQuotaSize) # MB # TODO Query whole domain and calculate current quota size, not read from domain profile. #domainCurrentQuotaSize = int(domainProfile[0][1].get('domainCurrentQuotaSize', ['0'])[0]) / (1024*1024) result = connutils.getDomainCurrentQuotaSizeFromLDAP( domain=self.domain) if result[0] is True: domainCurrentQuotaSize = result[1] else: domainCurrentQuotaSize = 0 # Spare quota. domainSpareQuotaSize = domainQuota - domainCurrentQuotaSize / ( 1024 * 1024) if domainSpareQuotaSize <= 0: return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE') # Get FINAL mailbox quota. if self.mailQuota == 0: self.quota = domainSpareQuotaSize else: if domainSpareQuotaSize > self.mailQuota: self.quota = self.mailQuota else: self.quota = domainSpareQuotaSize # Get default groups. self.groups = [ web.safestr(v) for v in domainAccountSetting.get('defaultList', '').split(',') if iredutils.isEmail(v) ] self.defaultStorageBaseDirectory = domainAccountSetting.get( 'defaultStorageBaseDirectory', None) # Get default mail list which set in domain accountSetting. ldif = iredldif.ldif_mailuser( domain=self.domain, aliasDomains=self.aliasDomains, username=self.username, cn=self.cn, passwd=self.passwd, quota=self.quota, groups=self.groups, storageBaseDirectory=self.defaultStorageBaseDirectory, ) if attrs.RDN_USER == 'mail': self.dn = ldaputils.convKeywordToDN(self.mail, accountType='user') elif attrs.RDN_USER == 'cn': self.dn = 'cn=' + self.cn + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \ ldaputils.convKeywordToDN(self.domain, accountType='domain') elif attrs.RDN_USER == 'uid': self.dn = 'uid=' + self.username + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \ ldaputils.convKeywordToDN(self.domain, accountType='domain') else: return (False, 'UNSUPPORTED_USER_RDN') try: self.conn.add_s( ldap.filter.escape_filter_chars(self.dn), ldif, ) web.logger( msg="Create user: %s." % (self.mail), domain=self.domain, event='create', ) return (True, ) except ldap.ALREADY_EXISTS: return (False, 'ALREADY_EXISTS') except Exception, e: return (False, ldaputils.getExceptionDesc(e))
def GET(self, profile_type, mail): self.mail = web.safestr(mail) self.profile_type = web.safestr(profile_type) if session.get('domainGlobalAdmin') is not True and session.get('username') != self.mail: # Don't allow to view/update other admins' profile. return web.seeother('/profile/admin/general/%s?msg=PERMISSION_DENIED' % session.get('username')) adminLib = admin.Admin() # Get admin profile. result = adminLib.profile(self.mail) if result[0] is not True: return web.seeother('/admins?msg=' + result[1]) else: self.admin_profile = result[1] i = web.input() if self.profile_type == 'general': # Get available languages. if result[0] is True: ################### # Managed domains # # Check permission. #if session.get('domainGlobalAdmin') is not True: # return web.seeother('/profile/admin/general/%s?msg=PERMISSION_DENIED' % self.mail) # Get all domains. domainLib = domainlib.Domain() resultOfAllDomains = domainLib.listAccounts(attrs=['domainName', 'cn', ]) if resultOfAllDomains[0] is True: self.allDomains = resultOfAllDomains[1] else: return resultOfAllDomains # Get domains under control. resultOfManagedDomains = adminLib.getManagedDomains(mail=self.mail, attrs=['domainName', ]) if resultOfManagedDomains[0] is True: self.managedDomains = [] for d in resultOfManagedDomains[1]: if 'domainName' in d[1].keys(): self.managedDomains += d[1].get('domainName') else: return resultOfManagedDomains return web.render( 'ldap/admin/profile.html', mail=self.mail, profile_type=self.profile_type, profile=self.admin_profile, languagemaps=languages.getLanguageMaps(), allDomains=self.allDomains, managedDomains=self.managedDomains, msg=i.get('msg', None), ) else: return web.seeother('/profile/admin/%s/%s?msg=%s' % (self.profile_type, self.mail, result[1])) elif self.profile_type == 'password': return web.render('ldap/admin/profile.html', mail=self.mail, profile_type=self.profile_type, profile=self.admin_profile, min_passwd_length=cfg.general.get('min_passwd_length'), max_passwd_length=cfg.general.get('max_passwd_length'), msg=i.get('msg', None), )
def GET(self): i = web.input(_unicode=False,) # Get queries. self.event = web.safestr(i.get('event', 'all')) self.domain = web.safestr(i.get('domain', 'all')) self.admin = web.safestr(i.get('admin', 'all')) self.cur_page = web.safestr(i.get('page', '1')) if not self.cur_page.isdigit() or self.cur_page == '0': self.cur_page = 1 else: self.cur_page = int(self.cur_page) logLib = loglib.Log() total, entries = logLib.listLogs( event=self.event, domain=self.domain, admin=self.admin, cur_page=self.cur_page, ) # Pre-defined allDomains = [] allAdmins = [] if cfg.general.backend == 'ldap': # Get all domains under control. domainLib = domain.Domain() result = domainLib.listAccounts(attrs=['domainName']) if result[0] is True: allDomains = [ v[1]['domainName'][0] for v in result[1] ] # Get all admins. if session.get('domainGlobalAdmin') is True: adminLib = admin.Admin() result = adminLib.listAccounts(attrs=['mail']) if result[0] is not False: allAdmins = [ v[1]['mail'][0] for v in result[1] ] else: allAdmins = [self.admin] elif cfg.general.backend == 'mysql': domainLib = domainlib.Domain() qr = domainLib.getAllDomains(columns=['domain']) if qr[0] is True: for r in qr[1]: allDomains += [r.domain] # Get all admins. if session.get('domainGlobalAdmin') is True: adminLib = adminlib.Admin() qr = adminLib.getAllAdmins(columns=['username']) if qr[0] is True: for r in qr[1]: allAdmins += [r.username] else: allAdmins = [self.admin] return web.render( 'panel/log.html', event=self.event, domain=self.domain, admin=self.admin, allEvents=LOG_EVENTS, cur_page=self.cur_page, total=total, entries=entries, allDomains=allDomains, allAdmins=allAdmins, msg=i.get('msg'), )
def update(self, profile_type, mail, data): self.profile_type = web.safestr(profile_type) self.mail = str(mail).lower() self.username, self.domain = self.mail.split('@', 1) domainAccountSetting = {} connutils = connUtils.Utils() domainLib = domainlib.Domain() # Get account dn. self.dn = connutils.getDnWithKeyword(self.mail, accountType='user') try: result = domainLib.getDomainAccountSetting(domain=self.domain) if result[0] is True: domainAccountSetting = result[1] except Exception as e: pass mod_attrs = [] if self.profile_type == 'general': # Update domainGlobalAdmin=yes if session.get('domainGlobalAdmin') is True: # Update domainGlobalAdmin=yes if 'domainGlobalAdmin' in data: mod_attrs = [(ldap.MOD_REPLACE, 'domainGlobalAdmin', 'yes') ] # Update enabledService=domainadmin connutils.addOrDelAttrValue( dn=self.dn, attr='enabledService', value='domainadmin', action='add', ) else: mod_attrs = [(ldap.MOD_REPLACE, 'domainGlobalAdmin', None)] # Remove enabledService=domainadmin connutils.addOrDelAttrValue( dn=self.dn, attr='enabledService', value='domainadmin', action='delete', ) # Get display name. cn = data.get('cn', None) mod_attrs += ldaputils.getSingleModAttr(attr='cn', value=cn, default=self.username) first_name = data.get('first_name', '') mod_attrs += ldaputils.getSingleModAttr(attr='givenName', value=first_name, default=self.username) last_name = data.get('last_name', '') mod_attrs += ldaputils.getSingleModAttr(attr='sn', value=last_name, default=self.username) # Get preferred language: short lang code. e.g. en_US, de_DE. preferred_lang = web.safestr(data.get('preferredLanguage', 'en_US')) # Must be equal to or less than 5 characters. if len(preferred_lang) > 5: preferred_lang = preferred_lang[:5] mod_attrs += [(ldap.MOD_REPLACE, 'preferredLanguage', preferred_lang)] # Update language immediately. if session.get('username') == self.mail and \ session.get('lang', 'en_US') != preferred_lang: session['lang'] = preferred_lang # Update employeeNumber, mobile, title. for tmp_attr in [ 'employeeNumber', 'mobile', 'title', ]: mod_attrs += ldaputils.getSingleModAttr( attr=tmp_attr, value=data.get(tmp_attr), default=None) ############ # Get quota # Get mail quota from web form. quota = web.safestr(data.get('mailQuota', '')).strip() oldquota = web.safestr(data.get('oldMailQuota', '')).strip() if not oldquota.isdigit(): oldquota = 0 else: oldquota = int(oldquota) if quota == '' or not quota.isdigit(): # Don't touch it, keep original value. pass else: # Assign quota which got from web form. mailQuota = int(quota) # If mailQuota > domainSpareQuotaSize, use domainSpareQuotaSize. # if mailQuota < domainSpareQuotaSize, use mailQuota # 0 means unlimited. domainQuotaSize, domainQuotaUnit = domainAccountSetting.get( 'domainQuota', '0:GB').split(':') if int(domainQuotaSize) == 0: # Unlimited. Keep quota which got from web form. mod_attrs += [(ldap.MOD_REPLACE, 'mailQuota', str(mailQuota * 1024 * 1024))] else: # Get domain quota. if domainQuotaUnit == 'TB': domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB elif domainQuotaUnit == 'GB': domainQuota = int(domainQuotaSize) * 1024 # GB else: domainQuota = int(domainQuotaSize) # MB # Query LDAP and get current domain quota size. result = connutils.getDomainCurrentQuotaSizeFromLDAP( domain=self.domain) if result[0] is True: domainCurrentQuotaSizeInBytes = result[1] else: domainCurrentQuotaSizeInBytes = 0 # Spare quota. domainSpareQuotaSize = (domainQuota + oldquota) - ( domainCurrentQuotaSizeInBytes / (1024 * 1024)) if domainSpareQuotaSize <= 0: # Set to 1MB. don't exceed domain quota size. mod_attrs += [(ldap.MOD_REPLACE, 'mailQuota', str(1024 * 1024))] else: # Get FINAL mailbox quota. if mailQuota >= domainSpareQuotaSize: mailQuota = domainSpareQuotaSize mod_attrs += [(ldap.MOD_REPLACE, 'mailQuota', str(mailQuota * 1024 * 1024))] # End quota ############ # Get telephoneNumber. telephoneNumber = data.get('telephoneNumber', []) nums = [str(num) for num in telephoneNumber if len(num) > 0] mod_attrs += [(ldap.MOD_REPLACE, 'telephoneNumber', nums)] # Get accountStatus. if 'accountStatus' in list(data.keys()): accountStatus = 'active' else: accountStatus = 'disabled' mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)] elif self.profile_type == 'password': # Get password length from @domainAccountSetting. minPasswordLength = domainAccountSetting.get( 'minPasswordLength', settings.min_passwd_length) maxPasswordLength = domainAccountSetting.get( 'maxPasswordLength', settings.max_passwd_length) # Get new passwords from user input. self.newpw = str(data.get('newpw', None)) self.confirmpw = str(data.get('confirmpw', None)) result = iredutils.verify_new_password( newpw=self.newpw, confirmpw=self.confirmpw, min_passwd_length=minPasswordLength, max_passwd_length=maxPasswordLength, ) if result[0] is True: if 'storePasswordInPlainText' in data and settings.STORE_PASSWORD_IN_PLAIN_TEXT: self.passwd = iredutils.generate_password_hash( result[1], pwscheme='PLAIN') else: self.passwd = iredutils.generate_password_hash(result[1]) mod_attrs += [(ldap.MOD_REPLACE, 'userPassword', self.passwd)] mod_attrs += [(ldap.MOD_REPLACE, 'shadowLastChange', str(ldaputils.getDaysOfShadowLastChange()))] else: return result try: self.conn.modify_s(self.dn, mod_attrs) return (True, ) except Exception as e: return (False, ldaputils.getExceptionDesc(e))