def approve_request(modeladmin, request, queryset):
for q in queryset:
try:
q.admin_set_approved(request)
l_dict = build_dict_from_account_request(q)
rc_user = RcLdapUser(**l_dict)
rc_user.save()
account_created.send(sender=rc_user,account=rc_user)
aff = UserAffiliation(
username = q.username,
organization = q.organization,
affiliation = q.affiliation,
role = q.role)
aff.save()
if obj.organization.lower() == 'ucb':
ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
else:
account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff)
rc_group_name = '%spgrp' % rc_user.username
rc_group = RcLdapGroup(name=rc_group_name,
gid=rc_user.uid,
members=[rc_user.username])
rc_group.save()
group_ownership = GroupOwnership(
name=rc_group_name,
gid=rc_user.uid,
group_type='posix',
owners=[rc_user.username])
group_ownership.save()
rc_sgroup_name = '%sgrp' % rc_user.username
gid = IdTracker.objects.get(category='shared').get_next_uid()
rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
gid=gid,
members=[rc_user.username])
rc_sgroup.save()
sgroup_ownership = GroupOwnership(
name=rc_sgroup_name,
gid=gid,
group_type='shared',
owners=[rc_user.username])
sgroup_ownership.save()
messages.success(request, "Successfully created account for %s %s (%s)." %(q.first_name,q.last_name,q.username))
except Exception as e:
messages.error(request, "Could not create account for %s %s (%s): %s" %(q.first_name,q.last_name,q.username,e))
def save_model(self, request, obj, form, change):
try:
ar = NcarAccountRequest.objects.get(id=obj.id)
change_approved = all([obj.approved,not ar.approved])
except NcarAccountRequest.DoesNotExist:
change_approved = False
if all([not change,obj.approved]) or change_approved:
try:
l_dict = build_dict_from_ncar_account_request(obj)
rc_user = RcLdapUser(**l_dict)
rc_user.save()
account_created.send(sender=rc_user,account=rc_user)
aff = UserAffiliation(
username = obj.cu_username,
organization = 'ncar')
ncar_aff = NcarAffiliation(
ncar_username = obj.ncar_username,
cu_username = obj.cu_username,
organization = 'ncar',
ncar_project_id = obj.ncar_project_id,
ticket = obj.ticket)
aff.save()
ncar_aff.save()
ncar_account_created.send(sender=rc_user,account=rc_user,ncar_affiliation=ncar_aff)
rc_group_name = '%spgrp' % rc_user.username
rc_group = RcLdapGroup(name=rc_group_name,
gid=rc_user.uid,
members=[rc_user.username])
rc_group.save()
group_ownership = GroupOwnership(
name=rc_group_name,
gid=rc_user.uid,
group_type='posix',
owners=[rc_user.username])
group_ownership.save()
rc_sgroup_name = '%sgrp' % rc_user.username
gid = IdTracker.objects.get(category='shared').get_next_uid()
rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
gid=gid,
members=[rc_user.username])
rc_sgroup.save()
sgroup_ownership = GroupOwnership(
name=rc_sgroup_name,
gid=gid,
group_type='shared',
owners=[rc_user.username])
sgroup_ownership.save()
obj.approved_on = datetime.datetime.now()
obj.approved_by = request.user
try:
obj.approved_ip=request.META['HTTP_X_FORWARDED_FOR'].strip()
except KeyError:
obj.approved_ip='0.0.0.0'
obj.save()
messages.debug(request,'Successfully generated RC Account for %s %s (%s)'%(obj.first_name,obj.last_name,obj.cu_username))
except Exception as e:
messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.cu_username,e))
else:
obj.save()
def save_model(self, request, obj, form, change):
if not obj.request_ip:
logger.info('No request_ip, adding a placeholder.')
obj.request_ip = '0.0.0.0'
if change:
logger.info('Modifying existing account request for %s'%obj.username)
ar = AccountRequest.objects.get(id=obj.id)
if all([obj.approved,not ar.approved]):
logger.info('Approving request.')
try:
obj.admin_set_approved(request)
l_dict = build_dict_from_account_request(obj)
rc_user = RcLdapUser(**l_dict)
rc_user.save()
account_created.send(sender=rc_user,account=rc_user)
aff = UserAffiliation(
username = obj.username,
organization = obj.organization,
affiliation = obj.affiliation,
role = obj.role)
aff.save()
if form.cleaned_data['send_notifications']:
if obj.organization.lower() == 'ucb':
ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
else:
account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff)
rc_group_name = '%spgrp' % rc_user.username
rc_group = RcLdapGroup(name=rc_group_name,
gid=rc_user.uid,
members=[rc_user.username])
rc_group.save()
group_ownership = GroupOwnership(
name=rc_group_name,
gid=rc_user.uid,
group_type='posix',
owners=[rc_user.username])
group_ownership.save()
rc_sgroup_name = '%sgrp' % rc_user.username
gid = IdTracker.objects.get(category='shared').get_next_uid()
rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
gid=gid,
members=[rc_user.username])
rc_sgroup.save()
sgroup_ownership = GroupOwnership(
name=rc_sgroup_name,
gid=gid,
group_type='shared',
owners=[rc_user.username])
sgroup_ownership.save()
messages.success(request, "Successfully created account for %s %s (%s)." %(obj.first_name,obj.last_name,obj.username))
except Exception as e:
messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.username,e))
return
elif all([not change,obj.approved]):
try:
obj.admin_set_approved(request)
l_dict = build_dict_from_account_request(obj)
rc_user = RcLdapUser(**l_dict)
rc_user.save()
account_created.send(sender=rc_user,account=rc_user)
aff = UserAffiliation(
username = obj.username,
organization = obj.organization,
affiliation = obj.affiliation,
role = obj.role)
aff.save()
if form.cleaned_data['send_notifications']:
if obj.organization.lower() == 'ucb':
ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
else:
account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff)
rc_group_name = '%spgrp' % rc_user.username
rc_group = RcLdapGroup(name=rc_group_name,
gid=rc_user.uid,
members=[rc_user.username])
rc_group.save()
group_ownership = GroupOwnership(
name=rc_group_name,
gid=rc_user.uid,
group_type='posix',
owners=[rc_user.username])
group_ownership.save()
rc_sgroup_name = '%sgrp' % rc_user.username
gid = IdTracker.objects.get(category='shared').get_next_uid()
rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
gid=gid,
members=[rc_user.username])
rc_sgroup.save()
sgroup_ownership = GroupOwnership(
name=rc_sgroup_name,
gid=gid,
group_type='shared',
owners=[rc_user.username])
sgroup_ownership.save()
messages.success(request, "Successfully created account for %s %s (%s)." %(obj.first_name,obj.last_name,obj.username))
except Exception as e:
messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.username,e))
return
obj.save()
def save(self,*args,**kwargs):
cu_user_dict = None
username = self.cleaned_data['username']
password = self.cleaned_data['password']
authed = culdap_auth(username, password)
if authed:
cu_user_dict = cu_ldap_lookup(username)
if cu_user_dict:
ar = super(UcbAccountRequestForm,self).save(self,*args,**kwargs)
ar.first_name = cu_user_dict['givenName']
ar.last_name = cu_user_dict['sn']
ar.email = cu_user_dict['mail']
ar.save()
try:
ar.auto_set_approved()
except Exception as e:
raise Exception('Could not save account request %s'%e)
l_dict = build_dict_from_cu_user(cu_user_dict['uid'])
l_dict['login_shell'] = ar.login_shell
rc_user = RcLdapUser(**l_dict)
rc_user.save()
account_created.send(sender=rc_user,account=rc_user)
aff = UserAffiliation(
username = self.cleaned_data['username'],
organization = self.instance.organization,
affiliation = self.cleaned_data['affiliation'],
role = self.cleaned_data['role'])
aff.save()
ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
rc_group_name = '%spgrp' % rc_user.username
rc_group = RcLdapGroup(name=rc_group_name,
gid=rc_user.uid,
members=[rc_user.username])
rc_group.save()
group_ownership = GroupOwnership(
name=rc_group_name,
gid=rc_user.uid,
group_type='posix',
owners=[rc_user.username])
group_ownership.save()
rc_sgroup_name = '%sgrp' % rc_user.username
gid = IdTracker.objects.get(category='shared').get_next_uid()
rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
gid=gid,
members=[rc_user.username])
rc_sgroup.save()
sgroup_ownership = GroupOwnership(
name=rc_sgroup_name,
gid=gid,
group_type='shared',
owners=[rc_user.username])
sgroup_ownership.save()
return ar,rc_user,aff
else:
raise Exception('Failed to authenticate through CU LDAP')