Esempio n. 1
0
    def approve_request(modeladmin, request, queryset):
        for q in queryset:
            try:
                q.admin_set_approved(request)
                l_dict = build_dict_from_account_request(q)
                rc_user = RcLdapUser(**l_dict)
                rc_user.save()
                account_created.send(sender=rc_user,account=rc_user)
                aff = UserAffiliation(
                    username = q.username,
                    organization = q.organization,
                    affiliation = q.affiliation,
                    role = q.role)
                aff.save()
                if obj.organization.lower() ==  'ucb':
                    ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
                else:
                    account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff)

                rc_group_name = '%spgrp' % rc_user.username
                rc_group = RcLdapGroup(name=rc_group_name,
                                        gid=rc_user.uid,
                                        members=[rc_user.username])
                rc_group.save()
                group_ownership = GroupOwnership(
                                    name=rc_group_name,
                                    gid=rc_user.uid,
                                    group_type='posix',
                                    owners=[rc_user.username])
                group_ownership.save()
                rc_sgroup_name = '%sgrp' % rc_user.username
                gid = IdTracker.objects.get(category='shared').get_next_uid()
                rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
                                        gid=gid,
                                        members=[rc_user.username])
                rc_sgroup.save()
                sgroup_ownership = GroupOwnership(
                                    name=rc_sgroup_name,
                                    gid=gid,
                                    group_type='shared',
                                    owners=[rc_user.username])
                sgroup_ownership.save()

                messages.success(request, "Successfully created account for %s %s (%s)." %(q.first_name,q.last_name,q.username))
            except Exception as e:
                messages.error(request, "Could not create account for %s %s (%s): %s" %(q.first_name,q.last_name,q.username,e))
Esempio n. 2
0
    def save_model(self, request, obj, form, change):
        try:
            ar = NcarAccountRequest.objects.get(id=obj.id)
            change_approved = all([obj.approved,not ar.approved])
        except NcarAccountRequest.DoesNotExist:
            change_approved = False

        if all([not change,obj.approved]) or change_approved:
            try:
                l_dict = build_dict_from_ncar_account_request(obj)
                rc_user = RcLdapUser(**l_dict)
                rc_user.save()
                account_created.send(sender=rc_user,account=rc_user)
                aff = UserAffiliation(
                    username = obj.cu_username,
                    organization = 'ncar')
                ncar_aff = NcarAffiliation(
                    ncar_username = obj.ncar_username,
                    cu_username = obj.cu_username,
                    organization = 'ncar',
                    ncar_project_id = obj.ncar_project_id,
                    ticket = obj.ticket)
                aff.save()
                ncar_aff.save()
                ncar_account_created.send(sender=rc_user,account=rc_user,ncar_affiliation=ncar_aff)

                rc_group_name = '%spgrp' % rc_user.username
                rc_group = RcLdapGroup(name=rc_group_name,
                                        gid=rc_user.uid,
                                        members=[rc_user.username])
                rc_group.save()
                group_ownership = GroupOwnership(
                                    name=rc_group_name,
                                    gid=rc_user.uid,
                                    group_type='posix',
                                    owners=[rc_user.username])
                group_ownership.save()
                rc_sgroup_name = '%sgrp' % rc_user.username
                gid = IdTracker.objects.get(category='shared').get_next_uid()
                rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
                                        gid=gid,
                                        members=[rc_user.username])
                rc_sgroup.save()
                sgroup_ownership = GroupOwnership(
                                    name=rc_sgroup_name,
                                    gid=gid,
                                    group_type='shared',
                                    owners=[rc_user.username])
                sgroup_ownership.save()

                obj.approved_on = datetime.datetime.now()
                obj.approved_by = request.user
                try:
                    obj.approved_ip=request.META['HTTP_X_FORWARDED_FOR'].strip()
                except KeyError:
                    obj.approved_ip='0.0.0.0'
                obj.save()
                messages.debug(request,'Successfully generated RC Account for %s %s (%s)'%(obj.first_name,obj.last_name,obj.cu_username))

            except Exception as e:
                messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.cu_username,e))

        else:
            obj.save()
Esempio n. 3
0
    def save_model(self, request, obj, form, change):
        if not obj.request_ip:
            logger.info('No request_ip, adding a placeholder.')
            obj.request_ip = '0.0.0.0'
        if change:
            logger.info('Modifying existing account request for %s'%obj.username)
            ar = AccountRequest.objects.get(id=obj.id)
            if all([obj.approved,not ar.approved]):
                logger.info('Approving request.')
                try:
                    obj.admin_set_approved(request)
                    l_dict = build_dict_from_account_request(obj)
                    rc_user = RcLdapUser(**l_dict)
                    rc_user.save()
                    account_created.send(sender=rc_user,account=rc_user)
                    aff = UserAffiliation(
                        username = obj.username,
                        organization = obj.organization,
                        affiliation = obj.affiliation,
                        role = obj.role)
                    aff.save()
                    
                    if form.cleaned_data['send_notifications']:
                        if obj.organization.lower() ==  'ucb':
                            ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
                        else:
                            account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff)

                    rc_group_name = '%spgrp' % rc_user.username
                    rc_group = RcLdapGroup(name=rc_group_name,
                                            gid=rc_user.uid,
                                            members=[rc_user.username])
                    rc_group.save()
                    group_ownership = GroupOwnership(
                                        name=rc_group_name,
                                        gid=rc_user.uid,
                                        group_type='posix',
                                        owners=[rc_user.username])
                    group_ownership.save()
                    rc_sgroup_name = '%sgrp' % rc_user.username
                    gid = IdTracker.objects.get(category='shared').get_next_uid()
                    rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
                                            gid=gid,
                                            members=[rc_user.username])
                    rc_sgroup.save()
                    sgroup_ownership = GroupOwnership(
                                        name=rc_sgroup_name,
                                        gid=gid,
                                        group_type='shared',
                                        owners=[rc_user.username])
                    sgroup_ownership.save()

                    messages.success(request, "Successfully created account for %s %s (%s)." %(obj.first_name,obj.last_name,obj.username))
                except Exception as e:
                    messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.username,e))
                    return
        elif all([not change,obj.approved]):
            try:
                obj.admin_set_approved(request)
                l_dict = build_dict_from_account_request(obj)
                rc_user = RcLdapUser(**l_dict)
                rc_user.save()
                account_created.send(sender=rc_user,account=rc_user)
                aff = UserAffiliation(
                    username = obj.username,
                    organization = obj.organization,
                    affiliation = obj.affiliation,
                    role = obj.role)
                aff.save()
                if form.cleaned_data['send_notifications']:
                    if obj.organization.lower() ==  'ucb':
                        ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
                    else:
                        account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff)

                rc_group_name = '%spgrp' % rc_user.username
                rc_group = RcLdapGroup(name=rc_group_name,
                                        gid=rc_user.uid,
                                        members=[rc_user.username])
                rc_group.save()
                group_ownership = GroupOwnership(
                                    name=rc_group_name,
                                    gid=rc_user.uid,
                                    group_type='posix',
                                    owners=[rc_user.username])
                group_ownership.save()
                rc_sgroup_name = '%sgrp' % rc_user.username
                gid = IdTracker.objects.get(category='shared').get_next_uid()
                rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
                                        gid=gid,
                                        members=[rc_user.username])
                rc_sgroup.save()
                sgroup_ownership = GroupOwnership(
                                    name=rc_sgroup_name,
                                    gid=gid,
                                    group_type='shared',
                                    owners=[rc_user.username])
                sgroup_ownership.save()

                messages.success(request, "Successfully created account for %s %s (%s)." %(obj.first_name,obj.last_name,obj.username))
            except Exception as e:
                messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.username,e))
                return
        
        obj.save()
Esempio n. 4
0
    def save(self,*args,**kwargs):

        cu_user_dict = None
        username = self.cleaned_data['username']
        password = self.cleaned_data['password']

        authed = culdap_auth(username, password)
        if authed:
            cu_user_dict = cu_ldap_lookup(username)

        if cu_user_dict:
            ar = super(UcbAccountRequestForm,self).save(self,*args,**kwargs)

            ar.first_name = cu_user_dict['givenName']
            ar.last_name = cu_user_dict['sn']
            ar.email = cu_user_dict['mail']
            ar.save()

            try:
                ar.auto_set_approved()
            except Exception as e:
                raise Exception('Could not save account request %s'%e)

            l_dict = build_dict_from_cu_user(cu_user_dict['uid'])
            l_dict['login_shell'] = ar.login_shell
            rc_user = RcLdapUser(**l_dict)
            rc_user.save()
            account_created.send(sender=rc_user,account=rc_user)
            aff = UserAffiliation(
                username = self.cleaned_data['username'],
                organization = self.instance.organization,
                affiliation = self.cleaned_data['affiliation'],
                role = self.cleaned_data['role'])
            aff.save()
            ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff)
            rc_group_name = '%spgrp' % rc_user.username
            rc_group = RcLdapGroup(name=rc_group_name,
                                    gid=rc_user.uid,
                                    members=[rc_user.username])
            rc_group.save()
            group_ownership = GroupOwnership(
                                name=rc_group_name,
                                gid=rc_user.uid,
                                group_type='posix',
                                owners=[rc_user.username])
            group_ownership.save()
            rc_sgroup_name = '%sgrp' % rc_user.username
            gid = IdTracker.objects.get(category='shared').get_next_uid()
            rc_sgroup = RcLdapGroup(name=rc_sgroup_name,
                                    gid=gid,
                                    members=[rc_user.username])
            rc_sgroup.save()
            sgroup_ownership = GroupOwnership(
                                name=rc_sgroup_name,
                                gid=gid,
                                group_type='shared',
                                owners=[rc_user.username])
            sgroup_ownership.save()

            return ar,rc_user,aff

        else:
            raise Exception('Failed to authenticate through CU LDAP')