def auth(username, password, ldap_connection=None, ldap_position=None):
filter_s = filter_format("(|(uid=%s)(mailPrimaryAddress=%s))", (username, username))
users = ldap_connection.search(filter=filter_s)
try:
binddn, userdict = users[0]
get_user_connection(binddn=binddn, bindpw=password)
except (udm_errors.authFail, IndexError):
raise ServiceForbidden()
return binddn, userdict["uid"][0]
def get_user_ldap_connection(self):
if not self._user_dn:
return # local user (probably root)
try:
lo, po = get_user_connection(bind=self.bind_user_connection, write=False, follow_referral=True)
return lo
except (ldap.LDAPError, udm_errors.base) as exc:
CORE.warn('Failed to open LDAP connection for user %s: %s' % (self._user_dn, exc))
def get_user_ldap_connection(self, no_cache=False, **kwargs):
if not self._user_dn:
return # local user (probably root)
try:
lo, po = get_user_connection(bind=self.bind_user_connection, write=kwargs.pop('write', False), follow_referral=True, no_cache=no_cache, **kwargs)
if not no_cache:
self._user_connections.add(lo)
return lo
except (ldap.LDAPError, udm_errors.base) as exc:
CORE.warn('Failed to open LDAP connection for user %s: %s' % (self._user_dn, exc))
def recheck_users(self, file_id, user_attrs):
file_info = self._get_info(file_id)
if ucr.is_true(
'ucsschool/wizards/schoolwizards/workaround/admin-connection'):
lo, po = get_admin_connection()
else:
lo, po = get_user_connection(bind=self.bind_user_connection,
write=False)
users = []
for attrs in user_attrs:
user = file_info.user_klass.from_frontend_attrs(
attrs, file_info.school, file_info.date_format)
user.validate(lo)
users.append(user.to_dict(file_info.date_format))
return users
def set_user_attributes(self, username, password, attributes):
dn, username = self.auth(username, password)
if self.is_blacklisted(username, 'profiledata'):
raise ServiceForbidden()
user_attributes = [attr.strip() for attr in ucr.get('self-service/udm_attributes', '').split(',')]
lo, po = get_user_connection(binddn=dn, bindpw=password)
user = self.usersmod.object(None, lo, po, dn)
user.open()
for propname, value in attributes.items():
if propname in user_attributes and user.has_property(propname):
user[propname] = value
try:
user.modify()
except udm_errors.base as exc:
MODULE.error('set_user_attributes(): modifying the user failed: %s' % (traceback.format_exc(),))
raise UMC_Error(_('The attributes could not be saved: %s') % (UDM_Error(exc)))
return _("Successfully changed your profile data.")
def import_users(self, iterator, file_id, attrs):
if ucr.is_true(
'ucsschool/wizards/schoolwizards/workaround/admin-connection'):
lo, po = get_admin_connection()
else:
lo, po = get_user_connection(bind=self.bind_user_connection,
write=False)
file_info = None
with stopped_notifier():
CSVUser.invalidate_all_caches()
for file_id, attrs in iterator:
if file_info is None:
file_info = self._get_info(file_id)
user = file_info.user_klass.from_frontend_attrs(
attrs, file_info.school, file_info.date_format)
MODULE.process(
'Going to %s %s %s' %
(user.action, file_info.user_klass.__name__, user.name))
action = {
'create': _('created'),
'modify': _('modified'),
'delete': _('deleted'),
}.get(user.action, user.action)
if user.commit(lo):
yield {
'username': user.name,
'action': action,
'success': True
}
else:
yield {
'username': user.name,
'action': action,
'success': False,
'msg': user.get_error_msg()
}
if file_info:
os.unlink(file_info.filename)
del self.file_map[file_id]
def show(self, progress, file_id, columns):
result = {}
progress.title = _('Checking users from CSV file')
file_info = self._get_info(file_id)
if ucr.is_true(
'ucsschool/wizards/schoolwizards/workaround/admin-connection'):
lo, po = get_admin_connection()
else:
lo, po = get_user_connection(bind=self.bind_user_connection,
write=False)
with open(file_info.filename, 'rb') as f:
lines = f.readlines()
if file_info.has_header:
lines = lines[1:]
reader = csv.DictReader(lines, columns, dialect=file_info.dialect)
users = []
date_pattern = 'yyyy-MMM-dd'
if locale.getlocale()[0] == 'de':
date_pattern = 'dd.MMM.yyyy'
python_date_format = None
line_no = 1
if file_info.has_header:
line_no = 2
for line in reader:
if 'birthday' in columns:
date_pattern, python_date_format = self._guess_date_format(
date_pattern, python_date_format, line['birthday'])
user = file_info.user_klass.from_csv_line(line, file_info.school,
python_date_format,
line_no, lo)
user.validate(lo)
users.append(user)
line_no += 1
progress.progress(message=user.name)
if 'name' not in columns:
# add username here:
# 1. it has to be presented and will be populated by a guess
# 2. do it before adding the to_be_deleted, as they need it
# in the columns, otherwise their real username gets overwritten
columns.insert(0, 'name')
if file_info.delete_not_mentioned:
mentioned_usernames = map(lambda u: u.name, users)
progress.title = _('Checking users from database')
progress.message = ''
existing_users = file_info.user_klass.get_all(lo, file_info.school)
for user in existing_users:
if user.name not in mentioned_usernames:
if 'birthday' in columns:
date_pattern, python_date_format = self._guess_date_format(
date_pattern, python_date_format, user.birthday)
user.action = 'delete'
user.line = ''
users.append(user)
progress.progress(message=user.name)
file_info.date_format = python_date_format
file_info.columns = columns
result['date_pattern'] = date_pattern
result['columns'] = file_info.user_klass.get_columns_for_spreadsheet(
columns)
result['required_columns'] = file_info.user_klass.get_required_columns(
)
result['users'] = [
user.to_dict(file_info.date_format) for user in users
]
result['license_error'] = license_check(users)
return result