def save_model(self, request, obj, form, change):
ldap_user_name = str(obj.ldap_user_name) if obj.ldap_user_name else None
udn = Person.ldap_udn_for( ldap_user_name )
try:
if (not ldap_user_name) or (ldap_user_name is None):
logging.warning("An LDAP user was not given. It is not updated!")
super(PersonAdmin, self).save_model(request, obj, form, change)
return
if Person.exists_in_ldap(ldap_user_name): # actualizar
ldap_person = Person.get_from_ldap(ldap_user_name)
# update data
ldap_person.update_ldap_data_from(obj)
# update password only for superuser
if str(ldap_person.ldap_user_password) != str(obj.ldap_user_password) \
and request.POST.has_key('ldap_user_password_check'):
if request.user.is_superuser:
logging.warning("User '%s' already exists in Ldap. changing password.." % ldap_user_name)
Person.update_ldap_user_password ( ldap_user_name, str(obj.ldap_user_password) )
else:
raise ValidationError( _('cant_change_password') )
# update group only for superuser
if str(ldap_person.group_id) != str(obj.group_id):
if request.user.is_superuser:
logging.warning("User '%s' already exists in Ldap. Changing group '%s' by '%s'.." % \
(ldap_user_name,ldap_person.group_id, obj.group_id ) )
Group.add_member_to(ldap_user_name, {'group_id': str(obj.group_id)})
Group.remove_member_of(ldap_user_name, ldap_person.group_id)
ldap_person.update_ldap_gidgroup( str(obj.group_id) )
else:
raise ValidationError( _('cant_change_group') )
else: # crear nuevo
new_uid_number = Person.next_ldap_uidNumber()
if not (new_uid_number > 0):
logging.error( "The following 'ldap user uid' could not be determined. " \
"The value obtained was %s" % str(new_uid_number))
raise ValidationError( _('without_ldap_user_uid') )
if Person.exist_ldap_uidNumber(new_uid_number):
logging.error("The ldap user uidNumber '%s' already exist!." % str(new_uid_number))
new_uid_number = 0
raise ValidationError( _('uidnumber_already_exist') % {'uidnumber':str(new_uid_number)} )
# Create new ldapp user
cnuser = LdapConn.parseattr( "%s %s" % (obj.name, obj.surname) )
snuser = LdapConn.parseattr( "%s" % obj.surname )
new_user = [
('objectclass', settings.LDAP_PEOPLE_OBJECTCLASSES),
('cn', [cnuser]),
('sn', [snuser]),
('givenName', [ LdapConn.parseattr(obj.name)] ),
('paisdoc', [settings.LDAP_PEOPLE_PAISDOC] ),
('tipodoc', [str(obj.document_type)] ),
('numdoc', [str(obj.document_number)] ),
('uidNumber', [str(new_uid_number)] ),
('userPassword', [str(obj.ldap_user_password)] ),
('homedirectory', [str('%s%s' % ( settings.LDAP_PEOPLE_HOMEDIRECTORY_PREFIX,
ldap_user_name))]),
('gidNumber', [str(obj.group_id)] ),
('loginShell', [str(settings.LDAP_PEOPLE_LOGIN_SHELL)]),]
if obj.position:
new_user.append(('employeeType', [str(obj.position)] ))
if obj.area:
new_user.append(('destinationIndicator', [str(obj.area)]))
if obj.floor:
new_user.append(('departmentNumber', [str(obj.floor)] ))
if obj.work_phone:
new_user.append(('telephoneNumber', [str(obj.work_phone)]))
if obj.home_phone:
new_user.append(('homePhone', [str(obj.home_phone)]))
if obj.office_name():
new_user.append(('physicalDeliveryOfficeName',
[str(LdapConn.parseattr(obj.office_name()))]))
if obj.email:
mails = []
mails.append(str(obj.email))
if obj.alternative_email:
mails.append(str(obj.alternative_email))
new_user.append(('mail',mails))
Person.create_ldap_user( ldap_user_name, new_user )
# Update ldap groups
cn_group = Group.cn_group_by_gid(obj.group_id)
cn_groups = ['%s' % str(cn_group)]
if settings.LDAP_DEFAULT_GROUPS:
cn_groups += settings.LDAP_DEFAULT_GROUPS
Group.add_member_in_groups( ldap_user_name, cn_groups )
obj.save()
except ValidationError as e:
messages.set_level(request, messages.ERROR)
messages.error(request,"%s" % e[0])
