def user_update(next_auth, context, data_dict): '''Ensure LDAP users cannot be edited, and name clash with ldap users :param next_auth: the next auth function in the chain :param context: :param data_dict: ''' user_obj = None try: user_obj = auth.get_user_object(context, data_dict) except toolkit.ObjectNotFound: pass # Prevent edition of LDAP users (if so configured) if toolkit.config[ u'ckanext.ldap.prevent_edits'] and user_obj and LdapUser.by_user_id( user_obj.id): return { u'success': False, u'msg': toolkit._(u'Cannot edit LDAP users') } # Prevent name clashes! if u'name' in data_dict and user_obj and user_obj.name != data_dict[ u'name']: ldap_user_dict = find_ldap_user(data_dict[u'name']) if ldap_user_dict: if len(user_obj.ldap_user) == 0 or user_obj.ldap_user[0].ldap_id != \ ldap_user_dict[u'ldap_id']: return { u'success': False, u'msg': toolkit._(u'An LDAP user by that name already exists') } return next_auth(context, data_dict)
def _ckan_user_exists(user_name): """Check if a CKAN user name exists, and if that user is an LDAP user. @param user_name: User name to check @return: Dictionary defining 'exists' and 'ldap'. """ try: user = p.toolkit.get_action('user_show')(data_dict = {'id': user_name}) except p.toolkit.ObjectNotFound: return {'exists': False, 'is_ldap': False} ldap_user = LdapUser.by_user_id(user['id']) if ldap_user: return {'exists': True, 'is_ldap': True} else: return {'exists': True, 'is_ldap': False}
def _ckan_user_exists(user_name): """Check if a CKAN user name exists, and if that user is an LDAP user. @param user_name: User name to check @return: Dictionary defining 'exists' and 'ldap'. """ try: user = p.toolkit.get_action('user_show')(data_dict = {'id': user_name}) except p.toolkit.ObjectNotFound: return {'exists': False, 'is_ldap': False} ldap_user = LdapUser.by_user_id(user['id']) if ldap_user: return {'exists': True, 'is_ldap': True} else: return {'exists': True, 'is_ldap': False}
def ckan_user_exists(user_name): '''Check if a CKAN user name exists, and if that user is an LDAP user. :param user_name: User name to check :returns: Dictionary defining 'exists' and 'ldap'. ''' try: user = get_user_dict(user_name) except toolkit.ObjectNotFound: return {u'exists': False, u'is_ldap': False} ldap_user = LdapUser.by_user_id(user[u'id']) if ldap_user: return {u'exists': True, u'is_ldap': True} else: return {u'exists': True, u'is_ldap': False}
def user_update(context, data_dict): """Ensure LDAP users cannot be edited, and name clash with ldap users""" user_obj = None try: user_obj = ckan.logic.auth.get_user_object(context, data_dict) except ckan.logic.NotFound: pass # Prevent edition of LDAP users (if so configured) if config['ldap.prevent_edits'] and user_obj and LdapUser.by_user_id(user_obj.id): return {'success': False, 'msg': _('Cannot edit LDAP users')} # Prevent name clashes! if 'name' in data_dict and user_obj and user_obj.name != data_dict['name']: ldap_user_dict = _find_ldap_user(data_dict['name']) if ldap_user_dict: if len(user_obj.ldap_user) == 0 or user_obj.ldap_user[0].ldap_id != ldap_user_dict['ldap_id']: return {'success': False, 'msg': _('An LDAP user by that name already exists')} return ckan_user_update(context, data_dict)