def modify_ldap_password(request): """ Modifies the password for an LDAP account. Requires POST. """ errors = {} if request.method == 'POST': form = ModifyLdapPasswordForm(request.POST) if form.is_valid(): data = form.cleaned_data where = 'WHERE' where+= ' ( lower(id_rec.lastname) = "{}" )'.format( data['sn'].lower() ) where+= ' AND' where+= ''' (profile_rec.birth_date = "{}" '''.format(data['carthageDob'].strftime('%m/%d/%Y')) where+= ' OR profile_rec.birth_date is null)' where+= ' AND' where+= ''' SUBSTRING(id_rec.ss_no FROM 8 FOR 4) = "{}" '''.format(data['ssn']) sql = CONFIRM_USER + where results = do_sql(sql, key=settings.INFORMIX_DEBUG) try: objects = results.fetchall() except: objects = '' if len(objects) == 1: # initial the ldap manager # we have to use the PWM server here l = LDAPManager( protocol=settings.LDAP_PROTOCOL_PWM, server=settings.LDAP_SERVER_PWM, port=settings.LDAP_PORT_PWM, user=settings.LDAP_USER_PWM, password=settings.LDAP_PASS_PWM, base=settings.LDAP_BASE_PWM ) search = l.search(objects[0].id) if search: # now modify password # modify_s() returns a tuple with status code # and an empty list: (103, []) try: status = l.modify( search[0][0], 'userPassword', data['userPassword'] ) # success = 103 if status[0] == 103: # success request.session['ldap_password_success'] = True # Get the user record or create one with no privileges. try: user = User.objects.get( username__exact=search[0][1]['cn'][0] ) except: # Create a User object. user = l.dj_create(search) # authenticate user user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return HttpResponseRedirect( reverse_lazy('alumni_directory_home') ) except Exception as e: # log it for later ldap_logger.debug('ldap error: {}\n{}'.format(e,data)) if '16019' in str(e): error = """ There was an error creating your account. Verify that your password does not contain any English words like the names of months, colors, etc. """ else: error = """ There was an error creating your account. Verify that your passwords meet the criteria. """ messages.add_message( request, messages.ERROR, error, extra_tags='alert alert-danger' ) else: # fail errors['ldap'] = "We failed to update your password." else: errors['ldap'] = "We failed to find your Alumni account." else: errors['informix'] = "We could not find you in the database." else: form = ModifyLdapPasswordForm() return render( request, 'registration/modify_ldap_password.html', {'form':form,'errors':errors} )