def create(self, values): self.affirm_unique(values) values = utils.hash_ldap_user_password(values) if self.enabled_mask: self.mask_enabled_attribute(values) values = super(UserApi, self).create(values) return values
def update(self, id, values): if values['id'] != id: raise exception.ValidationError('Cannot change user ID') try: old_obj = self.get(id) except exception.NotFound: raise exception.UserNotFound(user_id=id) if old_obj.get('name') != values['name']: raise exception.Conflict('Cannot change user name') try: new_project = values['tenant_id'] except KeyError: pass else: if old_obj.get('tenant_id') != new_project: if old_obj['tenant_id']: self.project_api.remove_user(old_obj['tenant_id'], id) if new_project: self.project_api.add_user(new_project, id) values = utils.hash_ldap_user_password(values) if self.enabled_mask: values['enabled_nomask'] = old_obj['enabled_nomask'] self.mask_enabled_attribute(values) super(UserApi, self).update(id, values, old_obj)
def update_user(self, user_id, user): user = self._validate_domain(user) if 'id' in user and user['id'] != user_id: raise exception.ValidationError('Cannot change user ID') old_obj = self.user.get(user_id) if 'name' in user and old_obj.get('name') != user['name']: raise exception.Conflict('Cannot change user name') if 'tenant_id' in user and \ old_obj.get('tenant_id') != user['tenant_id']: if old_obj['tenant_id']: self.project.remove_user(old_obj['tenant_id'], self.user._id_to_dn(user_id), user_id) if user['tenant_id']: self.project.add_user(user['tenant_id'], self.user._id_to_dn(user_id), user_id) user = utils.hash_ldap_user_password(user) if self.user.enabled_mask: user['enabled_nomask'] = old_obj['enabled_nomask'] self.user.mask_enabled_attribute(user) self.user.update(user_id, user, old_obj) return self._set_default_domain(self.user.get_filtered(user_id))
def update(self, id, values): if values['id'] != id: raise exception.ValidationError('Cannot change user ID') try: old_obj = self.get(id) except exception.NotFound: raise exception.UserNotFound(user_id=id) if old_obj.get('name') != values['name']: raise exception.Conflict('Cannot change user name') try: new_tenant = values['tenant_id'] except KeyError: pass else: if old_obj.get('tenant_id') != new_tenant: if old_obj['tenant_id']: self.tenant_api.remove_user(old_obj['tenant_id'], id) if new_tenant: self.tenant_api.add_user(new_tenant, id) values = utils.hash_ldap_user_password(values) if self.enabled_mask: values['enabled_nomask'] = old_obj['enabled_nomask'] self.mask_enabled_attribute(values) super(UserApi, self).update(id, values, old_obj)
def create(self, values): self.affirm_unique(values) values = utils.hash_ldap_user_password(values) values = super(UserApi, self).create(values) tenant_id = values.get('tenant_id') if tenant_id is not None: self.tenant_api.add_user(values['tenant_id'], values['id']) return values
def create(self, values): values = utils.hash_ldap_user_password(values) if self.enabled_mask: orig_enabled = values['enabled'] self.mask_enabled_attribute(values) values = super(UserApi, self).create(values) if self.enabled_mask: values['enabled'] = orig_enabled return values
def create(self, values): values = utils.hash_ldap_user_password(values) if self.enabled_mask: orig_enabled = values["enabled"] self.mask_enabled_attribute(values) values = super(UserApi, self).create(values) if self.enabled_mask: values["enabled"] = orig_enabled return values
def create(self, values): self.affirm_unique(values) values = utils.hash_ldap_user_password(values) if self.enabled_mask: self.mask_enabled_attribute(values) values = super(UserApi, self).create(values) tenant_id = values.get('tenant_id') if tenant_id is not None: self.project_api.add_user(values['tenant_id'], values['id']) return values
def update_user(self, user_id, user): if "id" in user and user["id"] != user_id: raise exception.ValidationError("Cannot change user ID") old_obj = self.user.get(user_id) if "name" in user and old_obj.get("name") != user["name"]: raise exception.Conflict("Cannot change user name") user = utils.hash_ldap_user_password(user) if self.user.enabled_mask: self.user.mask_enabled_attribute(user) self.user.update(user_id, user, old_obj) return self.user.get_filtered(user_id)
def update_user(self, user_id, user): if 'id' in user and user['id'] != user_id: raise exception.ValidationError('Cannot change user ID') old_obj = self.user.get(user_id) if 'name' in user and old_obj.get('name') != user['name']: raise exception.Conflict('Cannot change user name') user = utils.hash_ldap_user_password(user) if self.user.enabled_mask: self.user.mask_enabled_attribute(user) self.user.update(user_id, user, old_obj) return self.user.get_filtered(user_id)
def update(self, id, values): if 'id' in values and values['id'] != id: raise exception.ValidationError('Cannot change user ID') old_obj = self.get(id) if 'name' in values and old_obj.get('name') != values['name']: raise exception.Conflict('Cannot change user name') if 'tenant_id' in values and \ old_obj.get('tenant_id') != values['tenant_id']: if old_obj['tenant_id']: self.project_api.remove_user(old_obj['tenant_id'], id) if values['tenant_id']: self.project_api.add_user(values['tenant_id'], id) values = utils.hash_ldap_user_password(values) if self.enabled_mask: values['enabled_nomask'] = old_obj['enabled_nomask'] self.mask_enabled_attribute(values) super(UserApi, self).update(id, values, old_obj) return self.get(id)
def update(self, id, values): if "id" in values and values["id"] != id: raise exception.ValidationError("Cannot change user ID") try: old_obj = self.get(id) except exception.NotFound: raise exception.UserNotFound(user_id=id) if "name" in values and old_obj.get("name") != values["name"]: raise exception.Conflict("Cannot change user name") if "tenant_id" in values and old_obj.get("tenant_id") != values["tenant_id"]: if old_obj["tenant_id"]: self.project_api.remove_user(old_obj["tenant_id"], id) if values["tenant_id"]: self.project_api.add_user(values["tenant_id"], id) values = utils.hash_ldap_user_password(values) if self.enabled_mask: values["enabled_nomask"] = old_obj["enabled_nomask"] self.mask_enabled_attribute(values) super(UserApi, self).update(id, values, old_obj) return self.get(id)
def update_user(self, user_id, user): user = self.assignment_api._validate_default_domain(user) if 'id' in user and user['id'] != user_id: raise exception.ValidationError('Cannot change user ID') old_obj = self.user.get(user_id) if 'name' in user and old_obj.get('name') != user['name']: raise exception.Conflict('Cannot change user name') if 'tenant_id' in user and \ old_obj.get('tenant_id') != user['tenant_id']: if old_obj['tenant_id']: self.project.remove_user(old_obj['tenant_id'], self.user._id_to_dn(user_id), user_id) if user['tenant_id']: self.project.add_user(user['tenant_id'], self.user._id_to_dn(user_id), user_id) user = utils.hash_ldap_user_password(user) if self.user.enabled_mask: user['enabled_nomask'] = old_obj['enabled_nomask'] self.user.mask_enabled_attribute(user) self.user.update(user_id, user, old_obj) return (self.assignment_api._set_default_domain( self.user.get_filtered(user_id)))
def test_hash_ldap_user_password_with_empty_password(self): password = '' user = self._create_test_user(password=password) user_hashed = utils.hash_ldap_user_password(user) password_hashed = user_hashed['password'] self.assertTrue(utils.ldap_check_password(password, password_hashed))
def test_hash_ldap_user_password_without_password(self): user = self._create_test_user() hashed = utils.hash_ldap_user_password(user) self.assertEqual(user, hashed)
def test_hash_ldap_user_password_with_null_password(self): user = self._create_test_user(password=None) hashed = utils.hash_ldap_user_password(user) self.assertEqual(user, hashed)