def create_for_container_auth(self, username, attrs):
"""
Creates the given user if it's not already in the database
:param username:
:param attrs:
"""
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for container account without one
generate_email = lambda usr: '******' % usr
try:
new_user = User()
new_user.username = username
new_user.password = None
new_user.api_key = generate_api_key(username)
new_user.email = attrs['email']
new_user.active = attrs.get('active', True)
new_user.name = attrs['name'] or generate_email(username)
new_user.lastname = attrs['lastname']
self.sa.add(new_user)
return new_user
except (DatabaseError, ):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug(
'User %s already exists. Skipping creation of account'
' for container auth.', username)
return None
def create_for_container_auth(self, username, attrs):
"""
Creates the given user if it's not already in the database
:param username:
:param attrs:
"""
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for container account without one
generate_email = lambda usr: '******' % usr
try:
new_user = User()
new_user.username = username
new_user.password = None
new_user.api_key = generate_api_key(username)
new_user.email = attrs['email']
new_user.active = attrs.get('active', True)
new_user.name = attrs['name'] or generate_email(username)
new_user.lastname = attrs['lastname']
self.sa.add(new_user)
return new_user
except (DatabaseError,):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug('User %s already exists. Skipping creation of account'
' for container auth.', username)
return None
def create_ldap(self, username, password, user_dn, attrs, cur_user=None):
"""
Checks if user is in database, if not creates this user marked
as ldap user
:param username:
:param password:
:param user_dn:
:param attrs:
:param cur_user:
"""
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), 'username', None)
from rhodecode.lib.auth import get_crypt_password
log.debug('Checking for such ldap account in RhodeCode database')
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for container account without one
generate_email = lambda usr: '******' % usr
password = get_crypt_password(password)
firstname = attrs['name']
lastname = attrs['lastname']
active = attrs.get('active', True)
email = attrs['email'] or generate_email(username)
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
user_data = {
'username': username,
'password': password,
'email': email,
'firstname': firstname,
'lastname': lastname,
'active': attrs.get('active', True),
'admin': False
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
try:
new_user = User()
username = username.lower()
# add ldap account always lowercase
new_user.username = username
new_user.password = password
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.ldap_dn = safe_unicode(user_dn)
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
log_create_user(new_user.get_dict(), cur_user)
return new_user
except (DatabaseError, ):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug('this %s user exists skipping creation of ldap account',
username)
return None
def test_forgot_password(self):
response = self.app.get(
url(controller='login', action='password_reset'))
self.assertEqual(response.status, '200 OK')
username = '******'
password = '******'
email = '*****@*****.**'
name = 'passwd'
lastname = 'reset'
new = User()
new.username = username
new.password = password
new.email = email
new.name = name
new.lastname = lastname
new.api_key = generate_api_key(username)
self.Session().add(new)
self.Session().commit()
response = self.app.post(
url(controller='login', action='password_reset'), {
'email': email,
})
self.checkSessionFlash(response, 'Your password reset link was sent')
response = response.follow()
# BAD KEY
key = "bad"
response = self.app.get(
url(controller='login',
action='password_reset_confirmation',
key=key))
self.assertEqual(response.status, '302 Found')
self.assertTrue(response.location.endswith(url('reset_password')))
# GOOD KEY
key = User.get_by_username(username).api_key
response = self.app.get(
url(controller='login',
action='password_reset_confirmation',
key=key))
self.assertEqual(response.status, '302 Found')
self.assertTrue(response.location.endswith(url('login_home')))
self.checkSessionFlash(response,
('Your password reset was successful, '
'new password has been sent to your email'))
response = response.follow()
def create_or_update(self,
username,
password,
email,
firstname='',
lastname='',
active=True,
admin=False,
ldap_dn=None):
"""
Creates a new instance if not found, or updates current one
:param username:
:param password:
:param email:
:param active:
:param firstname:
:param lastname:
:param active:
:param admin:
:param ldap_dn:
"""
from rhodecode.lib.auth import get_crypt_password
log.debug('Checking for %s account in RhodeCode database' % username)
user = User.get_by_username(username, case_insensitive=True)
if user is None:
log.debug('creating new user %s' % username)
new_user = User()
edit = False
else:
log.debug('updating user %s' % username)
new_user = user
edit = True
try:
new_user.username = username
new_user.admin = admin
# set password only if creating an user or password is changed
if not edit or user.password != password:
new_user.password = get_crypt_password(password)
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
return new_user
except (DatabaseError, ):
log.error(traceback.format_exc())
raise
def create(self, form_data):
try:
new_user = User()
for k, v in form_data.items():
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data['username'])
self.sa.add(new_user)
return new_user
except:
log.error(traceback.format_exc())
raise
def create(self, form_data):
try:
new_user = User()
for k, v in form_data.items():
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data['username'])
self.sa.add(new_user)
return new_user
except:
log.error(traceback.format_exc())
raise
def test_forgot_password(self):
response = self.app.get(url(controller='login',
action='password_reset'))
self.assertEqual(response.status, '200 OK')
username = '******'
password = '******'
email = '*****@*****.**'
name = 'passwd'
lastname = 'reset'
new = User()
new.username = username
new.password = password
new.email = email
new.name = name
new.lastname = lastname
new.api_key = generate_api_key(username)
self.Session().add(new)
self.Session().commit()
response = self.app.post(url(controller='login',
action='password_reset'),
{'email': email, })
self.checkSessionFlash(response, 'Your password reset link was sent')
response = response.follow()
# BAD KEY
key = "bad"
response = self.app.get(url(controller='login',
action='password_reset_confirmation',
key=key))
self.assertEqual(response.status, '302 Found')
self.assertTrue(response.location.endswith(url('reset_password')))
# GOOD KEY
key = User.get_by_username(username).api_key
response = self.app.get(url(controller='login',
action='password_reset_confirmation',
key=key))
self.assertEqual(response.status, '302 Found')
self.assertTrue(response.location.endswith(url('login_home')))
self.checkSessionFlash(response,
('Your password reset was successful, '
'new password has been sent to your email'))
response = response.follow()
def create_for_container_auth(self, username, attrs, cur_user=None):
"""
Creates the given user if it's not already in the database
:param username:
:param attrs:
:param cur_user:
"""
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), 'username', None)
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for container account without one
generate_email = lambda usr: '******' % usr
firstname = attrs['name']
lastname = attrs['lastname']
active = attrs.get('active', True)
email = attrs['email'] or generate_email(username)
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
user_data = {
'username': username,
'password': None,
'email': email,
'firstname': firstname,
'lastname': lastname,
'active': attrs.get('active', True),
'admin': False
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
try:
new_user = User()
new_user.username = username
new_user.password = None
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
log_create_user(new_user.get_dict(), cur_user)
return new_user
except (DatabaseError, ):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug(
'User %s already exists. Skipping creation of account'
' for container auth.', username)
return None
def create_for_container_auth(self, username, attrs, cur_user=None):
"""
Creates the given user if it's not already in the database
:param username:
:param attrs:
:param cur_user:
"""
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), "username", None)
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for container account without one
generate_email = lambda usr: "******" % usr
firstname = attrs["name"]
lastname = attrs["lastname"]
active = attrs.get("active", True)
email = attrs["email"] or generate_email(username)
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
user_data = {
"username": username,
"password": None,
"email": email,
"firstname": firstname,
"lastname": lastname,
"active": attrs.get("active", True),
"admin": False,
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
try:
new_user = User()
new_user.username = username
new_user.password = None
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
log_create_user(new_user.get_dict(), cur_user)
return new_user
except (DatabaseError,):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug("User %s already exists. Skipping creation of account" " for container auth.", username)
return None
def create_or_update(
self, username, password, email, firstname="", lastname="", active=True, admin=False, ldap_dn=None
):
"""
Creates a new instance if not found, or updates current one
:param username:
:param password:
:param email:
:param active:
:param firstname:
:param lastname:
:param active:
:param admin:
:param ldap_dn:
"""
from rhodecode.lib.auth import get_crypt_password
log.debug("Checking for %s account in RhodeCode database" % username)
user = User.get_by_username(username, case_insensitive=True)
if user is None:
log.debug("creating new user %s" % username)
new_user = User()
edit = False
else:
log.debug("updating user %s" % username)
new_user = user
edit = True
try:
new_user.username = username
new_user.admin = admin
# set password only if creating an user or password is changed
if not edit or user.password != password:
new_user.password = get_crypt_password(password)
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
return new_user
except (DatabaseError,):
log.error(traceback.format_exc())
raise
def create(self, form_data):
from rhodecode.lib.auth import get_crypt_password
try:
new_user = User()
for k, v in form_data.items():
if k == 'password':
v = get_crypt_password(v)
if k == 'firstname':
k = 'name'
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data['username'])
self.sa.add(new_user)
return new_user
except:
log.error(traceback.format_exc())
raise
def create(self, form_data):
from rhodecode.lib.auth import get_crypt_password
try:
new_user = User()
for k, v in form_data.items():
if k == 'password':
v = get_crypt_password(v)
if k == 'firstname':
k = 'name'
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data['username'])
self.sa.add(new_user)
return new_user
except Exception:
log.error(traceback.format_exc())
raise
def test_forgot_password(self):
response = self.app.get(url(controller="login", action="password_reset"))
self.assertEqual(response.status, "200 OK")
username = "******"
password = "******"
email = "*****@*****.**"
name = "passwd"
lastname = "reset"
new = User()
new.username = username
new.password = password
new.email = email
new.name = name
new.lastname = lastname
new.api_key = generate_api_key(username)
self.Session().add(new)
self.Session().commit()
response = self.app.post(url(controller="login", action="password_reset"), {"email": email})
self.checkSessionFlash(response, "Your password reset link was sent")
response = response.follow()
# BAD KEY
key = "bad"
response = self.app.get(url(controller="login", action="password_reset_confirmation", key=key))
self.assertEqual(response.status, "302 Found")
self.assertTrue(response.location.endswith(url("reset_password")))
# GOOD KEY
key = User.get_by_username(username).api_key
response = self.app.get(url(controller="login", action="password_reset_confirmation", key=key))
self.assertEqual(response.status, "302 Found")
self.assertTrue(response.location.endswith(url("login_home")))
self.checkSessionFlash(
response, ("Your password reset was successful, " "new password has been sent to your email")
)
response = response.follow()
def create(cls, form_data):
from rhodecode.lib.auth import get_crypt_password
try:
new_user = cls()
for k, v in form_data.items():
if k == "password":
v = get_crypt_password(v)
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data["username"])
Session.add(new_user)
Session.commit()
return new_user
except:
log.error(traceback.format_exc())
Session.rollback()
raise
def update_user(self, user, **kwargs):
from rhodecode.lib.auth import get_crypt_password
try:
user = self._get_user(user)
if user.username == "default":
raise DefaultUserException(_("You can't Edit this user since it's" " crucial for entire application"))
for k, v in kwargs.items():
if k == "password" and v:
v = get_crypt_password(v)
user.api_key = generate_api_key(user.username)
setattr(user, k, v)
self.sa.add(user)
return user
except Exception:
log.error(traceback.format_exc())
raise
def update_my_account(self, user_id, form_data):
try:
user = self.get(user_id, cache=False)
if user.username == 'default':
raise DefaultUserException(
_("You can't Edit this user since it's"
" crucial for entire application"))
for k, v in form_data.items():
if k == 'new_password' and v != '':
user.password = v
user.api_key = generate_api_key(user.username)
else:
if k not in ['admin', 'active']:
setattr(user, k, v)
self.sa.add(user)
except:
log.error(traceback.format_exc())
raise
def update_my_account(self, user_id, form_data):
try:
user = self.get(user_id, cache=False)
if user.username == 'default':
raise DefaultUserException(
_("You can't Edit this user since it's"
" crucial for entire application"))
for k, v in form_data.items():
if k == 'new_password' and v != '':
user.password = v
user.api_key = generate_api_key(user.username)
else:
if k not in ['admin', 'active']:
setattr(user, k, v)
self.sa.add(user)
except:
log.error(traceback.format_exc())
raise
def update_user(self, user, **kwargs):
from rhodecode.lib.auth import get_crypt_password
try:
user = self._get_user(user)
if user.username == 'default':
raise DefaultUserException(
_("You can't Edit this user since it's"
" crucial for entire application"))
for k, v in kwargs.items():
if k == 'password' and v:
v = get_crypt_password(v)
user.api_key = generate_api_key(user.username)
setattr(user, k, v)
self.sa.add(user)
return user
except Exception:
log.error(traceback.format_exc())
raise
def update(self, user_id, form_data):
from rhodecode.lib.auth import get_crypt_password
try:
user = self.get(user_id, cache=False)
if user.username == 'default':
raise DefaultUserException(
_("You can't Edit this user since it's"
" crucial for entire application"))
for k, v in form_data.items():
if k == 'new_password' and v:
user.password = get_crypt_password(v)
user.api_key = generate_api_key(user.username)
else:
if k == 'firstname':
k = 'name'
setattr(user, k, v)
self.sa.add(user)
except:
log.error(traceback.format_exc())
raise
def create_ldap(self, username, password, user_dn, attrs):
"""
Checks if user is in database, if not creates this user marked
as ldap user
:param username:
:param password:
:param user_dn:
:param attrs:
"""
from rhodecode.lib.auth import get_crypt_password
log.debug('Checking for such ldap account in RhodeCode database')
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for ldap account without one
generate_email = lambda usr: '******' % usr
try:
new_user = User()
username = username.lower()
# add ldap account always lowercase
new_user.username = username
new_user.password = get_crypt_password(password)
new_user.api_key = generate_api_key(username)
new_user.email = attrs['email'] or generate_email(username)
new_user.active = attrs.get('active', True)
new_user.ldap_dn = safe_unicode(user_dn)
new_user.name = attrs['name']
new_user.lastname = attrs['lastname']
self.sa.add(new_user)
return new_user
except (DatabaseError,):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug('this %s user exists skipping creation of ldap account',
username)
return None
def create_ldap(self, username, password, user_dn, attrs):
"""
Checks if user is in database, if not creates this user marked
as ldap user
:param username:
:param password:
:param user_dn:
:param attrs:
"""
from rhodecode.lib.auth import get_crypt_password
log.debug('Checking for such ldap account in RhodeCode database')
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for ldap account without one
generate_email = lambda usr: '******' % usr
try:
new_user = User()
username = username.lower()
# add ldap account always lowercase
new_user.username = username
new_user.password = get_crypt_password(password)
new_user.api_key = generate_api_key(username)
new_user.email = attrs['email'] or generate_email(username)
new_user.active = attrs.get('active', True)
new_user.ldap_dn = safe_unicode(user_dn)
new_user.name = attrs['name']
new_user.lastname = attrs['lastname']
self.sa.add(new_user)
return new_user
except (DatabaseError, ):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug('this %s user exists skipping creation of ldap account',
username)
return None
def create(self, form_data, cur_user=None):
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), "username", None)
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
_fd = form_data
user_data = {
"username": _fd["username"],
"password": _fd["password"],
"email": _fd["email"],
"firstname": _fd["firstname"],
"lastname": _fd["lastname"],
"active": _fd["active"],
"admin": False,
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
from rhodecode.lib.auth import get_crypt_password
try:
new_user = User()
for k, v in form_data.items():
if k == "password":
v = get_crypt_password(v)
if k == "firstname":
k = "name"
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data["username"])
self.sa.add(new_user)
log_create_user(new_user.get_dict(), cur_user)
return new_user
except Exception:
log.error(traceback.format_exc())
raise
def update(self, user_id, form_data, skip_attrs=[]):
from rhodecode.lib.auth import get_crypt_password
try:
user = self.get(user_id, cache=False)
if user.username == 'default':
raise DefaultUserException(
_("You can't Edit this user since it's"
" crucial for entire application"))
for k, v in form_data.items():
if k in skip_attrs:
continue
if k == 'new_password' and v:
user.password = get_crypt_password(v)
user.api_key = generate_api_key(user.username)
else:
if k == 'firstname':
k = 'name'
setattr(user, k, v)
self.sa.add(user)
except Exception:
log.error(traceback.format_exc())
raise
def create(self, form_data, cur_user=None):
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), 'username', None)
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
_fd = form_data
user_data = {
'username': _fd['username'],
'password': _fd['password'],
'email': _fd['email'],
'firstname': _fd['firstname'],
'lastname': _fd['lastname'],
'active': _fd['active'],
'admin': False
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
from rhodecode.lib.auth import get_crypt_password
try:
new_user = User()
for k, v in form_data.items():
if k == 'password':
v = get_crypt_password(v)
if k == 'firstname':
k = 'name'
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data['username'])
self.sa.add(new_user)
log_create_user(new_user.get_dict(), cur_user)
return new_user
except Exception:
log.error(traceback.format_exc())
raise
def create_or_update(self,
username,
password,
email,
firstname='',
lastname='',
active=True,
admin=False,
ldap_dn=None,
cur_user=None):
"""
Creates a new instance if not found, or updates current one
:param username:
:param password:
:param email:
:param active:
:param firstname:
:param lastname:
:param active:
:param admin:
:param ldap_dn:
:param cur_user:
"""
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), 'username', None)
from rhodecode.lib.auth import get_crypt_password
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
user_data = {
'username': username,
'password': password,
'email': email,
'firstname': firstname,
'lastname': lastname,
'active': active,
'admin': admin
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
log.debug('Checking for %s account in RhodeCode database' % username)
user = User.get_by_username(username, case_insensitive=True)
if user is None:
log.debug('creating new user %s' % username)
new_user = User()
edit = False
else:
log.debug('updating user %s' % username)
new_user = user
edit = True
try:
new_user.username = username
new_user.admin = admin
# set password only if creating an user or password is changed
if not edit or user.password != password:
new_user.password = get_crypt_password(
password) if password else None
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
if not edit:
log_create_user(new_user.get_dict(), cur_user)
return new_user
except (DatabaseError, ):
log.error(traceback.format_exc())
raise
def create_ldap(self, username, password, user_dn, attrs, cur_user=None):
"""
Checks if user is in database, if not creates this user marked
as ldap user
:param username:
:param password:
:param user_dn:
:param attrs:
:param cur_user:
"""
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), "username", None)
from rhodecode.lib.auth import get_crypt_password
log.debug("Checking for such ldap account in RhodeCode database")
if self.get_by_username(username, case_insensitive=True) is None:
# autogenerate email for container account without one
generate_email = lambda usr: "******" % usr
password = get_crypt_password(password)
firstname = attrs["name"]
lastname = attrs["lastname"]
active = attrs.get("active", True)
email = attrs["email"] or generate_email(username)
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
user_data = {
"username": username,
"password": password,
"email": email,
"firstname": firstname,
"lastname": lastname,
"active": attrs.get("active", True),
"admin": False,
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
try:
new_user = User()
username = username.lower()
# add ldap account always lowercase
new_user.username = username
new_user.password = password
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.ldap_dn = safe_unicode(user_dn)
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
log_create_user(new_user.get_dict(), cur_user)
return new_user
except (DatabaseError,):
log.error(traceback.format_exc())
self.sa.rollback()
raise
log.debug("this %s user exists skipping creation of ldap account", username)
return None
def create_or_update(
self,
username,
password,
email,
firstname="",
lastname="",
active=True,
admin=False,
ldap_dn=None,
cur_user=None,
):
"""
Creates a new instance if not found, or updates current one
:param username:
:param password:
:param email:
:param active:
:param firstname:
:param lastname:
:param active:
:param admin:
:param ldap_dn:
:param cur_user:
"""
if not cur_user:
cur_user = getattr(get_current_rhodecode_user(), "username", None)
from rhodecode.lib.auth import get_crypt_password
from rhodecode.lib.hooks import log_create_user, check_allowed_create_user
user_data = {
"username": username,
"password": password,
"email": email,
"firstname": firstname,
"lastname": lastname,
"active": active,
"admin": admin,
}
# raises UserCreationError if it's not allowed
check_allowed_create_user(user_data, cur_user)
log.debug("Checking for %s account in RhodeCode database" % username)
user = User.get_by_username(username, case_insensitive=True)
if user is None:
log.debug("creating new user %s" % username)
new_user = User()
edit = False
else:
log.debug("updating user %s" % username)
new_user = user
edit = True
try:
new_user.username = username
new_user.admin = admin
# set password only if creating an user or password is changed
if not edit or user.password != password:
new_user.password = get_crypt_password(password) if password else None
new_user.api_key = generate_api_key(username)
new_user.email = email
new_user.active = active
new_user.ldap_dn = safe_unicode(ldap_dn) if ldap_dn else None
new_user.name = firstname
new_user.lastname = lastname
self.sa.add(new_user)
if not edit:
log_create_user(new_user.get_dict(), cur_user)
return new_user
except (DatabaseError,):
log.error(traceback.format_exc())
raise