def reset_password(self, uid, password):
attrs = [
(ldap.MOD_REPLACE, 'userPassword', [encrypt_password(password)]),
]
log.debug("conn.modify_s(%r, %r)", self._account_dn(uid), attrs)
audit.log("Resetting LDAP password for uid=%s", uid)
result = self.conn.modify_s(self._account_dn(uid), attrs)
assert result == (ldap.RES_MODIFY, [])
log.info("Password reset for uid=%s.", uid)
def create_reporting_folder(modeladmin, request, queryset):
if not (settings.BDR_API_URL and settings.BDR_API_AUTH):
messages.add_message(request, messages.ERROR,
"BDR_API_URL and BDR_API_AUTH not configured")
return
created = []
existing = []
errors = []
for org in queryset:
url = settings.BDR_API_URL + '/create_organisation_folder'
form = {
'country_code': org.country.code,
'obligation_folder_name': org.obligation.reportek_slug,
'account_uid': org.account.uid,
'organisation_name': org.name,
}
audit.log("Creating zope folder for uid=%s", org.account.uid)
resp = requests.post(url, data=form, auth=settings.BDR_API_AUTH, verify=False)
if resp.status_code != 200 or 'unauthorized' in resp.content.lower():
logging.error("BDR API request failed: %r", resp)
errors.append(org.account.uid)
continue
rv = resp.json()
success = rv['success']
if success:
if rv['created']:
created.append(rv['path'])
else:
existing.append(rv['path'])
else:
msg = "%s: %s" % (org.account.uid, rv['error'])
messages.add_message(request, messages.ERROR, msg)
if created:
msg = "%d folders created: %s" % (len(created), ', '.join(created))
messages.add_message(request, messages.INFO, msg)
if existing:
msg = "%d already existing: %s" % (len(existing), ', '.join(existing))
messages.add_message(request, messages.INFO, msg)
if errors:
msg = "%d errors: %s" % (len(errors), ', '.join(errors))
messages.add_message(request, messages.ERROR, msg)
def create_account(self, uid, org_name, country_name, password):
name = "%s / %s" % (org_name, country_name)
attrs = [
('uid', [uid.encode(self.encoding)]),
('cn', [name.encode(self.encoding)]),
('objectClass', ['top', 'organizationalRole',
'simpleSecurityObject', 'uidObject']),
('userPassword', [encrypt_password(password)]),
]
try:
log.debug("conn.add_s(%r, %r)", self._account_dn(uid), attrs)
audit.log("Creatig LDAP account for uid=%s", uid)
result = self.conn.add_s(self._account_dn(uid), attrs)
except ldap.ALREADY_EXISTS:
log.debug("Account uid=%s already exists.", uid)
return False
else:
assert result == (ldap.RES_ADD, [])
log.info("Created account uid=%s.", uid)
return True
