def fixture_disable_restricted_access(needs_root, load_cfg): """Disable console login restrictions.""" restricted_access = security.get_restricted_access_enabled() if restricted_access: security.set_restricted_access(False) yield security.set_restricted_access(True) else: yield
def setUp(self): """Setup each .""" current_directory = os.path.dirname(__file__) self.action_file = os.path.join(current_directory, '..', '..', '..', '..', 'actions', 'users') self.users = set() self.groups = set() self.restricted_access = security.get_restricted_access_enabled() if self.restricted_access: security.set_restricted_access(False)
def tearDown(self): for user in self.users: try: self.delete_user(user) except Exception: pass for group in self.groups: self.delete_group(group) security.set_restricted_access(self.restricted_access)
def _apply_changes(request, old_status, new_status): """Apply the form changes""" if old_status['restricted_access'] != new_status['restricted_access']: try: security.set_restricted_access(new_status['restricted_access']) except Exception as exception: messages.error( request, _('Error setting restricted access: {exception}') .format(exception=exception)) else: messages.success(request, _('Updated security configuration'))
def _apply_changes(request, old_status, new_status): """Apply the form changes""" if old_status['restricted_access'] != new_status['restricted_access']: try: security.set_restricted_access(new_status['restricted_access']) except Exception as exception: messages.error( request, _('Error setting restricted access: {exception}').format( exception=exception)) else: messages.success(request, _('Updated security configuration'))
def save(self, commit=True): """Create and log the user in.""" user = super().save(commit=commit) if commit: first_boot.mark_step_done('users_firstboot') try: actions.superuser_run( 'users', ['create-user', user.get_username(), '--auth-user', ''], input=self.cleaned_data['password1'].encode()) except ActionError as error: messages.error( self.request, _('Creating LDAP user failed: {error}'.format( error=error))) try: actions.superuser_run( 'users', ['add-user-to-group', user.get_username(), 'admin']) except ActionError as error: messages.error( self.request, _('Failed to add new user to admin group: {error}'.format( error=error))) # Create initial Django groups for group_choice in UsersAndGroups.get_group_choices(): auth.models.Group.objects.get_or_create(name=group_choice[0]) admin_group = auth.models.Group.objects.get(name='admin') admin_group.user_set.add(user) self.login_user(self.cleaned_data['username'], self.cleaned_data['password1']) # Restrict console login to users in admin or sudo group try: set_restricted_access(True) except Exception as error: messages.error( self.request, _('Failed to restrict console access: {error}'.format( error=error))) return user
def save(self, commit=True): """Create and log the user in.""" user = super().save(commit=commit) if commit: first_boot.mark_step_done('users_firstboot') try: actions.superuser_run( 'ldap', ['create-user', user.get_username()], input=self.cleaned_data['password1'].encode()) except ActionError: messages.error(self.request, _('Creating LDAP user failed.')) try: actions.superuser_run( 'ldap', ['add-user-to-group', user.get_username(), 'admin']) except ActionError: messages.error(self.request, _('Failed to add new user to admin group.')) # Create initial Django groups for group_choice in GROUP_CHOICES: auth.models.Group.objects.get_or_create(name=group_choice[0]) admin_group = auth.models.Group.objects.get(name='admin') admin_group.user_set.add(user) self.login_user(self.cleaned_data['username'], self.cleaned_data['password1']) # Restrict console login to users in admin or sudo group try: set_restricted_access(True) message = _('Console login access restricted to users in ' '"admin" group. This can be configured in ' 'security settings.') messages.success(self.request, message) except Exception: messages.error(self.request, _('Failed to restrict console access.')) return user
def _apply_changes(request, old_status, new_status): """Apply the form changes""" if old_status['restricted_access'] != new_status['restricted_access']: try: security.set_restricted_access(new_status['restricted_access']) except Exception as exception: messages.error( request, _('Error setting restricted access: {exception}').format( exception=exception)) else: messages.success(request, _('Updated security configuration')) if old_status['fail2ban_enabled'] != new_status['fail2ban_enabled']: if new_status['fail2ban_enabled']: actions.superuser_run('service', ['enable', 'fail2ban']) else: actions.superuser_run('service', ['disable', 'fail2ban'])