def process_request(self, request): user = request.user server = None # Used by tests only if request.method == "GET": server = request.GET.get('server') if not user or not user.is_authenticated: return if not User.objects.filter(username=user.username, userprofile__creation_method=UserProfile.CreationMethod.EXTERNAL.name).exists(): LOG.warn("User %s is not an Ldap user" % user.username) return # Cache should be cleared when user logs out. if self.USER_CACHE_NAME not in request.session: if LDAP.LDAP_SERVERS.get(): connection = ldap_access.get_connection_from_server(next(LDAP.LDAP_SERVERS.__iter__())) else: connection = ldap_access.get_connection_from_server() import_ldap_users(connection, user.username, sync_groups=True, import_by_dn=False, server=server) request.session[self.USER_CACHE_NAME] = True request.session.modified = True
def check_ldap_access_groups(self, server, username): #Avoid circular import from is_admin from useradmin.views import get_find_groups_filter allowed_group = False if LDAP.LOGIN_GROUPS.get() and LDAP.LOGIN_GROUPS.get() != ['']: login_groups = LDAP.LOGIN_GROUPS.get() connection = ldap_access.get_connection_from_server(server) try: user_info = connection.find_users(username, find_by_dn=False) except Exception as e: LOG.warn("Failed to find LDAP user: %s" % e) if not user_info: LOG.warn( "Could not get LDAP details for users with pattern %s" % username) return False ldap_info = user_info[0] group_ldap_info = connection.find_groups( "*", group_filter=get_find_groups_filter(ldap_info, server)) for group in group_ldap_info: if group['name'] in login_groups: return True else: #Login groups not set default to True allowed_group = True return allowed_group
def import_groups(self, server, user): connection = ldap_access.get_connection_from_server(server) import_ldap_users(connection, user.username, sync_groups=True, import_by_dn=False, server=server)
def import_groups(self, server, user): connection = ldap_access.get_connection_from_server(server) #Avoid circular import from is_admin from useradmin.views import import_ldap_users import_ldap_users(connection, user.username, sync_groups=True, import_by_dn=False, server=server)
def handle(self, user=None, **options): if user is None: raise CommandError(_("A username must be provided.")) import_by_dn = options['dn'] sync_groups = options['sync_groups'] server = options['server'] connection = ldap_access.get_connection_from_server(server) import_ldap_users(connection, user, sync_groups, import_by_dn)
def handle(self, group=None, **options): if group is None: raise CommandError(_("A group name must be provided.")) import_members = options['import_members'] import_by_dn = options['dn'] import_members_recursive = options['import_members_recursive'] sync_users = options['sync_users'] server = options['server'] connection = ldap_access.get_connection_from_server(server) import_ldap_groups(connection, group, import_members, import_members_recursive, sync_users, import_by_dn)
def check_ldap_access_groups(self, server, username): #Avoid circular import from is_admin from useradmin.views import get_find_groups_filter allowed_group = False if desktop.conf.LDAP.LOGIN_GROUPS.get() and desktop.conf.LDAP.LOGIN_GROUPS.get() != ['']: login_groups = desktop.conf.LDAP.LOGIN_GROUPS.get() connection = ldap_access.get_connection_from_server(server) try: user_info = connection.find_users(username, find_by_dn=False) except Exception, e: LOG.warn("Failed to find LDAP user: %s" % e) if not user_info: LOG.warn("Could not get LDAP details for users with pattern %s" % username) return False ldap_info = user_info[0] group_ldap_info = connection.find_groups("*", group_filter=get_find_groups_filter(ldap_info, server)) for group in group_ldap_info: if group['name'] in login_groups: return True
def check_ldap_access_groups(self, server, username): allowed_group = False if desktop.conf.LDAP.LOGIN_GROUPS.get( ) and desktop.conf.LDAP.LOGIN_GROUPS.get() != ['']: login_groups = desktop.conf.LDAP.LOGIN_GROUPS.get() connection = ldap_access.get_connection_from_server(server) try: user_info = connection.find_users(username, find_by_dn=False) except LdapSearchException, e: LOG.warn("Failed to find LDAP user: %s" % e) if not user_info: LOG.warn( "Could not get LDAP details for users with pattern %s" % username_pattern) return None ldap_info = user_info[0] group_ldap_info = connection.find_groups( "*", group_filter=get_find_groups_filter(ldap_info)) for group in group_ldap_info: if group['name'] in login_groups: allowed_group = True
def import_groups(self, server, user): connection = ldap_access.get_connection_from_server(server) import_ldap_users(connection, user.username, sync_groups=True, import_by_dn=False)
def handle(self, **options): server = options['server'] connection = ldap_access.get_connection_from_server(server) sync_ldap_users_and_groups(connection)