Exemplo n.º 1
0
    def __create_user_management(self):
        from cmdb.user_management.models.user import UserModel

        from cmdb.user_management.managers.user_manager import UserManager
        from cmdb.user_management.managers.group_manager import GroupManager
        from cmdb.user_management import __FIXED_GROUPS__
        from cmdb.security.security import SecurityManager
        scm = SecurityManager(self.setup_database_manager)
        group_manager = GroupManager(self.setup_database_manager)
        user_manager = UserManager(self.setup_database_manager)

        for group in __FIXED_GROUPS__:
            group_manager.insert(group)

        # setting the initial user to admin/admin as default
        admin_name = 'admin'
        admin_pass = '******'

        import datetime
        admin_user = UserModel(
            public_id=1,
            user_name=admin_name,
            active=True,
            group_id=__FIXED_GROUPS__[0].get_public_id(),
            registration_time=datetime.datetime.now(),
            password=scm.generate_hmac(admin_pass),
        )
        user_manager.insert(admin_user)
        return True
Exemplo n.º 2
0
    def authenticate(self, user_name: str, password: str, **kwargs) -> UserModel:
        __dbm = DatabaseManagerMongo(
            **SystemConfigReader().get_all_values_from_section('Database')
        )
        __user_manager = UserManager(__dbm)
        try:
            ldap_connection_status = self.connect()
            LOGGER.debug(f'[LdapAuthenticationProvider] Connection status: {ldap_connection_status}')
        except Exception as e:
            LOGGER.error(f'[LdapAuthenticationProvider] Failed to connect to LDAP server - error: {e}')
            raise AuthenticationError(LdapAuthenticationProvider.get_name(), e)
        ldap_search_filter = self.config.search['searchfilter'].replace("%username%", user_name)
        LOGGER.debug(f'[LdapAuthenticationProvider] Search Filter: {ldap_search_filter}')
        search_result = self.__ldap_connection.search(self.config.search['basedn'], ldap_search_filter)
        LOGGER.debug(f'[LdapAuthenticationProvider] Search result: {search_result}')

        if not search_result or len(self.__ldap_connection.entries) == 0:
            raise AuthenticationError(LdapAuthenticationProvider.get_name(), 'No matching entry')

        for entry in self.__ldap_connection.entries:
            LOGGER.debug(f'[LdapAuthenticationProvider] Entry: {entry}')
            entry_dn = entry.entry_dn
            try:
                entry_connection_result = LdapAuthenticationProvider.Connection(self.__ldap_server, entry_dn, password,
                                                                                auto_bind=True)
                LOGGER.debug(f'[LdapAuthenticationProvider] UserModel connection result: {entry_connection_result}')
            except Exception as e:
                LOGGER.error(f'[LdapAuthenticationProvider] UserModel auth result: {e}')
                raise AuthenticationError(LdapAuthenticationProvider.get_name(), e)

        # Check if user exists
        try:
            user_instance: UserModel = __user_manager.get_by({'user_name': user_name})
        except ManagerGetError as umge:
            LOGGER.warning(f'[LdapAuthenticationProvider] UserModel exists on LDAP but not in database: {umge}')
            LOGGER.debug(f'[LdapAuthenticationProvider] Try creating user: {user_name}')
            try:
                new_user_data = dict()
                new_user_data['user_name'] = user_name
                new_user_data['active'] = True
                new_user_data['group_id'] = self.config.default_group
                new_user_data['registration_time'] = datetime.now()
                new_user_data['authenticator'] = LdapAuthenticationProvider.get_name()

            except Exception as e:
                LOGGER.debug(f'[LdapAuthenticationProvider] {e}')
                raise AuthenticationError(LdapAuthenticationProvider.get_name(), e)
            LOGGER.debug(f'[LdapAuthenticationProvider] New user was init')
            try:
                user_id = __user_manager.insert(new_user_data)
            except ManagerInsertError as umie:
                LOGGER.debug(f'[LdapAuthenticationProvider] {umie}')
                raise AuthenticationError(LdapAuthenticationProvider.get_name(), umie)
            try:
                user_instance: UserModel = __user_manager.get(public_id=user_id)
            except ManagerGetError as umge:
                LOGGER.debug(f'[LdapAuthenticationProvider] {umge}')
                raise AuthenticationError(LdapAuthenticationProvider.get_name(), umge)
        return user_instance
Exemplo n.º 3
0
def preset_database(database_manager, database_name):
    from cmdb.database.errors.database_errors import DatabaseNotExists
    from cmdb.security.key.generator import KeyGenerator
    from cmdb.security.security import SecurityManager
    from cmdb.user_management.managers.group_manager import GroupManager
    from cmdb.user_management.managers.user_manager import UserManager
    try:
        database_manager.drop_database(database_name)
    except DatabaseNotExists:
        pass
    from cmdb.user_management import __FIXED_GROUPS__
    from datetime import datetime

    kg = KeyGenerator(database_manager=database_manager)
    kg.generate_rsa_keypair()
    kg.generate_symmetric_aes_key()

    group_manager = GroupManager(database_manager=database_manager)
    user_manager = UserManager(database_manager=database_manager)
    security_manager = SecurityManager(database_manager=database_manager)

    for group in __FIXED_GROUPS__:
        group_manager.insert(group)

    admin_name = 'admin'
    admin_pass = '******'
    from cmdb.user_management import UserModel
    admin_user = UserModel(
        public_id=1,
        user_name=admin_name,
        active=True,
        group_id=__FIXED_GROUPS__[0].public_id,
        registration_time=datetime.now(),
        password=security_manager.generate_hmac(admin_pass),
    )
    user_manager.insert(admin_user)