def process(req=None,resp=None,user=None):
"""check mac bind & vlan bind"""
macaddr = req.get_mac_addr()
if store.is_white_roster(macaddr):
return resp
if macaddr and user['mac_addr']:
if user['bind_mac'] == 1 and macaddr not in user['mac_addr']:
return error_auth(resp,"macaddr bind not match")
elif macaddr and not user['mac_addr'] :
store.update_user_mac(user['account_number'], macaddr)
vlan_id,vlan_id2 = req.get_vlanids()
print vlan_id,vlan_id2
if vlan_id and user['vlan_id']:
if user['bind_vlan'] == 1 and vlan_id != user['vlan_id']:
return error_auth(resp,"vlan_id bind not match")
elif vlan_id and not user['vlan_id']:
user['vlan_id'] = vlan_id
store.update_user_vlan_id(user['account_number'],vlan_id)
if vlan_id2 and user['vlan_id2']:
if user['bind_vlan'] == 1 and vlan_id2 != user['vlan_id2']:
return error_auth(resp,"vlan_id2 bind not match")
elif vlan_id2 and not user['vlan_id2']:
user['vlan_id2'] = vlan_id2
store.update_user_vlan_id2(user['account_number'],vlan_id2)
return resp
def process(req=None, resp=None, user=None):
"""执行用户组策略校验,检查MAC与VLANID绑定,并发数限制 """
group = store.get_group(user['group_id'])
if not group:
return resp
if group['bind_mac']:
if user['mac_addr'] and get_mac_addr() not in user['mac_addr']:
return error_auth(resp, "macaddr not match")
if not user['mac_addr']:
user['mac_addr'] = get_mac_addr()
store.update_user_mac(user['account_number'], get_mac_addr())
if group['bind_vlan']:
vlan_id, vlan_id2 = req.get_vlanids()
#update user vlan_bind
if vlan_id and user['vlan_id']:
if vlan_id != user['vlan_id']:
return error_auth(resp, "vlan_id bind not match")
elif vlan_id and not user['vlan_id']:
user['vlan_id'] = vlan_id
store.update_user_vlan_id(user['account_number'], vlan_id)
if vlan_id2 and user['vlan_id2']:
if vlan_id2 != user['vlan_id2']:
return error_auth(resp, "vlan_id2 bind not match")
elif vlan_id2 and not user['vlan_id2']:
user['vlan_id2'] = vlan_id2
store.update_user_vlan_id2(user['account_number'], vlan_id2)
return resp
def process(req=None,resp=None,user=None):
if not user:
return error_auth(resp,'user %s not exists'%req.get_user_name())
if not req.is_valid_pwd(utils.decrypt(user['password'])):
return error_auth(resp,'user password not match')
if not user['status'] == 1:
return error_auth(resp,'user status not ok')
return resp
def process(req=None,resp=None,user=None):
"""执行计费策略校验,用户到期检测,用户余额,时长检测"""
acct_policy = user['product_policy'] or FEE_MONTH
if acct_policy in ( FEE_MONTH,FEE_BUYOUT):
if utils.is_expire(user.get('expire_date')):
resp['Framed-Pool'] = store.get_param("9_expire_addrpool")
elif acct_policy == FEE_TIMES:
user_balance = store.get_user_balance(user['account_number'])
if user_balance <= 0:
return error_auth(resp,'user balance poor')
if user['user_concur_number'] > 0 :
if store.count_online(user['account_number']) >= user['user_concur_number']:
return error_auth(resp,'user session to limit')
return resp
def process(req=None, resp=None, user=None):
if not user:
return error_auth(resp, 'user %s not exists' % req.get_user_name())
if not req.is_valid_pwd(utils.decrypt(user['password'])):
return error_auth(resp, 'user password not match')
if user['status'] == 4:
resp['Framed-Pool'] = store.get_param("9_expire_addrpool")
return resp
if user['status'] in (0, 2, 3):
return error_auth(resp, 'user status not ok')
return resp
def process(req=None,resp=None,user=None):
if not user:
return error_auth(resp,'user %s not exists'%req.get_user_name())
if not req.is_valid_pwd(utils.decrypt(user['password'])):
return error_auth(resp,'user password not match')
if user['status'] == 4:
resp['Framed-Pool'] = store.get_param("9_expire_addrpool")
return resp
if user['status'] in (0,2,3):
return error_auth(resp,'user status not ok')
return resp
def process(req=None, resp=None, user=None):
"""check block roster"""
macaddr = req.get_mac_addr()
if store.is_black_roster(macaddr):
return error_auth(resp, "user macaddr in blacklist")
return resp
def process(req=None,resp=None,user=None):
"""check block roster"""
macaddr = req.get_mac_addr()
if store.is_black_roster(macaddr):
return error_auth(resp,"user macaddr in blacklist")
return resp