def execute(my):
# Since this is not called with Command.execute_cmd
my.check()
web = WebContainer.get_web()
reset_on = my.kwargs.get('reset') == True
if reset_on:
security = WebContainer.get_security()
#Batch()
login = Login.get_by_login(my.login)
if not login:
web.set_form_value(ResetPasswordWdg.MSG, 'This user [%s] does not exist or has been disabled. Please contact the Administrator.'%my.login)
return
email = login.get_value('email')
if not email:
web.set_form_value(ResetPasswordWdg.MSG, 'This user [%s] does not have an email entry for us to email you the new password. Please contact the Administrator.'%my.login)
return
# auto pass generation
unique_code = ''.join([ random.choice('abcdefghijklmno12345') for i in xrange(0, 5)])
auto_password = unique_code
msg = ResetPasswordWdg.RESET_MSG
# send the email
try:
from pyasm.command import EmailTriggerTestCmd
admin = Login.get_by_login('admin')
if admin:
sender_email = admin.get_value('email')
else:
sender_email = '*****@*****.**'
recipient_emails = [email]
email_msg = 'Your TACTIC password has been reset. The new password is:\n%s\nYou can change your password once you log in by going to Edit My Account at the top right corner.'%auto_password
email_cmd = EmailTriggerTestCmd(sender_email=sender_email, recipient_emails=recipient_emails, msg= email_msg, subject='TACTIC password change')
email_cmd.execute()
except TacticException, e:
msg = "Failed to send an email for your new password. Reset aborted."
web.set_form_value(ResetPasswordWdg.MSG, msg)
raise
else:
encrypted = hashlib.md5(auto_password).hexdigest()
login.set_value('password', encrypted)
login.commit()
web.set_form_value(ResetPasswordWdg.MSG, 'A new password has been sent to your email address. Please check your email.')
# handle windows domains
#if my.domain:
# my.login = "******" % (my.domain, my.login)
web.set_form_value(ResetPasswordWdg.MSG, msg)
def verify(my, login_name, password):
# replace cn=attribute with cn={login} in the config ldap_path
# e.g. cn={login},o=organization,ou=server,dc=domain
path = Config.get_value("security", "ldap_path")
server = Config.get_value("security", "ldap_server")
assert path, server
my.login_name = login_name
my.internal = True
path = path.replace("{login}", login_name)
#import ldap
try:
l = ldap.open(server)
l.simple_bind_s(path, password)
l.unbind()
return True
except:
login = Login.get_by_login(login_name)
# check if it's an external account and verify with standard approach
if login and login.get_value('location', no_exception=True) == 'external':
auth_class = "pyasm.security.TacticAuthenticate"
authenticate = Common.create_from_class_path(auth_class)
is_authenticated = authenticate.verify(login_name, password)
if is_authenticated == True:
my.internal = False
return True
elif login:
auth_class = "pyasm.security.TacticAuthenticate"
authenticate = Common.create_from_class_path(auth_class)
is_authenticated = authenticate.verify(login_name, password)
if is_authenticated == True:
my.internal = False
return True
raise SecurityException("Login/Password combination incorrect")
def alter_search(self, search):
user = Environment.get_user_name()
from pyasm.security import Login
user = Login.get_by_login(user)
search.add_filter("login", user.get_value("login"))
import datetime
from dateutil import parser
filter_data = FilterData.get()
values = filter_data.get_values_by_index("week", 0)
date_string = values.get("calendar")
if date_string:
date = parser.parse(date_string)
else:
date = datetime.datetime.now()
from tactic.ui.report import MMSUtility
#start_wday, end_wday = self.get_week_range(date_string)
start_wday, end_wday = MMSUtility.get_week_range(date)
one_day = datetime.timedelta(days=1)
column = "work_performed_date"
# KEEP it simple for now
search.add_op("begin")
search.add_filter(column, start_wday, op='>=')
search.add_filter(column, end_wday, op='<=')
search.add_op("and")
'''
search.add_op("begin")
search.add_filter(column, start_wday + one_day, op='>=')
search.add_filter(column, end_wday - one_day, op='<=')
search.add_op("and")
search.add_op("begin")
search.add_filter(column, start_wday, op='>=')
search.add_filter(column, start_wday+one_day, op='<=')
search.add_filter("shift", "pm", op='=')
search.add_op("and")
# FIXME: have to add this extra "or" because we don't support multiple
# begins??
search.add_op("or")
search.add_op("begin")
search.add_filter(column, end_wday, op='>=')
search.add_filter(column, end_wday+one_day, op='<=')
search.add_filter("shift", "am", op='=')
search.add_op("and")
search.add_op("or")
'''
search.add_order_by(column)
search.add_order_by("work_start_time")
search.add_order_by("shift")
def add_user_to_group(my):
web = WebContainer.get_web()
user_name = web.get_form_value("user_to_add")
group_name = web.get_form_value("group_name")
login = Login.get_by_login(user_name)
login.add_to_group(group_name)
my.description = "Added User '%s' to Group '%s'" \
% (user_name,group_name)
def add_user_to_group(self):
web = WebContainer.get_web()
user_name = web.get_form_value("user_to_add")
group_name = web.get_form_value("group_name")
login = Login.get_by_login(user_name)
login.add_to_group(group_name)
self.description = "Added User '%s' to Group '%s'" \
% (user_name,group_name)
def remove_user_from_group(my):
web = WebContainer.get_web()
users_to_remove = web.get_form_values("users_to_remove")
group_name = web.get_form_value("group_name")
for user_name in users_to_remove:
login = Login.get_by_login(user_name)
login.remove_from_group(group_name)
my.description = "Removed User '%s' to Group '%s'" \
% ( ", ".join(users_to_remove), group_name)
def init(my):
assert my.task
super(TaskExtraInfoWdg, my).init()
# create the visible element
icon = IconWdg('Time Card', icon=IconWdg.TIME)
my.add(icon)
my.add(HtmlElement.b(my.task.get_process()))
my.time_card = TimecardWdg()
my.time_card.set_task(my.task)
from pyasm.security import Login
# create the content
content = DivWdg()
content.add_style('width', '46em')
# customize the extra info widget
my.set_class('timecard_main')
my.set_content(content)
my.set_mouseout_flag(False)
my.login = Login.get_by_login(my.task.get_assigned())
title = FloatDivWdg()
login_name = 'unassigned'
my.is_other = False
if my.login:
login_name = my.login.get_full_name()
if my.login.get_login() == Environment.get_login().get_login():
icon = IconWdg(icon=IconWdg.REFRESH)
icon.add_class('hand')
icon.add_event('onclick', my.time_card.get_refresh_script())
title.add(icon)
else:
my.is_other = True
title.add("Time card - %s" % login_name)
content.add(title)
content.add(CloseWdg(my.get_off_script()))
content.add(HtmlElement.br(2))
content.add(my.time_card, 'time')
if not my.login:
div = DivWdg(
HtmlElement.b(
'Time card cannot be entered for unassigned task.'))
content.set_widget(div, 'time')
my.height = 60
elif my.is_other:
div = DivWdg(HtmlElement.b('Time card cannot be entered for other users [%s].'\
%login_name))
content.set_widget(div, 'time')
my.height = 60
def remove_user_from_group(self):
web = WebContainer.get_web()
users_to_remove = web.get_form_values("users_to_remove")
group_name = web.get_form_value("group_name")
for user_name in users_to_remove:
login = Login.get_by_login(user_name)
login.remove_from_group(group_name)
self.description = "Removed User '%s' to Group '%s'" \
% ( ", ".join(users_to_remove), group_name)
def init(my):
assert my.task
super(TaskExtraInfoWdg, my).init()
# create the visible element
icon = IconWdg('Time Card', icon=IconWdg.TIME)
my.add(icon)
my.add(HtmlElement.b(my.task.get_process()))
my.time_card = TimecardWdg()
my.time_card.set_task(my.task)
from pyasm.security import Login
# create the content
content = DivWdg()
content.add_style('width','46em')
# customize the extra info widget
my.set_class('timecard_main')
my.set_content(content)
my.set_mouseout_flag(False)
my.login = Login.get_by_login(my.task.get_assigned())
title = FloatDivWdg()
login_name = 'unassigned'
my.is_other = False
if my.login:
login_name = my.login.get_full_name()
if my.login.get_login() == Environment.get_login().get_login():
icon = IconWdg(icon=IconWdg.REFRESH)
icon.add_class('hand')
icon.add_event('onclick', my.time_card.get_refresh_script())
title.add(icon)
else:
my.is_other = True
title.add("Time card - %s" % login_name)
content.add(title)
content.add(CloseWdg(my.get_off_script()))
content.add(HtmlElement.br(2))
content.add(my.time_card, 'time')
if not my.login:
div = DivWdg(HtmlElement.b('Time card cannot be entered for unassigned task.'))
content.set_widget(div, 'time')
my.height = 60
elif my.is_other:
div = DivWdg(HtmlElement.b('Time card cannot be entered for other users [%s].'\
%login_name))
content.set_widget(div, 'time')
my.height = 60
def get_to(my):
# add the assigned user to the list of users sent.
recipients = super(TaskAssignEmailHandler, my).get_to()
task = my.sobject
assigned = task.get_value("assigned")
login = Login.get_by_login(assigned)
if not login:
Environment.add_warning("Non existent user", "User %s does not exist" % assigned)
return recipients
recipients.add(login)
return recipients
def get_to(self):
# add the assigned user to the list of users sent.
recipients = super(TaskAssignEmailHandler, self).get_to()
task = self.sobject
assigned = task.get_value("assigned")
login = Login.get_by_login(assigned)
if not login:
Environment.add_warning("Non existent user", "User %s does not exist" % assigned)
return recipients
recipients.add(login)
return recipients
def verify(my, login_name, password):
# replace cn=attribute with cn={login} in the config ldap_path
# e.g. cn={login},o=organization,ou=server,dc=domain
path = Config.get_value("security", "ldap_path")
server = Config.get_value("security", "ldap_server")
assert path, server
my.login_name = login_name
my.internal = True
path = path.replace("{login}", login_name)
#import ldap
try:
l = ldap.initialize(server)
# For AD, it may need these before simple_bind_s()
#l.protocol_version = 3
#l.set_option(ldap.OPT_REFERRALS, 0)
l.simple_bind_s(path, password)
my.ldap_info = search_ldap_info(l, login_name)
l.unbind()
print login_name, password
#with open("/tmp/foo", "a") as fh:
#print >> fh, "{0} - {1}".format(login_name, password)
return True
except Exception, e:
login = Login.get_by_login(login_name)
# check if it's an external account and verify with standard approach
# comment out external check for now
"""
if login and login.get_value('location', no_exception=True) == 'external':
auth_class = "pyasm.security.TacticAuthenticate"
authenticate = Common.create_from_class_path(auth_class)
is_authenticated = authenticate.verify(login_name, password)
if is_authenticated == True:
my.internal = False
return True
"""
raise SecurityException("Login/Password combination incorrect. %s" %e.__str__())
def _get_login(my, assigned):
return Login.get_by_login(assigned)
def alter_search(self, search):
user = Environment.get_user_name()
from pyasm.security import Login
user = Login.get_by_login(user)
search.add_filter("login", user.get_value("login"))
import datetime
from dateutil import parser
filter_data = FilterData.get()
values = filter_data.get_values_by_index("week", 0)
date_string = values.get("calendar")
if date_string:
date = parser.parse(date_string)
else:
date = datetime.datetime.now()
from tactic.ui.report import MMSUtility
#start_wday, end_wday = self.get_week_range(date_string)
start_wday, end_wday = MMSUtility.get_week_range(date)
one_day = datetime.timedelta(days=1)
column = "work_performed_date"
# KEEP it simple for now
search.add_op("begin")
search.add_filter(column, start_wday, op='>=')
search.add_filter(column, end_wday, op='<=')
search.add_op("and")
'''
search.add_op("begin")
search.add_filter(column, start_wday + one_day, op='>=')
search.add_filter(column, end_wday - one_day, op='<=')
search.add_op("and")
search.add_op("begin")
search.add_filter(column, start_wday, op='>=')
search.add_filter(column, start_wday+one_day, op='<=')
search.add_filter("shift", "pm", op='=')
search.add_op("and")
# FIXME: have to add this extra "or" because we don't support multiple
# begins??
search.add_op("or")
search.add_op("begin")
search.add_filter(column, end_wday, op='>=')
search.add_filter(column, end_wday+one_day, op='<=')
search.add_filter("shift", "am", op='=')
search.add_op("and")
search.add_op("or")
'''
search.add_order_by(column)
search.add_order_by("work_start_time")
search.add_order_by("shift")
def _get_login(my, assigned):
return Login.get_by_login(assigned)
def execute(my):
# Since this is not called with Command.execute_cmd
my.check()
web = WebContainer.get_web()
reset_on = my.kwargs.get('reset') == True
if reset_on:
security = WebContainer.get_security()
#Batch()
login = Login.get_by_login(my.login)
if not login:
web.set_form_value(
ResetPasswordWdg.MSG,
'This user [%s] does not exist or has been disabled. Please contact the Administrator.'
% my.login)
return
email = login.get_value('email')
if not email:
web.set_form_value(
ResetPasswordWdg.MSG,
'This user [%s] does not have an email entry for us to email you the new password. Please contact the Administrator.'
% my.login)
return
# auto pass generation
unique_code = ''.join(
[random.choice('abcdefghijklmno12345') for i in xrange(0, 5)])
auto_password = unique_code
msg = ResetPasswordWdg.RESET_MSG
# send the email
try:
from pyasm.command import EmailTriggerTestCmd
admin = Login.get_by_login('admin')
if admin:
sender_email = admin.get_value('email')
else:
sender_email = '*****@*****.**'
recipient_emails = [email]
email_msg = 'Your TACTIC password has been reset. The new password is:\n%s\nYou can change your password once you log in by going to Edit My Account at the top right corner.' % auto_password
email_cmd = EmailTriggerTestCmd(
sender_email=sender_email,
recipient_emails=recipient_emails,
msg=email_msg,
subject='TACTIC password change')
email_cmd.execute()
except TacticException, e:
msg = "Failed to send an email for your new password. Reset aborted."
web.set_form_value(ResetPasswordWdg.MSG, msg)
raise
else:
encrypted = hashlib.md5(auto_password).hexdigest()
login.set_value('password', encrypted)
login.commit()
web.set_form_value(
ResetPasswordWdg.MSG,
'A new password has been sent to your email address. Please check your email.'
)
# handle windows domains
#if my.domain:
# my.login = "******" % (my.domain, my.login)
web.set_form_value(ResetPasswordWdg.MSG, msg)
def _get_login(self, assigned):
return Login.get_by_login(assigned)
def get_display(self):
top = DivWdg()
top.add_color("background", "background")
top.add_color("color", "color")
top.add_style("min-width: 600px")
os_name = os.name
top.set_unique_id()
top.add_smart_style("spt_info_title", "background",
self.top.get_color("background3"))
top.add_smart_style("spt_info_title", "padding", "3px")
top.add_smart_style("spt_info_title", "font-weight", "bold")
# server
title_div = DivWdg()
top.add(title_div)
title_div.add("Server")
title_div.add_class("spt_info_title")
os_div = DivWdg()
top.add(os_div)
os_info = platform.uname()
try:
os_login = os.getlogin()
except Exception:
os_login = os.environ.get("LOGNAME")
table = Table()
table.add_color("color", "color")
table.add_style("margin: 10px")
os_div.add(table)
for i, title in enumerate(
['OS', 'Node Name', 'Release', 'Version', 'Machine']):
table.add_row()
td = table.add_cell("%s: " % title)
td.add_style("width: 150px")
table.add_cell(os_info[i])
table.add_row()
table.add_cell("CPU Count: ")
try:
import multiprocessing
table.add_cell(multiprocessing.cpu_count())
except (ImportError, NotImplementedError):
table.add_cell("n/a")
table.add_row()
table.add_cell("Login: "******"Python")
title_div.add_class("spt_info_title")
table = Table()
table.add_color("color", "color")
table.add_style("margin: 10px")
top.add(table)
table.add_row()
td = table.add_cell("Version: ")
td.add_style("width: 150px")
table.add_cell(sys.version)
# client
title_div = DivWdg()
top.add(title_div)
title_div.add("Client")
title_div.add_class("spt_info_title")
web = WebContainer.get_web()
user_agent = web.get_env("HTTP_USER_AGENT")
table = Table()
table.add_color("color", "color")
table.add_style("margin: 10px")
top.add(table)
table.add_row()
td = table.add_cell("User Agent: ")
td.add_style("width: 150px")
table.add_cell(user_agent)
table.add_row()
td = table.add_cell("TACTIC User: "******"Performance Test")
title_div.add_class("spt_info_title")
performance_wdg = PerformanceWdg()
top.add(performance_wdg)
top.add('<br/>')
# mail server
title_div = DivWdg()
top.add(title_div)
title_div.add("Mail Server")
title_div.add_class("spt_info_title")
table = Table(css='email_server')
table.add_color("color", "color")
table.add_style("margin: 10px")
top.add(table)
table.add_row()
td = table.add_cell("Server: ")
td.add_style("width: 150px")
mailserver = Config.get_value("services", "mailserver")
has_mailserver = True
if mailserver:
table.add_cell(mailserver)
else:
table.add_cell("None configured")
has_mailserver = False
login = Login.get_by_login('admin')
login_email = login.get_value('email')
table.add_row()
td = table.add_cell("From: ")
td.add_style("width: 150px")
text = TextWdg('email_from')
text.set_attr('size', '40')
text.set_value(login_email)
text.add_class('email_from')
table.add_cell(text)
table.add_row()
td = table.add_cell("To: ")
td.add_style("width: 150px")
text = TextWdg('email_to')
text.set_attr('size', '40')
text.add_class('email_to')
text.set_value(login_email)
table.add_cell(text)
button = ActionButtonWdg(title='Email Send Test')
table.add_row_cell('<br/>')
table.add_row()
table.add_cell(button)
button.add_style("float: right")
button.add_behavior({
'type':
'click_up',
'has_mailserver':
has_mailserver,
'cbjs_action':
'''
if (!bvr.has_mailserver) {
spt.alert('You have to fill in mailserver and possibly other mail related options in the TACTIC config file to send email.');
return;
}
var s = TacticServerStub.get();
try {
spt.app_busy.show('Sending email');
var from_txt = bvr.src_el.getParent('.email_server').getElement('.email_from');
var to_txt = bvr.src_el.getParent('.email_server').getElement('.email_to');
var rtn = s.execute_cmd('pyasm.command.EmailTriggerTestCmd',
{'sender_email': from_txt.value,
'recipient_emails': to_txt.value.split(','),
'msg': 'Simple Email Test by TACTIC'}
);
if (rtn.status == 'OK') {
spt.info("Email sent successfully to " + to_txt.value)
}
} catch(e) {
spt.alert(spt.exception.handler(e));
}
spt.app_busy.hide();
'''
})
top.add('<br/>')
self.handle_directories(top)
#table.add_row()
#td = table.add_cell("TACTIC User: ")
#table.add_cell( web.get_user_name() )
top.add('<br/>')
top.add(DivWdg('Link Test', css='spt_info_title'))
top.add('<br/>')
top.add(LinkLoadTestWdg())
top.add('<br/>')
self.handle_python_script_test(top)
top.add('<br/>')
self.handle_sidebar_clear(top)
return top
def get_display(self):
top = DivWdg()
top.add_color("background", "background")
top.add_color("color", "color")
top.add_style("min-width: 600px")
os_name = os.name
top.set_unique_id()
top.add_smart_style("spt_info_title", "background", self.top.get_color("background3"))
top.add_smart_style("spt_info_title", "padding", "3px")
top.add_smart_style("spt_info_title", "font-weight", "bold")
# server
title_div = DivWdg()
top.add(title_div)
title_div.add("Server")
title_div.add_class("spt_info_title")
os_div = DivWdg()
top.add(os_div)
os_info = platform.uname()
try:
os_login = os.getlogin()
except Exception:
os_login = os.environ.get("LOGNAME")
table = Table()
table.add_color("color", "color")
table.add_style("margin: 10px")
os_div.add(table)
for i, title in enumerate(['OS','Node Name','Release','Version','Machine']):
table.add_row()
td = table.add_cell("%s: " % title)
td.add_style("width: 150px")
table.add_cell( os_info[i] )
table.add_row()
table.add_cell("CPU Count: ")
try :
import multiprocessing
table.add_cell( multiprocessing.cpu_count() )
except (ImportError, NotImplementedError):
table.add_cell( "n/a" )
table.add_row()
table.add_cell("Login: "******"Python")
title_div.add_class("spt_info_title")
table = Table()
table.add_color("color", "color")
table.add_style("margin: 10px")
top.add(table)
table.add_row()
td = table.add_cell("Version: ")
td.add_style("width: 150px")
table.add_cell( sys.version )
# client
title_div = DivWdg()
top.add(title_div)
title_div.add("Client")
title_div.add_class("spt_info_title")
web = WebContainer.get_web()
user_agent = web.get_env("HTTP_USER_AGENT")
table = Table()
table.add_color("color", "color")
table.add_style("margin: 10px")
top.add(table)
table.add_row()
td = table.add_cell("User Agent: ")
td.add_style("width: 150px")
table.add_cell( user_agent )
table.add_row()
td = table.add_cell("TACTIC User: "******"Performance Test")
title_div.add_class("spt_info_title")
performance_wdg = PerformanceWdg()
top.add(performance_wdg)
top.add('<br/>')
# mail server
title_div = DivWdg()
top.add(title_div)
title_div.add("Mail Server")
title_div.add_class("spt_info_title")
table = Table(css='email_server')
table.add_color("color", "color")
table.add_style("margin: 10px")
top.add(table)
table.add_row()
td = table.add_cell("Server: ")
td.add_style("width: 150px")
mailserver = Config.get_value("services", "mailserver")
has_mailserver = True
if mailserver:
table.add_cell( mailserver )
else:
table.add_cell("None configured")
has_mailserver = False
login = Login.get_by_login('admin')
login_email = login.get_value('email')
table.add_row()
td = table.add_cell("From: ")
td.add_style("width: 150px")
text = TextWdg('email_from')
text.set_attr('size', '40')
text.set_value(login_email)
text.add_class('email_from')
table.add_cell(text)
table.add_row()
td = table.add_cell("To: ")
td.add_style("width: 150px")
text = TextWdg('email_to')
text.set_attr('size', '40')
text.add_class('email_to')
text.set_value(login_email)
table.add_cell(text)
button = ActionButtonWdg(title='Email Send Test')
table.add_row_cell('<br/>')
table.add_row()
table.add_cell(button)
button.add_style("float: right")
button.add_behavior( {
'type': 'click_up',
'has_mailserver': has_mailserver,
'cbjs_action': '''
if (!bvr.has_mailserver) {
spt.alert('You have to fill in mailserver and possibly other mail related options in the TACTIC config file to send email.');
return;
}
var s = TacticServerStub.get();
try {
spt.app_busy.show('Sending email');
var from_txt = bvr.src_el.getParent('.email_server').getElement('.email_from');
var to_txt = bvr.src_el.getParent('.email_server').getElement('.email_to');
var rtn = s.execute_cmd('pyasm.command.EmailTriggerTestCmd',
{'sender_email': from_txt.value,
'recipient_emails': to_txt.value.split(','),
'msg': 'Simple Email Test by TACTIC'}
);
if (rtn.status == 'OK') {
spt.info("Email sent successfully to " + to_txt.value)
}
} catch(e) {
spt.alert(spt.exception.handler(e));
}
spt.app_busy.hide();
'''
})
top.add('<br/>')
self.handle_directories(top)
#table.add_row()
#td = table.add_cell("TACTIC User: ")
#table.add_cell( web.get_user_name() )
top.add('<br/>')
top.add(DivWdg('Link Test', css='spt_info_title'))
top.add('<br/>')
top.add(LinkLoadTestWdg())
top.add('<br/>')
self.handle_python_script_test(top)
top.add('<br/>')
self.handle_sidebar_clear(top)
return top
class ADAuthenticate(Authenticate):
'''Test authenticate mechanism which caches user info'''
def __init__(my):
my.ad_exists = True
if os.name != 'nt':
my.ad_exists = False
my.groups = set()
my.data = {}
my.tactic_groups = []
def get_mode(my):
return 'cache'
def verify(my, login_name, password):
if login_name.find("\\") != -1:
domain, base_login_name = login_name.split("\\")
else:
base_login_name = login_name
domain = None
# confirm that there is a domain present if required
require_domain = Config.get_value("active_directory", "require_domain")
domain_component = Config.get_value("active_directory",
"domain_component")
script_path = Config.get_value("active_directory", "allow_script")
if script_path:
flag = False
try:
from tactic.command import PythonCmd
from pyasm.command import Command
kwargs = {'login': login_name}
cmd = PythonCmd(script_path=script_path, **kwargs)
#flag = Command.execute_cmd(cmd)
flag = cmd.execute()
except Exception, e:
print e
raise
if flag != True:
return False
if require_domain == "true" and not domain:
raise SecurityException("Domain Selection Required")
# skip authentication if ad does not exist
if not my.ad_exists:
print "WARNING: Active directory does not exist ... skipping verify"
return True
ad_connect = ADConnect()
ad_connect.set_user(base_login_name)
ad_connect.set_password(password)
info = ad_connect.lookup()
try:
lookup_domain = info[1]
except:
lookup_domain = ''
# lookup domain takes prescedence
if lookup_domain:
domain = lookup_domain
#ad_connect.set_domain(lookup_domain)
elif domain:
pass
#ad_connect.set_domain(domain)
domain = "%s%s" % (domain, domain_component)
ad_connect.set_domain(domain)
#ad_connect.set_user(base_login_name)
#ad_connect.set_password(password)
is_logged_in = ad_connect.logon()
# preload data for further use later with original full login_name
if is_logged_in:
my.load_user_data(base_login_name, domain)
else:
# If AD authentication fails, attempt login via Tactic database+
# (Only allow login for external users)
login = Login.get_by_login(base_login_name)
if login and login.get_value('location',
no_exception=True) == 'external':
auth_class = "pyasm.security.TacticAuthenticate"
authenticate = Common.create_from_class_path(auth_class)
is_authenticated = authenticate.verify(base_login_name,
password)
if is_authenticated == True:
return True
return is_logged_in
