def to_user(self, result):
'''Creates and returns a Fcombine UserProfile object based on the
user's attributes stored within the LDAP server'''
log(3, "LDAP add user, entry=%s" % str(entry))
entry = result.entry
userprofile = UserProfile()
userprofile.user = User()
entry_attrs = entry[1]
server_type = self.get_server_type()
mapper = self.get_mapper(server_type)(entry_attrs)
for attr in self.USER_PROFILE_ATTRS:
value = getattr(mapper, "map_%s" % attr)()
log(6, "Setting %s to %s" % (attr, value))
setattr(userprofile, attr, value)
for attr in self.USER_ATTRS:
value = getattr(mapper, "map_%s" % attr)()
log(6, "Setting %s to %s" % (attr, value))
setattr(userprofile.user, attr, value)
return userprofile
def to_user(self, entry):
"""Creates a basic Fcombine UserProfile object based on credentials"""
log(3, "RADIUS add user, entry=%s" % str(entry))
userprofile = UserProfile()
userprofile.user = User()
userprofile.user.username = entry
return userprofile
admin_user.username = "******"
admin_user.email = "*****@*****.**"
admin_user.is_staff = True
admin_user.is_superuser = True
admin_user.set_password("fcombine")
admin_user.save()
# create an AuthServer object for the admin user
local_dir_server = LocalDirectoryServer()
local_dir_server.save()
local_auth_server = LocalAuthServer()
local_auth_server.directory_server = local_dir_server
local_auth_server.save()
# create admin's UserProfile
admin_userprofile = UserProfile()
admin_userprofile.auth_server = local_auth_server
admin_userprofile.user = admin_user
admin_userprofile.save()
# create stock configuration
configuration = Configuration()
configuration.device_name = "fcombine"
configuration.ip_address = "192.168.0.1"
configuration.subnet_mask = "255.255.255.0"
configuration.save()
if create_test_db:
print "** Adding test objects to Fcombine database **"
print "Creating local user: localuser"
def authenticate_user(self, username, password):
# This function will first try to authenticate the user. If it's
# successful, we will query the associated directory server to
# pull down user details. We don't care if the directory server
# returns nothing as it's just pretty user details etc.
# first see if we've already seen the user, that is, they are in
# the Fcombine database
try:
user = User.objects.get(username=username)
authenticator = self.authenticators[user.userprofile.auth_server.id]
log(6, "User found in the database, authenticator = %d" % \
(user.userprofile.auth_server.id))
result = authenticator.authenticate(username, password)
# TODO: do we need to synchronize the user/userprofile objects
# here?
return result.code
except User.DoesNotExist:
pass
# if we're here, it's possible the user does exist, but is not in the
# database yet, ie, they are in the process of being imported into the
# database which may be a slow operation as it is serialised.
# authenticate the user against each server until we're successful with
# one, or none. We handle potential duplication of usernames across
# different directory servers at the import phase in that we raise an
# error if an admin tries to import a user whos username already exists
# on the Fcombine.
result_queue = Queue()
auth_threads = []
for auth_server_id, authenticator in self.authenticators.items():
log(6, "Thread count = %d" % len(auth_threads))
# TODO: make sure this doesn't cause memory problems if a server
# goes down. We should probably track if a server is having
# problems so we can rate limit authentication
auth_thread = AuthenticatorThread(authenticator, auth_server_id, \
result_queue, username, password)
auth_threads.append(auth_thread)
auth_thread.start()
failed = False
user = User()
user_profile = UserProfile()
for i in xrange(len(auth_threads)):
result = result_queue.get()
log(6, "Got result from queue")
if result.is_successful():
# insert the user into our database now.
# look up the auth server and directory server for this user
auth_server = AuthServer.objects.get(id=result.auth_server_id)
dir_server_id = auth_server.directory_server.id
directory_queryer = self.directory_queryers[dir_server_id]
# look up the user in the directory
#user_profile = result.authenticator.to_user(result.entry)
try:
user_profile = directory_queryer.lookup(result)
# save the user profile
user_profile.auth_server = auth_server
user_profile.user.save()
user_profile.save()
except DirectoryQueryException, ex:
log(2, "DirectoryQueryException: %s" % str(ex))
return result.code
if result.is_failure() == False:
failed = True
