def ajax_ldap_pop_name_mail(request, cn): try: lists = dict() # Get user auth = AuthSession(request.session) ldap_user = Ldap(auth).get_user(cn) lists['ldap_name'] = '%s %s %s' % (ldap_user['givenName'], ldap_user.get('initials', ''), ldap_user['sn']) lists['ldap_email'] = ldap_user['mail'] lists['error'] = ' ' response = HttpResponse(loader.render_to_string( AJAX_LDAP_USER_POP_NAME_MAIL, lists, context_instance=RequestContext(request))) #render_to_response_ajax(AJAX_LDAP_USER_POP_NAME_MAIL, lists, context_instance=RequestContext(request)) response.status_code = 200 return response except LDAPError, e: logger.error("LDAP Error on ajax_ldap_pop_name_mail %s" % e) lists['ldap_name'] = ' ' lists['ldap_email'] = ' ' lists[ 'error'] = 'O LDAP não está disponível, não será possível associar o usuário CadVlan a um usuário do LDAP.'
def generate_token(request): try: lists = {} form = forms.GenerateTokenForm( request.POST) if request.method == 'POST' else forms.GenerateTokenForm() if form.is_valid(): user_ldap_ass = "" user = str(form.cleaned_data['user']) idt = None if not form.cleaned_data[ 'requestVip'] else form.cleaned_data['requestVip'] ttl = ACCESS_EXTERNAL_TTL if not form.cleaned_data[ 'p'] else form.cleaned_data['p'] # Login with LDAP if form.cleaned_data['is_ldap_user']: username_ldap, password_ldap = str(user).split("@") try: user_ldap = Ldap("").get_user(username_ldap) except LDAPNotFoundError, e: raise Exception(auth_messages.get("user_ldap_not_found")) pwd_ldap = user_ldap['userPassword'] activate = user_ldap.get('nsaccountlock') pwd = password_ldap if re.match("\{(MD|md)5\}.*", pwd_ldap, 0): pwd = base64.b64encode(hashlib.md5(pwd).digest()) pwd_ldap = pwd_ldap[pwd_ldap.index("}") + 1:] if pwd == pwd_ldap and (activate is None or activate.upper() == 'FALSE'): # Valid User client, client_user = facade.validate_user_networkapi( user, form.cleaned_data['is_ldap_user']) user_ldap_client = client_user.get('user') user_ldap_ass = user_ldap_client['user_ldap'] else: client_user = None else: # Valid User client, client_user = facade.validate_user_networkapi( user, form.cleaned_data['is_ldap_user']) # Valid User if client_user is None: raise UserNotAuthenticatedError("user_invalid") else: # Valid idt if idt is not None and not is_valid_int_param(idt): raise Exception( error_messages.get("invalid_param") % "requestVip") # Valid ttl if not is_valid_int_param(ttl): raise Exception(error_messages.get("invalid_param") % "p") if idt is not None: client.create_vip().get_by_id(idt) # Encrypt hash user_hash = Encryption().Encrypt(user + "@" + str(user_ldap_ass)) # Get Authenticate User authenticate_user = client_user.get('user') # Get Permissions by Authenticate User permissions = authenticate_user and authenticate_user.get('permission') # Generates token key = "%s:%s:%s" % (__name__, str(user), str(strftime("%Y%m%d%H%M%S"))) token = hashlib.sha1(key).hexdigest() data_to_cache = {"user_hash": user_hash, "permissions": permissions} # Set token in cache cache.set(token, data_to_cache, int(ttl)) lists["token"] = token if idt is not None: lists["url"] = reverse("vip-request.edit.external", args=[idt]) else: lists["url"] = reverse("vip-request.form.external") return render_to_response(templates.VIPREQUEST_TOKEN, lists, context_instance=RequestContext(request)) except InvalidParameterError, e: logger.error(e) lists["error"] = error_messages.get("invalid_param") % "id"
def generate_token(request): try: lists = {} form = forms.GenerateTokenForm( request.POST ) if request.method == 'POST' else forms.GenerateTokenForm() if form.is_valid(): user_ldap_ass = "" user = str(form.cleaned_data['user']) idt = None if not form.cleaned_data[ 'requestVip'] else form.cleaned_data['requestVip'] ttl = ACCESS_EXTERNAL_TTL if not form.cleaned_data[ 'p'] else form.cleaned_data['p'] # Login with LDAP if form.cleaned_data['is_ldap_user']: username_ldap, password_ldap = str(user).split("@") try: user_ldap = Ldap("").get_user(username_ldap) except LDAPNotFoundError, e: raise Exception(auth_messages.get("user_ldap_not_found")) pwd_ldap = user_ldap['userPassword'] activate = user_ldap.get('nsaccountlock') pwd = password_ldap if re.match("\{(MD|md)5\}.*", pwd_ldap, 0): pwd = base64.b64encode(hashlib.md5(pwd).digest()) pwd_ldap = pwd_ldap[pwd_ldap.index("}") + 1:] if pwd == pwd_ldap and (activate is None or activate.upper() == 'FALSE'): # Valid User client, client_user = facade.validate_user_networkapi( user, form.cleaned_data['is_ldap_user']) user_ldap_client = client_user.get('user') user_ldap_ass = user_ldap_client['user_ldap'] else: client_user = None else: # Valid User client, client_user = facade.validate_user_networkapi( user, form.cleaned_data['is_ldap_user']) # Valid User if client_user is None: raise UserNotAuthenticatedError("user_invalid") else: # Valid idt if idt is not None and not is_valid_int_param(idt): raise Exception( error_messages.get("invalid_param") % "requestVip") # Valid ttl if not is_valid_int_param(ttl): raise Exception(error_messages.get("invalid_param") % "p") if idt is not None: client.create_vip().get_by_id(idt) # Encrypt hash user_hash = Encryption().Encrypt(user + "@" + str(user_ldap_ass)) # Get Authenticate User authenticate_user = client_user.get('user') # Get Permissions by Authenticate User permissions = authenticate_user and authenticate_user.get( 'permission') # Generates token key = "%s:%s:%s" % (__name__, str(user), str(strftime("%Y%m%d%H%M%S"))) token = hashlib.sha1(key).hexdigest() data_to_cache = { "user_hash": user_hash, "permissions": permissions } # Set token in cache cache.set(token, data_to_cache, int(ttl)) lists["token"] = token if idt is not None: lists["url"] = reverse("vip-request.edit.external", args=[idt]) else: lists["url"] = reverse("vip-request.form.external") return render_to_response(templates.VIPREQUEST_TOKEN, lists, context_instance=RequestContext(request)) except InvalidParameterError, e: logger.error(e) lists["error"] = error_messages.get("invalid_param") % "id"