def __load_ldap_connection(self, ldap):
try:
if self.config.__getattribute__(ldap).is_active:
from gluon.contrib.login_methods.ldap_auth import ldap_auth
if self.config.auth.auth_local_database:
self.auth.settings.login_methods.append(
ldap_auth(
mode=self.config.__getattribute__(ldap).mode,
secure=self.config.__getattribute__(ldap).secure,
server=self.config.__getattribute__(ldap).server,
port=self.config.__getattribute__(ldap).port,
base_dn=self.config.__getattribute__(ldap).base_dn,
allowed_groups=self.config.__getattribute__(ldap).allowed_groups,
group_dn=self.config.__getattribute__(ldap).group_dn,
group_name_attrib=self.config.__getattribute__(ldap).group_name_attrib,
group_member_attrib=self.config.__getattribute__(ldap).group_member_attrib,
group_filterstr=self.config.__getattribute__(ldap).group_filterstr,
manage_user=True,
user_firstname_attrib="cn:1",
user_lastname_attrib="cn:2",
user_mail_attrib="mail",
db=self.db,
)
)
else:
self.auth.settings.login_methods = [
(
ldap_auth(
mode=self.config.__getattribute__(ldap).mode,
secure=self.config.__getattribute__(ldap).secure,
server=self.config.__getattribute__(ldap).server,
port=self.config.__getattribute__(ldap).port,
base_dn=self.config.__getattribute__(ldap).base_dn,
allowed_groups=self.config.__getattribute__(ldap).allowed_groups,
group_dn=self.config.__getattribute__(ldap).group_dn,
group_name_attrib=self.config.__getattribute__(ldap).group_name_attrib,
group_member_attrib=self.config.__getattribute__(ldap).group_member_attrib,
group_filterstr=self.config.__getattribute__(ldap).group_filterstr,
manage_user=True,
user_firstname_attrib="cn:1",
user_lastname_attrib="cn:2",
user_mail_attrib="mail",
db=self.db,
)
)
]
except Exception as e:
# from log import logger
# logger.warning("Not possible to connect to LDAP.")
raise PRETTYHTTP(500, e)
# -*- coding: utf-8 -*-
from gluon.tools import Auth, Service, PluginManager
from gluon.contrib.login_methods.ldap_auth import ldap_auth
from datetime import *
import os
db = DAL("postgres://*****:*****@localhost/cbvusb")
auth = Auth(db, host_names=myconf.get('host.names'))
service = Service()
plugins = PluginManager()
auth.settings.login_methods.append(
ldap_auth(server='bomberos.usb.ve',
base_dn='ou=users,dc=bomberos,dc=usb,dc=ve'))
auth.settings.table_user_name = 'usuario'
auth.settings.extra_fields['usuario'] = [
Field('disable', type='boolean', default=False),
Field('confirmed', type='boolean', default=False)
]
auth.define_tables(username=True, signature=False, migrate="db.usuario")
auth.settings.create_user_groups = None
auth.settings.actions_disabled.append('register')
#auth.settings.actions_disabled.append('request_reset_password')
# -------------------------------------------------------------------------
# create all tables needed by auth if not custom tables
# -------------------------------------------------------------------------
current.proj = proj
## create all tables needed by auth if not custom tables
auth.define_tables(username=True, signature=False)
auth.settings.actions_disabled = [
'register',
'retrieve_username',
'profile',
'lost_password'
]
db.auth_user.username.label = 'CPF'
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods=[ldap_auth(mode='uid', server='ldap.unirio.br', base_dn='ou=people,dc=unirio,dc=br')]
db.define_table(
'edicao',
Field('nome', 'string', notnull=True, required=True, label='Edital*'),
Field('dt_inicial', 'date', notnull=True, required=True, label='Data inicial de registro*'),
Field('dt_conclusao', 'date', notnull=True, required=True, label="Data final de registro*"),
Field('dt_inicial_projeto', 'date', notnull=True, required=True, label='Data inicial do projeto*'),
Field('dt_conclusao_projeto', 'date', notnull=True, required=True, label="Data final do projeto*"),
Field('dt_inicial_bolsistas', 'date', notnull=True, required=True, label="Data inicial de registro de bolsistas"),
Field('dt_conclusao_bolsistas', 'date', required=True, label="Data final de registro de bolsistas"),
Field('disciplinas_obrigatorias', 'boolean', notnull=True, required=True, label='Mostrar somente disciplinas obrigatórias?*')
)
db.define_table(
'projetos',
## >>> db.define_table('mytable',Field('myfield','string'))
##
## Fields can be 'string','text','password','integer','double','boolean'
## 'date','time','datetime','blob','upload', 'reference TABLENAME'
## There is an implicit 'id integer autoincrement' field
## Consult manual for more options, validators, etc.
##
## More API examples for controllers:
##
## >>> db.mytable.insert(myfield='value')
## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL)
## >>> for row in rows: print row.id, row.myfield
#########################################################################
import applications.controlies.modules.LdapConnection as LdapConnection
auth.settings.login_methods=[ldap_auth( server='localhost', base_dn='ou=People,dc=instituto,dc=extremadura,dc=es',secure=LdapConnection.ldap_secure,cert_path=LdapConnection.ldap_cert,mode='cn')]
#########################################################
#
# Global functions
#
#########################################################
prod = cache.ram('prod', lambda : bool(os.environ.get('PRODUCTION')), time_expire=5000)
if prod == False:
#
# Development environment
#
log_level = logging.DEBUG
from gluon import current
from gluon.contrib.login_methods.ldap_auth import ldap_auth
from gluon.tools import Auth, Service, Crud
from datetime import datetime
# Dummy code to enable code completion in IDE's. Can be removed at production apps
if 0:
datasource = DAL()
current.datasource = datasource
current.db = db
auth = Auth(globals(), db) # authentication/authorization
auth.settings.login_methods = [
ldap_auth(mode='uid',
server='ldap.unirio.br',
base_dn='ou=people,dc=unirio,dc=br')
]
crud = Crud(globals(), db) # for CRUD helpers using auth
service = Service(globals()) # for json, xml, jsonrpc, xmlrpc, amfrpc
# # create all tables needed by auth if not custom tables
auth.define_tables(username=True)
auth.settings.everybody_group_id = 6
auth.settings.create_user_groups = False
auth.settings.actions_disabled = [
'register', 'retrieve_username', 'profile', 'lost_password'
]
db.auth_user.username.label = 'CPF'
Field('userid', 'string', required=True, unique=True),
Field('email', 'string', requires=IS_EMAIL()),
Field('faculty_privileges', 'integer', requires=IS_INT_IN_RANGE(0,1)),
Field('password', 'string', required=True),
Field('request_time', 'integer', requires=IS_INT_IN_RANGE(0,1)),
Field('approval_status', 'integer')
)
db.define_table('clone_requests',
Field('id', 'integer'),
Field('user', 'string', required=True),
Field('vm_id', 'string', required=True),
Field('clone_name', 'string'),
Field('full_clone', 'integer', requires=IS_INT_IN_RANGE(0,1)),
Field('request_time', 'integer', requires=IS_INT_IN_RANGE(0,1)),
Field('status', 'integer')
)
auth = Auth(db)
auth.define_tables(username=True)
auth.settings.login_methods.append(ldap_auth(mode='custom', username_attrib='uid',
custom_scope='subtree', server=ldap_host, base_dn=ldap_dn))
auth.settings.create_user_groups = False
auth.settings.login_onaccept = [login_callback]
#auth.settings.login_url = '/baadal/user/login.html'
auth.settings.remember_me_form = False
auth.settings.logout_next = '/baadal/default/user/login'
auth.settings.login_next = '/baadal/user/index'
#auth.settings.on_failed_authorization = '/baadal/default/404.html'
auth.signature,
format='%(eventName)s')
db.define_table('userTag',
Field('auth_user', db.auth_user, readable=False, writable=False),
Field('tag', db.tag))
db.define_table('eventTag',
Field('tag', db.tag),
Field('events', db.events))
## Fields can be 'string','text','password','integer','double','boolean'
## 'date','time','datetime','blob','upload', 'reference TABLENAME'
## There is an implicit 'id integer autoincrement' field
## Consult manual for more options, validators, etc.
##
## More API examples for controllers:
##
## >>> db.mytable.insert(myfield='value')
## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL)
## >>> for row in rows: print row.id, row.myfield
#########################################################################
## after defining tables, uncomment below to enable auditing
# auth.enable_record_versioning(db)
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods.append(ldap_auth(mode='uid_r', server='ldap.iiit.ac.in',
manage_user=True,
base_dn='OU=Users,DC=iiit,DC=ac,DC=in',
logging_level='debug',
user_firstname_attrib='cn:1',user_lastname_attrib='cn:2',user_mail_attrib='mail',db=db))
if settings.login_method == 'local' or settings.login_method == 'ldap': auth = Auth(db) elif settings.login_method == 'ldap': from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods=[(ldap_auth( mode=settings.ldap_mode, secure=settings.ldap_secure, server=settings.ldap_server, port=settings.ldap_port, base_dn=settings.ldap_base_dn, allowed_groups = settings.ldap_allowed_groups, group_dn = settings.ldap_group_dn, group_name_attrib = settings.ldap_group_name_attrib, group_member_attrib = settings.ldap_group_member_attrib, group_filterstr = settings.ldap_group_filterstr ))] elif settings.login_method == 'CAS': auth = Auth(db,cas_provider = settings.cas_provider) auth.settings.cas_actions['login']=settings.cas_actions_login auth.settings.cas_actions['validate']=settings.cas_actions_validate auth.settings.cas_actions['logout']=settings.cas_actions_logout
######################################################################### ## Prepare Auth ## ## Get auth defined, tables will be added later on ######################################################################### from gluon.tools import Auth from gluon.contrib.login_methods.ldap_auth import ldap_auth auth = Auth(globals(),db) # authentication/authorization auth.settings.create_user_groups = False auth.messages.label_remember_me = "Stay Logged In (for 30 days)" # RIT Ldap auth.settings.login_methods.append(ldap_auth(server='ldap.rit.edu', base_dn='ou=people,dc=rit,dc=edu')) ## Prepare Email System from gluon.tools import Mail mail=Mail() mail.settings.server = 'smtp.gmail.com:587' mail.settings.tls = True mail.settings.sender = '*****@*****.**' mail.settings.login = '******' auth.settings.mailer = mail auth.settings.registration_requires_verification = True auth.settings.registration_requires_approval = False auth.messages.verify_email = """Thanks for joining the innovation community at beta.innovation.rit.edu.
db.define_table(
"eventTag",
Field("tag", db.tag),
Field("isApproved", "integer", readable=False, writable=False, default=0),
Field("events", db.events),
)
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods.append(
ldap_auth(
mode="uid_r",
server="ldap.iiit.ac.in",
manage_user=True,
base_dn="OU=Users,DC=iiit,DC=ac,DC=in",
logging_level="debug",
user_firstname_attrib="cn:1",
user_lastname_attrib="cn:2",
user_mail_attrib="mail",
db=db,
)
)
# -------------------------------------------------------------------------
# Define your tables below (or better in another model file) for example
#
# >>> db.define_table('mytable', Field('myfield', 'string'))
#
# Fields can be 'string','text','password','integer','double','boolean'
# 'date','time','datetime','blob','upload', 'reference TABLENAME'
# There is an implicit 'id integer autoincrement' field
## - services (xml, csv, json, xmlrpc, jsonrpc, amf, rss)
## - old style crud actions
## (more options discussed in gluon/tools.py)
#########################################################################
from gluon.tools import Auth, Crud, Service, PluginManager, prettydate, Mail
auth = Auth(db)
crud, service, plugins = Crud(db), Service(), PluginManager()
auth.settings.create_user_groups=False
auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile']
auth.settings.remember_me_form = False
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods = [ldap_auth(mode='cn',
server='127.0.0.1',
port='389',
base_dn='DC=tlmariano,DC=com')]
## create all tables needed by auth if not custom tables
auth.settings.extra_fields['auth_user']= [
Field("tipo_rede", "string", length=128, default=""),
Field("token", "string", length=128, default=""),
Field("primeira_vez", "boolean", default=True),
]
# creates all needed tables
auth.define_tables(username=True, signature=False)
if not "auth_user" in db.tables:
db.define_table("auth_user",
auth.settings.mailer = mail
try:
# Allow login with ldap
from gluon.contrib.login_methods.ldap_auth import ldap_auth
# all we need is login
auth.settings.actions_disabled = [
'register', 'change_password', 'request_reset_password',
'retrieve_username'
]
# you don't have to remember me
auth.settings.remember_me_form = False
# Configura aplicacao para autenticar via LDAP
auth.settings.login_methods.append(
ldap_auth(db=db, **conf[env]['ldap']))
# redireciona depois do login
auth.settings.login_next = URL('projetos')
except Exception as e:
logger.error(str(e))
# import Gravatar
try:
from gravatar import Gravatar
except ImportError:
from gluon.contrib.gravatar import Gravatar
# multiples languages
if 'siteLanguage' in request.cookies and not (
request.cookies['siteLanguage'] is None):
T.force(request.cookies['siteLanguage'].value)
# # configure email
mail = auth.settings.mailer
# mail.settings.server = 'logging' if request.is_local else 'smtp.gmail.com:587'
mail.settings.server = 'smtp.gmail.com:587' # 'logging'
mail.settings.sender = '*****@*****.**' # your email
mail.settings.login = '******' + emailPass # your credentials or None
current.mail = mail
# Se a requisição for local, utiliza base auth de teste, caso contrário, utiliza LDAP
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods = [
ldap_auth(mode='uid',
server='10.224.16.100',
base_dn='ou=people,dc=unirio,dc=br')
]
from Servidor import Servidor
db.auth_user.username.label = 'CPF'
auth.settings.actions_disabled = [
'register', 'retrieve_username', 'remember_me', 'profile',
'change_password', 'request_reset_password'
]
auth.settings.remember_me_form = False
# login_next Não está funcionando e segundo a documentação, deveria funcionar
auth.settings.login_next = URL('default', 'mensagem')
# Faço o redirect para URL acima, no método abaixo
auth.settings.login_onaccept = Servidor().getDadosToSession()
#########################################################################
## Define your tables below (or better in another model file) for example
##
## >>> db.define_table('mytable',Field('myfield','string'))
##
## Fields can be 'string','text','password','integer','double','boolean'
## 'date','time','datetime','blob','upload', 'reference TABLENAME'
## There is an implicit 'id integer autoincrement' field
## Consult manual for more options, validators, etc.
##
## More API examples for controllers:
##
## >>> db.mytable.insert(myfield='value')
## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL)
## >>> for row in rows: print row.id, row.myfield
#########################################################################
## after defining tables, uncomment below to enable auditing
# auth.enable_record_versioning(db)
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods.append(
ldap_auth(mode='uid_r',
server='ldap.iiit.ac.in',
manage_user=True,
base_dn='OU=Users,DC=iiit,DC=ac,DC=in',
logging_level='debug',
user_firstname_attrib='cn:1',
user_lastname_attrib='cn:2',
user_mail_attrib='mail',
db=db))
response.optimize_js = 'concat,minify,inline'
db.define_table('devices',Field('Inventory_Number','string',unique=True),Field('Serial_Number','string'),\
Field('Campus','string'),Field('User','string'),Field('Vendor','string'),Field('Room','string'),\
Field('Network','boolean'),Field('Computer_Present','boolean'),Field('Memo','text'))
# Authentication - http://www.web2pyslices.com/slice/show/1468/how-to-set-up-web2py-ldap-with-windows-active-directory
from gluon.tools import Auth
auth = Auth(db, hmac_key=Auth.get_or_create_key())
auth.define_tables(username=True)
auth.settings.create_user_groups=False
# all we need is login
auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile']
# you don't have to remember me
auth.settings.remember_me_form = False
# ldap authentication and not save password on web2py
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods = [ldap_auth(mode='ad',
allowed_groups = ['Domain Group1','Domain Group2'],
bind_dn = 'CN=Admin User,OU=baseou,DC=example,DC=com',
bind_pw = 'pass',
group_dn = 'OU=Domain Groups,OU=baseou,DC=example,DC=com',
group_name_attrib = 'cn',
group_member_attrib = 'member',
group_filterstr = 'objectClass=Group',
server='server.example.com,
base_dn='OU=baseou,DC=example,DC=com')]
# set Title for all pages
response.title = 'Change Me!'
Field('request_time', 'datetime', default=request.now),
Field('status', 'integer'))
db.define_table('virtual_disk_requests', Field('id', 'integer'),
Field('user', 'string', required=True),
Field('vmid', 'string', required=True),
Field('request_time', 'datetime'), Field('status', 'integer'),
Field('disk_size', 'integer'))
db.define_table('vm_activity_log', Field('id', 'integer'),
Field('vmid', 'string'), Field('user', 'string'),
Field('task', 'string'), Field('time', 'datetime'),
Field('remarks', 'string'))
auth = Auth(db)
auth.define_tables(username=True)
auth.settings.login_methods.append(
ldap_auth(mode='custom',
username_attrib='uid',
custom_scope='subtree',
server=ldap_host,
base_dn=ldap_dn))
auth.settings.create_user_groups = False
auth.settings.login_onaccept = [login_callback]
auth.settings.remember_me_form = False
auth.settings.logout_next = '/baadal/default/user/login'
auth.settings.login_next = '/baadal/user/index'
scheduler = Scheduler(db)
# Conexão com o Banco de Dados
if request.is_local:
config.db.uri = "postgres:pg8000://matheus:123456@localhost/teste_ldap"
else:
config.db.uri = "postgres:pg8000://forip:[email protected]/teste_ldap"
db = DAL(**config.db)
# Importações
from gluon.tools import Auth
from gluon.contrib.login_methods.ldap_auth import ldap_auth
# Login com LDAP
# Configuração Auth
auth = Auth(db, controller="principal",function="login")
auth.settings.create_user_groups=False
auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile']
auth.settings.remember_me_form = False
auth.settings.login_next = URL(a='teste_ldap', c='principal', f='index')
auth.settings.login_methods = [ldap_auth(mode='ad',
server='192.168.100.235',
base_dn='dc=forip,dc=local')]
auth.messages.logged_in = 'Bem Vindo'
auth.messages.access_denied = 'Acesso negado! Contate o administrador'
auth.messages.invalid_username = '******'
auth.messages.invalid_login = '******'
auth.messages.invalid_password = '******'
auth.messages.login_button = "Entrar"
auth.messages.label_email = 'E-mail'
auth.messages.label_password = '******'
auth.settings.mailer = mail
# Allow login with ldap
from gluon.contrib.login_methods.ldap_auth import ldap_auth
# all we need is login
auth.settings.actions_disabled = [
'register', 'change_password', 'request_reset_password',
'retrieve_username'
]
# you don't have to remember me
auth.settings.remember_me_form = False
# Configura aplicacao para autenticar via LDAP
auth.settings.login_methods.append(ldap_auth(db=db, **LDAP_CONFIG))
# redireciona depois do login
auth.settings.login_next = URL('projetos')
# import Gravatar
try:
from gravatar import Gravatar
except ImportError:
from gluon.contrib.gravatar import Gravatar
# multiples languages
if 'siteLanguage' in request.cookies and not (request.cookies['siteLanguage']
is None):
T.force(request.cookies['siteLanguage'].value)
db.auth_user.categories_review.readable = False
db.auth_user.types.requires = IS_IN_DB(db,'rtype.id','rtype.name', multiple=True)
db.auth_user.types.widget = SQLFORM.widgets.checkboxes.widget
db.auth_user.types.default = lambda : db(db.rtype).select()
from gluon import current
current.auth = auth
current.db = db
auth.settings.formstyle = 'bootstrap3_inline'
#Active directory UPR
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods.append(ldap_auth(mode='ad', server=myconf.take('ad.server'), base_dn=myconf.take('ad.base_dn'), manage_user=True, user_firstname_attrib='cn:1', user_lastname_attrib='cn:2', user_mail_attrib='mail', db=db))
#Gmail auth
from gluon.contrib.login_methods.email_auth import email_auth
auth.settings.login_methods.append(
email_auth("smtp.gmail.com:587", "@gmail.com "))
#Facebook id and key
'''
client_id = ""
client_secret = ""
auth_url = ""
token_url = ""
from gluon.contrib.login_methods.oauth20_account import OAuthAccount
auth.settings.login_form=OAuthAccount(client_id, client_secret, auth_url, token_url)
config.db.uri = "postgres:pg8000://matheus:123456@localhost/teste_ldap"
else:
config.db.uri = "postgres:pg8000://forip:[email protected]/teste_ldap"
db = DAL(**config.db)
# Importações
from gluon.tools import Auth
from gluon.contrib.login_methods.ldap_auth import ldap_auth
# Login com LDAP
# Configuração Auth
auth = Auth(db, controller="principal", function="login")
auth.settings.create_user_groups = False
auth.settings.actions_disabled = [
'register', 'change_password', 'request_reset_password',
'retrieve_username', 'profile'
]
auth.settings.remember_me_form = False
auth.settings.login_next = URL(a='teste_ldap', c='principal', f='index')
auth.settings.login_methods = [
ldap_auth(mode='ad', server='192.168.100.235', base_dn='dc=forip,dc=local')
]
auth.messages.logged_in = 'Bem Vindo'
auth.messages.access_denied = 'Acesso negado! Contate o administrador'
auth.messages.invalid_username = '******'
auth.messages.invalid_login = '******'
auth.messages.invalid_password = '******'
auth.messages.login_button = "Entrar"
auth.messages.label_email = 'E-mail'
auth.messages.label_password = '******'
# host names must be a list of allowed host names (glob syntax allowed)
auth = Auth(db, host_names=configuration.get('host.names'))
# -------------------------------------------------------------------------
# create all tables needed by auth, maybe add a list of extra fields
# -------------------------------------------------------------------------
auth.settings.extra_fields['auth_user'] = []
auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile', 'retrieve_password']
auth.define_tables(username=True)
auth.settings.create_user_groups=False
auth.settings.remember_me_form = False
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods.append(ldap_auth(server='192.168.33.253',
base_dn='ou=people,dc=example,dc=com',
manage_user=True,
user_mail_attrib='mail',
manage_groups=True
)
)
# auth.settings.login_methods.append(ldap_auth(mode='ad',
# server='qwdcnet001.QAnets.ISLLCQA.org',
# base_dn='DC=qanets,DC=ISLLCQA,DC=org',
# manage_user=True,
# user_firstname_attrib='cn:1',
# user_lastname_attrib='cn:2',
# user_mail_attrib='mail',
# manage_groups=True,
# db=db,
# group_dn='DC=qanets,DC=ISLLCQA,DC=org',
# group_name_attrib='cn',
handler.setLevel(settings.log_level)
logger.addHandler(handler)
logger.setLevel(settings.log_level)
logger.debug(name + ' logger created')
if settings.produccion == True:
logger.debug('Server launched in production mode')
else:
logger.debug('Server launched in developpment mode')
return logger
settings.logger = get_configured_logger(request.application)
settings.title = request.application
settings.subtitle = T('Gestión de Alumnado en Centros de Secundaria')
settings.author = 'Francisco Mora Sánchez'
settings.author_email = '*****@*****.**'
settings.keywords = 'disciplina gestion prestamo libros alumnos enseñanza centros secundaria extremadura educacion eso bachillerato evaluación'
settings.description = T('Gestión de Alumnado en Centros de Secundaria')
settings.layout_theme = 'Default'
settings.security_key = 'a098c897-724b-4e05-b2d8-8ee993385ae6'
settings.email_server = 'logging' or 'smtp.gmail.com:587'
settings.email_sender = '*****@*****.**'
settings.email_login = ''
settings.login_method = [ldap_auth(mode='uid', server='ldap', base_dn='ou=People,dc=instituto,dc=extremadura,dc=es',
allowed_groups=['teachers'],
group_dn='ou=Group,dc=instituto,dc=extremadura,dc=es',
group_name_attrib='cn',
group_member_attrib='memberUid',
group_filterstr='objectClass=*')]
settings.login_config = ''
## Consult manual for more options, validators, etc.
##
## More API examples for controllers:
##
## >>> db.mytable.insert(myfield='value')
## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL)
## >>> for row in rows: print row.id, row.myfield
#########################################################################
import applications.controlies.modules.LdapConnection as LdapConnection
#Secure LDAP Auth
auth.settings.login_methods = [
ldap_auth(server='localhost',
base_dn='ou=People,dc=instituto,dc=extremadura,dc=es',
secure=LdapConnection.ldap_secure,
cert_path=LdapConnection.ldap_cert,
mode='cn')
]
#No secure LDAP Auth
#auth.settings.login_methods=[ldap_auth( server='localhost', base_dn='ou=People,dc=instituto,dc=extremadura,dc=es',secure=False,mode='cn')]
#########################################################
#
# Global functions
#
#########################################################
prod = cache.ram('prod',
lambda: bool(os.environ.get('PRODUCTION')),
# all we need is login
auth.settings.actions_disabled=["register", "change_password", "request_reset_password", "retrieve_username", "profile"]
# you don't have to remember me
auth.settings.remember_me_form = False
auth.settings.expiration = int(os.environ.get("INVENTORY_SESSION_EXPIRATION", 3600))
# ldap authentication and not save password on web2py
auth.settings.login_methods = [ldap_auth(
mode="ad",
allowed_groups = [g.strip() for g in os.environ["AD_ALLOWED_GROUPS"].split(",")],
server=os.environ["AD_HOST"],
base_dn=os.environ["AD_BASE_DN"],
bind_dn=os.environ["AD_BIND_USER"],
bind_pw=os.environ["AD_BIND_PASS"],
group_dn=os.environ["AD_GROUP_DN"],
group_name_attrib="cn",
group_member_attrib="member",
group_filterstr="objectClass=Group",
)]
# set up special user permissions
def view_only_create(form):
form.errors.Inventory_Number = "User cannot create record"
def view_only_update(form):
form.errors.Inventory_Number = "User cannot update record"
crud = Crud(db)
