def touch_hg_access_date(user): # Run ldap access date toucher, silently fail and log if we're unable to write try: settings = ldap_helper.get_ldap_settings() ldap_helper.update_access_date(user, 'hgAccessDate', datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), settings['url'], settings['write_url']) except Exception: logging.basicConfig(filename='/var/log/pash.log', level=logging.DEBUG) logging.exception('Failed to update LDAP attributes for %s' % user)
def process_non_root_login(user): # Delay import so these don't interfere with root login code path. from datetime import datetime import json import logging import sys import hg_helper import ldap_helper user_status = hg_helper.is_valid_user(user) if user_status == 2: sys.stderr.write('Your mercurial account has been disabled due \ to inactivity.\nPlease file a bug at \ https://bugzilla.mozilla.org (or \ http://tinyurl.com/njcfhma) to re-activate \ your account.\n') sys.exit(0) elif user_status != 1: sys.stderr.write(NO_HG_ACCESS % user) sys.exit(0) # Run ldap access date toucher, silently fail and log if we're unable to write try: settings = ldap_helper.get_ldap_settings() ldap_helper.update_access_date(user, 'hgAccessDate', datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), settings['url'], settings['write_url']) except Exception: logging.basicConfig(filename='/var/log/pash.log', level=logging.DEBUG) logging.exception('Failed to update LDAP attributes for %s' % user) with open('/etc/mercurial/pash.json', 'rb') as fh: pash_settings = json.load(fh) hg_helper.serve(cname=pash_settings['hostname'], enable_repo_config=pash_settings.get('repo_config', False), enable_repo_group=pash_settings.get('repo_group', False), enable_user_repos=pash_settings.get('user_repos', False), enable_mozreview_ldap_associate=pash_settings.get('mr_ldap_associate', False)) sys.exit(0)
def is_valid_user(mail): url = get_ldap_settings()['url'] mail = mail.strip() replacements = { '(': '', ')': '', "'": '', '"': '', ';': '', } for search, replace in replacements.items(): mail = mail.replace(search, replace) account_status = get_ldap_attribute(mail, 'hgAccountEnabled', url) if account_status == 'TRUE': return 1 elif account_status == 'FALSE': return 2 else: return 0
def process_non_root_login(user): # Delay import so these don't interfere with root login code path. from datetime import datetime import json import logging import sys import hg_helper import ldap_helper user_status = hg_helper.is_valid_user(user) if user_status == 2: sys.stderr.write(HG_ACCESS_DISABLED % (user, user)) sys.exit(0) elif user_status != 1: sys.stderr.write(NO_HG_ACCESS % user) sys.exit(0) # Run ldap access date toucher, silently fail and log if we're unable to write try: settings = ldap_helper.get_ldap_settings() ldap_helper.update_access_date( user, 'hgAccessDate', datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), settings['url'], settings['write_url']) except Exception: logging.basicConfig(filename='/var/log/pash.log', level=logging.DEBUG) logging.exception('Failed to update LDAP attributes for %s' % user) with open('/etc/mercurial/pash.json', 'rb') as fh: pash_settings = json.load(fh) hg_helper.serve(cname=pash_settings['hostname'], enable_repo_config=pash_settings.get('repo_config', False), enable_repo_group=pash_settings.get('repo_group', False), enable_user_repos=pash_settings.get('user_repos', False), enable_mozreview_ldap_associate=pash_settings.get( 'mr_ldap_associate', False)) sys.exit(0)