def login_user(self, user):
"""
This method logs in the user into OctoPrint using authorization OAuth2.
After that, user is added into users.yaml config file.
"""
self._cleanup_sessions()
if user is None or user.is_anonymous:
return
if isinstance(user, LocalProxy):
user = user._get_current_object()
return user
if not isinstance(user, User):
return None
# -- Overridden parts -----------------------------------------------
if isinstance(user, OAuth2PGCUser):
username = user.get_id()
user = FilebasedUserManager.find_user(self, username)
if user is None:
FilebasedUserManager.add_user(self, username, '', active=True)
user = FilebasedUserManager.find_user(self, username)
# -- Overridden parts -----------------------------------------------
if not isinstance(user, SessionUser):
user = SessionUser(user)
self._session_users_by_session[user.session] = user
user_id = user.get_id()
if user_id not in self._sessionids_by_userid:
self._sessionids_by_userid[user_id] = set()
self._sessionids_by_userid[user_id].add(user.session)
for listener in self._login_status_listeners:
try:
listener.on_user_logged_in(user)
except Exception:
self._logger.exception(
"Error in on_user_logged_in on {!r}".format(listener),
extra=dict(callback=fqcn(listener)))
self._logger.info("Logged in user: {}".format(user.get_id()))
return user
def find_user(self, userid=None, apikey=None, session=None):
self.logger.debug("Search for userid=%s, apiKey=%s, session=%s" %
(userid, apikey, session))
user = FilebasedUserManager.find_user(self,
userid=userid,
apikey=apikey,
session=session)
user, userid = self._find_user_with_transformation(
apikey, session, user, userid)
if not user and userid:
user = self._find_user_via_ldap(user, userid)
return user
def _find_user_with_transformation(self, apikey, session, user, userid):
transformation = self.settings.get([SEARCH_TERM_TRANSFORM])
if not user and userid and transformation:
self.logger.debug("Transforming %s using %s" %
(userid, transformation))
transformed = getattr(str, transformation)(str(userid))
self.logger.debug("Search for user userid=%s" % transformed)
if transformed != userid:
userid = transformed
user = FilebasedUserManager.find_user(self,
userid=userid,
apikey=apikey,
session=session)
return user, userid
def find_user(self, userid=None, apikey=None, session=None):
self._logger.debug("Search for userid=%s, apiKey=%s, session=%s" % (userid, apikey, session))
user = FilebasedUserManager.find_user(self, userid=userid, apikey=apikey, session=session)
transformation = self.plugin_settings().get(["search_term_transform"])
if not user and userid and transformation:
self._logger.debug("Transforming %s using %s" % (userid, transformation))
transformed = getattr(str, transformation)(str(userid))
self._logger.debug("Search for user userid=%s" % transformed)
if transformed != userid:
userid = transformed
user = FilebasedUserManager.find_user(self, userid=userid, apikey=apikey, session=session)
if not user and userid:
self._logger.debug("User %s not found locally, treating as LDAP" % userid)
search_filter = self.plugin_settings().get(["search_filter"])
"""
operating on the wildly unsafe assumption that the admin who configures this plugin will have their head
screwed on right and NOT escaping their search strings... only escaping unsafe user-entered text that is
passed directly to search filters
"""
ldap_user = self.ldap_search(filter_format(search_filter, (userid,)))
if ldap_user is not None:
self._logger.debug("User %s found as dn=%s" % (userid, ldap_user["dn"]))
groups = self.group_filter(ldap_user["dn"])
if isinstance(groups, list):
self._logger.debug("Creating new LDAPUser %s" % userid)
# TODO: make username configurable or make dn configurable (e.g. could be userPrincipalName?)
if self.plugin_settings().get(["local_cache"]):
self.add_user(username=userid, dn=ldap_user["dn"], groups=groups, active=True)
user = self._users[userid]
else:
user = LDAPUser(username=userid, dn=ldap_user["dn"], groups=groups, active=True, )
return user