def to_user(self, result): '''Creates and returns a Fcombine UserProfile object based on the user's attributes stored within the LDAP server''' log(3, "LDAP add user, entry=%s" % str(entry)) entry = result.entry userprofile = UserProfile() userprofile.user = User() entry_attrs = entry[1] server_type = self.get_server_type() mapper = self.get_mapper(server_type)(entry_attrs) for attr in self.USER_PROFILE_ATTRS: value = getattr(mapper, "map_%s" % attr)() log(6, "Setting %s to %s" % (attr, value)) setattr(userprofile, attr, value) for attr in self.USER_ATTRS: value = getattr(mapper, "map_%s" % attr)() log(6, "Setting %s to %s" % (attr, value)) setattr(userprofile.user, attr, value) return userprofile
def to_user(self, entry): """Creates a basic Fcombine UserProfile object based on credentials""" log(3, "RADIUS add user, entry=%s" % str(entry)) userprofile = UserProfile() userprofile.user = User() userprofile.user.username = entry return userprofile
admin_user.username = "******" admin_user.email = "*****@*****.**" admin_user.is_staff = True admin_user.is_superuser = True admin_user.set_password("fcombine") admin_user.save() # create an AuthServer object for the admin user local_dir_server = LocalDirectoryServer() local_dir_server.save() local_auth_server = LocalAuthServer() local_auth_server.directory_server = local_dir_server local_auth_server.save() # create admin's UserProfile admin_userprofile = UserProfile() admin_userprofile.auth_server = local_auth_server admin_userprofile.user = admin_user admin_userprofile.save() # create stock configuration configuration = Configuration() configuration.device_name = "fcombine" configuration.ip_address = "192.168.0.1" configuration.subnet_mask = "255.255.255.0" configuration.save() if create_test_db: print "** Adding test objects to Fcombine database **" print "Creating local user: localuser"
def authenticate_user(self, username, password): # This function will first try to authenticate the user. If it's # successful, we will query the associated directory server to # pull down user details. We don't care if the directory server # returns nothing as it's just pretty user details etc. # first see if we've already seen the user, that is, they are in # the Fcombine database try: user = User.objects.get(username=username) authenticator = self.authenticators[user.userprofile.auth_server.id] log(6, "User found in the database, authenticator = %d" % \ (user.userprofile.auth_server.id)) result = authenticator.authenticate(username, password) # TODO: do we need to synchronize the user/userprofile objects # here? return result.code except User.DoesNotExist: pass # if we're here, it's possible the user does exist, but is not in the # database yet, ie, they are in the process of being imported into the # database which may be a slow operation as it is serialised. # authenticate the user against each server until we're successful with # one, or none. We handle potential duplication of usernames across # different directory servers at the import phase in that we raise an # error if an admin tries to import a user whos username already exists # on the Fcombine. result_queue = Queue() auth_threads = [] for auth_server_id, authenticator in self.authenticators.items(): log(6, "Thread count = %d" % len(auth_threads)) # TODO: make sure this doesn't cause memory problems if a server # goes down. We should probably track if a server is having # problems so we can rate limit authentication auth_thread = AuthenticatorThread(authenticator, auth_server_id, \ result_queue, username, password) auth_threads.append(auth_thread) auth_thread.start() failed = False user = User() user_profile = UserProfile() for i in xrange(len(auth_threads)): result = result_queue.get() log(6, "Got result from queue") if result.is_successful(): # insert the user into our database now. # look up the auth server and directory server for this user auth_server = AuthServer.objects.get(id=result.auth_server_id) dir_server_id = auth_server.directory_server.id directory_queryer = self.directory_queryers[dir_server_id] # look up the user in the directory #user_profile = result.authenticator.to_user(result.entry) try: user_profile = directory_queryer.lookup(result) # save the user profile user_profile.auth_server = auth_server user_profile.user.save() user_profile.save() except DirectoryQueryException, ex: log(2, "DirectoryQueryException: %s" % str(ex)) return result.code if result.is_failure() == False: failed = True