Пример #1
0
    def to_user(self, result):
        '''Creates and returns a Fcombine UserProfile object based on the 
           user's attributes stored within the LDAP server'''

        log(3, "LDAP add user, entry=%s" % str(entry))
        entry = result.entry

        userprofile = UserProfile()
        userprofile.user = User()

        entry_attrs = entry[1]

        server_type = self.get_server_type()
        mapper = self.get_mapper(server_type)(entry_attrs)

        for attr in self.USER_PROFILE_ATTRS:
            value = getattr(mapper, "map_%s" % attr)()
            log(6, "Setting %s to %s" % (attr, value))
            setattr(userprofile, attr, value)


        for attr in self.USER_ATTRS:
            value = getattr(mapper, "map_%s" % attr)()
            log(6, "Setting %s to %s" % (attr, value))
            setattr(userprofile.user, attr, value)

        return userprofile
Пример #2
0
    def to_user(self, entry):
        """Creates a basic Fcombine UserProfile object based on credentials"""

        log(3, "RADIUS add user, entry=%s" % str(entry))

        userprofile = UserProfile()
        userprofile.user = User()

        userprofile.user.username = entry

        return userprofile
admin_user.username = "******"
admin_user.email = "*****@*****.**"
admin_user.is_staff = True
admin_user.is_superuser = True
admin_user.set_password("fcombine")
admin_user.save()

# create an AuthServer object for the admin user
local_dir_server = LocalDirectoryServer()
local_dir_server.save()
local_auth_server = LocalAuthServer()
local_auth_server.directory_server = local_dir_server
local_auth_server.save()

# create admin's UserProfile
admin_userprofile = UserProfile()
admin_userprofile.auth_server = local_auth_server
admin_userprofile.user = admin_user
admin_userprofile.save()

# create stock configuration
configuration = Configuration()
configuration.device_name = "fcombine"
configuration.ip_address = "192.168.0.1"
configuration.subnet_mask = "255.255.255.0"
configuration.save()

if create_test_db:
    print "** Adding test objects to Fcombine database **"

    print "Creating local user: localuser"
Пример #4
0
    def authenticate_user(self, username, password):
        # This function will first try to authenticate the user.  If it's
        # successful, we will query the associated directory server to
        # pull down user details.  We don't care if the directory server
        # returns nothing as it's just pretty user details etc.

        # first see if we've already seen the user, that is, they are in
        # the Fcombine database
        try:
            user = User.objects.get(username=username)
            authenticator = self.authenticators[user.userprofile.auth_server.id]
            log(6, "User found in the database, authenticator = %d" % \
                    (user.userprofile.auth_server.id))
            result = authenticator.authenticate(username, password)

            # TODO: do we need to synchronize the user/userprofile objects
            # here?

            return result.code
        except User.DoesNotExist:
            pass

        # if we're here, it's possible the user does exist, but is not in the
        # database yet, ie, they are in the process of being imported into the
        # database which may be a slow operation as it is serialised.

        # authenticate the user against each server until we're successful with
        # one, or none. We handle potential duplication of usernames across
        # different directory servers at the import phase in that we raise an
        # error if an admin tries to import a user whos username already exists
        # on the Fcombine.

        result_queue = Queue()
        auth_threads = []
        for auth_server_id, authenticator in self.authenticators.items():
            log(6, "Thread count = %d" % len(auth_threads))

            # TODO: make sure this doesn't cause memory problems if a server
            # goes down.  We should probably track if a server is having
            # problems so we can rate limit authentication
            auth_thread = AuthenticatorThread(authenticator, auth_server_id, \
                    result_queue, username, password)
            auth_threads.append(auth_thread)
            auth_thread.start()


        failed = False
        user = User()
        user_profile = UserProfile()
        for i in xrange(len(auth_threads)):
            result = result_queue.get()
            log(6, "Got result from queue")

            if result.is_successful():
                # insert the user into our database now.
                # look up the auth server and directory server for this user
                auth_server = AuthServer.objects.get(id=result.auth_server_id)
                dir_server_id = auth_server.directory_server.id
                directory_queryer = self.directory_queryers[dir_server_id]

                # look up the user in the directory
                #user_profile = result.authenticator.to_user(result.entry)
                try:
                    user_profile = directory_queryer.lookup(result)

                    # save the user profile
                    user_profile.auth_server = auth_server
                    user_profile.user.save()
                    user_profile.save()
                except DirectoryQueryException, ex:
                    log(2, "DirectoryQueryException: %s" % str(ex))

                return result.code

            if result.is_failure() == False:
                failed = True