def get(self, request, *args, **kwargs):
#获取客户端传来的参数PK
pk = kwargs.get('pk')
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_get_user(pk, isdict=True)
if status:
msg = "用户:%s 获取成功" % pk
data = status
form = self.form_class(initial=data)
context = {'form': form, 'app': _('Users'), 'action': _('LDAP Update user')}
return render(request, self.template_name, context)
else:
msg = "未获取用户:%s" % pk
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
except Exception as e:
msg = "用户:%s 获取失败,原因:%s" % (pk, str(e))
messages.add_message(self.request, messages.ERROR, msg)
return redirect(reverse('users:ldap-user-list'))
else:
msg = '请系统先支持ldap'
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
def get_context_data(self, **kwargs):
data = ''
pk = kwargs.get('pk')
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_get_user(pk, isdict=True)
if status:
msg = "用户:%s 获取成功" % pk
data = status
# messages.add_message(self.request, messages.SUCCESS, msg)
else:
msg = "未获取用户:%s" % pk
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
except Exception as e:
msg = "用户:%s 获取失败,原因:%s" % (pk, str(e))
messages.add_message(self.request, messages.ERROR, msg)
return redirect(reverse('users:ldap-user-list'))
else:
msg = '请系统先支持ldap'
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
context = super().get_context_data(**kwargs)
context['user'] = data
context.update({
'app': _('Users'),
'action': _('LDAP User Detail'),
})
return context
def save(self, commit=True):
password = self.cleaned_data.get('password')
public_key = self.cleaned_data.get('public_key')
is_ldap_user = self.cleaned_data.get('is_ldap_user')
user = super().save(commit=commit)
# ldap用户
username = user.username
if settings.AUTH_LDAP:
ldap_tool = LDAPTool()
check_user_code, _ = ldap_tool.check_user_status(username)
if is_ldap_user and check_user_code == 404:
print("新增用户,类型为ldap")
cn = user.username
mail = user.email
if password:
password = password
else:
password = generate_activation_code(n=1)[0]
status = ldap_tool.ldap_add_user(cn, mail, username, password)
if status:
msg = "ldap用户创建成功"
messages.add_message(self.request, messages.SUCCESS, msg)
return user
else:
msg = "ldap用户创建失败"
messages.add_message(self.request, messages.ERROR, msg)
#本地用户
if password and not is_ldap_user:
user.set_password(password)
user.save()
if public_key:
user.public_key = public_key
user.save()
return user
def save(self, commit=True):
user = super().save(commit=commit)
#LDAP用户
if settings.AUTH_LDAP and user.is_ldap_user:
ldap_tool = LDAPTool()
check_user_code, data = ldap_tool.check_user_status(user.username)
if check_user_code == 200:
print("更新用户,类型为ldap")
phone = user.phone
old = {'mail': data[1].get('mail', '')}
new = {
'mail': [user.email.encode('utf-8')],
}
if phone:
old = {
'mail': data[1].get('mail', ''),
'mobile': data[1].get('mobile', '')
}
new = {
'mail': [user.email.encode('utf-8')],
'mobile': [phone.encode('utf-8')],
}
status = ldap_tool.ldap_update_user(user.username, old, new)
if not status:
msg = "ldap用户更新失败"
messages.add_message(self.request, messages.ERROR, msg)
else:
messages.add_message(self.request, messages.INFO,
"ldap信息更新成功")
return user
def delete(self, request, *args, **kwargs):
pk = kwargs.get('pk')
data = {'status': '', 'msg': ''}
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_delete(pk)
user = User.objects.filter(username=pk)
if user:
#如果该用户是系统用户,删除ldap时候,顺便把系统中用户也删除了
user.delete()
if status:
msg = "用户:%s 删除成功" % pk
rt = 200
else:
msg = "用户%s 删除失败" % pk
rt = 511
data['msg'] = msg
data['status'] = rt
except Exception as e:
msg = str(e)
rt = 500
data['msg'] = msg
data['status'] = rt
return Response(data=data, status=data['status'])
return Response(data=data, status=data['status'])
else:
data['msg'] = '请系统先支持ldap'
data['status'] = 512
return Response(data=data, status=data['status'])
def save(self, commit=True):
password = self.cleaned_data.get('password')
public_key = self.cleaned_data.get('public_key')
user = super().save(commit=commit)
is_ldap_user = user.is_ldap_user
# ldap用户
username = user.username
if settings.AUTH_LDAP:
ldap_tool = LDAPTool()
check_user_code, data = ldap_tool.check_user_status(username)
if is_ldap_user and check_user_code == 200:
print("更新用户,类型为ldap")
old = {'mail': data[1].get('mail', ''), 'mobile': data[1].get('mobile', '')}
new = {'mail': [user.email.encode('utf-8')], 'mobile': [user.phone.encode('utf-8')],}
status = ldap_tool.ldap_update_user(username, old, new)
if status:
return user
# #本地用户
if password and not is_ldap_user:
user.set_password(password)
user.save()
if public_key:
user.public_key = public_key
user.save()
return user
def save(self, commit=True):
password = self.cleaned_data.get('password')
public_key = self.cleaned_data.get('public_key')
user = super().save(commit=commit)
is_ldap_user = user.is_ldap_user
# ldap用户
username = user.username
if settings.AUTH_LDAP:
ldap_tool = LDAPTool()
check_user_code, data = ldap_tool.check_user_status(username)
if is_ldap_user and check_user_code == 200:
print("更新用户,类型为ldap")
old = {
'mail': data[1].get('mail', ''),
'mobile': data[1].get('mobile', '')
}
new = {
'mail': [user.email.encode('utf-8')],
'mobile': [user.phone.encode('utf-8')],
}
status = ldap_tool.ldap_update_user(username, old, new)
if status:
return user
# #本地用户
if password and not is_ldap_user:
user.set_password(password)
user.save()
if public_key:
user.public_key = public_key
user.save()
return user
def get(self, request, *args, **kwargs):
#获取客户端传来的参数PK
pk = kwargs.get('pk')
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_get_user(pk, isdict=True)
if status:
msg = "用户:%s 获取成功" % pk
data = status
form = self.form_class(initial=data)
context = {
'form': form,
'app': _('Users'),
'action': _('LDAP Update user')
}
return render(request, self.template_name, context)
else:
msg = "未获取用户:%s" % pk
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
except Exception as e:
msg = "用户:%s 获取失败,原因:%s" % (pk, str(e))
messages.add_message(self.request, messages.ERROR, msg)
return redirect(reverse('users:ldap-user-list'))
else:
msg = '请系统先支持ldap'
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
def post(self, request, *args, **kwargs):
password = request.POST.get('password')
password_confirm = request.POST.get('password-confirm')
token = request.GET.get('token')
if password != password_confirm:
return self.get(request, errors=_('Password not same'))
user = User.validate_reset_token(token)
if not user:
return self.get(request, errors=_('Token invalid or expired'))
# 重置LDAP用户密码
from django.conf import settings
if settings.AUTH_LDAP and user.is_ldap_user:
from common.ldapadmin import LDAPTool
ldap_tool = LDAPTool()
username = user.username
status = ldap_tool.ldap_update_password(username, new_password=password)
if status:
print("ldap用户:%s 密码修改成功" % username)
else:
return self.get(request, errors="密码更新失败,可能是弱类型")
else:
user.reset_password(password)
return HttpResponseRedirect(reverse('users:reset-password-success'))
def save(self, commit=True):
password = self.cleaned_data.get('password')
public_key = self.cleaned_data.get('public_key')
is_ldap_user = self.cleaned_data.get('is_ldap_user')
user = super().save(commit=commit)
# ldap用户
username = user.username
if settings.AUTH_LDAP:
ldap_tool = LDAPTool()
check_user_code,_ = ldap_tool.check_user_status(username)
if is_ldap_user and check_user_code == 404:
print("新增用户,类型为ldap")
cn = user.username
mail = user.email
if password:
password = password
else:
password = generate_activation_code(n=1)[0]
status = ldap_tool.ldap_add_user(cn, mail, username, password)
if status:
msg = "ldap用户创建成功"
messages.add_message(self.request, messages.SUCCESS, msg)
return user
else:
msg = "ldap用户创建失败"
messages.add_message(self.request, messages.ERROR, msg)
#本地用户
if password and not is_ldap_user:
user.set_password(password)
user.save()
if public_key:
user.public_key = public_key
user.save()
return user
def post(self, request, *args, **kwargs):
password = request.POST.get('password')
password_confirm = request.POST.get('password-confirm')
token = request.GET.get('token')
if password != password_confirm:
return self.get(request, errors=_('Password not same'))
user = User.validate_reset_token(token)
if not user:
return self.get(request, errors=_('Token invalid or expired'))
# 重置LDAP用户密码
from django.conf import settings
if settings.AUTH_LDAP and user.is_ldap_user:
from common.ldapadmin import LDAPTool
ldap_tool = LDAPTool()
username = user.username
status = ldap_tool.ldap_update_password(username,
new_password=password)
if status:
print("ldap用户:%s 密码修改成功" % username)
else:
return self.get(request, errors="密码更新失败,可能是弱类型")
else:
user.reset_password(password)
return HttpResponseRedirect(reverse('users:reset-password-success'))
def delete(self, request, *args, **kwargs):
pk = kwargs.get('pk')
data = {'status': '', 'msg': ''}
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_delete(pk)
user = User.objects.filter(username=pk)
if user:
#如果该用户是系统用户,删除ldap时候,顺便把系统中用户也删除了
user.delete()
if status:
msg = "用户:%s 删除成功" % pk
rt = 200
else:
msg = "用户%s 删除失败" % pk
rt = 511
data['msg'] = msg
data['status'] = rt
except Exception as e:
msg = str(e)
rt = 500
data['msg'] = msg
data['status'] = rt
return Response(data=data, status=data['status'])
return Response(data=data, status=data['status'])
else:
data['msg'] = '请系统先支持ldap'
data['status'] = 512
return Response(data=data, status=data['status'])
def get_context_data(self, **kwargs):
data = ''
pk = kwargs.get('pk')
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_get_user(pk, isdict=True)
if status:
msg = "用户:%s 获取成功" % pk
data = status
# messages.add_message(self.request, messages.SUCCESS, msg)
else:
msg = "未获取用户:%s" % pk
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
except Exception as e:
msg = "用户:%s 获取失败,原因:%s" % (pk, str(e))
messages.add_message(self.request, messages.ERROR, msg)
return redirect(reverse('users:ldap-user-list'))
else:
msg = '请系统先支持ldap'
messages.add_message(self.request, messages.WARNING, msg)
return redirect(reverse('users:ldap-user-list'))
context = super().get_context_data(**kwargs)
context['user'] = data
context.update({
'app': _('Users'),
'action': _('LDAP User Detail'),
})
return context
def clean_old_password(self):
old_password = self.cleaned_data['old_password']
if settings.AUTH_LDAP and self.instance.is_ldap_user:
# 使用LDAP验证时
ldap_tool = LDAPTool()
username = self.instance.username
if ldap_tool.ldap_get_vaild(uid=username, passwd=old_password):
return old_password
if not self.instance.check_password(old_password):
raise forms.ValidationError(_('Old password error'))
return old_password
def clean_old_password(self):
old_password = self.cleaned_data['old_password']
if settings.AUTH_LDAP and self.instance.is_ldap_user:
# 使用LDAP验证时
ldap_tool = LDAPTool()
username = self.instance.username
if ldap_tool.ldap_get_vaild(uid=username, passwd=old_password):
return old_password
if not self.instance.check_password(old_password):
raise forms.ValidationError(_('Old password error'))
return old_password
def save(self):
username = self.instance.username
password = self.cleaned_data['new_password']
self.instance.set_password(password)
self.instance.save()
# ldap用户
if settings.AUTH_LDAP and self.instance.is_ldap_user:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_update_password(username, new_password=password)
if status:
return self.instance
return self.instance
def save(self):
username = self.instance.username
password = self.cleaned_data['new_password']
self.instance.set_password(password)
self.instance.save()
# ldap用户
if settings.AUTH_LDAP and self.instance.is_ldap_user:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_update_password(username,
new_password=password)
if status:
return self.instance
return self.instance
def on_user_delete(sender, **kwargs):
username = kwargs['instance'].username
if settings.AUTH_LDAP:
try:
from common.ldapadmin import LDAPTool
ldap_tool = LDAPTool()
check_user_code, data = ldap_tool.check_user_status(username)
if check_user_code != 404:
status = ldap_tool.ldap_delete(username)
if status:
msg = "用户:%s 删除成功" % username
logger.info(msg)
else:
msg = "用户%s 删除失败" % username
logger.warning(msg)
except Exception as e:
msg = str(e)
logger.error(msg)
def save(self, commit=True):
user = super().save(commit=commit)
#LDAP用户
if settings.AUTH_LDAP and user.is_ldap_user:
ldap_tool = LDAPTool()
check_user_code, data = ldap_tool.check_user_status(user.username)
if check_user_code == 200:
print("更新用户,类型为ldap")
phone = user.phone
old = {'mail': data[1].get('mail', '')}
new = {'mail': [user.email.encode('utf-8')], }
if phone:
old = {'mail': data[1].get('mail', ''), 'mobile': data[1].get('mobile', '')}
new = {'mail': [user.email.encode('utf-8')], 'mobile': [phone.encode('utf-8')], }
status = ldap_tool.ldap_update_user(user.username, old, new)
if not status:
msg = "ldap用户更新失败"
messages.add_message(self.request, messages.ERROR, msg)
else:
messages.add_message(self.request, messages.INFO, "ldap信息更新成功")
return user
def get(self, request, *args, **kwargs):
pk = kwargs.get('pk')
data = {'status': '', 'msg': '', 'data': ''}
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_get_user(pk, isdict=True)
if status:
data['msg'] = "用户:%s 获取成功" % pk
data['data'] = status
data['status'] = 200
else:
data['msg'] = "未获取用户:%s" % pk
data['status'] = 404
return Response(data=data, status=200)
except Exception as e:
data['msg'] = "用户:%s 获取失败,原因:%s" % (pk, str(e))
data['status'] = 500
return Response(data=data, status=200)
else:
data['msg'] = '请系统先支持ldap'
data['status'] = 501
return Response(data=data, status=200)
def get(self, request, *args, **kwargs):
pk = kwargs.get('pk')
data = {'status': '', 'msg': '', 'data': ''}
if settings.AUTH_LDAP:
try:
ldap_tool = LDAPTool()
status = ldap_tool.ldap_get_user(pk, isdict=True)
if status:
data['msg'] = "用户:%s 获取成功" % pk
data['data'] = status
data['status'] = 200
else:
data['msg'] = "未获取用户:%s" % pk
data['status'] = 404
return Response(data=data, status=200)
except Exception as e:
data['msg'] = "用户:%s 获取失败,原因:%s" % (pk, str(e))
data['status'] = 500
return Response(data=data, status=200)
else:
data['msg'] = '请系统先支持ldap'
data['status'] = 501
return Response(data=data, status=200)