def create(self, values):
self.affirm_unique(values)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
self.mask_enabled_attribute(values)
values = super(UserApi, self).create(values)
return values
def update(self, id, values):
if values['id'] != id:
raise exception.ValidationError('Cannot change user ID')
try:
old_obj = self.get(id)
except exception.NotFound:
raise exception.UserNotFound(user_id=id)
if old_obj.get('name') != values['name']:
raise exception.Conflict('Cannot change user name')
try:
new_project = values['tenant_id']
except KeyError:
pass
else:
if old_obj.get('tenant_id') != new_project:
if old_obj['tenant_id']:
self.project_api.remove_user(old_obj['tenant_id'], id)
if new_project:
self.project_api.add_user(new_project, id)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
values['enabled_nomask'] = old_obj['enabled_nomask']
self.mask_enabled_attribute(values)
super(UserApi, self).update(id, values, old_obj)
def update_user(self, user_id, user):
user = self._validate_domain(user)
if 'id' in user and user['id'] != user_id:
raise exception.ValidationError('Cannot change user ID')
old_obj = self.user.get(user_id)
if 'name' in user and old_obj.get('name') != user['name']:
raise exception.Conflict('Cannot change user name')
if 'tenant_id' in user and \
old_obj.get('tenant_id') != user['tenant_id']:
if old_obj['tenant_id']:
self.project.remove_user(old_obj['tenant_id'],
self.user._id_to_dn(user_id),
user_id)
if user['tenant_id']:
self.project.add_user(user['tenant_id'],
self.user._id_to_dn(user_id),
user_id)
user = utils.hash_ldap_user_password(user)
if self.user.enabled_mask:
user['enabled_nomask'] = old_obj['enabled_nomask']
self.user.mask_enabled_attribute(user)
self.user.update(user_id, user, old_obj)
return self._set_default_domain(self.user.get_filtered(user_id))
def create(self, values):
self.affirm_unique(values)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
self.mask_enabled_attribute(values)
values = super(UserApi, self).create(values)
return values
def update(self, id, values):
if values['id'] != id:
raise exception.ValidationError('Cannot change user ID')
try:
old_obj = self.get(id)
except exception.NotFound:
raise exception.UserNotFound(user_id=id)
if old_obj.get('name') != values['name']:
raise exception.Conflict('Cannot change user name')
try:
new_tenant = values['tenant_id']
except KeyError:
pass
else:
if old_obj.get('tenant_id') != new_tenant:
if old_obj['tenant_id']:
self.tenant_api.remove_user(old_obj['tenant_id'], id)
if new_tenant:
self.tenant_api.add_user(new_tenant, id)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
values['enabled_nomask'] = old_obj['enabled_nomask']
self.mask_enabled_attribute(values)
super(UserApi, self).update(id, values, old_obj)
def create(self, values):
self.affirm_unique(values)
values = utils.hash_ldap_user_password(values)
values = super(UserApi, self).create(values)
tenant_id = values.get('tenant_id')
if tenant_id is not None:
self.tenant_api.add_user(values['tenant_id'], values['id'])
return values
def create(self, values):
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
orig_enabled = values['enabled']
self.mask_enabled_attribute(values)
values = super(UserApi, self).create(values)
if self.enabled_mask:
values['enabled'] = orig_enabled
return values
def create(self, values):
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
orig_enabled = values["enabled"]
self.mask_enabled_attribute(values)
values = super(UserApi, self).create(values)
if self.enabled_mask:
values["enabled"] = orig_enabled
return values
def create(self, values):
self.affirm_unique(values)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
self.mask_enabled_attribute(values)
values = super(UserApi, self).create(values)
tenant_id = values.get('tenant_id')
if tenant_id is not None:
self.project_api.add_user(values['tenant_id'], values['id'])
return values
def create(self, values):
self.affirm_unique(values)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
self.mask_enabled_attribute(values)
values = super(UserApi, self).create(values)
tenant_id = values.get('tenant_id')
if tenant_id is not None:
self.project_api.add_user(values['tenant_id'], values['id'])
return values
def update_user(self, user_id, user):
if "id" in user and user["id"] != user_id:
raise exception.ValidationError("Cannot change user ID")
old_obj = self.user.get(user_id)
if "name" in user and old_obj.get("name") != user["name"]:
raise exception.Conflict("Cannot change user name")
user = utils.hash_ldap_user_password(user)
if self.user.enabled_mask:
self.user.mask_enabled_attribute(user)
self.user.update(user_id, user, old_obj)
return self.user.get_filtered(user_id)
def update_user(self, user_id, user):
if 'id' in user and user['id'] != user_id:
raise exception.ValidationError('Cannot change user ID')
old_obj = self.user.get(user_id)
if 'name' in user and old_obj.get('name') != user['name']:
raise exception.Conflict('Cannot change user name')
user = utils.hash_ldap_user_password(user)
if self.user.enabled_mask:
self.user.mask_enabled_attribute(user)
self.user.update(user_id, user, old_obj)
return self.user.get_filtered(user_id)
def update_user(self, user_id, user):
if 'id' in user and user['id'] != user_id:
raise exception.ValidationError('Cannot change user ID')
old_obj = self.user.get(user_id)
if 'name' in user and old_obj.get('name') != user['name']:
raise exception.Conflict('Cannot change user name')
user = utils.hash_ldap_user_password(user)
if self.user.enabled_mask:
self.user.mask_enabled_attribute(user)
self.user.update(user_id, user, old_obj)
return self.user.get_filtered(user_id)
def update(self, id, values):
if 'id' in values and values['id'] != id:
raise exception.ValidationError('Cannot change user ID')
old_obj = self.get(id)
if 'name' in values and old_obj.get('name') != values['name']:
raise exception.Conflict('Cannot change user name')
if 'tenant_id' in values and \
old_obj.get('tenant_id') != values['tenant_id']:
if old_obj['tenant_id']:
self.project_api.remove_user(old_obj['tenant_id'], id)
if values['tenant_id']:
self.project_api.add_user(values['tenant_id'], id)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
values['enabled_nomask'] = old_obj['enabled_nomask']
self.mask_enabled_attribute(values)
super(UserApi, self).update(id, values, old_obj)
return self.get(id)
def update(self, id, values):
if 'id' in values and values['id'] != id:
raise exception.ValidationError('Cannot change user ID')
old_obj = self.get(id)
if 'name' in values and old_obj.get('name') != values['name']:
raise exception.Conflict('Cannot change user name')
if 'tenant_id' in values and \
old_obj.get('tenant_id') != values['tenant_id']:
if old_obj['tenant_id']:
self.project_api.remove_user(old_obj['tenant_id'], id)
if values['tenant_id']:
self.project_api.add_user(values['tenant_id'], id)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
values['enabled_nomask'] = old_obj['enabled_nomask']
self.mask_enabled_attribute(values)
super(UserApi, self).update(id, values, old_obj)
return self.get(id)
def update(self, id, values):
if "id" in values and values["id"] != id:
raise exception.ValidationError("Cannot change user ID")
try:
old_obj = self.get(id)
except exception.NotFound:
raise exception.UserNotFound(user_id=id)
if "name" in values and old_obj.get("name") != values["name"]:
raise exception.Conflict("Cannot change user name")
if "tenant_id" in values and old_obj.get("tenant_id") != values["tenant_id"]:
if old_obj["tenant_id"]:
self.project_api.remove_user(old_obj["tenant_id"], id)
if values["tenant_id"]:
self.project_api.add_user(values["tenant_id"], id)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
values["enabled_nomask"] = old_obj["enabled_nomask"]
self.mask_enabled_attribute(values)
super(UserApi, self).update(id, values, old_obj)
return self.get(id)
def update_user(self, user_id, user):
user = self.assignment_api._validate_default_domain(user)
if 'id' in user and user['id'] != user_id:
raise exception.ValidationError('Cannot change user ID')
old_obj = self.user.get(user_id)
if 'name' in user and old_obj.get('name') != user['name']:
raise exception.Conflict('Cannot change user name')
if 'tenant_id' in user and \
old_obj.get('tenant_id') != user['tenant_id']:
if old_obj['tenant_id']:
self.project.remove_user(old_obj['tenant_id'],
self.user._id_to_dn(user_id), user_id)
if user['tenant_id']:
self.project.add_user(user['tenant_id'],
self.user._id_to_dn(user_id), user_id)
user = utils.hash_ldap_user_password(user)
if self.user.enabled_mask:
user['enabled_nomask'] = old_obj['enabled_nomask']
self.user.mask_enabled_attribute(user)
self.user.update(user_id, user, old_obj)
return (self.assignment_api._set_default_domain(
self.user.get_filtered(user_id)))
def test_hash_ldap_user_password_with_empty_password(self):
password = ''
user = self._create_test_user(password=password)
user_hashed = utils.hash_ldap_user_password(user)
password_hashed = user_hashed['password']
self.assertTrue(utils.ldap_check_password(password, password_hashed))
def test_hash_ldap_user_password_without_password(self):
user = self._create_test_user()
hashed = utils.hash_ldap_user_password(user)
self.assertEqual(user, hashed)
def test_hash_ldap_user_password_with_null_password(self):
user = self._create_test_user(password=None)
hashed = utils.hash_ldap_user_password(user)
self.assertEqual(user, hashed)
def test_hash_ldap_user_password_with_empty_password(self):
password = ''
user = self._create_test_user(password=password)
user_hashed = utils.hash_ldap_user_password(user)
password_hashed = user_hashed['password']
self.assertTrue(utils.ldap_check_password(password, password_hashed))
def test_hash_ldap_user_password_with_null_password(self):
user = self._create_test_user(password=None)
hashed = utils.hash_ldap_user_password(user)
self.assertEqual(user, hashed)
def test_hash_ldap_user_password_without_password(self):
user = self._create_test_user()
hashed = utils.hash_ldap_user_password(user)
self.assertEqual(user, hashed)
