def test_alias_ko(self):
from pyvac.models import Sudoer
from pyvac.models import User
user = User.by_login(self.session, u'jdoe')
self.assertIsInstance(user, User)
sudoers = Sudoer.alias(self.session, user)
self.assertEqual(sudoers, [])
def test_alias_ko(self):
from pyvac.models import Sudoer
from pyvac.models import User
user = User.by_login(self.session, u'jdoe')
self.assertIsInstance(user, User)
sudoers = Sudoer.alias(self.session, user)
self.assertEqual(sudoers, [])
def test_alias(self):
from pyvac.models import Sudoer
from pyvac.models import User
user = User.by_login(self.session, u'janedoe')
self.assertIsInstance(user, User)
sudoers = Sudoer.alias(self.session, user)
self.assertEqual(len(sudoers), 1)
sudoer = sudoers[0]
self.assertIsInstance(sudoer, User)
def test_alias(self):
from pyvac.models import Sudoer
from pyvac.models import User
user = User.by_login(self.session, u'janedoe')
self.assertIsInstance(user, User)
sudoers = Sudoer.alias(self.session, user)
self.assertEqual(len(sudoers), 1)
sudoer = sudoers[0]
self.assertIsInstance(sudoer, User)
def render(self):
login_url = resource_url(self.request.context, self.request, 'login')
referrer = self.request.url
# never use the login form itself as came_from
if referrer == login_url:
referrer = '/'
came_from = self.request.params.get('came_from', referrer)
if came_from == '/':
came_from = '/home'
login = self.request.params.get('login', '')
if 'submit' in self.request.params:
password = self.request.params.get('password', '')
if password:
settings = self.request.registry.settings
ldap = False
if 'pyvac.use_ldap' in settings:
ldap = asbool(settings.get('pyvac.use_ldap'))
try:
if login in self.blacklist_users:
raise INVALID_CREDENTIALS
user = User.by_credentials(self.session, login, password,
ldap)
if user is not None:
log.info('login %r succeed' % user.login)
headers = remember(self.request, user.login)
# check for available users for sudo
sudoers = Sudoer.alias(self.session, user)
if sudoers:
location = route_url('sudo', self.request)
return HTTPFound(location=location,
headers=headers)
return HTTPFound(location=came_from, headers=headers)
else:
msg = 'Invalid credentials.'
self.request.session.flash('error;%s' % msg)
except SERVER_DOWN:
msg = 'Cannot reach ldap server.'
self.request.session.flash('error;%s' % msg)
except INVALID_CREDENTIALS:
msg = 'Invalid credentials.'
self.request.session.flash('error;%s' % msg)
except UnknownLdapUser:
msg = 'Unknown ldap user %s' % login
self.request.session.flash('error;%s' % msg)
return {
'came_from': came_from,
'csrf_token': self.request.session.get_csrf_token(),
}
def render(self):
login_url = resource_url(self.request.context, self.request, "login")
referrer = self.request.url
# never use the login form itself as came_from
if referrer == login_url:
referrer = "/"
came_from = self.request.params.get("came_from", referrer)
if came_from == "/":
came_from = "/home"
login = self.request.params.get("login", "")
if "submit" in self.request.params:
password = self.request.params.get("password", u"")
if password:
settings = self.request.registry.settings
ldap = False
if "pyvac.use_ldap" in settings:
ldap = asbool(settings.get("pyvac.use_ldap"))
try:
user = User.by_credentials(self.session, login, password, ldap)
if user is not None:
log.info("login %r succeed" % user.login)
headers = remember(self.request, user.login)
# check for available users for sudo
sudoers = Sudoer.alias(self.session, user)
if sudoers:
location = route_url("sudo", self.request)
return HTTPFound(location=location, headers=headers)
return HTTPFound(location=came_from, headers=headers)
else:
msg = "Invalid credentials."
self.request.session.flash("error;%s" % msg)
except SERVER_DOWN:
msg = "Cannot reach ldap server."
self.request.session.flash("error;%s" % msg)
except INVALID_CREDENTIALS:
msg = "Invalid credentials."
self.request.session.flash("error;%s" % msg)
except UnknownLdapUser:
msg = "Unknown ldap user %s" % login
self.request.session.flash("error;%s" % msg)
return {"came_from": came_from, "csrf_token": self.request.session.get_csrf_token()}
