def approve_request(modeladmin, request, queryset): for q in queryset: try: q.admin_set_approved(request) l_dict = build_dict_from_account_request(q) rc_user = RcLdapUser(**l_dict) rc_user.save() account_created.send(sender=rc_user,account=rc_user) aff = UserAffiliation( username = q.username, organization = q.organization, affiliation = q.affiliation, role = q.role) aff.save() if obj.organization.lower() == 'ucb': ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff) else: account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff) rc_group_name = '%spgrp' % rc_user.username rc_group = RcLdapGroup(name=rc_group_name, gid=rc_user.uid, members=[rc_user.username]) rc_group.save() group_ownership = GroupOwnership( name=rc_group_name, gid=rc_user.uid, group_type='posix', owners=[rc_user.username]) group_ownership.save() rc_sgroup_name = '%sgrp' % rc_user.username gid = IdTracker.objects.get(category='shared').get_next_uid() rc_sgroup = RcLdapGroup(name=rc_sgroup_name, gid=gid, members=[rc_user.username]) rc_sgroup.save() sgroup_ownership = GroupOwnership( name=rc_sgroup_name, gid=gid, group_type='shared', owners=[rc_user.username]) sgroup_ownership.save() messages.success(request, "Successfully created account for %s %s (%s)." %(q.first_name,q.last_name,q.username)) except Exception as e: messages.error(request, "Could not create account for %s %s (%s): %s" %(q.first_name,q.last_name,q.username,e))
def save_model(self, request, obj, form, change): if not obj.request_ip: logger.info('No request_ip, adding a placeholder.') obj.request_ip = '0.0.0.0' if change: logger.info('Modifying existing account request for %s'%obj.username) ar = AccountRequest.objects.get(id=obj.id) if all([obj.approved,not ar.approved]): logger.info('Approving request.') try: obj.admin_set_approved(request) l_dict = build_dict_from_account_request(obj) rc_user = RcLdapUser(**l_dict) rc_user.save() account_created.send(sender=rc_user,account=rc_user) aff = UserAffiliation( username = obj.username, organization = obj.organization, affiliation = obj.affiliation, role = obj.role) aff.save() if form.cleaned_data['send_notifications']: if obj.organization.lower() == 'ucb': ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff) else: account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff) rc_group_name = '%spgrp' % rc_user.username rc_group = RcLdapGroup(name=rc_group_name, gid=rc_user.uid, members=[rc_user.username]) rc_group.save() group_ownership = GroupOwnership( name=rc_group_name, gid=rc_user.uid, group_type='posix', owners=[rc_user.username]) group_ownership.save() rc_sgroup_name = '%sgrp' % rc_user.username gid = IdTracker.objects.get(category='shared').get_next_uid() rc_sgroup = RcLdapGroup(name=rc_sgroup_name, gid=gid, members=[rc_user.username]) rc_sgroup.save() sgroup_ownership = GroupOwnership( name=rc_sgroup_name, gid=gid, group_type='shared', owners=[rc_user.username]) sgroup_ownership.save() messages.success(request, "Successfully created account for %s %s (%s)." %(obj.first_name,obj.last_name,obj.username)) except Exception as e: messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.username,e)) return elif all([not change,obj.approved]): try: obj.admin_set_approved(request) l_dict = build_dict_from_account_request(obj) rc_user = RcLdapUser(**l_dict) rc_user.save() account_created.send(sender=rc_user,account=rc_user) aff = UserAffiliation( username = obj.username, organization = obj.organization, affiliation = obj.affiliation, role = obj.role) aff.save() if form.cleaned_data['send_notifications']: if obj.organization.lower() == 'ucb': ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff) else: account_created_from_request.send(sender=rc_user,account=rc_user,affiliation=aff) rc_group_name = '%spgrp' % rc_user.username rc_group = RcLdapGroup(name=rc_group_name, gid=rc_user.uid, members=[rc_user.username]) rc_group.save() group_ownership = GroupOwnership( name=rc_group_name, gid=rc_user.uid, group_type='posix', owners=[rc_user.username]) group_ownership.save() rc_sgroup_name = '%sgrp' % rc_user.username gid = IdTracker.objects.get(category='shared').get_next_uid() rc_sgroup = RcLdapGroup(name=rc_sgroup_name, gid=gid, members=[rc_user.username]) rc_sgroup.save() sgroup_ownership = GroupOwnership( name=rc_sgroup_name, gid=gid, group_type='shared', owners=[rc_user.username]) sgroup_ownership.save() messages.success(request, "Successfully created account for %s %s (%s)." %(obj.first_name,obj.last_name,obj.username)) except Exception as e: messages.error(request, "Could not create account for %s %s (%s): %s" %(obj.first_name,obj.last_name,obj.username,e)) return obj.save()
def save(self,*args,**kwargs): cu_user_dict = None username = self.cleaned_data['username'] password = self.cleaned_data['password'] authed = culdap_auth(username, password) if authed: cu_user_dict = cu_ldap_lookup(username) if cu_user_dict: ar = super(UcbAccountRequestForm,self).save(self,*args,**kwargs) ar.first_name = cu_user_dict['givenName'] ar.last_name = cu_user_dict['sn'] ar.email = cu_user_dict['mail'] ar.save() try: ar.auto_set_approved() except Exception as e: raise Exception('Could not save account request %s'%e) l_dict = build_dict_from_cu_user(cu_user_dict['uid']) l_dict['login_shell'] = ar.login_shell rc_user = RcLdapUser(**l_dict) rc_user.save() account_created.send(sender=rc_user,account=rc_user) aff = UserAffiliation( username = self.cleaned_data['username'], organization = self.instance.organization, affiliation = self.cleaned_data['affiliation'], role = self.cleaned_data['role']) aff.save() ucb_account_created.send(sender=rc_user,account=rc_user,affiliation=aff) rc_group_name = '%spgrp' % rc_user.username rc_group = RcLdapGroup(name=rc_group_name, gid=rc_user.uid, members=[rc_user.username]) rc_group.save() group_ownership = GroupOwnership( name=rc_group_name, gid=rc_user.uid, group_type='posix', owners=[rc_user.username]) group_ownership.save() rc_sgroup_name = '%sgrp' % rc_user.username gid = IdTracker.objects.get(category='shared').get_next_uid() rc_sgroup = RcLdapGroup(name=rc_sgroup_name, gid=gid, members=[rc_user.username]) rc_sgroup.save() sgroup_ownership = GroupOwnership( name=rc_sgroup_name, gid=gid, group_type='shared', owners=[rc_user.username]) sgroup_ownership.save() return ar,rc_user,aff else: raise Exception('Failed to authenticate through CU LDAP')