2020-06-04 23:17:39 +00:00
|
|
|
from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError
|
|
|
|
|
2020-05-22 19:55:14 +00:00
|
|
|
from geruecht.exceptions import UsernameExistLDAP, LDAPExcetpion, PermissionDenied
|
|
|
|
import geruecht.controller.databaseController as dc
|
|
|
|
import geruecht.controller.ldapController as lc
|
|
|
|
from geruecht.logger import getDebugLogger
|
2020-06-05 20:53:27 +00:00
|
|
|
from geruecht.model.user import User
|
2020-05-22 19:55:14 +00:00
|
|
|
|
|
|
|
db = dc.DatabaseController()
|
|
|
|
ldap = lc.LDAPController()
|
|
|
|
debug = getDebugLogger()
|
|
|
|
|
|
|
|
class Base:
|
|
|
|
def getAllStatus(self):
|
|
|
|
debug.info("get all status for user")
|
|
|
|
retVal = db.getAllStatus()
|
|
|
|
debug.debug("status are {{ {} }}".format(retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def getStatus(self, name):
|
|
|
|
debug.info("get status of user {{ {} }}".format(name))
|
|
|
|
retVal = db.getStatus(name)
|
|
|
|
debug.debug("status of user {{ {} }} is {{ {} }}".format(name, retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def setStatus(self, name):
|
|
|
|
debug.info("set status of user {{ {} }}".format(name))
|
|
|
|
retVal = db.setStatus(name)
|
|
|
|
debug.debug(
|
|
|
|
"settet status of user {{ {} }} is {{ {} }}".format(name, retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def deleteStatus(self, status):
|
|
|
|
debug.info("delete status {{ {} }}".format(status))
|
|
|
|
db.deleteStatus(status)
|
|
|
|
|
|
|
|
def updateStatus(self, status):
|
|
|
|
debug.info("update status {{ {} }}".format(status))
|
|
|
|
retVal = db.updateStatus(status)
|
|
|
|
debug.debug("updated status is {{ {} }}".format(retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def updateStatusOfUser(self, username, status):
|
|
|
|
debug.info("update status {{ {} }} of user {{ {} }}".format(
|
|
|
|
status, username))
|
|
|
|
retVal = db.updateStatusOfUser(username, status)
|
|
|
|
debug.debug(
|
|
|
|
"updatet status of user {{ {} }} is {{ {} }}".format(username, retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def updateVotingOfUser(self, username, voting):
|
|
|
|
debug.info("update voting {{ {} }} of user {{ {} }}".format(
|
|
|
|
voting, username))
|
|
|
|
retVal = db.updateVotingOfUser(username, voting)
|
|
|
|
debug.debug(
|
|
|
|
"updatet voting of user {{ {} }} is {{ {} }}".format(username, retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def lockUser(self, username, locked):
|
|
|
|
debug.info("lock user {{ {} }} for credit with status {{ {} }}".format(
|
|
|
|
username, locked))
|
|
|
|
user = self.getUser(username)
|
|
|
|
debug.debug("user is {{ {} }}".format(user))
|
|
|
|
user.updateData({'locked': locked})
|
|
|
|
db.updateUser(user)
|
|
|
|
retVal = self.getUser(username)
|
|
|
|
debug.debug("locked user is {{ {} }}".format(retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def updateConfig(self, username, data):
|
|
|
|
debug.info(
|
|
|
|
"update config of user {{ {} }} with config {{ {} }}".format(username, data))
|
|
|
|
user = self.getUser(username)
|
|
|
|
debug.debug("user is {{ {} }}".format(user))
|
|
|
|
user.updateData(data)
|
|
|
|
db.updateUser(user)
|
|
|
|
retVal = self.getUser(username)
|
|
|
|
debug.debug("updated config of user is {{ {} }}".format(retVal))
|
|
|
|
return retVal
|
|
|
|
|
2020-06-05 21:26:15 +00:00
|
|
|
def syncLdap(self):
|
|
|
|
debug.info('sync Users from Ldap')
|
|
|
|
ldap_users = ldap.getAllUser()
|
|
|
|
for user in ldap_users:
|
|
|
|
self.getUser(user['username'])
|
|
|
|
|
2020-05-22 19:55:14 +00:00
|
|
|
def getAllUsersfromDB(self, extern=True):
|
|
|
|
debug.info("get all users from database")
|
2020-06-05 21:26:15 +00:00
|
|
|
if (len(ldap.getAllUser()) != len(db.getAllUser())):
|
|
|
|
self.syncLdap()
|
2020-05-22 19:55:14 +00:00
|
|
|
users = db.getAllUser()
|
|
|
|
debug.debug("users are {{ {} }}".format(users))
|
|
|
|
for user in users:
|
|
|
|
try:
|
|
|
|
debug.debug("update data from ldap")
|
|
|
|
self.__updateDataFromLDAP(user)
|
|
|
|
except:
|
|
|
|
pass
|
|
|
|
debug.debug("update creditlists")
|
|
|
|
self.__updateGeruechte(user)
|
|
|
|
retVal = db.getAllUser(extern=extern)
|
|
|
|
debug.debug("all users are {{ {} }}".format(retVal))
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def getUser(self, username):
|
|
|
|
debug.info("get user {{ {} }}".format(username))
|
|
|
|
user = db.getUser(username)
|
|
|
|
debug.debug("user is {{ {} }}".format(user))
|
|
|
|
groups = ldap.getGroup(username)
|
|
|
|
debug.debug("groups are {{ {} }}".format(groups))
|
|
|
|
user_data = ldap.getUserData(username)
|
|
|
|
debug.debug("user data from ldap is {{ {} }}".format(user_data))
|
|
|
|
user_data['gruppe'] = groups
|
|
|
|
user_data['group'] = groups
|
|
|
|
if user is None:
|
|
|
|
debug.debug("user not exists in database -> insert into database")
|
|
|
|
user = User(user_data)
|
|
|
|
db.insertUser(user)
|
|
|
|
else:
|
|
|
|
debug.debug("update database with user")
|
|
|
|
user.updateData(user_data)
|
|
|
|
db.updateUser(user)
|
|
|
|
user = db.getUser(username)
|
|
|
|
self.__updateGeruechte(user)
|
|
|
|
debug.debug("user is {{ {} }}".format(user))
|
|
|
|
return user
|
|
|
|
|
2020-06-04 23:17:39 +00:00
|
|
|
def modifyUser(self, user, attributes, password):
|
|
|
|
debug.info("modify user {{ {} }} with attributes {{ {} }}".format(
|
|
|
|
user, attributes))
|
|
|
|
|
2020-05-22 19:55:14 +00:00
|
|
|
try:
|
2020-06-04 23:17:39 +00:00
|
|
|
ldap_conn = ldap.bind(user, password)
|
|
|
|
if attributes:
|
|
|
|
if 'username' in attributes:
|
|
|
|
debug.debug("change username, so change first in database")
|
|
|
|
db.changeUsername(user, attributes['username'])
|
|
|
|
ldap.modifyUser(user, ldap_conn, attributes)
|
|
|
|
if 'username' in attributes:
|
|
|
|
retVal = self.getUser(attributes['username'])
|
|
|
|
debug.debug("user is {{ {} }}".format(retVal))
|
|
|
|
return retVal
|
|
|
|
else:
|
|
|
|
retVal = self.getUser(user.uid)
|
|
|
|
debug.debug("user is {{ {} }}".format(retVal))
|
|
|
|
return retVal
|
|
|
|
return self.getUser(user.uid)
|
|
|
|
|
2020-05-22 19:55:14 +00:00
|
|
|
except UsernameExistLDAP as err:
|
|
|
|
debug.debug(
|
|
|
|
"username exists on ldap, rechange username on database", exc_info=True)
|
|
|
|
db.changeUsername(user, user.uid)
|
|
|
|
raise Exception(err)
|
|
|
|
except LDAPExcetpion as err:
|
|
|
|
if 'username' in attributes:
|
|
|
|
db.changeUsername(user, user.uid)
|
|
|
|
raise Exception(err)
|
2020-06-04 23:17:39 +00:00
|
|
|
except LDAPPasswordIsMandatoryError as err:
|
|
|
|
raise Exception('Password wurde nicht gesetzt!!')
|
|
|
|
except LDAPBindError as err:
|
|
|
|
raise Exception('Password ist falsch')
|
2020-05-22 19:55:14 +00:00
|
|
|
except Exception as err:
|
|
|
|
raise Exception(err)
|
|
|
|
|
|
|
|
def validateUser(self, username, password):
|
|
|
|
debug.info("validate user {{ {} }}".format(username))
|
|
|
|
ldap.login(username, password)
|
|
|
|
|
|
|
|
def loginUser(self, username, password):
|
|
|
|
debug.info("login user {{ {} }}".format(username))
|
|
|
|
try:
|
|
|
|
user = self.getUser(username)
|
|
|
|
debug.debug("user is {{ {} }}".format(user))
|
|
|
|
user.password = password
|
|
|
|
ldap.login(username, password)
|
2020-06-04 21:03:39 +00:00
|
|
|
return user
|
2020-05-22 19:55:14 +00:00
|
|
|
except PermissionDenied as err:
|
|
|
|
debug.debug("permission is denied", exc_info=True)
|
|
|
|
raise err
|