[LDAP] User können erstellt werden.
* erstelle neuen user im ldap (ohne rollen)
This commit is contained in:
parent
c524f2a7db
commit
130774e665
|
|
@ -62,20 +62,51 @@ class AuthLDAP(AuthPlugin):
|
||||||
user.display_name = r["displayName"][0]
|
user.display_name = r["displayName"][0]
|
||||||
userController.set_roles(user, self._get_groups(user.userid), create=True)
|
userController.set_roles(user, self._get_groups(user.userid), create=True)
|
||||||
|
|
||||||
|
def create_user(self, user, password):
|
||||||
|
try:
|
||||||
|
ldap_conn = self.ldap.connect(self.admin_dn, self.admin_secret)
|
||||||
|
self.ldap.connection.search(
|
||||||
|
"ou=user,{}".format(self.dn), "(uidNumber=*)", SUBTREE, attributes=["uidNumber"]
|
||||||
|
)
|
||||||
|
uidNumbers = sorted(self.ldap.response(), key = lambda i: i['attributes']['uidNumber'], reverse=True)
|
||||||
|
uidNumber = uidNumbers[0]['attributes']['uidNumber'] + 1
|
||||||
|
dn = f'cn={user.firstname} {user.lastname},ou=user,{self.dn}'
|
||||||
|
object_class = ['inetOrgPerson', 'posixAccount', 'person', 'organizationalPerson']
|
||||||
|
attributes = {
|
||||||
|
'sn': user.firstname,
|
||||||
|
'givenName': user.lastname,
|
||||||
|
'gidNumber': 15000,
|
||||||
|
'homeDirectory': f'/home/{user.userid}',
|
||||||
|
'loginShell': '/bin/bash',
|
||||||
|
'uid': user.userid,
|
||||||
|
'userPassword': hashed(HASHED_SALTED_MD5, password),
|
||||||
|
'uidNumber': uidNumber
|
||||||
|
|
||||||
|
}
|
||||||
|
test = ldap_conn.add(dn, object_class, attributes)
|
||||||
|
print(test)
|
||||||
|
except (LDAPPasswordIsMandatoryError, LDAPBindError):
|
||||||
|
raise BadRequest
|
||||||
|
except Exception as e:
|
||||||
|
pass
|
||||||
|
|
||||||
def _get_groups(self, uid):
|
def _get_groups(self, uid):
|
||||||
groups = []
|
groups = []
|
||||||
|
|
||||||
self.ldap.connection.search(
|
self.ldap.connection.search(
|
||||||
"ou=user,{}".format(self.dn), "(uid={})".format(uid), SUBTREE, attributes=["gidNumber"]
|
"ou=user,{}".format(self.dn), "(uid={})".format(uid), SUBTREE, attributes=["gidNumber"]
|
||||||
)
|
)
|
||||||
main_group_number = self.ldap.connection.response[0]["attributes"]["gidNumber"]
|
|
||||||
if main_group_number:
|
# Maingroup ist uninteressant
|
||||||
if type(main_group_number) is list:
|
|
||||||
main_group_number = main_group_number[0]
|
#main_group_number = self.ldap.connection.response[0]["attributes"]["gidNumber"]
|
||||||
self.ldap.connection.search(
|
#if main_group_number:
|
||||||
"ou=group,{}".format(self.dn), "(gidNumber={})".format(main_group_number), attributes=["cn"]
|
# if type(main_group_number) is list:
|
||||||
)
|
# main_group_number = main_group_number[0]
|
||||||
groups.append(self.ldap.connection.response[0]["attributes"]["cn"][0])
|
# self.ldap.connection.search(
|
||||||
|
# "ou=group,{}".format(self.dn), "(gidNumber={})".format(main_group_number), attributes=["cn"]
|
||||||
|
# )
|
||||||
|
# groups.append(self.ldap.connection.response[0]["attributes"]["cn"][0])
|
||||||
|
|
||||||
self.ldap.connection.search(
|
self.ldap.connection.search(
|
||||||
"ou=group,{}".format(self.dn), "(memberUID={})".format(uid), SUBTREE, attributes=["cn"]
|
"ou=group,{}".format(self.dn), "(memberUID={})".format(uid), SUBTREE, attributes=["cn"]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue