From 2803831784d879c065933ed1ee3330f83232402f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= Date: Fri, 5 Jun 2020 01:17:39 +0200 Subject: [PATCH] =?UTF-8?q?user=20kann=20ab=20jetzt=20sein=20password=20?= =?UTF-8?q?=C3=A4ndern?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../mainController/mainUserController.py | 41 ++++++++++++------- geruecht/user/routes.py | 4 +- 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/geruecht/controller/mainController/mainUserController.py b/geruecht/controller/mainController/mainUserController.py index b46f7e7..a021a11 100644 --- a/geruecht/controller/mainController/mainUserController.py +++ b/geruecht/controller/mainController/mainUserController.py @@ -1,3 +1,5 @@ +from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError + from geruecht.exceptions import UsernameExistLDAP, LDAPExcetpion, PermissionDenied import geruecht.controller.databaseController as dc import geruecht.controller.ldapController as lc @@ -114,22 +116,27 @@ class Base: debug.debug("user is {{ {} }}".format(user)) return user - def modifyUser(self, user, ldap_conn, attributes): - debug.info("modify user {{ {} }} with attributes {{ {} }} with ldap_conn {{ {} }}".format( - user, attributes, ldap_conn)) + def modifyUser(self, user, attributes, password): + debug.info("modify user {{ {} }} with attributes {{ {} }}".format( + user, attributes)) + try: - if 'username' in attributes: - debug.debug("change username, so change first in database") - db.changeUsername(user, attributes['username']) - ldap.modifyUser(user, ldap_conn, attributes) - if 'username' in attributes: - retVal = self.getUser(attributes['username']) - debug.debug("user is {{ {} }}".format(retVal)) - return retVal - else: - retVal = self.getUser(user.uid) - debug.debug("user is {{ {} }}".format(retVal)) - return retVal + ldap_conn = ldap.bind(user, password) + if attributes: + if 'username' in attributes: + debug.debug("change username, so change first in database") + db.changeUsername(user, attributes['username']) + ldap.modifyUser(user, ldap_conn, attributes) + if 'username' in attributes: + retVal = self.getUser(attributes['username']) + debug.debug("user is {{ {} }}".format(retVal)) + return retVal + else: + retVal = self.getUser(user.uid) + debug.debug("user is {{ {} }}".format(retVal)) + return retVal + return self.getUser(user.uid) + except UsernameExistLDAP as err: debug.debug( "username exists on ldap, rechange username on database", exc_info=True) @@ -139,6 +146,10 @@ class Base: if 'username' in attributes: db.changeUsername(user, user.uid) raise Exception(err) + except LDAPPasswordIsMandatoryError as err: + raise Exception('Password wurde nicht gesetzt!!') + except LDAPBindError as err: + raise Exception('Password ist falsch') except Exception as err: raise Exception(err) diff --git a/geruecht/user/routes.py b/geruecht/user/routes.py index 6744d21..6b5e3c2 100644 --- a/geruecht/user/routes.py +++ b/geruecht/user/routes.py @@ -69,8 +69,10 @@ def _saveConfig(**kwargs): if 'accToken' in kwargs: accToken = kwargs['accToken'] data = request.get_json() + password = data['acceptedPassword'] + data.pop('acceptedPassword') accToken.user = mainController.modifyUser( - accToken.user, accToken.ldap_conn, data) + accToken.user, data, password) retVal = accToken.user.toJSON() retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}