flaschengeist/geruecht/controller/mainController/mainUserController.py

170 lines
6.5 KiB
Python

from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError
from geruecht.exceptions import UsernameExistLDAP, LDAPExcetpion, PermissionDenied
import geruecht.controller.databaseController as dc
import geruecht.controller.ldapController as lc
from geruecht.logger import getDebugLogger
db = dc.DatabaseController()
ldap = lc.LDAPController()
debug = getDebugLogger()
class Base:
def getAllStatus(self):
debug.info("get all status for user")
retVal = db.getAllStatus()
debug.debug("status are {{ {} }}".format(retVal))
return retVal
def getStatus(self, name):
debug.info("get status of user {{ {} }}".format(name))
retVal = db.getStatus(name)
debug.debug("status of user {{ {} }} is {{ {} }}".format(name, retVal))
return retVal
def setStatus(self, name):
debug.info("set status of user {{ {} }}".format(name))
retVal = db.setStatus(name)
debug.debug(
"settet status of user {{ {} }} is {{ {} }}".format(name, retVal))
return retVal
def deleteStatus(self, status):
debug.info("delete status {{ {} }}".format(status))
db.deleteStatus(status)
def updateStatus(self, status):
debug.info("update status {{ {} }}".format(status))
retVal = db.updateStatus(status)
debug.debug("updated status is {{ {} }}".format(retVal))
return retVal
def updateStatusOfUser(self, username, status):
debug.info("update status {{ {} }} of user {{ {} }}".format(
status, username))
retVal = db.updateStatusOfUser(username, status)
debug.debug(
"updatet status of user {{ {} }} is {{ {} }}".format(username, retVal))
return retVal
def updateVotingOfUser(self, username, voting):
debug.info("update voting {{ {} }} of user {{ {} }}".format(
voting, username))
retVal = db.updateVotingOfUser(username, voting)
debug.debug(
"updatet voting of user {{ {} }} is {{ {} }}".format(username, retVal))
return retVal
def lockUser(self, username, locked):
debug.info("lock user {{ {} }} for credit with status {{ {} }}".format(
username, locked))
user = self.getUser(username)
debug.debug("user is {{ {} }}".format(user))
user.updateData({'locked': locked})
db.updateUser(user)
retVal = self.getUser(username)
debug.debug("locked user is {{ {} }}".format(retVal))
return retVal
def updateConfig(self, username, data):
debug.info(
"update config of user {{ {} }} with config {{ {} }}".format(username, data))
user = self.getUser(username)
debug.debug("user is {{ {} }}".format(user))
user.updateData(data)
db.updateUser(user)
retVal = self.getUser(username)
debug.debug("updated config of user is {{ {} }}".format(retVal))
return retVal
def getAllUsersfromDB(self, extern=True):
debug.info("get all users from database")
users = db.getAllUser()
debug.debug("users are {{ {} }}".format(users))
for user in users:
try:
debug.debug("update data from ldap")
self.__updateDataFromLDAP(user)
except:
pass
debug.debug("update creditlists")
self.__updateGeruechte(user)
retVal = db.getAllUser(extern=extern)
debug.debug("all users are {{ {} }}".format(retVal))
return retVal
def getUser(self, username):
debug.info("get user {{ {} }}".format(username))
user = db.getUser(username)
debug.debug("user is {{ {} }}".format(user))
groups = ldap.getGroup(username)
debug.debug("groups are {{ {} }}".format(groups))
user_data = ldap.getUserData(username)
debug.debug("user data from ldap is {{ {} }}".format(user_data))
user_data['gruppe'] = groups
user_data['group'] = groups
if user is None:
debug.debug("user not exists in database -> insert into database")
user = User(user_data)
db.insertUser(user)
else:
debug.debug("update database with user")
user.updateData(user_data)
db.updateUser(user)
user = db.getUser(username)
self.__updateGeruechte(user)
debug.debug("user is {{ {} }}".format(user))
return user
def modifyUser(self, user, attributes, password):
debug.info("modify user {{ {} }} with attributes {{ {} }}".format(
user, attributes))
try:
ldap_conn = ldap.bind(user, password)
if attributes:
if 'username' in attributes:
debug.debug("change username, so change first in database")
db.changeUsername(user, attributes['username'])
ldap.modifyUser(user, ldap_conn, attributes)
if 'username' in attributes:
retVal = self.getUser(attributes['username'])
debug.debug("user is {{ {} }}".format(retVal))
return retVal
else:
retVal = self.getUser(user.uid)
debug.debug("user is {{ {} }}".format(retVal))
return retVal
return self.getUser(user.uid)
except UsernameExistLDAP as err:
debug.debug(
"username exists on ldap, rechange username on database", exc_info=True)
db.changeUsername(user, user.uid)
raise Exception(err)
except LDAPExcetpion as err:
if 'username' in attributes:
db.changeUsername(user, user.uid)
raise Exception(err)
except LDAPPasswordIsMandatoryError as err:
raise Exception('Password wurde nicht gesetzt!!')
except LDAPBindError as err:
raise Exception('Password ist falsch')
except Exception as err:
raise Exception(err)
def validateUser(self, username, password):
debug.info("validate user {{ {} }}".format(username))
ldap.login(username, password)
def loginUser(self, username, password):
debug.info("login user {{ {} }}".format(username))
try:
user = self.getUser(username)
debug.debug("user is {{ {} }}".format(user))
user.password = password
ldap.login(username, password)
return user
except PermissionDenied as err:
debug.debug("permission is denied", exc_info=True)
raise err