From: Loic Baron Date: Thu, 24 Jul 2014 18:31:50 +0000 (-0300) Subject: Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into fibre X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=6891134719af440a27636545c3babfcb5ccf3d5c;p=myslice.git Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into fibre Conflicts: portal/registrationview.py --- 6891134719af440a27636545c3babfcb5ccf3d5c diff --cc portal/actions.py index 0e77e59f,d62f9941..b399ca29 --- a/portal/actions.py +++ b/portal/actions.py @@@ -509,140 -515,12 +519,144 @@@ def sfa_create_user(wsgi_request, reque results = execute_query(wsgi_request, query) if not results: raise Exception, "Could not create %s. Already exists ?" % sfa_user_params['user_hrn'] + else: + subject = 'User validated' + msg = 'A manager of your institution has validated your account. You have now full user access to the portal.' + send_mail(subject, msg, 'support@onelab.eu',[request['email']], fail_silently=False) return results +def ldap_create_user(wsgi_request, request, user_detail): + """ + Populating LDAP withuser data - Edelberto 10/03/2014 + """ + # import needed modules + import ldap + import ldap.modlist as modlist + + # Open a connection + # XXX We need to create this in settings + # ldap.open is deprecated! + #l = ldap.open("127.0.0.1") + l = ldap.initialize('ldap://127.0.0.1:389') + + # you should set this to ldap.VERSION2 if you're using a v2 directory + l.protocol_version = ldap.VERSION3 + + # Bind/authenticate with a user with apropriate rights to add objects + # XXX Now we set the force rootd but after we need to set this in settings file for could change the dn and password of root + l.simple_bind_s("cn=Manager,dc=br","fibre") + + # The dn of our new entry/object + #dn="uid=addtest@uff.br,ou=people,o=uff,dc=br" + + # we need to create the dn entry + # Receiving an email address, how can we split and mount it in DN format? + #mail = "debora@uff.br" + mail = request['email'] + login = mail.split('@')[0] + org = mail.split('@')[1] + o = org.split('.')[-2] + dc = org.split('.')[-1] + + # DN format to authenticate - IMPORTANT! + #FIBRE-BR format + dn = "uid="+mail+",ou=people,o="+o+",dc="+dc + + # DEBUG + print "dn:"+dn + print request['password'] + + # Creating a unique uidNumber - Necessary for experiments + # Was defined to began in 100000 + unique = int(user_detail['user_id']) + 100000 + #unique = int(unique) + print unique + + # A dict to help build the "body" of the object + attrs = {} + attrs['objectclass'] = ['person','inetOrgPerson','posixAccount','eduPerson','brPerson','schacPersonalCharacteristics','fibre', 'ldapPublicKey'] + # XXX Converting all unicodes to string + attrs['uid'] = mail.encode('utf-8') + attrs['cn'] = request['first_name'].encode('latin1') + attrs['sn'] = request['last_name'].encode('latin1') + # XXX we need to set a unique uidNumber. How? + attrs['uidNumber'] = str(unique) + attrs['gidNumber'] = '500' + attrs['homeDirectory'] = "/home/"+org+"/"+mail + attrs['homeDirectory'] = attrs['homeDirectory'].encode('utf-8') + attrs['mail'] = mail.encode('utf-8') + attrs['eppn'] = mail.encode('utf8') + attrs['userPassword'] = request['password'].encode('utf-8') + attrs['sshPublicKey'] = request['public_key'].encode('utf-8') + # XXX We really set TRUE for those attributes? + #attrs['userEnable'] = 'TRUE' + # set FALSE and change after when the user is validated + attrs['userEnable'] = 'FALSE' + attrs['omfAdmin'] = 'TRUE' + + # Convert our dict to nice syntax for the add-function using modlist-module + ldif = modlist.addModlist(attrs) + + # DEBUG + print attrs['userPassword'] + print attrs['cn'] + print attrs['sn'] + print attrs['homeDirectory'] + #print ldif + + # Do the actual synchronous add-operation to the ldapserver + l.add_s(dn,ldif) + + # Its nice to the server to disconnect and free resources when done + l.unbind_s() + + return ldif + +def ldap_modify_user(wsgi_request, request): + #Modify entries in an LDAP Directory + + #Synchrounous modify + # import needed modules + import ldap + import ldap.modlist as modlist + + # Open a connection + l = ldap.initialize("ldap://localhost:389/") + + # Bind/authenticate with a user with apropriate rights to add objects + l.simple_bind_s("cn=Manager,dc=br","fibre") + + # we need to create the dn entry + # Receiving an email address, how can we split and mount it in DN format? + #mail = "debora@uff.br" + mail = request['email'] + login = mail.split('@')[0] + org = mail.split('@')[1] + o = org.split('.')[-2] + dc = org.split('.')[-1] + + # DN format to authenticate - IMPORTANT! + #FIBRE-BR format + dn = "uid="+mail+",ou=people,o="+o+",dc="+dc + + # The dn of our existing entry/object + #dn="uid=mario@uff.br,ou=people,o=uff,dc=br" + + # Some place-holders for old and new values + old = {'userEnable':'FALSE'} + new = {'userEnable':'TRUE'} + + # Convert place-holders for modify-operation using modlist-module + ldif = modlist.modifyModlist(old,new) + + # Do the actual modification + l.modify_s(dn,ldif) + + # Its nice to the server to disconnect and free resources when done + l.unbind_s() + + return ldif + def create_user(wsgi_request, request): # XXX This has to be stored centrally diff --cc portal/registrationview.py index c6dbd2a9,e0a1ddf3..909f2a13 --- a/portal/registrationview.py +++ b/portal/registrationview.py @@@ -88,18 -83,13 +88,21 @@@ class RegistrationView (FreeAccessView } # Construct user_hrn from email (XXX Should use common code) + # split_email = user_request['email'].split("@")[0] + # split_email = split_email.replace(".", "_") + # user_request['user_hrn'] = user_request['authority_hrn'] \ + # + '.' + split_email + split_email = user_request['email'].split("@")[0] split_email = split_email.replace(".", "_") + # Replace + by _ => more convenient for testing and validate with a real email + split_email = split_email.replace("+", "_") - user_request['user_hrn'] = user_request['authority_hrn'] \ - + '.' + split_email - ++ + split_authority = user_request['authority_hrn'].split(".")[1] + username = split_email + '@' + split_authority + split_authority = user_request['authority_hrn'].split(".")[0] + user_request['user_hrn'] = split_authority + '.' + username + # Validate input UserModel = get_user_model() if (re.search(r'^[\w+\s.@+-]+$', user_request['first_name']) == None):