|
306 |
@simple_response |
306 |
@simple_response |
307 |
def get_user_attributes(self, username, password): |
307 |
def get_user_attributes(self, username, password): |
308 |
dn, username = self.auth(username, password) |
308 |
dn, username = self.auth(username, password) |
309 |
if self.is_blacklisted(username): |
309 |
if self.is_blacklisted(username, tab="profiledata"): |
310 |
raise ServiceForbidden() |
310 |
raise ServiceForbidden() |
311 |
|
311 |
|
312 |
user = self.get_udm_user_by_dn(dn) |
312 |
user = self.get_udm_user_by_dn(dn) |
|
411 |
@simple_response |
411 |
@simple_response |
412 |
def validate_user_attributes(self, username, password, attributes): |
412 |
def validate_user_attributes(self, username, password, attributes): |
413 |
dn, username = self.auth(username, password) |
413 |
dn, username = self.auth(username, password) |
414 |
if self.is_blacklisted(username): |
414 |
if self.is_blacklisted(username, tab="profiledata"): |
415 |
raise ServiceForbidden() |
415 |
raise ServiceForbidden() |
416 |
return self._validate_user_attributes(attributes) |
416 |
return self._validate_user_attributes(attributes) |
417 |
|
417 |
|
|
465 |
@simple_response |
465 |
@simple_response |
466 |
def set_user_attributes(self, username, password, attributes): |
466 |
def set_user_attributes(self, username, password, attributes): |
467 |
dn, username = self.auth(username, password) |
467 |
dn, username = self.auth(username, password) |
468 |
if self.is_blacklisted(username): |
468 |
if self.is_blacklisted(username, tab="profiledata"): |
469 |
raise ServiceForbidden() |
469 |
raise ServiceForbidden() |
470 |
|
470 |
|
471 |
user_attributes = [attr.strip() for attr in ucr.get('self-service/udm_attributes', '').split(',')] |
471 |
user_attributes = [attr.strip() for attr in ucr.get('self-service/udm_attributes', '').split(',')] |
|
1054 |
|
1054 |
|
1055 |
# TODO: decoratorize |
1055 |
# TODO: decoratorize |
1056 |
@machine_connection |
1056 |
@machine_connection |
1057 |
def is_blacklisted(self, username, ldap_connection=None, ldap_position=None): |
1057 |
def is_blacklisted(self, username, ldap_connection=None, ldap_position=None, tab="passwordreset"): |
1058 |
def listize(li): |
1058 |
def listize(li): |
1059 |
return [x.lower() for x in map(str.strip, li.split(",")) if x] |
1059 |
return [x.lower() for x in map(str.strip, li.split(",")) if x] |
1060 |
|
1060 |
|
1061 |
bl_users = listize(ucr.get("umc/self-service/passwordreset/blacklist/users", "")) |
1061 |
bl_users = listize(ucr.get("umc/self-service/{}/blacklist/users".format(tab), "")) |
1062 |
bl_groups = listize(ucr.get("umc/self-service/passwordreset/blacklist/groups", "")) |
1062 |
bl_groups = listize(ucr.get("umc/self-service/{}/blacklist/groups".format(tab), "")) |
1063 |
wh_users = listize(ucr.get("umc/self-service/passwordreset/whitelist/users", "")) |
1063 |
wh_users = listize(ucr.get("umc/self-service/{}/whitelist/users".format(tab), "")) |
1064 |
wh_groups = listize(ucr.get("umc/self-service/passwordreset/whitelist/groups", "")) |
1064 |
wh_groups = listize(ucr.get("umc/self-service/{}/whitelist/groups".format(tab), "")) |
1065 |
|
1065 |
|
1066 |
username = self.email2username(username) |
1066 |
username = self.email2username(username) |
1067 |
|
1067 |
|