Lines 57-63
import univention.admin.uldap
|
Link Here
|
---|
|
57 |
import univention.admin.mungeddial as mungeddial |
57 |
import univention.admin.mungeddial as mungeddial |
58 |
import univention.admin.handlers.settings.prohibited_username |
58 |
import univention.admin.handlers.settings.prohibited_username |
59 |
|
59 |
|
60 |
import univention.debug |
60 |
import univention.debug as ud |
61 |
import univention.password |
61 |
import univention.password |
62 |
|
62 |
|
63 |
translation=univention.admin.localization.translation('univention.admin.handlers.users') |
63 |
translation=univention.admin.localization.translation('univention.admin.handlers.users') |
Lines 1003-1013
def posixDaysToDate(days):
|
Link Here
|
---|
|
1003 |
return time.strftime("%Y-%m-%d",time.gmtime(long(days)*3600*24)) |
1003 |
return time.strftime("%Y-%m-%d",time.gmtime(long(days)*3600*24)) |
1004 |
|
1004 |
|
1005 |
def sambaWorkstationsMap(workstations): |
1005 |
def sambaWorkstationsMap(workstations): |
1006 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ALL, 'samba: sambaWorkstationMap: in=%s; out=%s' % (workstations,string.join(workstations, ','))) |
1006 |
ud.debug(ud.ADMIN, ud.ALL, 'samba: sambaWorkstationMap: in=%s; out=%s' % (workstations,string.join(workstations, ','))) |
1007 |
return string.join(workstations, ',') |
1007 |
return string.join(workstations, ',') |
1008 |
|
1008 |
|
1009 |
def sambaWorkstationsUnmap(workstations): |
1009 |
def sambaWorkstationsUnmap(workstations): |
1010 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ALL, 'samba: sambaWorkstationUnmap: in=%s; out=%s' % (workstations[0],string.split(workstations[0],','))) |
1010 |
ud.debug(ud.ADMIN, ud.ALL, 'samba: sambaWorkstationUnmap: in=%s; out=%s' % (workstations[0],string.split(workstations[0],','))) |
1011 |
return string.split(workstations[0],',') |
1011 |
return string.split(workstations[0],',') |
1012 |
|
1012 |
|
1013 |
def logonHoursMap(logontimes): |
1013 |
def logonHoursMap(logontimes): |
Lines 1173-1179
def load_certificate(user_certificate):
|
Link Here
|
---|
|
1173 |
elif re.match('^emailAddress=', i): |
1173 |
elif re.match('^emailAddress=', i): |
1174 |
value['certificateSubjectMail']=string.split(i, '=')[1] |
1174 |
value['certificateSubjectMail']=string.split(i, '=')[1] |
1175 |
|
1175 |
|
1176 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'value=%s' % value) |
1176 |
ud.debug(ud.ADMIN, ud.ERROR, 'value=%s' % value) |
1177 |
return value |
1177 |
return value |
1178 |
|
1178 |
|
1179 |
def mapHomePostalAddress(old): |
1179 |
def mapHomePostalAddress(old): |
Lines 1244-1250
def unmapBase64( value ):
|
Link Here
|
---|
|
1244 |
try: |
1244 |
try: |
1245 |
return base64.encodestring( value[ 0 ] ) |
1245 |
return base64.encodestring( value[ 0 ] ) |
1246 |
except Exception, e: |
1246 |
except Exception, e: |
1247 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'ERROR in users.user.mapBase64(): %s' % e) |
1247 |
ud.debug(ud.ADMIN, ud.ERROR, 'ERROR in users.user.mapBase64(): %s' % e) |
1248 |
return "" |
1248 |
return "" |
1249 |
|
1249 |
|
1250 |
def mapBase64( value ): |
1250 |
def mapBase64( value ): |
Lines 1254-1260
def mapBase64( value ):
|
Link Here
|
---|
|
1254 |
try: |
1254 |
try: |
1255 |
return base64.decodestring( value ) |
1255 |
return base64.decodestring( value ) |
1256 |
except Exception, e: |
1256 |
except Exception, e: |
1257 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'ERROR in users.user.mapBase64(): %s' % e) |
1257 |
ud.debug(ud.ADMIN, ud.ERROR, 'ERROR in users.user.mapBase64(): %s' % e) |
1258 |
return "" |
1258 |
return "" |
1259 |
|
1259 |
|
1260 |
mapping.register('userCertificate', 'userCertificate;binary', mapBase64, unmapBase64 ) |
1260 |
mapping.register('userCertificate', 'userCertificate;binary', mapBase64, unmapBase64 ) |
Lines 1360-1366
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1360 |
if options[opt].matches(ocs): |
1360 |
if options[opt].matches(ocs): |
1361 |
self.options.append(opt) |
1361 |
self.options.append(opt) |
1362 |
else: |
1362 |
else: |
1363 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user.py: reset options to default by _define_options' ) |
1363 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user.py: reset options to default by _define_options' ) |
1364 |
self._define_options( options ) |
1364 |
self._define_options( options ) |
1365 |
|
1365 |
|
1366 |
if 'posix' in self.options: |
1366 |
if 'posix' in self.options: |
Lines 1370-1394
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1370 |
# shadowExpire contains the absolute date to expire the account. |
1370 |
# shadowExpire contains the absolute date to expire the account. |
1371 |
|
1371 |
|
1372 |
if 'shadowExpire' in self.oldattr and len(self.oldattr['shadowExpire']) > 0 : |
1372 |
if 'shadowExpire' in self.oldattr and len(self.oldattr['shadowExpire']) > 0 : |
1373 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'userexpiry: %s' % posixDaysToDate(self.oldattr['shadowExpire'][0])) |
1373 |
ud.debug(ud.ADMIN, ud.INFO, 'userexpiry: %s' % posixDaysToDate(self.oldattr['shadowExpire'][0])) |
1374 |
if self.oldattr['shadowExpire'][0] != '1': |
1374 |
if self.oldattr['shadowExpire'][0] != '1': |
1375 |
self.info['userexpiry'] = posixDaysToDate(self.oldattr['shadowExpire'][0]) |
1375 |
self.info['userexpiry'] = posixDaysToDate(self.oldattr['shadowExpire'][0]) |
1376 |
if 'shadowLastChange' in self.oldattr and 'shadowMax' in self.oldattr and len(self.oldattr['shadowLastChange']) > 0 and len(self.oldattr['shadowMax']) > 0: |
1376 |
if 'shadowLastChange' in self.oldattr and 'shadowMax' in self.oldattr and len(self.oldattr['shadowLastChange']) > 0 and len(self.oldattr['shadowMax']) > 0: |
1377 |
try: |
1377 |
try: |
1378 |
self.info['passwordexpiry'] = posixDaysToDate(int(self.oldattr['shadowLastChange'][0]) + int(self.oldattr['shadowMax'][0])) |
1378 |
self.info['passwordexpiry'] = posixDaysToDate(int(self.oldattr['shadowLastChange'][0]) + int(self.oldattr['shadowMax'][0])) |
1379 |
except: |
1379 |
except: |
1380 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'users/user: failed to calculate password expiration correctly, use only shadowMax instead') |
1380 |
ud.debug(ud.ADMIN, ud.WARN, 'users/user: failed to calculate password expiration correctly, use only shadowMax instead') |
1381 |
self.info['passwordexpiry'] = posixDaysToDate(int(self.oldattr['shadowMax'][0])) |
1381 |
self.info['passwordexpiry'] = posixDaysToDate(int(self.oldattr['shadowMax'][0])) |
1382 |
|
1382 |
|
1383 |
if 'kerberos' in self.options: |
1383 |
if 'kerberos' in self.options: |
1384 |
if self.oldattr.has_key('krb5ValidEnd'): |
1384 |
if self.oldattr.has_key('krb5ValidEnd'): |
1385 |
krb5validend=self.oldattr['krb5ValidEnd'][0] |
1385 |
krb5validend=self.oldattr['krb5ValidEnd'][0] |
1386 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'krb5validend is: %s' % |
1386 |
ud.debug(ud.ADMIN, ud.INFO, 'krb5validend is: %s' % |
1387 |
krb5validend) |
1387 |
krb5validend) |
1388 |
self.info['userexpiry']="%s-%s-%s"%(krb5validend[0:4],krb5validend[4:6],krb5validend[6:8]) |
1388 |
self.info['userexpiry']="%s-%s-%s"%(krb5validend[0:4],krb5validend[4:6],krb5validend[6:8]) |
1389 |
elif 'samba' in self.options: |
1389 |
elif 'samba' in self.options: |
1390 |
if self.oldattr.has_key('sambaKickoffTime'): |
1390 |
if self.oldattr.has_key('sambaKickoffTime'): |
1391 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'sambaKickoffTime is: %s' % |
1391 |
ud.debug(ud.ADMIN, ud.INFO, 'sambaKickoffTime is: %s' % |
1392 |
self.oldattr['sambaKickoffTime'][0]) |
1392 |
self.oldattr['sambaKickoffTime'][0]) |
1393 |
self.info['userexpiry']=time.strftime("%Y-%m-%d",time.gmtime(long(self.oldattr['sambaKickoffTime'][0])+(3600*24))) |
1393 |
self.info['userexpiry']=time.strftime("%Y-%m-%d",time.gmtime(long(self.oldattr['sambaKickoffTime'][0])+(3600*24))) |
1394 |
|
1394 |
|
Lines 1404-1411
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1404 |
# FIXME: we should NEVER catch all exceptions |
1404 |
# FIXME: we should NEVER catch all exceptions |
1405 |
except Exception, e: |
1405 |
except Exception, e: |
1406 |
# at least write some debuging output.. |
1406 |
# at least write some debuging output.. |
1407 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'Caught exception: %s' % e ) |
1407 |
ud.debug(ud.ADMIN, ud.INFO, 'Caught exception: %s' % e ) |
1408 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'Continuing without dn..') |
1408 |
ud.debug(ud.ADMIN, ud.INFO, 'Continuing without dn..') |
1409 |
self.dn=None |
1409 |
self.dn=None |
1410 |
return |
1410 |
return |
1411 |
|
1411 |
|
Lines 1418-1425
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1418 |
self['lastname']=sn |
1418 |
self['lastname']=sn |
1419 |
except Exception, e: # FIXME: we should NEVER catch all exceptions |
1419 |
except Exception, e: # FIXME: we should NEVER catch all exceptions |
1420 |
# at least write some debuging output.. |
1420 |
# at least write some debuging output.. |
1421 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'Caught exception: %s' % e ) |
1421 |
ud.debug(ud.ADMIN, ud.INFO, 'Caught exception: %s' % e ) |
1422 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'Continuing without dn..') |
1422 |
ud.debug(ud.ADMIN, ud.INFO, 'Continuing without dn..') |
1423 |
self.dn=None |
1423 |
self.dn=None |
1424 |
return |
1424 |
return |
1425 |
|
1425 |
|
Lines 1461-1467
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1461 |
self['groups']=self.lo.searchDn(filter='(&(cn=*)(|(objectClass=univentionGroup)(objectClass=sambaGroupMapping))(uniqueMember=%s))' % univention.admin.filter.escapeForLdapFilter(self.dn)) |
1461 |
self['groups']=self.lo.searchDn(filter='(&(cn=*)(|(objectClass=univentionGroup)(objectClass=sambaGroupMapping))(uniqueMember=%s))' % univention.admin.filter.escapeForLdapFilter(self.dn)) |
1462 |
else: |
1462 |
else: |
1463 |
self.groupsLoaded=0 |
1463 |
self.groupsLoaded=0 |
1464 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'user: open with loadGroups=false for user %s'%self['username']) |
1464 |
ud.debug(ud.ADMIN, ud.INFO, 'user: open with loadGroups=false for user %s'%self['username']) |
1465 |
primaryGroupNumber=self.oldattr.get('gidNumber',[''])[0] |
1465 |
primaryGroupNumber=self.oldattr.get('gidNumber',[''])[0] |
1466 |
if primaryGroupNumber: |
1466 |
if primaryGroupNumber: |
1467 |
primaryGroupResult=self.lo.searchDn('(&(cn=*)(|(objectClass=posixGroup)(objectClass=sambaGroupMapping))(gidNumber='+primaryGroupNumber+'))') |
1467 |
primaryGroupResult=self.lo.searchDn('(&(cn=*)(|(objectClass=posixGroup)(objectClass=sambaGroupMapping))(gidNumber='+primaryGroupNumber+'))') |
Lines 1477-1483
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1477 |
except: |
1477 |
except: |
1478 |
primaryGroup = None |
1478 |
primaryGroup = None |
1479 |
|
1479 |
|
1480 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'user: could not find primaryGroup, setting primaryGroup to %s' % primaryGroup) |
1480 |
ud.debug(ud.ADMIN, ud.INFO, 'user: could not find primaryGroup, setting primaryGroup to %s' % primaryGroup) |
1481 |
|
1481 |
|
1482 |
self['primaryGroup']=primaryGroup |
1482 |
self['primaryGroup']=primaryGroup |
1483 |
self.newPrimaryGroupDn=primaryGroup |
1483 |
self.newPrimaryGroupDn=primaryGroup |
Lines 1689-1714
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1689 |
|
1689 |
|
1690 |
# change memberUid if we have a new username |
1690 |
# change memberUid if we have a new username |
1691 |
if not old_uid == new_uid and self.exists(): |
1691 |
if not old_uid == new_uid and self.exists(): |
1692 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: rewrite memberuid after rename') |
1692 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: rewrite memberuid after rename') |
1693 |
for group in new_groups: |
1693 |
for group in new_groups: |
1694 |
self.__rewrite_member_uid( group ) |
1694 |
self.__rewrite_member_uid( group ) |
1695 |
|
1695 |
|
1696 |
group_mod = univention.admin.modules.get('groups/group') |
1696 |
group_mod = univention.admin.modules.get('groups/group') |
1697 |
|
1697 |
|
1698 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: check groups in old_groups') |
1698 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: check groups in old_groups') |
1699 |
for group in old_groups: |
1699 |
for group in old_groups: |
1700 |
if group and not case_insensitive_in_list(group, self.info.get('groups', [])) and group.lower() != self['primaryGroup'].lower(): |
1700 |
if group and not case_insensitive_in_list(group, self.info.get('groups', [])) and group.lower() != self['primaryGroup'].lower(): |
1701 |
grpobj = group_mod.object(None, self.lo, self.position, group) |
1701 |
grpobj = group_mod.object(None, self.lo, self.position, group) |
1702 |
grpobj.fast_member_remove( [ self.dn ], [ old_uid ] ) |
1702 |
grpobj.fast_member_remove( [ self.dn ], [ old_uid ] ) |
1703 |
|
1703 |
|
1704 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: check groups in info[groups]') |
1704 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: check groups in info[groups]') |
1705 |
for group in self.info.get('groups', []): |
1705 |
for group in self.info.get('groups', []): |
1706 |
if group and not case_insensitive_in_list(group, old_groups): |
1706 |
if group and not case_insensitive_in_list(group, old_groups): |
1707 |
grpobj = group_mod.object(None, self.lo, self.position, group) |
1707 |
grpobj = group_mod.object(None, self.lo, self.position, group) |
1708 |
grpobj.fast_member_add( [ self.dn ], [ new_uid ] ) |
1708 |
grpobj.fast_member_add( [ self.dn ], [ new_uid ] ) |
1709 |
|
1709 |
|
1710 |
if univention.admin.baseConfig.is_true("directory/manager/user/primarygroup/update", True): |
1710 |
if univention.admin.baseConfig.is_true("directory/manager/user/primarygroup/update", True): |
1711 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: check primaryGroup') |
1711 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: check primaryGroup') |
1712 |
if not self.exists() and self.info.get('primaryGroup'): |
1712 |
if not self.exists() and self.info.get('primaryGroup'): |
1713 |
grpobj = group_mod.object(None, self.lo, self.position, self.info.get('primaryGroup')) |
1713 |
grpobj = group_mod.object(None, self.lo, self.position, self.info.get('primaryGroup')) |
1714 |
grpobj.fast_member_add( [ self.dn ], [ new_uid ] ) |
1714 |
grpobj.fast_member_add( [ self.dn ], [ new_uid ] ) |
Lines 1727-1733
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1727 |
if UIDs: |
1727 |
if UIDs: |
1728 |
new_uids.append(UIDs[0]) |
1728 |
new_uids.append(UIDs[0]) |
1729 |
if len(UIDs) > 1: |
1729 |
if len(UIDs) > 1: |
1730 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'users/user: A groupmember has multiple UIDs (%s %s)' % (memberDNstr, repr(uid_list))) |
1730 |
ud.debug(ud.ADMIN, ud.WARN, 'users/user: A groupmember has multiple UIDs (%s %s)' % (memberDNstr, repr(uid_list))) |
1731 |
self.lo.modify(group, [ ( 'memberUid', uids, new_uids ) ] ) |
1731 |
self.lo.modify(group, [ ( 'memberUid', uids, new_uids ) ] ) |
1732 |
|
1732 |
|
1733 |
def __primary_group(self): |
1733 |
def __primary_group(self): |
Lines 1751-1769
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1751 |
searchResult=self.lo.search(base=self.oldinfo['primaryGroup'], attr=['gidNumber']) |
1751 |
searchResult=self.lo.search(base=self.oldinfo['primaryGroup'], attr=['gidNumber']) |
1752 |
for tmp,number in searchResult: |
1752 |
for tmp,number in searchResult: |
1753 |
oldPrimaryGroup = number['gidNumber'] |
1753 |
oldPrimaryGroup = number['gidNumber'] |
1754 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: set gidNumber by oldinfo') |
1754 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: set gidNumber by oldinfo') |
1755 |
self.lo.modify(self.dn, [('gidNumber',oldPrimaryGroup[0], primaryGroupNumber[0])]) |
1755 |
self.lo.modify(self.dn, [('gidNumber',oldPrimaryGroup[0], primaryGroupNumber[0])]) |
1756 |
if 'samba' in self.options: |
1756 |
if 'samba' in self.options: |
1757 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: set sambaPrimaryGroupSID by oldinfo') |
1757 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: set sambaPrimaryGroupSID by oldinfo') |
1758 |
self.lo.modify(self.dn, [('sambaPrimaryGroupSID',oldPrimaryGroup[0], primaryGroupSambaNumber[0])]) |
1758 |
self.lo.modify(self.dn, [('sambaPrimaryGroupSID',oldPrimaryGroup[0], primaryGroupSambaNumber[0])]) |
1759 |
else: |
1759 |
else: |
1760 |
searchResult=self.lo.search(base=self.dn, scope='base', attr=['gidNumber']) |
1760 |
searchResult=self.lo.search(base=self.dn, scope='base', attr=['gidNumber']) |
1761 |
for tmp,number in searchResult: |
1761 |
for tmp,number in searchResult: |
1762 |
oldNumber = number['gidNumber'] |
1762 |
oldNumber = number['gidNumber'] |
1763 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: set gidNumber') |
1763 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: set gidNumber') |
1764 |
self.lo.modify(self.dn, [('gidNumber',oldNumber, primaryGroupNumber[0])]) |
1764 |
self.lo.modify(self.dn, [('gidNumber',oldNumber, primaryGroupNumber[0])]) |
1765 |
if 'samba' in self.options: |
1765 |
if 'samba' in self.options: |
1766 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: set sambaPrimaryGroupSID') |
1766 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: set sambaPrimaryGroupSID') |
1767 |
self.lo.modify(self.dn, [('sambaPrimaryGroupSID',oldNumber, primaryGroupSambaNumber[0])]) |
1767 |
self.lo.modify(self.dn, [('sambaPrimaryGroupSID',oldNumber, primaryGroupSambaNumber[0])]) |
1768 |
|
1768 |
|
1769 |
|
1769 |
|
Lines 1772-1778
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1772 |
group_mod = univention.admin.modules.get('groups/group') |
1772 |
group_mod = univention.admin.modules.get('groups/group') |
1773 |
grpobj = group_mod.object(None, self.lo, self.position, self.newPrimaryGroupDn) |
1773 |
grpobj = group_mod.object(None, self.lo, self.position, self.newPrimaryGroupDn) |
1774 |
grpobj.fast_member_add( [ self.dn ], [ new_uid ] ) |
1774 |
grpobj.fast_member_add( [ self.dn ], [ new_uid ] ) |
1775 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: adding to new primaryGroup %s (uid=%s)' % (self.newPrimaryGroupDn, new_uid)) |
1775 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: adding to new primaryGroup %s (uid=%s)' % (self.newPrimaryGroupDn, new_uid)) |
1776 |
|
1776 |
|
1777 |
self.save() |
1777 |
self.save() |
1778 |
|
1778 |
|
Lines 1782-1791
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1782 |
return self['username']+'@'+realm |
1782 |
return self['username']+'@'+realm |
1783 |
|
1783 |
|
1784 |
def _ldap_pre_create(self): |
1784 |
def _ldap_pre_create(self): |
1785 |
_d=univention.debug.function('admin.handlers.users.user.object._ldap_pre_create') |
1785 |
_d=ud.function('admin.handlers.users.user.object._ldap_pre_create') |
1786 |
|
1786 |
|
1787 |
self.dn='uid=%s,%s' % ( self['username'], self.position.getDn()) |
1787 |
self.dn='uid=%s,%s' % ( self['username'], self.position.getDn()) |
1788 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'users/user: dn was set to %s'%self.dn) |
1788 |
ud.debug(ud.ADMIN, ud.INFO, 'users/user: dn was set to %s'%self.dn) |
1789 |
if not self['password']: |
1789 |
if not self['password']: |
1790 |
self['password']=self.oldattr.get('password',[''])[0] |
1790 |
self['password']=self.oldattr.get('password',[''])[0] |
1791 |
self.modifypassword=0 |
1791 |
self.modifypassword=0 |
Lines 1990-2005
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
1990 |
sambaPwdLastSetValue = '' # if is filled, it will be added to ml in the end |
1990 |
sambaPwdLastSetValue = '' # if is filled, it will be added to ml in the end |
1991 |
|
1991 |
|
1992 |
if self.options != self.old_options: |
1992 |
if self.options != self.old_options: |
1993 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'options: %s' % self.options) |
1993 |
ud.debug(ud.ADMIN, ud.INFO, 'options: %s' % self.options) |
1994 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'old_options: %s' % self.old_options) |
1994 |
ud.debug(ud.ADMIN, ud.INFO, 'old_options: %s' % self.old_options) |
1995 |
# pki option add / remove |
1995 |
# pki option add / remove |
1996 |
if 'pki' in self.options and not 'pki' in self.old_options: |
1996 |
if 'pki' in self.options and not 'pki' in self.old_options: |
1997 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'added pki option') |
1997 |
ud.debug(ud.ADMIN, ud.INFO, 'added pki option') |
1998 |
ocs=self.oldattr.get('objectClass', []) |
1998 |
ocs=self.oldattr.get('objectClass', []) |
1999 |
if not 'pkiUser' in ocs: |
1999 |
if not 'pkiUser' in ocs: |
2000 |
ml.insert(0, ('objectClass', '', 'pkiUser')) |
2000 |
ml.insert(0, ('objectClass', '', 'pkiUser')) |
2001 |
if not 'pki' in self.options and 'pki' in self.old_options: |
2001 |
if not 'pki' in self.options and 'pki' in self.old_options: |
2002 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'remove pki option') |
2002 |
ud.debug(ud.ADMIN, ud.INFO, 'remove pki option') |
2003 |
ocs=self.oldattr.get('objectClass', []) |
2003 |
ocs=self.oldattr.get('objectClass', []) |
2004 |
if 'pkiUser' in ocs: |
2004 |
if 'pkiUser' in ocs: |
2005 |
ml.insert(0, ('objectClass', 'pkiUser', '')) |
2005 |
ml.insert(0, ('objectClass', 'pkiUser', '')) |
Lines 2007-2019
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2007 |
ml=self._remove_attr(ml,attr) |
2007 |
ml=self._remove_attr(ml,attr) |
2008 |
# ldap_pwd option add / remove |
2008 |
# ldap_pwd option add / remove |
2009 |
if 'ldap_pwd' in self.options and not 'ldap_pwd' in self.old_options: |
2009 |
if 'ldap_pwd' in self.options and not 'ldap_pwd' in self.old_options: |
2010 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'added ldap_pwd option') |
2010 |
ud.debug(ud.ADMIN, ud.INFO, 'added ldap_pwd option') |
2011 |
ocs=self.oldattr.get('objectClass', []) |
2011 |
ocs=self.oldattr.get('objectClass', []) |
2012 |
if not 'simpleSecurityObject' in ocs: |
2012 |
if not 'simpleSecurityObject' in ocs: |
2013 |
ml.insert(0, ('objectClass', '', 'simpleSecurityObject')) |
2013 |
ml.insert(0, ('objectClass', '', 'simpleSecurityObject')) |
2014 |
ml.insert(0, ('objectClass', '', 'uidObject')) |
2014 |
ml.insert(0, ('objectClass', '', 'uidObject')) |
2015 |
if not 'ldap_pwd' in self.options and 'ldap_pwd' in self.old_options: |
2015 |
if not 'ldap_pwd' in self.options and 'ldap_pwd' in self.old_options: |
2016 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'remove ldap_pwd option') |
2016 |
ud.debug(ud.ADMIN, ud.INFO, 'remove ldap_pwd option') |
2017 |
ocs=self.oldattr.get('objectClass', []) |
2017 |
ocs=self.oldattr.get('objectClass', []) |
2018 |
if 'simpleSecurityObject' in ocs: |
2018 |
if 'simpleSecurityObject' in ocs: |
2019 |
ml.insert(0, ('objectClass', 'simpleSecurityObject', '')) |
2019 |
ml.insert(0, ('objectClass', 'simpleSecurityObject', '')) |
Lines 2114-2120
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2114 |
|
2114 |
|
2115 |
shadowLastChangeValue = str(int(now)) |
2115 |
shadowLastChangeValue = str(int(now)) |
2116 |
|
2116 |
|
2117 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'shadowMax: %s' % shadowMax) |
2117 |
ud.debug(ud.ADMIN, ud.INFO, 'shadowMax: %s' % shadowMax) |
2118 |
old_shadowMax=self.oldattr.get('shadowMax', '') |
2118 |
old_shadowMax=self.oldattr.get('shadowMax', '') |
2119 |
if old_shadowMax != shadowMax: |
2119 |
if old_shadowMax != shadowMax: |
2120 |
ml.append(('shadowMax',self.oldattr.get('shadowMax', [''])[0], shadowMax)) |
2120 |
ml.append(('shadowMax',self.oldattr.get('shadowMax', [''])[0], shadowMax)) |
Lines 2130-2136
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2130 |
krb5PasswordEnd='' |
2130 |
krb5PasswordEnd='' |
2131 |
else: |
2131 |
else: |
2132 |
krb5PasswordEnd="%s" % "20"+expiry[6:8]+expiry[3:5]+expiry[0:2]+"000000Z" |
2132 |
krb5PasswordEnd="%s" % "20"+expiry[6:8]+expiry[3:5]+expiry[0:2]+"000000Z" |
2133 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'krb5PasswordEnd: %s' % krb5PasswordEnd) |
2133 |
ud.debug(ud.ADMIN, ud.INFO, 'krb5PasswordEnd: %s' % krb5PasswordEnd) |
2134 |
old_krb5PasswordEnd=self.oldattr.get('krb5PasswordEnd', '') |
2134 |
old_krb5PasswordEnd=self.oldattr.get('krb5PasswordEnd', '') |
2135 |
if old_krb5PasswordEnd != krb5PasswordEnd: |
2135 |
if old_krb5PasswordEnd != krb5PasswordEnd: |
2136 |
ml.append(('krb5PasswordEnd',self.oldattr.get('krb5PasswordEnd', [''])[0], krb5PasswordEnd)) |
2136 |
ml.append(('krb5PasswordEnd',self.oldattr.get('krb5PasswordEnd', [''])[0], krb5PasswordEnd)) |
Lines 2271-2277
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2271 |
shadowExpire='' |
2271 |
shadowExpire='' |
2272 |
if self['userexpiry']: |
2272 |
if self['userexpiry']: |
2273 |
shadowExpire="%d" % long(time.mktime(time.strptime(self['userexpiry'],"%d.%m.%y"))/3600/24+1) |
2273 |
shadowExpire="%d" % long(time.mktime(time.strptime(self['userexpiry'],"%d.%m.%y"))/3600/24+1) |
2274 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'shadowExpire: %s' % shadowExpire) |
2274 |
ud.debug(ud.ADMIN, ud.INFO, 'shadowExpire: %s' % shadowExpire) |
2275 |
old_shadowExpire=self.oldattr.get('shadowExpire', '') |
2275 |
old_shadowExpire=self.oldattr.get('shadowExpire', '') |
2276 |
if old_shadowExpire != shadowExpire: |
2276 |
if old_shadowExpire != shadowExpire: |
2277 |
ml.append(('shadowExpire',self.oldattr.get('shadowExpire', [''])[0], shadowExpire)) |
2277 |
ml.append(('shadowExpire',self.oldattr.get('shadowExpire', [''])[0], shadowExpire)) |
Lines 2279-2285
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2279 |
sambaKickoffTime='' |
2279 |
sambaKickoffTime='' |
2280 |
if self['userexpiry']: |
2280 |
if self['userexpiry']: |
2281 |
sambaKickoffTime="%d" % long(time.mktime(time.strptime(self['userexpiry'],"%d.%m.%y"))) |
2281 |
sambaKickoffTime="%d" % long(time.mktime(time.strptime(self['userexpiry'],"%d.%m.%y"))) |
2282 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'sambaKickoffTime: %s' % sambaKickoffTime) |
2282 |
ud.debug(ud.ADMIN, ud.INFO, 'sambaKickoffTime: %s' % sambaKickoffTime) |
2283 |
old_sambaKickoffTime=self.oldattr.get('sambaKickoffTime', '') |
2283 |
old_sambaKickoffTime=self.oldattr.get('sambaKickoffTime', '') |
2284 |
if old_sambaKickoffTime != sambaKickoffTime: |
2284 |
if old_sambaKickoffTime != sambaKickoffTime: |
2285 |
ml.append(('sambaKickoffTime',self.oldattr.get('sambaKickoffTime', [''])[0], sambaKickoffTime)) |
2285 |
ml.append(('sambaKickoffTime',self.oldattr.get('sambaKickoffTime', [''])[0], sambaKickoffTime)) |
Lines 2287-2293
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2287 |
krb5ValidEnd='' |
2287 |
krb5ValidEnd='' |
2288 |
if self['userexpiry']: |
2288 |
if self['userexpiry']: |
2289 |
krb5ValidEnd="%s" % "20"+self['userexpiry'][6:8]+self['userexpiry'][3:5]+self['userexpiry'][0:2]+"000000Z" |
2289 |
krb5ValidEnd="%s" % "20"+self['userexpiry'][6:8]+self['userexpiry'][3:5]+self['userexpiry'][0:2]+"000000Z" |
2290 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'krb5ValidEnd: %s' % krb5ValidEnd) |
2290 |
ud.debug(ud.ADMIN, ud.INFO, 'krb5ValidEnd: %s' % krb5ValidEnd) |
2291 |
old_krb5ValidEnd=self.oldattr.get('krb5ValidEnd', '') |
2291 |
old_krb5ValidEnd=self.oldattr.get('krb5ValidEnd', '') |
2292 |
if old_krb5ValidEnd != krb5ValidEnd: |
2292 |
if old_krb5ValidEnd != krb5ValidEnd: |
2293 |
if not self['userexpiry']: |
2293 |
if not self['userexpiry']: |
Lines 2331-2337
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2331 |
if 'kerberos' in self.options: |
2331 |
if 'kerberos' in self.options: |
2332 |
expiry=time.strftime("%d.%m.%y",time.gmtime((long(time.time())))) |
2332 |
expiry=time.strftime("%d.%m.%y",time.gmtime((long(time.time())))) |
2333 |
krb5PasswordEnd="%s" % "20"+expiry[6:8]+expiry[3:5]+expiry[0:2]+"000000Z" |
2333 |
krb5PasswordEnd="%s" % "20"+expiry[6:8]+expiry[3:5]+expiry[0:2]+"000000Z" |
2334 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'krb5PasswordEnd: %s' % krb5PasswordEnd) |
2334 |
ud.debug(ud.ADMIN, ud.INFO, 'krb5PasswordEnd: %s' % krb5PasswordEnd) |
2335 |
old_krb5PasswordEnd=self.oldattr.get('krb5PasswordEnd', '') |
2335 |
old_krb5PasswordEnd=self.oldattr.get('krb5PasswordEnd', '') |
2336 |
if old_krb5PasswordEnd != krb5PasswordEnd: |
2336 |
if old_krb5PasswordEnd != krb5PasswordEnd: |
2337 |
ml.append(('krb5PasswordEnd',self.oldattr.get('krb5PasswordEnd', [''])[0], krb5PasswordEnd)) |
2337 |
ml.append(('krb5PasswordEnd',self.oldattr.get('krb5PasswordEnd', [''])[0], krb5PasswordEnd)) |
Lines 2358-2364
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2358 |
now=(long(time.time())/3600/24) |
2358 |
now=(long(time.time())/3600/24) |
2359 |
shadowLastChangeValue = str(int(now)) |
2359 |
shadowLastChangeValue = str(int(now)) |
2360 |
|
2360 |
|
2361 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'shadowMax: %s' % shadowMax) |
2361 |
ud.debug(ud.ADMIN, ud.INFO, 'shadowMax: %s' % shadowMax) |
2362 |
old_shadowMax=self.oldattr.get('shadowMax', [''])[0] |
2362 |
old_shadowMax=self.oldattr.get('shadowMax', [''])[0] |
2363 |
if old_shadowMax != shadowMax: |
2363 |
if old_shadowMax != shadowMax: |
2364 |
ml.append(('shadowMax', old_shadowMax, shadowMax)) |
2364 |
ml.append(('shadowMax', old_shadowMax, shadowMax)) |
Lines 2367-2373
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2367 |
if 'samba' in self.options: |
2367 |
if 'samba' in self.options: |
2368 |
sambaPwdLastSetValue = str(long(time.time())) |
2368 |
sambaPwdLastSetValue = str(long(time.time())) |
2369 |
# transfered into ml below |
2369 |
# transfered into ml below |
2370 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'sambaPwdLastSetValue: %s' % sambaPwdLastSetValue) |
2370 |
ud.debug(ud.ADMIN, ud.INFO, 'sambaPwdLastSetValue: %s' % sambaPwdLastSetValue) |
2371 |
|
2371 |
|
2372 |
# 4. set kerberos attribute |
2372 |
# 4. set kerberos attribute |
2373 |
if 'kerberos' in self.options: |
2373 |
if 'kerberos' in self.options: |
Lines 2376-2382
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2376 |
else: |
2376 |
else: |
2377 |
expiry=time.strftime("%d.%m.%y",time.gmtime((long(time.time()) + (expiryInterval*3600*24)))) |
2377 |
expiry=time.strftime("%d.%m.%y",time.gmtime((long(time.time()) + (expiryInterval*3600*24)))) |
2378 |
krb5PasswordEnd="%s" % "20"+expiry[6:8]+expiry[3:5]+expiry[0:2]+"000000Z" |
2378 |
krb5PasswordEnd="%s" % "20"+expiry[6:8]+expiry[3:5]+expiry[0:2]+"000000Z" |
2379 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'krb5PasswordEnd: %s' % krb5PasswordEnd) |
2379 |
ud.debug(ud.ADMIN, ud.INFO, 'krb5PasswordEnd: %s' % krb5PasswordEnd) |
2380 |
old_krb5PasswordEnd=self.oldattr.get('krb5PasswordEnd', [''])[0] |
2380 |
old_krb5PasswordEnd=self.oldattr.get('krb5PasswordEnd', [''])[0] |
2381 |
if old_krb5PasswordEnd != krb5PasswordEnd: |
2381 |
if old_krb5PasswordEnd != krb5PasswordEnd: |
2382 |
ml.append(('krb5PasswordEnd',old_krb5PasswordEnd, krb5PasswordEnd)) |
2382 |
ml.append(('krb5PasswordEnd',old_krb5PasswordEnd, krb5PasswordEnd)) |
Lines 2393-2401
class object( univention.admin.handlers.simpleLdap, mungeddial.Support ):
|
Link Here
|
---|
|
2393 |
else: |
2393 |
else: |
2394 |
try: |
2394 |
try: |
2395 |
self.alloc.append( ( 'mailPrimaryAddress', self[ 'mailPrimaryAddress' ] ) ) |
2395 |
self.alloc.append( ( 'mailPrimaryAddress', self[ 'mailPrimaryAddress' ] ) ) |
2396 |
univention.debug.debug( univention.debug.ADMIN, univention.debug.INFO, "LOCKING: %s" % self[ 'mailPrimaryAddress' ] ) |
2396 |
ud.debug( ud.ADMIN, ud.INFO, "LOCKING: %s" % self[ 'mailPrimaryAddress' ] ) |
2397 |
univention.admin.allocators.request( self.lo, self.position, 'mailPrimaryAddress', value = self[ 'mailPrimaryAddress' ] ) |
2397 |
univention.admin.allocators.request( self.lo, self.position, 'mailPrimaryAddress', value = self[ 'mailPrimaryAddress' ] ) |
2398 |
univention.debug.debug( univention.debug.ADMIN, univention.debug.INFO, "LOCKING DONE: %s" % self[ 'mailPrimaryAddress' ] ) |
2398 |
ud.debug( ud.ADMIN, ud.INFO, "LOCKING DONE: %s" % self[ 'mailPrimaryAddress' ] ) |
2399 |
except univention.admin.uexceptions.noLock: |
2399 |
except univention.admin.uexceptions.noLock: |
2400 |
self.cancel() |
2400 |
self.cancel() |
2401 |
raise univention.admin.uexceptions.mailAddressUsed |
2401 |
raise univention.admin.uexceptions.mailAddressUsed |
2402 |
- |
|
|
2403 |
-- |
2404 |
.../univention/admin/handlers/users/user.py | 120 +++++++++----------- |
2402 |
.../univention/admin/handlers/users/user.py | 120 +++++++++----------- |
2405 |
1 file changed, 55 insertions(+), 65 deletions(-) |
2403 |
1 file changed, 55 insertions(+), 65 deletions(-) |