]>
git.ipfire.org Git - ipfire.org.git/blob - www/webapp/backend/accounts.py
54b8f325ada7f8cbda51f7e1ca9392e60a86390d
9 from misc
import Singleton
10 from settings
import Settings
12 class Accounts(object):
13 __metaclass__
= Singleton
25 def search_base(self
):
26 return Settings().get("ldap_search_base")
31 ldap_uri
= self
.settings
.get("ldap_uri")
33 self
.__db
= ldap
.initialize(ldap_uri
)
35 bind_dn
= self
.settings
.get("ldap_bind_dn")
38 bind_pw
= self
.settings
.get("ldap_bind_pw")
40 self
.__db
.simple_bind(bind_dn
, bind_pw
)
45 return self
._accounts
[dn
]
49 results
= self
.db
.search_s(self
.search_base
, ldap
.SCOPE_SUBTREE
,
50 "(objectClass=posixAccount)", ["loginShell"])
52 for dn
, attrs
in results
:
53 #if attrs["loginShell"] == ["/bin/bash"]:
54 self
._accounts
[dn
] = Account(dn
)
57 return sorted(self
._accounts
.values())
60 for account
in self
.list():
61 if account
.uid
== uid
:
64 def delete(self
, uid
):
65 account
= self
.find(uid
)
71 class Account(object):
72 def __init__(self
, dn
):
75 self
.__attributes
= {}
78 return "<%s %s>" % (self
.__class
__.__name
__, self
.dn
)
80 def __cmp__(self
, other
):
81 return cmp(self
.cn
, other
.cn
)
89 if not self
.__attributes
:
90 self
.fetch_attributes()
92 return self
.__attributes
94 def fetch_attributes(self
):
95 result
= self
.db
.search_ext_s(self
.dn
, ldap
.SCOPE_SUBTREE
, sizelimit
=1)
96 dn
, self
.__attributes
= result
[0]
100 attribute
= self
.attributes
[key
]
102 raise AttributeError(key
)
104 if len(attribute
) == 1:
111 def set(self
, key
, value
):
112 mod_op
= ldap
.MOD_ADD
113 if self
.attributes
.has_key(key
):
114 mod_op
= ldap
.MOD_REPLACE
116 self
._modify
(mod_op
, key
, value
)
118 def _modify(self
, op
, key
, value
):
119 modlist
= [(op
, key
, value
)]
121 self
.db
.modify_s(self
.dn
, modlist
)
123 # Update local cache of attributes
124 self
.fetch_attributes()
126 def delete(self
, key
, value
=None):
127 self
._modify
(ldap
.MOD_DELETE
, key
, value
)
129 def check_password(self
, password
):
131 Bind to the server with given credentials and return
132 true if password is corrent and false if not.
134 Raises exceptions from the server on any other errors.
137 logging
.debug("Checking credentials for %s" % self
.dn
)
139 self
.db
.simple_bind_s(self
.dn
, password
.encode("utf-8"))
140 except ldap
.INVALID_CREDENTIALS
:
141 logging
.debug("Account credentials are invalid.")
144 logging
.debug("Successfully authenticated.")
149 return True # XXX todo
153 name
= self
.cn
.lower()
154 name
= name
.replace(" ", ".")
155 name
= name
.replace("Ä", "Ae")
156 name
= name
.replace("Ö", "Oe")
157 name
= name
.replace("Ü", "Ue")
158 name
= name
.replace("ä", "ae")
159 name
= name
.replace("ö", "oe")
160 name
= name
.replace("ü", "ue")
162 for mail
in self
.mail
:
163 if mail
.startswith(name
+ "@"):
166 raise Exception, "Cannot figure out email address"
168 def gravatar_icon(self
, size
=128):
170 gravatar_url
= "http://www.gravatar.com/avatar/" + \
171 hashlib
.md5(self
.email
.lower()).hexdigest() + "?"
172 gravatar_url
+= urllib
.urlencode({'d': "mm", 's': str(size
)})
177 if __name__
== "__main__":