X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=blobdiff_plain;f=ipsilon%2Flogin%2Fauthldap.py;h=f383003162c87805abf35bd233fa684a8c584da4;hp=f51f3757b6f7d2081c317857403d1e6971a8abfe;hb=0b40c36998ed29c7e98a8cf5f42a798e0bec0870;hpb=83da2bf3963db3e4427bced3b4c0681e751e54da diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py old mode 100755 new mode 100644 index f51f375..f383003 --- a/ipsilon/login/authldap.py +++ b/ipsilon/login/authldap.py @@ -1,9 +1,7 @@ -#!/usr/bin/python -# # Copyright (C) 2014 Ipsilon Contributors, see COPYING for license -from ipsilon.login.common import LoginFormBase, LoginManagerBase -from ipsilon.login.common import FACILITY +from ipsilon.login.common import LoginFormBase, LoginManagerBase, \ + LoginManagerInstaller from ipsilon.util.plugin import PluginObject from ipsilon.util.log import Log from ipsilon.util import config as pconfig @@ -50,7 +48,7 @@ class LDAP(LoginFormBase, Log): self.lm.info = None if not self.ldap_info: - self.ldap_info = LDAPInfo() + self.ldap_info = LDAPInfo(self._site) return self.ldap_info.get_user_data_from_conn(conn, dn) @@ -65,15 +63,7 @@ class LDAP(LoginFormBase, Log): if username and password: try: - userdata = self._authenticate(username, password) - if userdata: - userattrs = dict() - for d, v in userdata.get('userdata', {}).items(): - userattrs[d] = v - if 'groups' in userdata: - userattrs['groups'] = userdata['groups'] - if 'extras' in userdata: - userattrs['extras'] = userdata['extras'] + userattrs = self._authenticate(username, password) authed = True except Exception, e: # pylint: disable=broad-except errmsg = "Authentication failed" @@ -92,6 +82,7 @@ class LDAP(LoginFormBase, Log): error_password=not password, error_username=not username ) + self.lm.set_auth_error() # pylint: disable=star-args return self._template('login/form.html', **context) @@ -163,7 +154,7 @@ authentication. """ @property def get_user_info(self): - return (self.get_config_value('get user info').lower() == 'yes') + return self.get_config_value('get user info') @property def bind_dn_tmpl(self): @@ -174,15 +165,16 @@ authentication. """ return self.page -class Installer(object): +class Installer(LoginManagerInstaller): - def __init__(self): + def __init__(self, *pargs): + super(Installer, self).__init__() self.name = 'ldap' - self.ptype = 'login' + self.pargs = pargs def install_args(self, group): group.add_argument('--ldap', choices=['yes', 'no'], default='no', - help='Configure PAM authentication') + help='Configure LDAP authentication') group.add_argument('--ldap-server-url', action='store', help='LDAP Server Url') group.add_argument('--ldap-bind-dn-template', action='store', @@ -193,27 +185,19 @@ class Installer(object): return # Add configuration data to database - po = PluginObject() + po = PluginObject(*self.pargs) po.name = 'ldap' po.wipe_data() + po.wipe_config_values() - po.wipe_config_values(FACILITY) config = dict() if 'ldap_server_url' in opts: config['server url'] = opts['ldap_server_url'] if 'ldap_bind_dn_template' in opts: config['bind dn template'] = opts['ldap_bind_dn_template'] config['tls'] = 'Demand' - po.save_plugin_config(FACILITY, config) + po.save_plugin_config(config) # Update global config to add login plugin - po = PluginObject() - po.name = 'global' - globalconf = po.get_plugin_config(FACILITY) - if 'order' in globalconf: - order = globalconf['order'].split(',') - else: - order = [] - order.append('ldap') - globalconf['order'] = ','.join(order) - po.save_plugin_config(FACILITY, globalconf) + po.is_enabled = True + po.save_enabled_state()