moulinette/yunohost_user.py

# -*- coding: utf-8 -*-

import os
import sys
import ldap
import crypt
import random
import string
import getpass
from yunohost import YunoHostError, win_msg, colorize, validate, get_required_args

def user_list(args, connections):
    """
    List YunoHost users from LDAP

    Keyword argument:
        args -- Dictionnary of values (can be empty)
        connections -- LDAP connection

    Returns:
        Dict
    """
    yldap = connections['ldap']
    user_attrs = ['uid', 'mail', 'cn']
    attrs = []
    result_dict = {}
    if args['offset']: offset = int(args['offset'])
    else: offset = 0
    if args['limit']: limit = int(args['limit'])
    else: limit = 1000
    if args['filter']: filter = args['filter']
    else: filter = 'uid=*'
    if args['fields']:
        for attr in args['fields']:
            if attr in user_attrs:
                attrs.append(attr)
                continue
            else:
                raise YunoHostError(22, _("Invalid field : ") + attr)        
    else:
        attrs = user_attrs

    result = yldap.search('ou=users,dc=yunohost,dc=org', filter, attrs)
    
    if len(result) > (0 + offset) and limit > 0:
        i = 0 + offset
        for entry in result[i:]:
           if i < limit:
               result_dict[str(i)] = entry 
               i += 1
    else:
        result_dict = { 'Notice' : _("No user found") }

    return result_dict


def user_create(args, connections):
    """
    Add user to LDAP

    Keyword argument:
        args -- Dictionnary of values (can be empty)

    Returns:
        Dict
    """
    yldap = connections['ldap']
    args = get_required_args(args, {
        'username': _('Username'), 
        'mail': _('Mail address'), 
        'firstname': _('Firstname'), 
        'lastname': _('Lastname'), 
        'password': _('Password')
    }, True)

    # Validate password length
    if len(args['password']) < 4:
        raise YunoHostError(22, _("Password is too short"))

    # Validate other values TODO: validate all values
    validate({
        args['username']    : r'^[a-z0-9_]+$', 
        args['mail']        : r'^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,6}$',
    })

    yldap.validate_uniqueness({
        'uid'       : args['username'],
        'mail'      : args['mail'],
        'mailalias' : args['mail']
    })

    # Check if unix user already exists (doesn't work)
    #if not os.system("getent passwd " + args['username']):
    #    raise YunoHostError(17, _("Username not available"))

    #TODO: check if mail belongs to a domain

    # Get random UID/GID
    uid_check = gid_check = 0
    while uid_check == 0 and gid_check == 0:
        uid = str(random.randint(200, 99999))
        uid_check = os.system("getent passwd " + uid)
        gid_check = os.system("getent group " + uid)

    # Adapt values for LDAP
    fullname = args['firstname'] + ' ' + args['lastname']
    rdn = 'uid=' + args['username'] + ',ou=users'
    char_set = string.ascii_uppercase + string.digits
    salt = ''.join(random.sample(char_set,8))
    salt = '$1$' + salt + '$'
    pwd = '{CRYPT}' + crypt.crypt(str(args['password']), salt)
    attr_dict = {
        'objectClass'   : ['mailAccount', 'inetOrgPerson', 'posixAccount'],
        'givenName'     : args['firstname'],
        'sn'            : args['lastname'],
        'displayName'   : fullname,
        'cn'            : fullname,
        'uid'           : args['username'],
        'mail'          : args['mail'],
        'userPassword'  : pwd,
        'gidNumber'     : uid,
        'uidNumber'     : uid,
        'homeDirectory' : '/home/' + args['username'],
        'loginShell'    : '/bin/false'
    }

    if yldap.add(rdn, attr_dict):
        # Create user /home directory by switching user
        os.system("su - " + args['username'] + " -c ''")
        #TODO: Send a welcome mail to user
        win_msg(_("User successfully created"))
        return { _("Fullname") : fullname, _("Username") : args['username'], _("Mail") : args['mail'] }
    else:
        raise YunoHostError(169, _("An error occured during user creation"))
User function file init 2012-10-06 17:10:19 +02:00			`# -- coding: utf-8 --`

Exception handling 2012-10-08 18:16:43 +02:00			`import os`
messages, add arguments, prompt 2012-10-07 17:57:57 +02:00			`import sys`
LDAP file init 2012-10-06 17:57:08 +02:00			`import ldap`
user_add function 2012-10-07 23:51:40 +02:00			`import crypt`
			`import random`
			`import string`
messages, add arguments, prompt 2012-10-07 17:57:57 +02:00			`import getpass`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`from yunohost import YunoHostError, win_msg, colorize, validate, get_required_args`
Tests 2012-10-07 16:20:20 +02:00
user_list() function 2012-10-28 17:27:47 +01:00			`def user_list(args, connections):`
			`"""`
			`List YunoHost users from LDAP`

			`Keyword argument:`
			`args -- Dictionnary of values (can be empty)`
			`connections -- LDAP connection`

			`Returns:`
			`Dict`
			`"""`
			`yldap = connections['ldap']`
			`user_attrs = ['uid', 'mail', 'cn']`
			`attrs = []`
			`result_dict = {}`
			`if args['offset']: offset = int(args['offset'])`
			`else: offset = 0`
			`if args['limit']: limit = int(args['limit'])`
			`else: limit = 1000`
			`if args['filter']: filter = args['filter']`
			`else: filter = 'uid=*'`
			`if args['fields']:`
			`for attr in args['fields']:`
			`if attr in user_attrs:`
			`attrs.append(attr)`
			`continue`
			`else:`
			`raise YunoHostError(22, _("Invalid field : ") + attr)`
			`else:`
			`attrs = user_attrs`

			`result = yldap.search('ou=users,dc=yunohost,dc=org', filter, attrs)`

			`if len(result) > (0 + offset) and limit > 0:`
			`i = 0 + offset`
			`for entry in result[i:]:`
			`if i < limit:`
			`result_dict[str(i)] = entry`
			`i += 1`
			`else:`
			`result_dict = { 'Notice' : _("No user found") }`

			`return result_dict`
messages, add arguments, prompt 2012-10-07 17:57:57 +02:00

App/repo function init + services 2012-10-12 19:00:41 +02:00			`def user_create(args, connections):`
user_add function 2012-10-07 23:51:40 +02:00			`"""`
			`Add user to LDAP`

			`Keyword argument:`
			`args -- Dictionnary of values (can be empty)`

			`Returns:`
user_list() function 2012-10-28 17:27:47 +01:00			`Dict`
user_add function 2012-10-07 23:51:40 +02:00			`"""`
App/repo function init + services 2012-10-12 19:00:41 +02:00			`yldap = connections['ldap']`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`args = get_required_args(args, {`
			`'username': _('Username'),`
			`'mail': _('Mail address'),`
			`'firstname': _('Firstname'),`
			`'lastname': _('Lastname'),`
			`'password': _('Password')`
			`}, True)`
user_add function 2012-10-07 23:51:40 +02:00
Update yunohost_user.py 2012-10-25 19:48:14 +02:00			`# Validate password length`
			`if len(args['password']) < 4:`
			`raise YunoHostError(22, _("Password is too short"))`

			`# Validate other values TODO: validate all values`
			`validate({`
			`args['username'] : r'^[a-z0-9_]+$',`
			`args['mail'] : r'^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,6}$',`
			`})`

			`yldap.validate_uniqueness({`
			`'uid' : args['username'],`
			`'mail' : args['mail'],`
			`'mailalias' : args['mail']`
			`})`

			`# Check if unix user already exists (doesn't work)`
			`#if not os.system("getent passwd " + args['username']):`
			`# raise YunoHostError(17, _("Username not available"))`

			`#TODO: check if mail belongs to a domain`

User creation POSIX 2012-10-24 17:30:28 +02:00			`# Get random UID/GID`
			`uid_check = gid_check = 0`
			`while uid_check == 0 and gid_check == 0:`
			`uid = str(random.randint(200, 99999))`
			`uid_check = os.system("getent passwd " + uid)`
			`gid_check = os.system("getent group " + uid)`

Update yunohost_user.py 2012-10-25 19:48:14 +02:00			`# Adapt values for LDAP`
user_add function 2012-10-07 23:51:40 +02:00			`fullname = args['firstname'] + ' ' + args['lastname']`
Correct user function (still broken) 2012-10-24 18:36:23 +02:00			`rdn = 'uid=' + args['username'] + ',ou=users'`
user_add function 2012-10-07 23:51:40 +02:00			`char_set = string.ascii_uppercase + string.digits`
			`salt = ''.join(random.sample(char_set,8))`
			`salt = '$1$' + salt + '$'`
Exception handling 2012-10-08 18:16:43 +02:00			`pwd = '{CRYPT}' + crypt.crypt(str(args['password']), salt)`
user_add function 2012-10-07 23:51:40 +02:00			`attr_dict = {`
User creation POSIX 2012-10-24 17:30:28 +02:00			`'objectClass' : ['mailAccount', 'inetOrgPerson', 'posixAccount'],`
user_add function 2012-10-07 23:51:40 +02:00			`'givenName' : args['firstname'],`
			`'sn' : args['lastname'],`
			`'displayName' : fullname,`
			`'cn' : fullname,`
			`'uid' : args['username'],`
			`'mail' : args['mail'],`
User creation POSIX 2012-10-24 17:30:28 +02:00			`'userPassword' : pwd,`
			`'gidNumber' : uid,`
			`'uidNumber' : uid,`
			`'homeDirectory' : '/home/' + args['username'],`
le sexy time 2012-10-28 15:24:10 +01:00			`'loginShell' : '/bin/false'`
user_add function 2012-10-07 23:51:40 +02:00			`}`
messages, add arguments, prompt 2012-10-07 17:57:57 +02:00
user_add function 2012-10-07 23:51:40 +02:00			`if yldap.add(rdn, attr_dict):`
User creation POSIX 2012-10-24 17:30:28 +02:00			`# Create user /home directory by switching user`
Correct user function (still broken) 2012-10-24 18:36:23 +02:00			`os.system("su - " + args['username'] + " -c ''")`
moving functions 2012-10-14 21:48:16 +02:00			`#TODO: Send a welcome mail to user`
User creation POSIX 2012-10-24 17:30:28 +02:00			`win_msg(_("User successfully created"))`
Rename files 2012-10-10 20:53:42 +02:00			`return { _("Fullname") : fullname, _("Username") : args['username'], _("Mail") : args['mail'] }`
user_add function 2012-10-07 23:51:40 +02:00			`else:`
Correct user function (still broken) 2012-10-24 18:36:23 +02:00			`raise YunoHostError(169, _("An error occured during user creation"))`