mirror of
https://github.com/YunoHost/moulinette.git
synced 2024-09-03 20:06:31 +02:00
165 lines
4.7 KiB
Python
165 lines
4.7 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
import os
|
|
import sys
|
|
import ldap
|
|
import crypt
|
|
import random
|
|
import string
|
|
import getpass
|
|
from yunohost import YunoHostError, win_msg, colorize, validate, get_required_args
|
|
|
|
def user_list(args, connections):
|
|
"""
|
|
List YunoHost users from LDAP
|
|
|
|
Keyword argument:
|
|
args -- Dictionnary of values (can be empty)
|
|
connections -- LDAP connection
|
|
|
|
Returns:
|
|
Dict
|
|
"""
|
|
yldap = connections['ldap']
|
|
user_attrs = ['uid', 'mail', 'cn']
|
|
attrs = []
|
|
result_dict = {}
|
|
if args['offset']: offset = int(args['offset'])
|
|
else: offset = 0
|
|
if args['limit']: limit = int(args['limit'])
|
|
else: limit = 1000
|
|
if args['filter']: filter = args['filter']
|
|
else: filter = 'uid=*'
|
|
if args['fields']:
|
|
for attr in args['fields']:
|
|
if attr in user_attrs:
|
|
attrs.append(attr)
|
|
continue
|
|
else:
|
|
raise YunoHostError(22, _("Invalid field : ") + attr)
|
|
else:
|
|
attrs = user_attrs
|
|
|
|
result = yldap.search('ou=users,dc=yunohost,dc=org', filter, attrs)
|
|
|
|
if len(result) > (0 + offset) and limit > 0:
|
|
i = 0 + offset
|
|
for entry in result[i:]:
|
|
if i < limit:
|
|
result_dict[str(i)] = entry
|
|
i += 1
|
|
else:
|
|
result_dict = { 'Notice' : _("No user found") }
|
|
|
|
return result_dict
|
|
|
|
|
|
def user_create(args, connections):
|
|
"""
|
|
Add user to LDAP
|
|
|
|
Keyword argument:
|
|
args -- Dictionnary of values (can be empty)
|
|
connections -- LDAP connections
|
|
|
|
Returns:
|
|
Dict
|
|
"""
|
|
yldap = connections['ldap']
|
|
args = get_required_args(args, {
|
|
'username': _('Username'),
|
|
'mail': _('Mail address'),
|
|
'firstname': _('Firstname'),
|
|
'lastname': _('Lastname'),
|
|
'password': _('Password')
|
|
}, True)
|
|
|
|
# Validate password length
|
|
if len(args['password']) < 4:
|
|
raise YunoHostError(22, _("Password is too short"))
|
|
|
|
# Validate other values TODO: validate all values
|
|
validate({
|
|
args['username'] : r'^[a-z0-9_]+$',
|
|
args['mail'] : r'^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,6}$',
|
|
})
|
|
|
|
yldap.validate_uniqueness({
|
|
'uid' : args['username'],
|
|
'mail' : args['mail'],
|
|
'mailalias' : args['mail']
|
|
})
|
|
|
|
# Check if unix user already exists (doesn't work)
|
|
#if not os.system("getent passwd " + args['username']):
|
|
# raise YunoHostError(17, _("Username not available"))
|
|
|
|
#TODO: check if mail belongs to a domain
|
|
|
|
# Get random UID/GID
|
|
uid_check = gid_check = 0
|
|
while uid_check == 0 and gid_check == 0:
|
|
uid = str(random.randint(200, 99999))
|
|
uid_check = os.system("getent passwd " + uid)
|
|
gid_check = os.system("getent group " + uid)
|
|
|
|
# Adapt values for LDAP
|
|
fullname = args['firstname'] + ' ' + args['lastname']
|
|
rdn = 'uid=' + args['username'] + ',ou=users'
|
|
char_set = string.ascii_uppercase + string.digits
|
|
salt = ''.join(random.sample(char_set,8))
|
|
salt = '$1$' + salt + '$'
|
|
pwd = '{CRYPT}' + crypt.crypt(str(args['password']), salt)
|
|
attr_dict = {
|
|
'objectClass' : ['mailAccount', 'inetOrgPerson', 'posixAccount'],
|
|
'givenName' : args['firstname'],
|
|
'sn' : args['lastname'],
|
|
'displayName' : fullname,
|
|
'cn' : fullname,
|
|
'uid' : args['username'],
|
|
'mail' : args['mail'],
|
|
'userPassword' : pwd,
|
|
'gidNumber' : uid,
|
|
'uidNumber' : uid,
|
|
'homeDirectory' : '/home/' + args['username'],
|
|
'loginShell' : '/bin/false'
|
|
}
|
|
|
|
if yldap.add(rdn, attr_dict):
|
|
# Create user /home directory by switching user
|
|
os.system("su - " + args['username'] + " -c ''")
|
|
#TODO: Send a welcome mail to user
|
|
win_msg(_("User successfully created"))
|
|
return { _("Fullname") : fullname, _("Username") : args['username'], _("Mail") : args['mail'] }
|
|
else:
|
|
raise YunoHostError(169, _("An error occured during user creation"))
|
|
|
|
|
|
def user_delete(args, connections):
|
|
"""
|
|
Remove user from LDAP
|
|
|
|
Keyword argument:
|
|
args -- Dictionnary of values (can be empty)
|
|
connections -- LDAP connection
|
|
|
|
Returns:
|
|
Dict
|
|
"""
|
|
yldap = connections['ldap']
|
|
result = { 'Users' : [] }
|
|
|
|
if not isinstance(args['users'], list):
|
|
args['users'] = [ args['users'] ]
|
|
|
|
for user in args['users']:
|
|
validate({ user : r'^[a-z0-9_]+$' })
|
|
if yldap.remove('uid=' + user+ ',ou=users'):
|
|
result['Users'].append(user)
|
|
continue
|
|
else:
|
|
raise YunoHostError(169, _("An error occured during user deletion"))
|
|
|
|
win_msg(_("User(s) successfully deleted"))
|
|
return result
|
|
|