mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-27 09:23:47 +00:00
radius, make python compatible, and add traceback
This commit is contained in:
parent
433a85f6c8
commit
df5861424e
2 changed files with 55 additions and 53 deletions
|
@ -1005,7 +1005,7 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
|
||||||
@cached_property
|
@cached_property
|
||||||
def gen_ipv6_dhcpv6(self):
|
def gen_ipv6_dhcpv6(self):
|
||||||
"""Cree une ip, à assigner avec dhcpv6 sur une machine"""
|
"""Cree une ip, à assigner avec dhcpv6 sur une machine"""
|
||||||
prefix_v6 = self.type.ip_type.prefix_v6
|
prefix_v6 = self.type.ip_type.prefix_v6.encode().decode('utf-8')
|
||||||
if not prefix_v6:
|
if not prefix_v6:
|
||||||
return None
|
return None
|
||||||
return IPv6Address(
|
return IPv6Address(
|
||||||
|
@ -1331,14 +1331,14 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
|
||||||
|
|
||||||
def check_and_replace_prefix(self, prefix=None):
|
def check_and_replace_prefix(self, prefix=None):
|
||||||
"""Si le prefixe v6 est incorrect, on maj l'ipv6"""
|
"""Si le prefixe v6 est incorrect, on maj l'ipv6"""
|
||||||
prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6
|
prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6.encode().decode('utf-8')
|
||||||
if not prefix_v6:
|
if not prefix_v6:
|
||||||
return
|
return
|
||||||
if (IPv6Address(self.ipv6).exploded[:20] !=
|
if (IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[:20] !=
|
||||||
IPv6Address(prefix_v6).exploded[:20]):
|
IPv6Address(prefix_v6).exploded[:20]):
|
||||||
self.ipv6 = IPv6Address(
|
self.ipv6 = IPv6Address(
|
||||||
IPv6Address(prefix_v6).exploded[:20] +
|
IPv6Address(prefix_v6).exploded[:20] +
|
||||||
IPv6Address(self.ipv6).exploded[20:]
|
IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[20:]
|
||||||
)
|
)
|
||||||
self.save()
|
self.save()
|
||||||
|
|
||||||
|
@ -1347,9 +1347,9 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
|
||||||
.filter(interface=self.interface, slaac_ip=True)
|
.filter(interface=self.interface, slaac_ip=True)
|
||||||
.exclude(id=self.id)):
|
.exclude(id=self.id)):
|
||||||
raise ValidationError("Une ip slaac est déjà enregistrée")
|
raise ValidationError("Une ip slaac est déjà enregistrée")
|
||||||
prefix_v6 = self.interface.type.ip_type.prefix_v6
|
prefix_v6 = self.interface.type.ip_type.prefix_v6.encode().decode('utf-8')
|
||||||
if prefix_v6:
|
if prefix_v6:
|
||||||
if (IPv6Address(self.ipv6).exploded[:20] !=
|
if (IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[:20] !=
|
||||||
IPv6Address(prefix_v6).exploded[:20]):
|
IPv6Address(prefix_v6).exploded[:20]):
|
||||||
raise ValidationError(
|
raise ValidationError(
|
||||||
"Le prefixv6 est incorrect et ne correspond pas au type "
|
"Le prefixv6 est incorrect et ne correspond pas au type "
|
||||||
|
@ -1850,7 +1850,7 @@ def machine_post_save(**kwargs):
|
||||||
"""Synchronisation ldap et régen parefeu/dhcp lors de la modification
|
"""Synchronisation ldap et régen parefeu/dhcp lors de la modification
|
||||||
d'une machine"""
|
d'une machine"""
|
||||||
user = kwargs['instance'].user
|
user = kwargs['instance'].user
|
||||||
user.ldap_sync(base=False, access_refresh=False, mac_refresh=True)
|
#user.ldap_sync(base=False, access_refresh=False, mac_refresh=True)
|
||||||
regen('dhcp')
|
regen('dhcp')
|
||||||
regen('mac_ip_list')
|
regen('mac_ip_list')
|
||||||
|
|
||||||
|
|
|
@ -48,6 +48,7 @@ from __future__ import unicode_literals
|
||||||
import re
|
import re
|
||||||
import uuid
|
import uuid
|
||||||
import datetime
|
import datetime
|
||||||
|
import sys
|
||||||
|
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.db.models import Q
|
from django.db.models import Q
|
||||||
|
@ -67,7 +68,7 @@ from django.contrib.auth.models import (
|
||||||
Group
|
Group
|
||||||
)
|
)
|
||||||
from django.core.validators import RegexValidator
|
from django.core.validators import RegexValidator
|
||||||
|
import traceback
|
||||||
from reversion import revisions as reversion
|
from reversion import revisions as reversion
|
||||||
|
|
||||||
import ldapdb.models
|
import ldapdb.models
|
||||||
|
@ -539,51 +540,52 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
|
||||||
mac_refresh : synchronise les machines de l'user
|
mac_refresh : synchronise les machines de l'user
|
||||||
group_refresh : synchronise les group de l'user
|
group_refresh : synchronise les group de l'user
|
||||||
Si l'instance n'existe pas, on crée le ldapuser correspondant"""
|
Si l'instance n'existe pas, on crée le ldapuser correspondant"""
|
||||||
self.refresh_from_db()
|
if sys.version_info[0] >= 3:
|
||||||
try:
|
self.refresh_from_db()
|
||||||
user_ldap = LdapUser.objects.get(uidNumber=self.uid_number)
|
try:
|
||||||
except LdapUser.DoesNotExist:
|
user_ldap = LdapUser.objects.get(uidNumber=self.uid_number)
|
||||||
user_ldap = LdapUser(uidNumber=self.uid_number)
|
except LdapUser.DoesNotExist:
|
||||||
base = True
|
user_ldap = LdapUser(uidNumber=self.uid_number)
|
||||||
access_refresh = True
|
base = True
|
||||||
mac_refresh = True
|
access_refresh = True
|
||||||
if base:
|
mac_refresh = True
|
||||||
user_ldap.name = self.pseudo
|
if base:
|
||||||
user_ldap.sn = self.pseudo
|
user_ldap.name = self.pseudo
|
||||||
user_ldap.dialupAccess = str(self.has_access())
|
user_ldap.sn = self.pseudo
|
||||||
user_ldap.home_directory = '/home/' + self.pseudo
|
user_ldap.dialupAccess = str(self.has_access())
|
||||||
user_ldap.mail = self.get_mail
|
user_ldap.home_directory = '/home/' + self.pseudo
|
||||||
user_ldap.given_name = self.surname.lower() + '_'\
|
user_ldap.mail = self.get_mail
|
||||||
+ self.name.lower()[:3]
|
user_ldap.given_name = self.surname.lower() + '_'\
|
||||||
user_ldap.gid = LDAP['user_gid']
|
+ self.name.lower()[:3]
|
||||||
if '{SSHA}' in self.password or '{SMD5}' in self.password:
|
user_ldap.gid = LDAP['user_gid']
|
||||||
# We remove the extra $ added at import from ldap
|
if '{SSHA}' in self.password or '{SMD5}' in self.password:
|
||||||
user_ldap.user_password = self.password[:6] + self.password[7:]
|
# We remove the extra $ added at import from ldap
|
||||||
elif '{crypt}' in self.password:
|
user_ldap.user_password = self.password[:6] + self.password[7:]
|
||||||
# depending on the length, we need to remove or not a $
|
elif '{crypt}' in self.password:
|
||||||
if len(self.password)==41:
|
# depending on the length, we need to remove or not a $
|
||||||
user_ldap.user_password = self.password
|
if len(self.password)==41:
|
||||||
else:
|
user_ldap.user_password = self.password
|
||||||
user_ldap.user_password = self.password[:7] + self.password[8:]
|
else:
|
||||||
|
user_ldap.user_password = self.password[:7] + self.password[8:]
|
||||||
|
|
||||||
user_ldap.sambat_nt_password = self.pwd_ntlm.upper()
|
user_ldap.sambat_nt_password = self.pwd_ntlm.upper()
|
||||||
if self.get_shell:
|
if self.get_shell:
|
||||||
user_ldap.login_shell = str(self.get_shell)
|
user_ldap.login_shell = str(self.get_shell)
|
||||||
user_ldap.shadowexpire = self.get_shadow_expire
|
user_ldap.shadowexpire = self.get_shadow_expire
|
||||||
if access_refresh:
|
if access_refresh:
|
||||||
user_ldap.dialupAccess = str(self.has_access())
|
user_ldap.dialupAccess = str(self.has_access())
|
||||||
if mac_refresh:
|
if mac_refresh:
|
||||||
user_ldap.macs = [str(mac) for mac in Interface.objects.filter(
|
user_ldap.macs = [str(mac) for mac in Interface.objects.filter(
|
||||||
machine__user=self
|
machine__user=self
|
||||||
).values_list('mac_address', flat=True).distinct()]
|
).values_list('mac_address', flat=True).distinct()]
|
||||||
if group_refresh:
|
if group_refresh:
|
||||||
# Need to refresh all groups because we don't know which groups
|
# Need to refresh all groups because we don't know which groups
|
||||||
# were updated during edition of groups and the user may no longer
|
# were updated during edition of groups and the user may no longer
|
||||||
# be part of the updated group (case of group removal)
|
# be part of the updated group (case of group removal)
|
||||||
for group in Group.objects.all():
|
for group in Group.objects.all():
|
||||||
if hasattr(group, 'listright'):
|
if hasattr(group, 'listright'):
|
||||||
group.listright.ldap_sync()
|
group.listright.ldap_sync()
|
||||||
user_ldap.save()
|
user_ldap.save()
|
||||||
|
|
||||||
def ldap_del(self):
|
def ldap_del(self):
|
||||||
""" Supprime la version ldap de l'user"""
|
""" Supprime la version ldap de l'user"""
|
||||||
|
@ -679,7 +681,7 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
|
||||||
domain.save()
|
domain.save()
|
||||||
self.notif_auto_newmachine(interface_cible)
|
self.notif_auto_newmachine(interface_cible)
|
||||||
except Exception as error:
|
except Exception as error:
|
||||||
return False, error
|
return False, traceback.format_exc()
|
||||||
return interface_cible, "Ok"
|
return interface_cible, "Ok"
|
||||||
|
|
||||||
def notif_auto_newmachine(self, interface):
|
def notif_auto_newmachine(self, interface):
|
||||||
|
|
Loading…
Reference in a new issue