8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-12-27 09:23:47 +00:00

radius, make python compatible, and add traceback

This commit is contained in:
Charlie Jacomme 2018-08-10 16:45:17 +02:00 committed by chirac
parent 433a85f6c8
commit df5861424e
2 changed files with 55 additions and 53 deletions

View file

@ -1005,7 +1005,7 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
@cached_property @cached_property
def gen_ipv6_dhcpv6(self): def gen_ipv6_dhcpv6(self):
"""Cree une ip, à assigner avec dhcpv6 sur une machine""" """Cree une ip, à assigner avec dhcpv6 sur une machine"""
prefix_v6 = self.type.ip_type.prefix_v6 prefix_v6 = self.type.ip_type.prefix_v6.encode().decode('utf-8')
if not prefix_v6: if not prefix_v6:
return None return None
return IPv6Address( return IPv6Address(
@ -1331,14 +1331,14 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
def check_and_replace_prefix(self, prefix=None): def check_and_replace_prefix(self, prefix=None):
"""Si le prefixe v6 est incorrect, on maj l'ipv6""" """Si le prefixe v6 est incorrect, on maj l'ipv6"""
prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6 prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6.encode().decode('utf-8')
if not prefix_v6: if not prefix_v6:
return return
if (IPv6Address(self.ipv6).exploded[:20] != if (IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[:20] !=
IPv6Address(prefix_v6).exploded[:20]): IPv6Address(prefix_v6).exploded[:20]):
self.ipv6 = IPv6Address( self.ipv6 = IPv6Address(
IPv6Address(prefix_v6).exploded[:20] + IPv6Address(prefix_v6).exploded[:20] +
IPv6Address(self.ipv6).exploded[20:] IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[20:]
) )
self.save() self.save()
@ -1347,9 +1347,9 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
.filter(interface=self.interface, slaac_ip=True) .filter(interface=self.interface, slaac_ip=True)
.exclude(id=self.id)): .exclude(id=self.id)):
raise ValidationError("Une ip slaac est déjà enregistrée") raise ValidationError("Une ip slaac est déjà enregistrée")
prefix_v6 = self.interface.type.ip_type.prefix_v6 prefix_v6 = self.interface.type.ip_type.prefix_v6.encode().decode('utf-8')
if prefix_v6: if prefix_v6:
if (IPv6Address(self.ipv6).exploded[:20] != if (IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[:20] !=
IPv6Address(prefix_v6).exploded[:20]): IPv6Address(prefix_v6).exploded[:20]):
raise ValidationError( raise ValidationError(
"Le prefixv6 est incorrect et ne correspond pas au type " "Le prefixv6 est incorrect et ne correspond pas au type "
@ -1850,7 +1850,7 @@ def machine_post_save(**kwargs):
"""Synchronisation ldap et régen parefeu/dhcp lors de la modification """Synchronisation ldap et régen parefeu/dhcp lors de la modification
d'une machine""" d'une machine"""
user = kwargs['instance'].user user = kwargs['instance'].user
user.ldap_sync(base=False, access_refresh=False, mac_refresh=True) #user.ldap_sync(base=False, access_refresh=False, mac_refresh=True)
regen('dhcp') regen('dhcp')
regen('mac_ip_list') regen('mac_ip_list')

View file

@ -48,6 +48,7 @@ from __future__ import unicode_literals
import re import re
import uuid import uuid
import datetime import datetime
import sys
from django.db import models from django.db import models
from django.db.models import Q from django.db.models import Q
@ -67,7 +68,7 @@ from django.contrib.auth.models import (
Group Group
) )
from django.core.validators import RegexValidator from django.core.validators import RegexValidator
import traceback
from reversion import revisions as reversion from reversion import revisions as reversion
import ldapdb.models import ldapdb.models
@ -539,51 +540,52 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
mac_refresh : synchronise les machines de l'user mac_refresh : synchronise les machines de l'user
group_refresh : synchronise les group de l'user group_refresh : synchronise les group de l'user
Si l'instance n'existe pas, on crée le ldapuser correspondant""" Si l'instance n'existe pas, on crée le ldapuser correspondant"""
self.refresh_from_db() if sys.version_info[0] >= 3:
try: self.refresh_from_db()
user_ldap = LdapUser.objects.get(uidNumber=self.uid_number) try:
except LdapUser.DoesNotExist: user_ldap = LdapUser.objects.get(uidNumber=self.uid_number)
user_ldap = LdapUser(uidNumber=self.uid_number) except LdapUser.DoesNotExist:
base = True user_ldap = LdapUser(uidNumber=self.uid_number)
access_refresh = True base = True
mac_refresh = True access_refresh = True
if base: mac_refresh = True
user_ldap.name = self.pseudo if base:
user_ldap.sn = self.pseudo user_ldap.name = self.pseudo
user_ldap.dialupAccess = str(self.has_access()) user_ldap.sn = self.pseudo
user_ldap.home_directory = '/home/' + self.pseudo user_ldap.dialupAccess = str(self.has_access())
user_ldap.mail = self.get_mail user_ldap.home_directory = '/home/' + self.pseudo
user_ldap.given_name = self.surname.lower() + '_'\ user_ldap.mail = self.get_mail
+ self.name.lower()[:3] user_ldap.given_name = self.surname.lower() + '_'\
user_ldap.gid = LDAP['user_gid'] + self.name.lower()[:3]
if '{SSHA}' in self.password or '{SMD5}' in self.password: user_ldap.gid = LDAP['user_gid']
# We remove the extra $ added at import from ldap if '{SSHA}' in self.password or '{SMD5}' in self.password:
user_ldap.user_password = self.password[:6] + self.password[7:] # We remove the extra $ added at import from ldap
elif '{crypt}' in self.password: user_ldap.user_password = self.password[:6] + self.password[7:]
# depending on the length, we need to remove or not a $ elif '{crypt}' in self.password:
if len(self.password)==41: # depending on the length, we need to remove or not a $
user_ldap.user_password = self.password if len(self.password)==41:
else: user_ldap.user_password = self.password
user_ldap.user_password = self.password[:7] + self.password[8:] else:
user_ldap.user_password = self.password[:7] + self.password[8:]
user_ldap.sambat_nt_password = self.pwd_ntlm.upper() user_ldap.sambat_nt_password = self.pwd_ntlm.upper()
if self.get_shell: if self.get_shell:
user_ldap.login_shell = str(self.get_shell) user_ldap.login_shell = str(self.get_shell)
user_ldap.shadowexpire = self.get_shadow_expire user_ldap.shadowexpire = self.get_shadow_expire
if access_refresh: if access_refresh:
user_ldap.dialupAccess = str(self.has_access()) user_ldap.dialupAccess = str(self.has_access())
if mac_refresh: if mac_refresh:
user_ldap.macs = [str(mac) for mac in Interface.objects.filter( user_ldap.macs = [str(mac) for mac in Interface.objects.filter(
machine__user=self machine__user=self
).values_list('mac_address', flat=True).distinct()] ).values_list('mac_address', flat=True).distinct()]
if group_refresh: if group_refresh:
# Need to refresh all groups because we don't know which groups # Need to refresh all groups because we don't know which groups
# were updated during edition of groups and the user may no longer # were updated during edition of groups and the user may no longer
# be part of the updated group (case of group removal) # be part of the updated group (case of group removal)
for group in Group.objects.all(): for group in Group.objects.all():
if hasattr(group, 'listright'): if hasattr(group, 'listright'):
group.listright.ldap_sync() group.listright.ldap_sync()
user_ldap.save() user_ldap.save()
def ldap_del(self): def ldap_del(self):
""" Supprime la version ldap de l'user""" """ Supprime la version ldap de l'user"""
@ -679,7 +681,7 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
domain.save() domain.save()
self.notif_auto_newmachine(interface_cible) self.notif_auto_newmachine(interface_cible)
except Exception as error: except Exception as error:
return False, error return False, traceback.format_exc()
return interface_cible, "Ok" return interface_cible, "Ok"
def notif_auto_newmachine(self, interface): def notif_auto_newmachine(self, interface):