mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-26 17:03:45 +00:00
radius, make python compatible, and add traceback
This commit is contained in:
parent
433a85f6c8
commit
df5861424e
2 changed files with 55 additions and 53 deletions
|
@ -1005,7 +1005,7 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
|
|||
@cached_property
|
||||
def gen_ipv6_dhcpv6(self):
|
||||
"""Cree une ip, à assigner avec dhcpv6 sur une machine"""
|
||||
prefix_v6 = self.type.ip_type.prefix_v6
|
||||
prefix_v6 = self.type.ip_type.prefix_v6.encode().decode('utf-8')
|
||||
if not prefix_v6:
|
||||
return None
|
||||
return IPv6Address(
|
||||
|
@ -1331,14 +1331,14 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
|
|||
|
||||
def check_and_replace_prefix(self, prefix=None):
|
||||
"""Si le prefixe v6 est incorrect, on maj l'ipv6"""
|
||||
prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6
|
||||
prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6.encode().decode('utf-8')
|
||||
if not prefix_v6:
|
||||
return
|
||||
if (IPv6Address(self.ipv6).exploded[:20] !=
|
||||
if (IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[:20] !=
|
||||
IPv6Address(prefix_v6).exploded[:20]):
|
||||
self.ipv6 = IPv6Address(
|
||||
IPv6Address(prefix_v6).exploded[:20] +
|
||||
IPv6Address(self.ipv6).exploded[20:]
|
||||
IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[20:]
|
||||
)
|
||||
self.save()
|
||||
|
||||
|
@ -1347,9 +1347,9 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model):
|
|||
.filter(interface=self.interface, slaac_ip=True)
|
||||
.exclude(id=self.id)):
|
||||
raise ValidationError("Une ip slaac est déjà enregistrée")
|
||||
prefix_v6 = self.interface.type.ip_type.prefix_v6
|
||||
prefix_v6 = self.interface.type.ip_type.prefix_v6.encode().decode('utf-8')
|
||||
if prefix_v6:
|
||||
if (IPv6Address(self.ipv6).exploded[:20] !=
|
||||
if (IPv6Address(self.ipv6.encode().decode('utf-8')).exploded[:20] !=
|
||||
IPv6Address(prefix_v6).exploded[:20]):
|
||||
raise ValidationError(
|
||||
"Le prefixv6 est incorrect et ne correspond pas au type "
|
||||
|
@ -1850,7 +1850,7 @@ def machine_post_save(**kwargs):
|
|||
"""Synchronisation ldap et régen parefeu/dhcp lors de la modification
|
||||
d'une machine"""
|
||||
user = kwargs['instance'].user
|
||||
user.ldap_sync(base=False, access_refresh=False, mac_refresh=True)
|
||||
#user.ldap_sync(base=False, access_refresh=False, mac_refresh=True)
|
||||
regen('dhcp')
|
||||
regen('mac_ip_list')
|
||||
|
||||
|
|
|
@ -48,6 +48,7 @@ from __future__ import unicode_literals
|
|||
import re
|
||||
import uuid
|
||||
import datetime
|
||||
import sys
|
||||
|
||||
from django.db import models
|
||||
from django.db.models import Q
|
||||
|
@ -67,7 +68,7 @@ from django.contrib.auth.models import (
|
|||
Group
|
||||
)
|
||||
from django.core.validators import RegexValidator
|
||||
|
||||
import traceback
|
||||
from reversion import revisions as reversion
|
||||
|
||||
import ldapdb.models
|
||||
|
@ -539,51 +540,52 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
|
|||
mac_refresh : synchronise les machines de l'user
|
||||
group_refresh : synchronise les group de l'user
|
||||
Si l'instance n'existe pas, on crée le ldapuser correspondant"""
|
||||
self.refresh_from_db()
|
||||
try:
|
||||
user_ldap = LdapUser.objects.get(uidNumber=self.uid_number)
|
||||
except LdapUser.DoesNotExist:
|
||||
user_ldap = LdapUser(uidNumber=self.uid_number)
|
||||
base = True
|
||||
access_refresh = True
|
||||
mac_refresh = True
|
||||
if base:
|
||||
user_ldap.name = self.pseudo
|
||||
user_ldap.sn = self.pseudo
|
||||
user_ldap.dialupAccess = str(self.has_access())
|
||||
user_ldap.home_directory = '/home/' + self.pseudo
|
||||
user_ldap.mail = self.get_mail
|
||||
user_ldap.given_name = self.surname.lower() + '_'\
|
||||
+ self.name.lower()[:3]
|
||||
user_ldap.gid = LDAP['user_gid']
|
||||
if '{SSHA}' in self.password or '{SMD5}' in self.password:
|
||||
# We remove the extra $ added at import from ldap
|
||||
user_ldap.user_password = self.password[:6] + self.password[7:]
|
||||
elif '{crypt}' in self.password:
|
||||
# depending on the length, we need to remove or not a $
|
||||
if len(self.password)==41:
|
||||
user_ldap.user_password = self.password
|
||||
else:
|
||||
user_ldap.user_password = self.password[:7] + self.password[8:]
|
||||
if sys.version_info[0] >= 3:
|
||||
self.refresh_from_db()
|
||||
try:
|
||||
user_ldap = LdapUser.objects.get(uidNumber=self.uid_number)
|
||||
except LdapUser.DoesNotExist:
|
||||
user_ldap = LdapUser(uidNumber=self.uid_number)
|
||||
base = True
|
||||
access_refresh = True
|
||||
mac_refresh = True
|
||||
if base:
|
||||
user_ldap.name = self.pseudo
|
||||
user_ldap.sn = self.pseudo
|
||||
user_ldap.dialupAccess = str(self.has_access())
|
||||
user_ldap.home_directory = '/home/' + self.pseudo
|
||||
user_ldap.mail = self.get_mail
|
||||
user_ldap.given_name = self.surname.lower() + '_'\
|
||||
+ self.name.lower()[:3]
|
||||
user_ldap.gid = LDAP['user_gid']
|
||||
if '{SSHA}' in self.password or '{SMD5}' in self.password:
|
||||
# We remove the extra $ added at import from ldap
|
||||
user_ldap.user_password = self.password[:6] + self.password[7:]
|
||||
elif '{crypt}' in self.password:
|
||||
# depending on the length, we need to remove or not a $
|
||||
if len(self.password)==41:
|
||||
user_ldap.user_password = self.password
|
||||
else:
|
||||
user_ldap.user_password = self.password[:7] + self.password[8:]
|
||||
|
||||
user_ldap.sambat_nt_password = self.pwd_ntlm.upper()
|
||||
if self.get_shell:
|
||||
user_ldap.login_shell = str(self.get_shell)
|
||||
user_ldap.shadowexpire = self.get_shadow_expire
|
||||
if access_refresh:
|
||||
user_ldap.dialupAccess = str(self.has_access())
|
||||
if mac_refresh:
|
||||
user_ldap.macs = [str(mac) for mac in Interface.objects.filter(
|
||||
machine__user=self
|
||||
).values_list('mac_address', flat=True).distinct()]
|
||||
if group_refresh:
|
||||
# Need to refresh all groups because we don't know which groups
|
||||
# were updated during edition of groups and the user may no longer
|
||||
# be part of the updated group (case of group removal)
|
||||
for group in Group.objects.all():
|
||||
if hasattr(group, 'listright'):
|
||||
group.listright.ldap_sync()
|
||||
user_ldap.save()
|
||||
user_ldap.sambat_nt_password = self.pwd_ntlm.upper()
|
||||
if self.get_shell:
|
||||
user_ldap.login_shell = str(self.get_shell)
|
||||
user_ldap.shadowexpire = self.get_shadow_expire
|
||||
if access_refresh:
|
||||
user_ldap.dialupAccess = str(self.has_access())
|
||||
if mac_refresh:
|
||||
user_ldap.macs = [str(mac) for mac in Interface.objects.filter(
|
||||
machine__user=self
|
||||
).values_list('mac_address', flat=True).distinct()]
|
||||
if group_refresh:
|
||||
# Need to refresh all groups because we don't know which groups
|
||||
# were updated during edition of groups and the user may no longer
|
||||
# be part of the updated group (case of group removal)
|
||||
for group in Group.objects.all():
|
||||
if hasattr(group, 'listright'):
|
||||
group.listright.ldap_sync()
|
||||
user_ldap.save()
|
||||
|
||||
def ldap_del(self):
|
||||
""" Supprime la version ldap de l'user"""
|
||||
|
@ -679,7 +681,7 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
|
|||
domain.save()
|
||||
self.notif_auto_newmachine(interface_cible)
|
||||
except Exception as error:
|
||||
return False, error
|
||||
return False, traceback.format_exc()
|
||||
return interface_cible, "Ok"
|
||||
|
||||
def notif_auto_newmachine(self, interface):
|
||||
|
|
Loading…
Reference in a new issue