Commits

sqbell committed 479af4e

Added a few fields to add new user page, some samba password functions and modified the ldif that is sent to LDAP server.

  • Participants
  • Parent commits 27eb99a

Comments (0)

Files changed (5)

File libs/ldaplib/iredldif.py

 import web
 from libs import iredutils
 from libs.ldaplib import ldaputils
+from time import time
 
 cfg = web.iredconfig
 
 
 
 # Define and return LDIF structure of mail user.
-def ldif_mailuser(domain, username, cn, passwd, quota=0, aliasDomains=[], groups=[], storageBaseDirectory=None, ):
+def ldif_mailuser(domain, username, cn, passwd, quota=0, aliasDomains=[], groups=[], storageBaseDirectory=None, samba={},):
     domain = str(domain).lower()
     username = str(username).strip().replace(' ', '').lower()
     mail = username + '@' + domain
 
     # Generate basic LDIF.
     ldif = [
-        ('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', ]),
         ('mail', [mail]),
         ('userPassword', [str(passwd)]),
         ('sn', [username]),
         ('amavisLocal', ['TRUE']),
         ]
 
+    # If anything in samba list
+    if len(samba) != 0:
+        # Object classes
+        ldif += [('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', 'sambaSamAccount', 'posixAccount'])]
+
+        # Posix attributes
+        ldif += [
+            ('uidNumber', [samba['uid_number']]),
+            ('gidNumber', [samba['gid_number']]),
+            ]
+
+        # Samba attributes
+        ldif += [
+            ('sambaAcctFlags', ['[U          ]']),
+            ('sambaPasswordHistory', ['0000000000000000000000000000000000000000000000000000000000000000']),
+            ('sambaSID', [samba['samba_sid']]),
+            ('sambaNTPassword', [samba['samba_passwd']]),
+            ('sambaPwdLastSet', [str(int(time()))]),
+            ]
+    else:
+        ldif += [('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', ])]
+
+    import pdb; pdb.set_trace()
+
     # Append @shadowAddress.
     shadowAddresses = []
     for d in aliasDomains:

File libs/ldaplib/ldaputils.py

     salt = os.urandom(8)
     if sys.version_info[1] < 5:  # Python 2.5
         import sha
+        from Crypto.Hash import MD4
         if pwscheme == 'SSHA':
             h = sha.new(password)
             h.update(salt)
         elif pwscheme == 'SHA':
             h = sha.new(password)
             pw = "{SHA}" + b64encode(h.digest())
+        elif pwscheme == 'SAMBA':
+            h = MD4.new(password.encode('utf-16le'))
+            pw = h.hexdigest().upper()
         else:
             pw = password
     else:
         elif pwscheme == 'SHA':
             h = hashlib.sha1(password)
             pw = "{SSHA}" + b64encode(h.digest())
+        elif pwscheme == 'SAMBA':
+            pw = hashlib.new('md4', password.encode('utf-16le')).hexdigest().upper()
         else:
             pw = password
 

File libs/ldaplib/user.py

 import web
 from libs import iredutils, settings
 from libs.ldaplib import core, domain as domainlib, attrs, ldaputils, iredldif, connUtils, decorators, deltree
+from time import time
 
 cfg = web.iredconfig
 session = web.config.get('_session')
     def profile(self, domain, mail, accountType='user'):
         self.mail = web.safestr(mail)
         self.domain = self.mail.split('@', 1)[-1]
-
+        #import pdb; pdb.set_trace()
         if self.domain != domain:
             raise web.seeother('/domains?msg=PERMISSION_DENIED')
 
         self.mail = self.username + '@' + self.domain
         self.groups = data.get('groups', [])
 
+        # import pdb; pdb.set_trace()
+
         if not iredutils.isDomain(self.domain) or not iredutils.isEmail(self.mail):
             return (False, 'MISSING_DOMAIN_OR_USERNAME')
 
 
         self.defaultStorageBaseDirectory = domainAccountSetting.get('defaultStorageBaseDirectory', None)
 
+        sambaHash = {}
+        if web.safestr(data.get('ddriveStatus')):
+            sambaHash['uid_number']     = web.safestr(data.get('uidNumber'))
+            sambaHash['gid_number']     = web.safestr(data.get('gidNumber'))
+            sambaHash['samba_sid']      = '234234234'
+            sambaHash['samba_passwd']   = ldaputils.generateLDAPPasswd(result[1], pwscheme='SAMBA')
+
         # Get default mail lists which set in domain accountSetting.
         ldif = iredldif.ldif_mailuser(
             domain=self.domain,
             quota=self.quota,
             groups=self.groups,
             storageBaseDirectory=self.defaultStorageBaseDirectory,
+            samba=sambaHash,
         )
 
         domain_dn = ldaputils.convKeywordToDN(self.domain, accountType='domain')

File templates/default/ldap/user/create.html

 
 {% from "macros/general.html" import
         display_csrf_token,
-        display_input_cn, 
+        display_input_cn,
         display_reset_password,
         display_random_password,
         display_quota,
+        display_gid_number,
+        display_uid_number,
+        display_ddrive_status
         with context
         %}
 {% from "macros/msgHandlers.html" import userMsgHandler with context %}
                                     )
                         }}
 
+
+                        {{ display_ddrive_status(ddriveStatus, accountType='user') }}
+
+                        {{ display_gid_number(gidNumber) }}
+                        {{ display_uid_number(uidNumber) }}
+
                     </div>{# .col2-3 #}
                     <div class="col1-4 lastcol">
                         {{ display_random_password(maxPasswordLength) }}

File templates/default/macros/general.html

     </div>
 {%- endmacro %}
 
+{# Display ddriveStatus #}
+{% macro display_ddrive_status(ddriveStatus, accountType='user') %}
+    {% if ddriveStatus is sameas none %}
+        {% set ddriveStatus = none %}
+    {% endif %}
+
+    <div class="form-field clear">
+        {% if accountType == 'domain' %}
+            <h4 class="size-250 fl-space">{{ _('Enable this domain') }}</h4>
+        {% else %}
+            <h4 class="size-250 fl-space">{{ _('Enable dDrive') }}</h4>
+        {% endif %}
+
+        <div class="form-checkbox-item clear fl-space2">
+            <input name="ddriveStatus" value="active" type="checkbox" rel="checkboxhorizont" class="checkbox fl-space" {% if ddriveStatus in ['active', 1, '1',] %}checked{%endif%} />
+        </div>
+    </div>
+{%- endmacro %}
+
+{% macro display_uid_number(value='') -%}
+    {% if value is sameas none %}
+        {% set value = '' %}
+    {% endif %}
+    <div class="form-field clear">
+        <h4 class="size-250 fl-space">{{ _('User ID number') }}</h4>
+        <span class="clean-padding bt-space20"><input type="text" name="uidNumber" value="{% if value != 'None' %}{{ value |e }}{% endif %}" size="35" class="text" /></span>
+    </div>
+{%- endmacro %}
+
+{% macro display_gid_number(value='') -%}
+    {% if value is sameas none %}
+        {% set value = '' %}
+    {% endif %}
+    <div class="form-field clear">
+        <h4 class="size-250 fl-space">{{ _('Group ID number') }}</h4>
+        <span class="clean-padding bt-space20"><input type="text" name="gidNumber" value="{% if value != 'None' %}{{ value |e }}{% endif %}" size="35" class="text" /></span>
+    </div>
+{%- endmacro %}
+
 {% macro display_reset_password(show_oldpw=false, show_confirmpw=true, min_passwd_length='0', max_passwd_length='0', store_in_plain=false) -%}
 
     {% if min_passwd_length != '0' and max_passwd_length != '0'%}