Commits

Zhang Huangbin committed 650e4cf

Remove userdn in session.

Comments (0)

Files changed (6)

controllers/ldap/basic.py

 
         if self.auth_result == True:
             session['username'] = username
-            session['userdn'] = userdn
             session['logged'] = True
 
             web.config.session_parameters['cookie_name'] = 'iRedAdmin'

controllers/ldap/preferences.py

     def POST(self):
         # Get passwords.
         i = web.input()
-        self.result = prefLib.update(i)
+        result = prefLib.update(i)
         self.langs = prefLib.get_langs()
 
         cur_lang = self.langs.pop('cur_lang')
-        if self.result is True:
+        if result is True:
             msg = 'SUCCESS'
             web.render = iredutils.setRenderLang(web.render, cur_lang, oldlang=session.get('lang'),)
         else:
-            msg = self.result
+            msg = result
 
         return render.preferences(
                 cur_lang=cur_lang,
             'webmaster': cfg.general.get('webmaster'),
             'default_quota': cfg.general.get('default_quota', '1024'),
             'username': None,
-            'userdn': None,
             'logged': False,
             'failedTimes': 0,   # Integer.
             'lang': lang,

libs/ldaplib/ldaputils.py

 
 def convEmailToAdminDN(email):
     """Convert email address to ldap dn of mail domain admin."""
-    email = str(email).strip()
-    if len(email.split('@', 1)) == 2:
-        user, domain = email.split('@', 1)
-    else:
-        return False
+    mail = web.safestr(mail).strip()
 
     # Admin DN format.
     # mail=user@domain.ltd,[LDAP_DOMAINADMIN_DN]
-    dn = '%s=%s,%s' % ( attrs.USER_RDN, email, domainadmin_dn)
+    dn = '%s=%s,%s' % ( attrs.USER_RDN, mail, domainadmin_dn)
 
     return escape_filter_chars(dn)
 

libs/ldaplib/preferences.py

 
         # Get current language.
         self.cur_lang = self.conn.search_s(
-                session.get('userdn'),
+                ldaputils.convEmailToAdminDN(session.get('username')),
                 ldap.SCOPE_BASE,
                 '(&(objectClass=mailAdmin)(%s=%s))' % (attrs.USER_RDN, session.get('username')),
                 ['preferredLanguage'],
         mod_attrs = [
                 (ldap.MOD_REPLACE, 'preferredLanguage', self.lang)
                 ]
-        dn = session.get('userdn')
+        self.dn = ldaputils.convEmailToAdminDN(session.get('username'))
         try:
-            self.conn.modify_s(dn, mod_attrs)
-            return True
+            self.conn.modify_s(self.dn, mod_attrs)
+            return (True, 'SUCCESS')
         except ldap.LDAPError, e:
-            return str(e)
+            return (False, str(e))

libs/ldaplib/user.py

     # Get values of user dn.
     @LDAPDecorators.check_domain_access
     def profile(self, mail):
-        self.dn = ldaputils.convEmailToUserDN(mail)
+        self.mail = web.safestr(mail)
+        self.dn = ldaputils.convEmailToUserDN(self.mail)
         self.user_profile = self.conn.search_s(
                 str(self.dn),
                 ldap.SCOPE_BASE,
 
         msg = {}
         for mail in mails:
-            dn = ldaputils.convEmailToUserDN(mail)
+            self.mail = web.safestr(mail)
+            dn = ldaputils.convEmailToUserDN(self.mail)
 
             try:
                 deltree.DelTree( self.conn, dn, ldap.SCOPE_SUBTREE )
             except ldap.LDAPError, e:
-                msg[mail] = str(e)
+                msg[self.mail] = str(e)
 
         if msg == {}: return True
         else: return False