clean up
parent
3fd36123de
commit
e358bafcca
|
@ -1,7 +1,15 @@
|
|||
import flask_wtf
|
||||
import wtforms
|
||||
import secrets
|
||||
|
||||
secret_key = '9c2n8t5nrvbyt7cm3v4n87tnv45'
|
||||
hackerspace_name = 'Warsaw Hackerspace'
|
||||
secret_key = secrets.token_hex(32)
|
||||
|
||||
# Kerberos configuration
|
||||
|
||||
kadmin_principal_map = "{}@HACKERSPACE.PL"
|
||||
|
||||
# LDAP configuration
|
||||
|
||||
ldap_url = 'ldap://ldap.hackerspace.pl'
|
||||
dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl"
|
||||
|
@ -19,7 +27,7 @@ admin_groups = {
|
|||
admin_dn = 'cn=ldapweb,ou=Services,dc=hackerspace,dc=pl'
|
||||
admin_pw = 'changeme'
|
||||
|
||||
hackerspace_name = 'Warsaw Hackerspace'
|
||||
# LDAP attribute configuration
|
||||
|
||||
readable_names = {
|
||||
'commonname': u'Common Name',
|
||||
|
@ -51,27 +59,8 @@ can_delete = can_add
|
|||
can_modify = can_add | set([
|
||||
'givenname', 'surname', 'commonname', 'gecos',
|
||||
])
|
||||
can = { 'add':can_add, 'mod':can_modify, 'del':can_delete }
|
||||
can = { 'add': can_add, 'mod': can_modify, 'del': can_delete }
|
||||
admin_required = set()
|
||||
|
||||
|
||||
perm_errors = {
|
||||
'add': 'You cannot add this attribute!',
|
||||
'mod': 'You cannot change this attribute!',
|
||||
'del': 'You cannot delete this attribute!',
|
||||
}
|
||||
std_templates = {
|
||||
'add': 'ops/add.html',
|
||||
'mod': 'ops/mod.html',
|
||||
'del': 'ops/del.html',
|
||||
}
|
||||
|
||||
|
||||
|
||||
default_field = (wtforms.fields.StringField, {})
|
||||
fields = { 'telephonenumber': (wtforms.fields.StringField, {'validators': [wtforms.validators.Regexp(r'[+0-9 ]+')]})}
|
||||
|
||||
kadmin_passwd = True
|
||||
kadmin_principal_map = "{}@HACKERSPACE.PL"
|
||||
|
||||
TOKEN_LENGTH = 32
|
||||
|
|
|
@ -13,16 +13,6 @@ bp = flask.Blueprint('passwd', __name__)
|
|||
def passwd_form():
|
||||
return flask.render_template('passwd.html')
|
||||
|
||||
def _passwd_ldap(current, new):
|
||||
conn = context.get_connection()
|
||||
dn = context.get_dn()
|
||||
try:
|
||||
conn.passwd_s(dn, current. new)
|
||||
return True
|
||||
except ldap.LDAPError as e:
|
||||
print('LDAP error:', e)
|
||||
return False
|
||||
|
||||
def _passwd_kadmin(current, new):
|
||||
username = flask.session.get('username')
|
||||
try:
|
||||
|
@ -41,13 +31,7 @@ def passwd_action():
|
|||
flask.flash(u"New passwords don't match", category='danger')
|
||||
return flask.render_template('passwd.html')
|
||||
|
||||
result = False
|
||||
if config.kadmin_passwd:
|
||||
result = _passwd_kadmin(current, new)
|
||||
else:
|
||||
result = _passwd_ldap(current, new)
|
||||
|
||||
if result:
|
||||
if _passwd_kadmin(current, new):
|
||||
flask.flash(u'Password changed', category='info')
|
||||
else:
|
||||
flask.flash(u'Wrong password', category='danger')
|
||||
|
|
|
@ -10,7 +10,19 @@ bp = flask.Blueprint('vcard', __name__)
|
|||
def str_to_ldap(s):
|
||||
return s.encode('utf-8')
|
||||
|
||||
def attr_op(op, attrName, uid = None, templates=config.std_templates, success_redirect='/vcard',
|
||||
perm_errors = {
|
||||
'add': 'You cannot add this attribute!',
|
||||
'mod': 'You cannot change this attribute!',
|
||||
'del': 'You cannot delete this attribute!',
|
||||
}
|
||||
|
||||
templates = {
|
||||
'add': 'ops/add.html',
|
||||
'mod': 'ops/mod.html',
|
||||
'del': 'ops/del.html',
|
||||
}
|
||||
|
||||
def attr_op(op, attrName, uid = None, success_redirect='/vcard',
|
||||
fatal_redirect='/vcard'):
|
||||
try:
|
||||
attr, old_value = None, None
|
||||
|
@ -21,7 +33,7 @@ def attr_op(op, attrName, uid = None, templates=config.std_templates, success_re
|
|||
form = DelForm() if op == 'del' else app.forms[attrName](value=old_value)
|
||||
form.attr_data = attr
|
||||
if attrName not in config.can[op]:
|
||||
flask.flash(config.perm_errors[op], 'danger')
|
||||
flask.flash(perm_errors[op], 'danger')
|
||||
return flask.redirect(fatal_redirect)
|
||||
if form.validate_on_submit():
|
||||
if op in ['add', 'mod']:
|
||||
|
|
Loading…
Reference in New Issue