clean up
parent
3fd36123de
commit
e358bafcca
|
@ -1,7 +1,15 @@
|
||||||
import flask_wtf
|
import flask_wtf
|
||||||
import wtforms
|
import wtforms
|
||||||
|
import secrets
|
||||||
|
|
||||||
secret_key = '9c2n8t5nrvbyt7cm3v4n87tnv45'
|
hackerspace_name = 'Warsaw Hackerspace'
|
||||||
|
secret_key = secrets.token_hex(32)
|
||||||
|
|
||||||
|
# Kerberos configuration
|
||||||
|
|
||||||
|
kadmin_principal_map = "{}@HACKERSPACE.PL"
|
||||||
|
|
||||||
|
# LDAP configuration
|
||||||
|
|
||||||
ldap_url = 'ldap://ldap.hackerspace.pl'
|
ldap_url = 'ldap://ldap.hackerspace.pl'
|
||||||
dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl"
|
dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl"
|
||||||
|
@ -19,7 +27,7 @@ admin_groups = {
|
||||||
admin_dn = 'cn=ldapweb,ou=Services,dc=hackerspace,dc=pl'
|
admin_dn = 'cn=ldapweb,ou=Services,dc=hackerspace,dc=pl'
|
||||||
admin_pw = 'changeme'
|
admin_pw = 'changeme'
|
||||||
|
|
||||||
hackerspace_name = 'Warsaw Hackerspace'
|
# LDAP attribute configuration
|
||||||
|
|
||||||
readable_names = {
|
readable_names = {
|
||||||
'commonname': u'Common Name',
|
'commonname': u'Common Name',
|
||||||
|
@ -51,27 +59,8 @@ can_delete = can_add
|
||||||
can_modify = can_add | set([
|
can_modify = can_add | set([
|
||||||
'givenname', 'surname', 'commonname', 'gecos',
|
'givenname', 'surname', 'commonname', 'gecos',
|
||||||
])
|
])
|
||||||
can = { 'add':can_add, 'mod':can_modify, 'del':can_delete }
|
can = { 'add': can_add, 'mod': can_modify, 'del': can_delete }
|
||||||
admin_required = set()
|
admin_required = set()
|
||||||
|
|
||||||
|
|
||||||
perm_errors = {
|
|
||||||
'add': 'You cannot add this attribute!',
|
|
||||||
'mod': 'You cannot change this attribute!',
|
|
||||||
'del': 'You cannot delete this attribute!',
|
|
||||||
}
|
|
||||||
std_templates = {
|
|
||||||
'add': 'ops/add.html',
|
|
||||||
'mod': 'ops/mod.html',
|
|
||||||
'del': 'ops/del.html',
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
default_field = (wtforms.fields.StringField, {})
|
default_field = (wtforms.fields.StringField, {})
|
||||||
fields = { 'telephonenumber': (wtforms.fields.StringField, {'validators': [wtforms.validators.Regexp(r'[+0-9 ]+')]})}
|
fields = { 'telephonenumber': (wtforms.fields.StringField, {'validators': [wtforms.validators.Regexp(r'[+0-9 ]+')]})}
|
||||||
|
|
||||||
kadmin_passwd = True
|
|
||||||
kadmin_principal_map = "{}@HACKERSPACE.PL"
|
|
||||||
|
|
||||||
TOKEN_LENGTH = 32
|
|
||||||
|
|
|
@ -13,16 +13,6 @@ bp = flask.Blueprint('passwd', __name__)
|
||||||
def passwd_form():
|
def passwd_form():
|
||||||
return flask.render_template('passwd.html')
|
return flask.render_template('passwd.html')
|
||||||
|
|
||||||
def _passwd_ldap(current, new):
|
|
||||||
conn = context.get_connection()
|
|
||||||
dn = context.get_dn()
|
|
||||||
try:
|
|
||||||
conn.passwd_s(dn, current. new)
|
|
||||||
return True
|
|
||||||
except ldap.LDAPError as e:
|
|
||||||
print('LDAP error:', e)
|
|
||||||
return False
|
|
||||||
|
|
||||||
def _passwd_kadmin(current, new):
|
def _passwd_kadmin(current, new):
|
||||||
username = flask.session.get('username')
|
username = flask.session.get('username')
|
||||||
try:
|
try:
|
||||||
|
@ -41,13 +31,7 @@ def passwd_action():
|
||||||
flask.flash(u"New passwords don't match", category='danger')
|
flask.flash(u"New passwords don't match", category='danger')
|
||||||
return flask.render_template('passwd.html')
|
return flask.render_template('passwd.html')
|
||||||
|
|
||||||
result = False
|
if _passwd_kadmin(current, new):
|
||||||
if config.kadmin_passwd:
|
|
||||||
result = _passwd_kadmin(current, new)
|
|
||||||
else:
|
|
||||||
result = _passwd_ldap(current, new)
|
|
||||||
|
|
||||||
if result:
|
|
||||||
flask.flash(u'Password changed', category='info')
|
flask.flash(u'Password changed', category='info')
|
||||||
else:
|
else:
|
||||||
flask.flash(u'Wrong password', category='danger')
|
flask.flash(u'Wrong password', category='danger')
|
||||||
|
|
|
@ -10,7 +10,19 @@ bp = flask.Blueprint('vcard', __name__)
|
||||||
def str_to_ldap(s):
|
def str_to_ldap(s):
|
||||||
return s.encode('utf-8')
|
return s.encode('utf-8')
|
||||||
|
|
||||||
def attr_op(op, attrName, uid = None, templates=config.std_templates, success_redirect='/vcard',
|
perm_errors = {
|
||||||
|
'add': 'You cannot add this attribute!',
|
||||||
|
'mod': 'You cannot change this attribute!',
|
||||||
|
'del': 'You cannot delete this attribute!',
|
||||||
|
}
|
||||||
|
|
||||||
|
templates = {
|
||||||
|
'add': 'ops/add.html',
|
||||||
|
'mod': 'ops/mod.html',
|
||||||
|
'del': 'ops/del.html',
|
||||||
|
}
|
||||||
|
|
||||||
|
def attr_op(op, attrName, uid = None, success_redirect='/vcard',
|
||||||
fatal_redirect='/vcard'):
|
fatal_redirect='/vcard'):
|
||||||
try:
|
try:
|
||||||
attr, old_value = None, None
|
attr, old_value = None, None
|
||||||
|
@ -21,7 +33,7 @@ def attr_op(op, attrName, uid = None, templates=config.std_templates, success_re
|
||||||
form = DelForm() if op == 'del' else app.forms[attrName](value=old_value)
|
form = DelForm() if op == 'del' else app.forms[attrName](value=old_value)
|
||||||
form.attr_data = attr
|
form.attr_data = attr
|
||||||
if attrName not in config.can[op]:
|
if attrName not in config.can[op]:
|
||||||
flask.flash(config.perm_errors[op], 'danger')
|
flask.flash(perm_errors[op], 'danger')
|
||||||
return flask.redirect(fatal_redirect)
|
return flask.redirect(fatal_redirect)
|
||||||
if form.validate_on_submit():
|
if form.validate_on_submit():
|
||||||
if op in ['add', 'mod']:
|
if op in ['add', 'mod']:
|
||||||
|
|
Loading…
Reference in New Issue