← Back to branch summary

~openerp-commiter/openobject-addons/trunk-extra-addons

« back to all changes in this revision

Viewing changes to users_ldap/users_ldap.py

  • Committer: Jay vora
  • Date: 2008-05-20 11:35:25 UTC
  • Revision ID: jvo@tinyerp.com-03a2449166812d882b00fbed4ab6e013486d0833

Show diffs side-by-side

added added

removed removed

Lines of Context:
users_ldap/users_ldap.py
38
38
        logger = netsvc.Logger()
39
39
        logger.notifyChannel("init", netsvc.LOG_WARNING, "could not import ldap!")
40
40
 
 
41
 
 
42
class CompanyLDAP(osv.osv):
 
43
        _name = 'res.company.ldap'
 
44
        _order = 'sequence'
 
45
        _rec_name = 'ldap_server'
 
46
        _columns = {
 
47
                'sequence': fields.integer('Sequence'),
 
48
                'company': fields.many2one('res.company', 'Company', required=True,
 
49
                        ondelete='cascade'),
 
50
                'ldap_server': fields.char('LDAP Server address', size=64, required=True),
 
51
                'ldap_binddn': fields.char('LDAP binddn', size=64, required=True),
 
52
                'ldap_password': fields.char('LDAP password', size=64, required=True),
 
53
                'ldap_filter': fields.char('LDAP filter', size=64, required=True),
 
54
                'ldap_base': fields.char('LDAP base', size=64, required=True),
 
55
                'user': fields.many2one('res.users', 'Model user',
 
56
                        help="Model used for user creation"),
 
57
                'create_user': fields.boolean('Create user',
 
58
                        help="Create the user if not in database"),
 
59
        }
 
60
        _defaults = {
 
61
                'sequence': lambda *a: 10,
 
62
                'create_user': lambda *a: True,
 
63
        }
 
64
 
 
65
CompanyLDAP()
 
66
 
 
67
 
41
68
class res_company(osv.osv):
42
69
        _inherit = "res.company"
43
70
 
44
71
        _columns = {
45
 
                'ldap_server': fields.char('LDAP Server address', size=64),
46
 
                'ldap_binddn': fields.char('LDAP binddn', size=64),
47
 
                'ldap_password': fields.char('LDAP password', size=64),
48
 
                'ldap_filter': fields.char('LDAP filter', size=64),
49
 
                'ldap_base': fields.char('LDAP base', size=64),
 
72
                'ldaps': fields.one2many('res.company.ldap', 'company', 'LDAP Parameters'),
50
73
        }
51
74
res_company()
52
75
 
58
81
                if module_ids:
59
82
                        state = module_obj.read(cr, 1, module_ids, ['state'])[0]['state']
60
83
                        if state in ('installed', 'to upgrade', 'to remove'):
61
 
                                cr.execute("select id, name, ldap_server, ldap_binddn, ldap_password, ldap_filter, ldap_base from res_company where ldap_server != '' and ldap_binddn != ''")
62
 
                                for res_company in cr.dictfetchall():
 
84
                                cr.execute("select id, company, ldap_server, ldap_binddn, ldap_password, ldap_filter, ldap_base, \"user\", create_user from res_company_ldap where ldap_server != '' and ldap_binddn != '' order by sequence")
 
85
                                for res_company_ldap in cr.dictfetchall():
63
86
                                        try:
64
 
                                                l = ldap.open(res_company['ldap_server'])
65
 
                                                if l.simple_bind_s(res_company['ldap_binddn'], res_company['ldap_password']):
66
 
                                                        base = res_company['ldap_base']
 
87
                                                l = ldap.open(res_company_ldap['ldap_server'])
 
88
                                                if l.simple_bind_s(res_company_ldap['ldap_binddn'], res_company_ldap['ldap_password']):
 
89
                                                        base = res_company_ldap['ldap_base']
67
90
                                                        scope = ldap.SCOPE_SUBTREE
68
 
                                                        filter = res_company['ldap_filter']%(login,)
 
91
                                                        filter = res_company_ldap['ldap_filter']%(login,)
69
92
                                                        retrieve_attributes = None
70
93
                                                        result_id = l.search(base, scope, filter, retrieve_attributes)
71
94
                                                        timeout = 60
82
105
                                                                        if res:
83
106
                                                                                cr.close()
84
107
                                                                                return res[0]
 
108
                                                                        if not res_company_ldap['create_user']:
 
109
                                                                                continue
85
110
                                                                        users_obj = pooler.get_pool(cr.dbname).get('res.users')
86
111
                                                                        action_obj = pooler.get_pool(cr.dbname).get('ir.actions.actions')
87
112
                                                                        action_id = action_obj.search(cr, 1, [('usage', '=', 'menu')])[0]
88
 
                                                                        res = users_obj.create(cr, 1, {
89
 
                                                                                'name': name,
90
 
                                                                                'login': login.encode('utf-8'),
91
 
                                                                                'company_id': res_company['id'],
92
 
                                                                                'action_id': action_id,
93
 
                                                                                'menu_id': action_id,
94
 
                                                                                })
 
113
                                                                        if res_company_ldap['user']:
 
114
                                                                                res = users_obj.copy(cr, 1, res_company_ldap['user'],
 
115
                                                                                                default={'active': True})
 
116
                                                                                users_obj.write(cr, 1, res, {
 
117
                                                                                        'name': name,
 
118
                                                                                        'login': login.encode('utf-8'),
 
119
                                                                                        'company_id': res_company_ldap['company'],
 
120
                                                                                        })
 
121
                                                                        else:
 
122
                                                                                res = users_obj.create(cr, 1, {
 
123
                                                                                        'name': name,
 
124
                                                                                        'login': login.encode('utf-8'),
 
125
                                                                                        'company_id': res_company_ldap['company'],
 
126
                                                                                        'action_id': action_id,
 
127
                                                                                        'menu_id': action_id,
 
128
                                                                                        })
95
129
                                                                        cr.commit()
96
130
                                                                        cr.close()
97
131
                                                                        return res
116
150
                        if state in ('installed', 'to upgrade', 'to remove'):
117
151
                                users_obj = pooler.get_pool(cr.dbname).get('res.users')
118
152
                                user = users_obj.browse(cr, 1, uid)
119
 
                                if user and user.company_id.ldap_server and user.company_id.ldap_binddn:
120
 
                                        company = user.company_id
121
 
                                        try:
122
 
                                                l = ldap.open(company.ldap_server)
123
 
                                                if l.simple_bind_s(company.ldap_binddn, company.ldap_password):
124
 
                                                        base = company['ldap_base']
125
 
                                                        scope = ldap.SCOPE_SUBTREE
126
 
                                                        filter = company['ldap_filter']%(user.login,)
127
 
                                                        retrieve_attributes = None
128
 
                                                        result_id = l.search(base, scope, filter, retrieve_attributes)
129
 
                                                        timeout = 60
130
 
                                                        result_type, result_data = l.result(result_id, timeout)
131
 
                                                        if result_data and result_type == ldap.RES_SEARCH_RESULT and len(result_data) == 1:
132
 
                                                                dn=result_data[0][0]
133
 
                                                                name=result_data[0][1]['cn']
134
 
                                                                if l.bind_s(dn, passwd):
135
 
                                                                        l.unbind()
136
 
                                                                        security._uid_cache[uid] = passwd
137
 
                                                                        cr.close()
138
 
                                                                        return True
139
 
                                                        l.unbind()
140
 
                                        except Exception, e:
141
 
                                                pass
 
153
                                if user and user.company_id.ldaps:
 
154
                                        for res_company_ldap in user.company_id.ldaps:
 
155
                                                try:
 
156
                                                        l = ldap.open(res_company_ldap.ldap_server)
 
157
                                                        if l.simple_bind_s(res_company_ldap.ldap_binddn,
 
158
                                                                        res_company_ldap.ldap_password):
 
159
                                                                base = res_company_ldap.ldap_base
 
160
                                                                scope = ldap.SCOPE_SUBTREE
 
161
                                                                filter = res_company_ldap.ldap_filter % (user.login,)
 
162
                                                                retrieve_attributes = None
 
163
                                                                result_id = l.search(base, scope, filter, retrieve_attributes)
 
164
                                                                timeout = 60
 
165
                                                                result_type, result_data = l.result(result_id, timeout)
 
166
                                                                if result_data and result_type == ldap.RES_SEARCH_RESULT and len(result_data) == 1:
 
167
                                                                        dn=result_data[0][0]
 
168
                                                                        name=result_data[0][1]['cn']
 
169
                                                                        if l.bind_s(dn, passwd):
 
170
                                                                                l.unbind()
 
171
                                                                                security._uid_cache[uid] = passwd
 
172
                                                                                cr.close()
 
173
                                                                                return True
 
174
                                                                l.unbind()
 
175
                                                except Exception, e:
 
176
                                                        pass
142
177
                cr.close()
143
178
                return oldfnc(db, uid, passwd)
144
179
        return _ldap_check