From 9806c2c3cbc12449124abc431dc9bb805677dae9 Mon Sep 17 00:00:00 2001 From: Andrew Williams Date: Sun, 7 Mar 2010 01:53:09 +0000 Subject: [PATCH] Services now use UID by default. --- sso/models.py | 29 +++++++++++++-------- sso/services/__init__.py | 28 ++++++++++---------- sso/services/jabber/__init__.py | 45 ++++++++++++++++++--------------- sso/services/wiki/__init__.py | 36 +++++++++++++------------- 4 files changed, 73 insertions(+), 65 deletions(-) diff --git a/sso/models.py b/sso/models.py index 902f6cb..58c0585 100644 --- a/sso/models.py +++ b/sso/models.py @@ -90,10 +90,10 @@ class Service(models.Model): class ServiceAccount(models.Model): user = models.ForeignKey(User, blank=False) service = models.ForeignKey(Service, blank=False) - username = models.CharField("Service Username", max_length=200, blank=True) - service_uid = models.CharField("Service UID", max_length=200, blank=True) + service_uid = models.CharField("Service UID", max_length=200, blank=False) active = models.BooleanField(default=True) + username = None password = None def __str__(self): @@ -102,19 +102,26 @@ class ServiceAccount(models.Model): def save(self): """ Override default save to setup accounts as needed """ + # If no username has been specified, use the default if not self.username: self.username = self.user.username + # Grab the API class api = self.service.api_class - if self.active: - if not api.check_user(self.username): - self.service_uid = api.add_user(self.username, self.password) + if not self.service_uid: + # Create a account if we've not got a UID + if self.active: + if not api.check_user(self.username): + self.service_uid = api.add_user(self.username, self.password) + else: + raise ExistingUser('Username %s has already been took' % self.username) else: - raise ExistingUser('Username %s has already been took' % self.username) - else: - if api.check_user(self.username): - api.delete_user(self.username) + return + + # Disable account marked as inactive + if self.service_uid and not self.active: + api.disable_user(self.service_uid) # All went OK, save to the DB return models.Model.save(self) @@ -122,7 +129,7 @@ class ServiceAccount(models.Model): @staticmethod def pre_delete_listener( **kwargs ): api = kwargs['instance'].service.api_class - if api.check_user(kwargs['instance'].username): - api.delete_user(kwargs['instance'].username) + if api.check_user(kwargs['instance'].service_uid): + api.delete_user(kwargs['instance'].service_uid) signals.pre_delete.connect(ServiceAccount.pre_delete_listener, sender=ServiceAccount) diff --git a/sso/services/__init__.py b/sso/services/__init__.py index 1a1c150..cabf784 100644 --- a/sso/services/__init__.py +++ b/sso/services/__init__.py @@ -31,25 +31,25 @@ class BaseService(): 'provide_login': False } def add_user(self, username, password): - """ Add a user """ - pass - - def delete_user(self, username): - """ Delete a user """ - pass - - def disable_user(self, username): - """ Disable a user """ - pass - - def enable_user(self, username, password): - """ Enable a user """ + """ Add a user, returns a UID for that user """ pass def check_user(self, username): """ Check if the username exists """ pass - def login(username): + def delete_user(self, uid): + """ Delete a user by uid """ + pass + + def disable_user(self, uid): + """ Disable a user by uid """ + pass + + def enable_user(self, uid, password): + """ Enable a user by uid """ + pass + + def login(uid): """ Login the user and provide cookies back """ pass diff --git a/sso/services/jabber/__init__.py b/sso/services/jabber/__init__.py index 82e7429..b2b022e 100644 --- a/sso/services/jabber/__init__.py +++ b/sso/services/jabber/__init__.py @@ -30,27 +30,6 @@ class JabberService(BaseService): if self.ejctl.register(username.lower(), settings.JABBER_SERVER, password): return '%s@%s' % (username, settings.JABBER_SERVER) - def delete_user(self, username): - """ Delete a user """ - if self.method == "xmpp": - return self.jabberadmin.deluser('%s@%s' % (username, settings.JABBER_SERVER)) - else: - return self.ejctl.unregister(username.lower(), settings.JABBER_SERVER) - - def disable_user(self, username): - """ Disable a user """ - if self.method == "xmpp": - return False - else: - return self.ejctl.ban_user(settings.JABBER_SERVER, username.lower()) - - def enable_user(self, username): - """ Enable a user """ - if self.method == "xmpp": - return False - else: - return self.ejctl.enable_user(settings.JABBER_SERVER, username.lower(), password) - def check_user(self, username): """ Check if the username exists """ if self.method == "xmpp": @@ -60,4 +39,28 @@ class JabberService(BaseService): else: return True + def delete_user(self, uid): + """ Delete a user """ + if self.method == "xmpp": + return self.jabberadmin.deluser(uid) + else: + username, server = uid.split("@") + return self.ejctl.unregister(username, server) + + def disable_user(self, uid): + """ Disable a user """ + if self.method == "xmpp": + return False + else: + username, server = uid.split("@") + return self.ejctl.ban_user(server, username) + + def enable_user(self, uid, password): + """ Enable a user """ + if self.method == "xmpp": + return False + else: + username, server = uid.split("@") + return self.ejctl.enable_user(server, username, password) + ServiceClass = 'JabberService' diff --git a/sso/services/wiki/__init__.py b/sso/services/wiki/__init__.py index a418563..3b23d0d 100644 --- a/sso/services/wiki/__init__.py +++ b/sso/services/wiki/__init__.py @@ -12,7 +12,7 @@ class MediawikiService(BaseService): settings = { 'require_user': False, 'require_password': False, - 'provide_login': True } + 'provide_login': False } SQL_ADD_USER = r"INSERT INTO user (user_name, user_password, user_newpassword, user_options, user_email) VALUES (%s, %s, '', '', '')" @@ -55,29 +55,27 @@ class MediawikiService(BaseService): self._db.connection.commit() return self._clean_username(username) - def delete_user(self, username): - """ Delete a user """ - self.disable_user(username) - - def disable_user(self, username): - """ Disable a user """ - self._dbcursor.execute(self.SQL_DIS_USER, [self._clean_username(username)]) - self._db.connection.commit() - - def enable_user(self, username, password): - """ Enable a user """ - pwhash = self._gen_mw_hash(password) - self._dbcursor.execute(self.SQL_ENABLE_USER, [pwhash, self._clean_username(username)]) - pass - def check_user(self, username): """ Check if the username exists """ self._dbcursor.execute(self.SQL_CHECK_USER, [self._clean_username(username)]) row = self._dbcursor.fetchone() - if row: - return True - + return True return False + def delete_user(self, uid): + """ Delete a user """ + self.disable_user(uid) + + def disable_user(self, uid): + """ Disable a user """ + self._dbcursor.execute(self.SQL_DIS_USER, [uid]) + self._db.connection.commit() + + def enable_user(self, uid, password): + """ Enable a user """ + pwhash = self._gen_mw_hash(password) + self._dbcursor.execute(self.SQL_ENABLE_USER, [pwhash, uid]) + pass + ServiceClass = 'MediawikiService'