[FIX]auth_ldap: now using check_credentials instead of check
bzr revid: dle@openerp.com-20130731152018-fln3urf0expd9ps7
This commit is contained in:
parent
1a0c4dd407
commit
a9718bec29
|
@ -23,10 +23,10 @@ import logging
|
||||||
from ldap.filter import filter_format
|
from ldap.filter import filter_format
|
||||||
|
|
||||||
import openerp.exceptions
|
import openerp.exceptions
|
||||||
from openerp import pooler
|
|
||||||
from openerp import tools
|
from openerp import tools
|
||||||
from openerp.osv import fields, osv
|
from openerp.osv import fields, osv
|
||||||
from openerp import SUPERUSER_ID
|
from openerp import SUPERUSER_ID
|
||||||
|
from openerp.modules.registry import RegistryManager
|
||||||
_logger = logging.getLogger(__name__)
|
_logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
class CompanyLDAP(osv.osv):
|
class CompanyLDAP(osv.osv):
|
||||||
|
@ -191,9 +191,9 @@ class CompanyLDAP(osv.osv):
|
||||||
user_obj = self.pool.get('res.users')
|
user_obj = self.pool.get('res.users')
|
||||||
values = self.map_ldap_attributes(cr, uid, conf, login, ldap_entry)
|
values = self.map_ldap_attributes(cr, uid, conf, login, ldap_entry)
|
||||||
if conf['user']:
|
if conf['user']:
|
||||||
|
values['active'] = True
|
||||||
user_id = user_obj.copy(cr, SUPERUSER_ID, conf['user'],
|
user_id = user_obj.copy(cr, SUPERUSER_ID, conf['user'],
|
||||||
default={'active': True})
|
default=values)
|
||||||
user_obj.write(cr, SUPERUSER_ID, user_id, values)
|
|
||||||
else:
|
else:
|
||||||
user_id = user_obj.create(cr, SUPERUSER_ID, values)
|
user_id = user_obj.create(cr, SUPERUSER_ID, values)
|
||||||
return user_id
|
return user_id
|
||||||
|
@ -246,42 +246,32 @@ class users(osv.osv):
|
||||||
user_id = super(users, self).login(db, login, password)
|
user_id = super(users, self).login(db, login, password)
|
||||||
if user_id:
|
if user_id:
|
||||||
return user_id
|
return user_id
|
||||||
cr = pooler.get_db(db).cursor()
|
registry = RegistryManager.get(db)
|
||||||
ldap_obj = pooler.get_pool(db).get('res.company.ldap')
|
with registry.cursor() as cr:
|
||||||
for conf in ldap_obj.get_ldap_dicts(cr):
|
ldap_obj = registry.get('res.company.ldap')
|
||||||
entry = ldap_obj.authenticate(conf, login, password)
|
|
||||||
if entry:
|
|
||||||
user_id = ldap_obj.get_or_create_user(
|
|
||||||
cr, SUPERUSER_ID, conf, login, entry)
|
|
||||||
if user_id:
|
|
||||||
cr.execute("""UPDATE res_users
|
|
||||||
SET login_date=now() AT TIME ZONE 'UTC'
|
|
||||||
WHERE login=%s""",
|
|
||||||
(tools.ustr(login),))
|
|
||||||
cr.commit()
|
|
||||||
break
|
|
||||||
cr.close()
|
|
||||||
return user_id
|
|
||||||
|
|
||||||
def check(self, db, uid, passwd):
|
|
||||||
try:
|
|
||||||
return super(users,self).check(db, uid, passwd)
|
|
||||||
except openerp.exceptions.AccessDenied:
|
|
||||||
pass
|
|
||||||
|
|
||||||
cr = pooler.get_db(db).cursor()
|
|
||||||
cr.execute('SELECT login FROM res_users WHERE id=%s AND active=TRUE',
|
|
||||||
(int(uid),))
|
|
||||||
res = cr.fetchone()
|
|
||||||
if res:
|
|
||||||
ldap_obj = pooler.get_pool(db).get('res.company.ldap')
|
|
||||||
for conf in ldap_obj.get_ldap_dicts(cr):
|
for conf in ldap_obj.get_ldap_dicts(cr):
|
||||||
if ldap_obj.authenticate(conf, res[0], passwd):
|
entry = ldap_obj.authenticate(conf, login, password)
|
||||||
self._uid_cache.setdefault(db, {})[uid] = passwd
|
if entry:
|
||||||
cr.close()
|
user_id = ldap_obj.get_or_create_user(
|
||||||
return True
|
cr, SUPERUSER_ID, conf, login, entry)
|
||||||
cr.close()
|
if user_id:
|
||||||
raise openerp.exceptions.AccessDenied()
|
break
|
||||||
|
return user_id
|
||||||
|
|
||||||
|
def check_credentials(self, cr, uid, password):
|
||||||
|
try:
|
||||||
|
super(users, self).check_credentials(cr, uid, password)
|
||||||
|
except openerp.exceptions.AccessDenied:
|
||||||
|
|
||||||
|
cr.execute('SELECT login FROM res_users WHERE id=%s AND active=TRUE',
|
||||||
|
(int(uid),))
|
||||||
|
res = cr.fetchone()
|
||||||
|
if res:
|
||||||
|
ldap_obj = self.pool['res.company.ldap']
|
||||||
|
for conf in ldap_obj.get_ldap_dicts(cr):
|
||||||
|
if ldap_obj.authenticate(conf, res[0], password):
|
||||||
|
return
|
||||||
|
raise
|
||||||
|
|
||||||
users()
|
users()
|
||||||
# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
|
# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
|
||||||
|
|
Loading…
Reference in New Issue