From 21c638755ee8ef14a020a14fadca6c1d2e3d36ab Mon Sep 17 00:00:00 2001 From: Jean28518 Date: Sat, 27 Apr 2024 10:35:40 +0200 Subject: [PATCH] Add User UUID readonly on user edit field #74 --- src/lac/idm/forms.py | 1 + src/lac/idm/ldap.py | 6 +++--- src/lac/idm/views.py | 1 + src/lac/unix/unix_scripts/unix.py | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/lac/idm/forms.py b/src/lac/idm/forms.py index 816efe6..f23e6dd 100644 --- a/src/lac/idm/forms.py +++ b/src/lac/idm/forms.py @@ -25,6 +25,7 @@ class AdministratorUserForm(forms.Form): admin = forms.BooleanField(label="Administrator", required=False, widget=forms.CheckboxInput) class AdministratorUserEditForm(forms.Form): + guid = forms.CharField(label="objectGUID", max_length=100, disabled=True, required=False) password = forms.CharField(label="Neues Passwort setzen", max_length=100, widget=forms.PasswordInput, required=False) first_name = forms.CharField(label="Vorname", max_length=100, required=False) last_name = forms.CharField(label="Nachname", max_length=100, required=False) diff --git a/src/lac/idm/ldap.py b/src/lac/idm/ldap.py index 8a24cc4..f3b4aa0 100644 --- a/src/lac/idm/ldap.py +++ b/src/lac/idm/ldap.py @@ -50,7 +50,7 @@ def get_user_information_of_cn(cn): user_information["last_name"] = ldap_reply[0][1].get("sn", [b""])[0].decode('utf-8') user_information["displayName"] = ldap_reply[0][1].get("displayName", [b""])[0].decode('utf-8') user_information["mail"] = ldap_reply[0][1].get("mail", [b""])[0].decode('utf-8') - user_information["objectGUID"] = ldap_reply[0][1].get("objectGUID", [b""])[0].hex() + user_information["guid"] = ldap_reply[0][1].get("objectGUID", [b""])[0].hex() user_information["enabled"] = int(ldap_reply[0][1].get("userAccountControl", [b'512'])[0]) & 2 == 0 user_information["dn"] = dn user_information["cn"] = cn @@ -205,7 +205,7 @@ def ldap_get_all_users(): mail = user.get("mail", [b''])[0].decode('utf-8') cn = user.get("cn", [b''])[0].decode('utf-8') groups = user.get("memberOf", []) - objectGUID = user.get("objectGUID", [b''])[0].hex() + guid = user.get("objectGUID", [b''])[0].hex() enabled = int(user.get("userAccountControl", [b'512'])[0]) & 2 == 0 for i in range(len(groups)): groups[i] = groups[i].decode('utf-8') @@ -213,7 +213,7 @@ def ldap_get_all_users(): if ldap_is_system_user(cn): continue - users.append({"dn": dn, "displayName": displayName, "mail": mail, "cn": cn, "groups": groups, "objectGUID": objectGUID, "enabled": enabled, "admin": is_user_in_group({"groups": groups}, "Administrators")}) + users.append({"dn": dn, "displayName": displayName, "mail": mail, "cn": cn, "groups": groups, "guid": guid, "enabled": enabled, "admin": is_user_in_group({"groups": groups}, "Administrators")}) return users def ldap_is_system_user(cn): diff --git a/src/lac/idm/views.py b/src/lac/idm/views.py index 6cc6aed..3e1e01a 100644 --- a/src/lac/idm/views.py +++ b/src/lac/idm/views.py @@ -180,6 +180,7 @@ def edit_user(request, cn): form = AdministratorUserEditForm() if form_data != {}: form = AdministratorUserEditForm(form_data) + form.fields["guid"].initial = form_data.get("guid", "") return render(request, "idm/admin/edit_user.html", {"form": form, "message": message, "cn": cn})# @staff_member_required(login_url=settings.LOGIN_URL) diff --git a/src/lac/unix/unix_scripts/unix.py b/src/lac/unix/unix_scripts/unix.py index 3aa0b90..a694217 100644 --- a/src/lac/unix/unix_scripts/unix.py +++ b/src/lac/unix/unix_scripts/unix.py @@ -403,7 +403,7 @@ def get_nextcloud_user_directories(): for ldap_user in ldap_users: for nextcloud_user in nextcloud_users: # Match only the last 8 characters of the objectGUID with the last 8 characters of the username, because the objectGUID of ldap_users is slightly different from the username of nextcloud_users - if ldap_user["objectGUID"].upper()[-8:-1] == nextcloud_user["name"].replace("-", "")[-8:-1]: + if ldap_user["guid"].upper()[-8:-1] == nextcloud_user["name"].replace("-", "")[-8:-1]: nextcloud_user["name"] = ldap_user["cn"] return nextcloud_users