U dc@sddlmZddlmZddlTddlmZddlmZddl m Z ddl Z ddl m Z mZmZmZmZdd lmZGd d d e jZdS) )Loggerfields)*) log_config)LOG_NAME)cmf_auth_ldap_pluginN)TlsServer ConnectionNTLMSIMPLE)cached_propertycseZdZdZejjdZeedddZ de e dddZ fd d Z d d Z d ddddfdd ZddZddZeddZZS)CmfAuthLdapPluginN)logger)returncCst|S)uE Журнал логирования процесса импорта )rZ get_logger get_files_dirselfr-./modules/auth/models/cmf_auth_ldap_plugin.pyrszCmfAuthLdapPlugin.logger)ldap_user_name ldap_user_pwdc Os|dddg|s|jjj}|s,|jjj}ttjtjdd}t |jj d|jj |d}t }t ||||d|jjd }|r|Sd } |j| t| dS) Nplugin.ext_urlplugin.ext_portconnection_timeoutz"/etc/ssl/certs/ca-certificates.crt)ZvalidateversionZ ca_certs_file:)ZtlsF)userpasswordauthenticationZauto_referralsZreceive_timeoutuxНе удалось подключиться к серверу, неправильный логин или пароль.)Z load_fieldsZpluginZ ext_loginvalueZ ext_passwordr sslZ CERT_OPTIONALZPROTOCOL_TLSv1_2r Zext_urlZext_portr r rZbindrerror Exception) rrrargskwargsZtls_configurationZserverr connerrrrrconnects*    zCmfAuthLdapPlugin.connectcstddddddgS)Nrrz plugin.loginzplugin.passwordbase_dndomain)supersave_preload_fieldsr __class__rrr-*sz%CmfAuthLdapPlugin.save_preload_fieldscCs|jjs dS|jdkr~d|_d|_d|_d|_d|_d|_d|_d |_ d |_ d |_ d |_ d |_ d|_d|_d|_d|_d|_np|jdkrd|_d|_d|_d|_d|_d|_d|_d |_ d|_ d|_ d|_ d|_ d|_d|_d|_d|_d|_dS)NZadrz,(&(objectCategory=Person)(sAMAccountName=*))ZsAMAccountNameZcnZ givenNameZsnZ displayNameZmailZ unicodePwdZ plaintextZ objectGUIDgroupz(objectCategory=Group) descriptionmemberZmemberOfZldapZ inetorgpersonz(objectclass=inetorgperson)Z userPasswordZshaZ entryUUIDZgroupOfUniqueNamesz (objectclass=groupOfUniqueNames)Z uniqueMember)Zdirectory_typeZ is_changeduser_object_classZuser_object_class_filteruser_full_name_attrZ user_rdn_attrZuser_name_attrZuser_last_name_attrZuser_display_name_attrZuser_email_attrZuser_password_attrZuser_password_crypt user_uid_attrZgroup_object_classZgroup_object_class_filterZgroup_name_attrZgroup_desc_attrZgroup_users_attrZuser_groups_attrrrrr_process_directory_type.sL  z)CmfAuthLdapPlugin._process_directory_typerTdepthnotifyemitorderno_filtercstj|||||d|S)Nr7)r,save)rr8r9r:r;r%r&r.rrr<XszCmfAuthLdapPlugin.savec Csz|h}d|jd|jd|d}|rl|j|jj|ddrl|jD]&}||j|rD|W5QRSqDW5QRXdS)u?Авторизация через внешнюю системуz(&(ObjectClass=z)(=z))r)Z attributesN)r)r3r4searchr*r!entriesZentry_dn)rloginrr'Z_filterresrrrsignin]s   zCmfAuthLdapPlugin.signincOs|dtS)N/)rr)rr%r&rrrget_log_filenamegsz"CmfAuthLdapPlugin.get_log_filenamec Cstdd}|jdgdD]}zH|||}|rdtjjt||jjjdgd}tj j|j dWSWqt k r}z|j d|d|W5d}~XYqXq|S) Nget_by_challenge_respzplugin.*rr@)Zext_idr)r@u?Неудачная попытка авторизации login=z: )printlistrBZmodelsZ CmfPersongetgetattrr5r!ZCmfAuthr@r$rr#)clsr@rrAZ auth_pluginZpersonerrrrEjs ,z'CmfAuthLdapPlugin.get_by_challenge_resp)NN)__name__ __module__ __qualname__Z_CmfAuthLdapPlugin__connectrrZ ui_meta_skiprrrstrr)r-r6r<rBrD classmethodrE __classcell__rrr.rr s  * r)ZloggingrZcmfrZ cmf.includeZcmf.modules.logsrZcmf.modules.logs.log_configrZmodules.auth.fieldsrr"Zldap3r r r r r rrrrrrs