[Scripts/git/.git] / django / mit / __init__.py

from django.contrib.auth.middleware import RemoteUserMiddleware
from django.contrib.auth.backends import RemoteUserBackend
from django.contrib.auth.views import login
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponseRedirect
from django.contrib import auth
from django.core.exceptions import ObjectDoesNotExist
import settings

def zephyr(msg, clas='remit', instance='log', rcpt='adehnert',):
    import os
    os.system("zwrite -d -c '%s' -i '%s' '%s' -m '%s'" % (clas, instance, rcpt, msg, ))

class ScriptsRemoteUserMiddleware(RemoteUserMiddleware):
    header = 'SSL_CLIENT_S_DN_Email'

class ScriptsRemoteUserBackend(RemoteUserBackend):
    def clean_username(self, username, ):
        if '@' in username:
            name, domain = username.split('@')
            assert domain.upper() == 'MIT.EDU'
            return name
        else:
            return username
    def configure_user(self, user, ):
        username = user.username
        import ldap
        con = ldap.open('ldap.mit.edu')
        con.simple_bind_s("", "")
        dn = "dc=mit,dc=edu"
        fields = ['cn', 'sn', 'givenName', 'mail', ]
        result = con.search_s('dc=mit,dc=edu', ldap.SCOPE_SUBTREE, 'uid=%s'%username, fields)
        if len(result) == 1:
            user.first_name = result[0][1]['givenName'][0]
            user.last_name = result[0][1]['sn'][0]
            user.email = result[0][1]['mail'][0]
            try:
                user.groups.add(auth.models.Group.objects.get(name='mit'))
            except ObjectDoesNotExist:
                print "Failed to retrieve mit group"
            user.save()
        try:
            user.groups.add(auth.models.Group.objects.get(name='autocreated'))
        except ObjectDoesNotExist:
            print "Failed to retrieve autocreated group"
        return user

def scripts_login(request, **kwargs):
    if request.META['HTTP_HOST'] == 'localhost':
        return login(request, **kwargs)
    elif request.META['SERVER_PORT'] == '444':
        if request.user.is_authenticated():
            # They're already authenticated --- go ahead and redirect
            if 'redirect_field_name' in kwargs:
                redirect_field_name = kwargs['redirect_field_names']
            else:
                from django.contrib.auth import REDIRECT_FIELD_NAME
                redirect_field_name = REDIRECT_FIELD_NAME
            redirect_to = request.REQUEST.get(redirect_field_name, '')
            if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
                redirect_to = settings.LOGIN_REDIRECT_URL
            return HttpResponseRedirect(redirect_to)
        else:
            return login(request, **kwargs)
    else:
        # Move to port 444
        host = request.META['HTTP_HOST'].split(':')[0]
        redirect_to = "https://%s:444%s" % (host, request.META['REQUEST_URI'], )
        return HttpResponseRedirect(redirect_to)
Commit	Line	Data
606f938b	1	from django.contrib.auth.middleware import RemoteUserMiddleware
34b7ba86	2	from django.contrib.auth.backends import RemoteUserBackend
31769b1f AD	3	from django.contrib.auth.views import login
	4	from django.contrib.auth import REDIRECT_FIELD_NAME
	5	from django.http import HttpResponseRedirect
34b7ba86	6	from django.contrib import auth
358136f9	7	from django.core.exceptions import ObjectDoesNotExist
31769b1f	8	import settings
606f938b AD	9
	10	def zephyr(msg, clas='remit', instance='log', rcpt='adehnert',):
	11	import os
	12	os.system("zwrite -d -c '%s' -i '%s' '%s' -m '%s'" % (clas, instance, rcpt, msg, ))
	13
	14	class ScriptsRemoteUserMiddleware(RemoteUserMiddleware):
	15	header = 'SSL_CLIENT_S_DN_Email'
34b7ba86 AD	16
	17	class ScriptsRemoteUserBackend(RemoteUserBackend):
	18	def clean_username(self, username, ):
606f938b AD	19	if '@' in username:
	20	name, domain = username.split('@')
	21	assert domain.upper() == 'MIT.EDU'
	22	return name
	23	else:
34b7ba86	24	return username
9c504e48 AD	25	def configure_user(self, user, ):
	26	username = user.username
	27	import ldap
	28	con = ldap.open('ldap.mit.edu')
	29	con.simple_bind_s("", "")
	30	dn = "dc=mit,dc=edu"
	31	fields = ['cn', 'sn', 'givenName', 'mail', ]
	32	result = con.search_s('dc=mit,dc=edu', ldap.SCOPE_SUBTREE, 'uid=%s'%username, fields)
	33	if len(result) == 1:
	34	user.first_name = result[0][1]['givenName'][0]
	35	user.last_name = result[0][1]['sn'][0]
	36	user.email = result[0][1]['mail'][0]
358136f9 AD	37	try:
	38	user.groups.add(auth.models.Group.objects.get(name='mit'))
	39	except ObjectDoesNotExist:
	40	print "Failed to retrieve mit group"
9c504e48	41	user.save()
358136f9 AD	42	try:
	43	user.groups.add(auth.models.Group.objects.get(name='autocreated'))
	44	except ObjectDoesNotExist:
	45	print "Failed to retrieve autocreated group"
9c504e48	46	return user
31769b1f AD	47
	48	def scripts_login(request, **kwargs):
	49	if request.META['HTTP_HOST'] == 'localhost':
	50	return login(request, **kwargs)
	51	elif request.META['SERVER_PORT'] == '444':
	52	if request.user.is_authenticated():
	53	# They're already authenticated --- go ahead and redirect
	54	if 'redirect_field_name' in kwargs:
	55	redirect_field_name = kwargs['redirect_field_names']
	56	else:
	57	from django.contrib.auth import REDIRECT_FIELD_NAME
	58	redirect_field_name = REDIRECT_FIELD_NAME
	59	redirect_to = request.REQUEST.get(redirect_field_name, '')
	60	if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
	61	redirect_to = settings.LOGIN_REDIRECT_URL
	62	return HttpResponseRedirect(redirect_to)
	63	else:
	64	return login(request, **kwargs)
	65	else:
	66	# Move to port 444
	67	host = request.META['HTTP_HOST'].split(':')[0]
	68	redirect_to = "https://%s:444%s" % (host, request.META['REQUEST_URI'], )
	69	return HttpResponseRedirect(redirect_to)