check Keyholder status of users

This commit is contained in:
Simon Pirkelmann 2021-08-23 21:06:18 +02:00
parent 14c783b2c1
commit 4307d54505

View File

@ -207,18 +207,19 @@ def create_application(config):
new_user_data['password'] = hash_password(password) new_user_data['password'] = hash_password(password)
new_user_data['roles'] = [] new_user_data['roles'] = []
lock_permission = con.search('ou=Users,dc=imaginaerraum,dc=de', lock_permission = con.search('ou=Users,dc=imaginaerraum,dc=de',
f'(&(uid={username})(memberof=cn=Members,ou=Groups,dc=imaginaerraum,dc=de))', f'(&(uid={username})(memberof=cn=Keyholders,ou=Groups,dc=imaginaerraum,dc=de))',
attributes=ldap3.ALL_ATTRIBUTES) attributes=ldap3.ALL_ATTRIBUTES)
authorized = True
if lock_permission: if lock_permission:
new_user_data['email'] = con.entries[0].mail.value new_user_data['email'] = con.entries[0].mail.value
else: else:
new_user_data['email'] = None authorized = False
token_granting_permission = con.search('ou=Users,dc=imaginaerraum,dc=de', token_granting_permission = con.search('ou=Users,dc=imaginaerraum,dc=de',
f'(&(uid={username})(memberof=cn=Vorstand,ou=Groups,dc=imaginaerraum,dc=de))') f'(&(uid={username})(memberof=cn=Vorstand,ou=Groups,dc=imaginaerraum,dc=de))')
if token_granting_permission: if token_granting_permission:
new_user_data['roles'].append('admin') new_user_data['roles'].append('admin')
return True, new_user_data return authorized, new_user_data
class ExtendedLoginForm(LoginForm): class ExtendedLoginForm(LoginForm):
email = StringField('Benutzername oder E-Mail', [Required()]) email = StringField('Benutzername oder E-Mail', [Required()])
@ -677,8 +678,9 @@ def create_application(config):
@app.route('/open') @app.route('/open')
@auth_required() @auth_required()
def open_door(): def open_door():
try: try:
door.open_door() door.open_door(user=current_user.username)
logger.info(f"Door opened by admin user {current_user.username}") logger.info(f"Door opened by admin user {current_user.username}")
except Exception as e: except Exception as e:
flash(f'Could not open door. Exception: {e}') flash(f'Could not open door. Exception: {e}')
@ -689,7 +691,7 @@ def create_application(config):
@auth_required() @auth_required()
def close_door(): def close_door():
try: try:
door.close_door() door.close_door(user=current_user.username)
logger.info(f"Door closed by admin user {current_user.username}") logger.info(f"Door closed by admin user {current_user.username}")
except Exception as e: except Exception as e:
flash(f'Could not close door. Exception: {e}') flash(f'Could not close door. Exception: {e}')