forms.py 3 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
# -*- coding: utf-8 -*-
#
# Copyright (C) 2017 Antoine BERNARD
# Authors: Antoine BERNARD <abernard@crans.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
"""
    Formulaire de l'application password_reset
"""
21 22 23

from __future__ import unicode_literals

24 25 26 27 28 29 30
#: Import des formulaires
from django import forms

#: i18n de l'intranet
from django.utils.translation import ugettext_lazy as _

#: Fonctions de communication avec la base LDAP
31
from ldap import FILTER_ERROR
32
from lc_ldap import shortcuts, crans_utils
33

34

35 36
class EmailForm(forms.Form):
    """
37
        Formulaire de demande d'une adresse e-mail.
38 39 40 41 42 43 44 45 46 47 48 49
    """
    email = forms.EmailField(
        label=_(u'Adresse e-mail'),
        max_length=254,
        required=True
    )

    def get_user(self):
        """
            Renvoie l'objet LDAP à partir de l'e-mail
        """
        try:
50
            email = crans_utils.escape(self.cleaned_data['email'])
51 52 53 54 55 56
            conn = shortcuts.lc_ldap_readonly()
            # On cherches les objets LDAP tels que :
            # * le mail est dans le champ `mail` ou `mailExt`
            # * et il a droit de se connecter
            # * et c'est un adhérent
            # * et il a un compte crans
57
            # * et il n'a pas de droits
58
            res = conn.search(
59
                "(&(|(mail=%s)(mailExt=%s))\
60
                (!(shadowExpire=0))(aid=*)(uid=*)(!(droits=*)))"
61 62 63
                % (email, email)
            )
            return res[0]
64 65
        except FILTER_ERROR:
            return []
66 67 68 69 70 71 72 73 74
        except IndexError:
            return []


class UsernameForm(forms.Form):
    """
        Formulaire de demande d'un login Cr@ns.
    """
    username = forms.CharField(
75
        label=_("Nom d'utilisateur Cr@ns"),
76 77 78 79 80 81 82 83 84
        max_length=254,
        required=True
    )

    def get_user(self):
        """
            Renvoie l'objet LDAP à partir du login
        """
        try:
85
            login = crans_utils.escape(self.cleaned_data['username'])
86 87 88 89 90
            conn = shortcuts.lc_ldap_readonly()
            # On cherches les objets LDAP tels que :
            # * le login est dans le champ `uid`
            # * et il a droit de se connecter
            # * et c'est un adhérent
91 92
            # * et il n'a pas de droits
            res = conn.search(
93
                "(&(uid=%s)(!(shadowExpire=0))(aid=*)(!(droits=*)))" % login
94
            )
95
            return res[0]
96 97
        except FILTER_ERROR:
            return []
98 99
        except IndexError:
            return []