diff --git a/src/memberdb/account_backend.py b/src/memberdb/account_backend.py index cf3162ada40cefea82bcdcfb0006fdf577c5a5eb..a66364c1eb36981ea2af36143cb650d641f97893 100644 --- a/src/memberdb/account_backend.py +++ b/src/memberdb/account_backend.py @@ -19,6 +19,9 @@ import memberdb.models from datetime import date from squarepay import dispense +import shutil +import os + log = logging.getLogger('ldap') @@ -28,6 +31,10 @@ ldap_user_dn = getattr(settings, 'LDAP_USER_SEARCH_DN') ldap_base_dn = getattr(settings, 'LDAP_BASE_DN') ldap_bind_dn = getattr(settings, 'LDAP_BIND_DN') ldap_bind_secret = getattr(settings, 'LDAP_BIND_SECRET') +make_home_cmd = "sudo python3 root_actions.py" +make_mail_cmd = 'ssh -i %s root@mooneye "/usr/local/mailman/bin/add_members" -r- ucc-announce <<< %s@ucc.asn.au' +make_mail_key = './mooneye.key' + maxuid_dn = "CN=uccdomayne,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,"+ldap_base_dn @@ -179,8 +186,7 @@ def unlock_account(username): reason = "account unlocked by uccportal on %s" % str(today) dispense.set_dispense_flag(username, '!disabled', reason) -# Account creation steps: -# +# Account creation def create_ad_user(form_data, member): log.info("I: creating new account for %s (%s)") @@ -265,12 +271,15 @@ def create_ad_user(form_data, member): ld.unbind(); return True; -def create_homes(member): - return -def set_email_forwarding(member, addr): - return +def make_home(member,formdata): + user = member.username + mail = formdata['email_address'] if formdata['forward'] else "" + return subprocess.call(make_home_cmd, user, mail) + + def subscribe_to_list(member): - return + return os.system(make_mail_cmd % (make_mail_key, member.username)) + def set_pin(member, pin): return diff --git a/src/memberdb/makehomes.sh b/src/memberdb/makehomes.sh new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/src/memberdb/root_actions.py b/src/memberdb/root_actions.py index 411fafd31aca27b55fc6827b1c7eaaabf0c62cf5..f822c827c42a44cb4bf4669db34fd37f3d19fef2 100644 --- a/src/memberdb/root_actions.py +++ b/src/memberdb/root_actions.py @@ -1,47 +1,56 @@ import sys import os import shutil +import subprocess ## WARNING ## # this script runs with elevated permissions # def main(): os.umask(0o077) - + if len(sys.argv) != 2: - return + return 1 user = sys.argv[0] mail = sys.argv[1] + # abort if user does not exist + if subprocess.call(["id", user], stderr=subprocess.DEVNULL) != 0: + return 1 + + homes = { ('/home/ucc/%s' % user, '/home/wheel/bin/skel/ucc'), ('/away/ucc/%s' % user, '/home/wheel/bin/skel/away') } - + # make homes try: for home,skel in homes: shutil.copytree(skel,home,copy_function=copy) os.system('chown -R %s:gumby %s' % (user, home)) - + home = homes[0][0] + # set world writable (for webpage) + os.system('chmod a+x %s' % home) + os.system('chmod a+rX %s/public-html' % home) except: - exit(1) + return 1 - home = homes[0][0] - # set world writable (for webpage) - os.system('chmod a+x %s' % home) - os.system('chmod a+rX %s/public-html' % home) + # write .forward + try: + if (mailaddr != ""): + forward = '%s/.forward' % home + f = open(forward,"w") + f.write(mailaddr) + f.close() + shutil.chown(forward,user,"gumby") + os.chmod(forward, 0o644) + except: + return 1 +if __name__ == "__main__": + main() - if (mailaddr != ""): - forward = '%s/.forward' % home - f = open(forward,"w") - f.write(mailaddr) - f.close() - shutil.chown(forward,user,"gumby") - os.chmod(forward, 0o644) - -