[checkmk-commits] Check_MK Git: check_mk: Only increasing user serial when account is being locked or the pw/ secret change

git version control git at mathias-kettner.de
Wed Nov 21 14:35:05 CET 2012


Module: check_mk
Branch: master
Commit: 05cb1a0a94d6d26e10998270dced7bd9236bc864
URL:    http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=05cb1a0a94d6d26e10998270dced7bd9236bc864

Author: Lars Michelsen <lm at mathias-kettner.de>
Date:   Tue Nov 13 14:53:26 2012 +0100

Only increasing user serial when account is being locked or the pw/secret change

---

 web/htdocs/wato.py         |    8 +++++++-
 web/plugins/userdb/ldap.py |    2 +-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 261a022..7c96457 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -7942,6 +7942,10 @@ def mode_edit_user(phase):
             raise MKUserError(_("You cannot lock your own account!"))
         new_user["locked"] = html.get_checkbox("locked")
 
+        increase_serial = False
+        if users[id] != new_user["locked"] and new_user["locked"]:
+            increase_serial = True # when user is being locked now, increase the auth serial
+
         # Authentication: Password or Secret
         auth_method = html.var("authmethod")
         if auth_method == "secret":
@@ -7950,6 +7954,7 @@ def mode_edit_user(phase):
                 raise MKUserError('secret', _("Please specify a secret of at least 10 characters length."))
             new_user["automation_secret"] = secret
             new_user["password"] = userdb.encrypt_password(secret)
+            increase_serial = True # password changed, reflect in auth serial
 
         else:
             password = html.var("password").strip()
@@ -7968,11 +7973,12 @@ def mode_edit_user(phase):
 
             if password:
                 new_user["password"] = userdb.encrypt_password(password)
+                increase_serial = True # password changed, reflect in auth serial
 
         # Set initial password serial or increase existing
         if new:
             new_user["serial"] = 0
-        else:
+        elif increase_serial:
             new_user["serial"] += 1
 
         # Email address
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index def1134..d0b9b9e 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -184,7 +184,7 @@ def get_user_dn(username):
     result = ldap_search(
         ldap_dn(config.ldap_userspec['user_dn']),
         '(%s=%s)' % (ldap_attr('user_id'), ldap.filter.escape_filter_chars(username)),
-        [key],
+        [ldap_attr('user_id')],
     )
 
     if result:



More information about the checkmk-commits mailing list