summaryrefslogtreecommitdiffstats
path: root/install/migration/migration.py
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2010-10-29 09:38:17 -0400
committerRob Crittenden <rcritten@redhat.com>2010-11-09 13:25:17 -0500
commit22056206641f7b8f2751f9d4f2200e7c5030e084 (patch)
tree38192f1fae2c3371931d09b2acbd84f5c4451d22 /install/migration/migration.py
parent440267a93e569c5767c08976ddb053cf18f9bf58 (diff)
downloadfreeipa-22056206641f7b8f2751f9d4f2200e7c5030e084.zip
freeipa-22056206641f7b8f2751f9d4f2200e7c5030e084.tar.gz
freeipa-22056206641f7b8f2751f9d4f2200e7c5030e084.tar.xz
Rewrite the migration page using WSGI
Diffstat (limited to 'install/migration/migration.py')
-rw-r--r--install/migration/migration.py45
1 files changed, 37 insertions, 8 deletions
diff --git a/install/migration/migration.py b/install/migration/migration.py
index bf12c5c..eeabd21 100644
--- a/install/migration/migration.py
+++ b/install/migration/migration.py
@@ -20,13 +20,24 @@
Password migration script
"""
+import errno
import ldap
-from mod_python import apache, util
-
+import cgi
+import wsgiref
BASE_DN = ''
LDAP_URI = 'ldap://localhost:389'
+def wsgi_redirect(start_response, loc):
+ start_response('302 Found', [('Location', loc)])
+ return []
+
+def get_ui_url(environ):
+ full_url = wsgiref.util.request_uri(environ)
+ index = full_url.rfind(environ.get('SCRIPT_NAME',''))
+ if index == -1:
+ raise ValueError('Cannot strip the script URL from full URL "%s"' % full_url)
+ return full_url[:index] + "/ipa/ui"
def get_base_dn():
"""
@@ -48,20 +59,38 @@ def get_base_dn():
except (IndexError, KeyError):
return ''
-
-def bind(req, username, password):
+def bind(username, password):
base_dn = get_base_dn()
if not base_dn:
- util.redirect(req, '/ipa/migration/error.html')
+ raise IOError(errno.EIO, 'Cannot get Base DN')
bind_dn = 'uid=%s,cn=users,cn=accounts,%s' % (username, base_dn)
try:
conn = ldap.initialize(LDAP_URI)
conn.simple_bind_s(bind_dn, password)
except (ldap.INVALID_CREDENTIALS, ldap.UNWILLING_TO_PERFORM,
ldap.NO_SUCH_OBJECT):
- util.redirect(req, '/ipa/migration/invalid.html')
+ raise IOError(errno.EPERM, 'Invalid LDAP credentials for user %s' % username)
except ldap.LDAPError:
- util.redirect(req, '/ipa/migration/error.html')
+ raise IOError(errno.EIO, 'Bind error')
+
conn.unbind_s()
- util.redirect(req, '/ipa/ui')
+
+def application(environ, start_response):
+ if environ.get('REQUEST_METHOD', None) != 'POST':
+ return wsgi_redirect(start_response, 'index.html')
+
+ form_data = cgi.FieldStorage(fp=environ['wsgi.input'], environ=environ)
+ if not form_data.has_key('username') or not form_data.has_key('password'):
+ return wsgi_redirect(start_response, 'invalid.html')
+
+ try:
+ bind(form_data['username'].value, form_data['password'].value)
+ except IOError as err:
+ if err.errno == errno.EPERM:
+ return wsgi_redirect(start_response, 'invalid.html')
+ if err.errno == errno.EIO:
+ return wsgi_redirect(start_response, 'error.html')
+
+ ui_url = get_ui_url(environ)
+ return wsgi_redirect(start_response, ui_url)