1# coding: utf-8 2 3# users.py - functions for validating the user to change information for 4# 5# Copyright (C) 2013-2019 Arthur de Jong 6# 7# This library is free software; you can redistribute it and/or 8# modify it under the terms of the GNU Lesser General Public 9# License as published by the Free Software Foundation; either 10# version 2.1 of the License, or (at your option) any later version. 11# 12# This library is distributed in the hope that it will be useful, 13# but WITHOUT ANY WARRANTY; without even the implied warranty of 14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 15# Lesser General Public License for more details. 16# 17# You should have received a copy of the GNU Lesser General Public 18# License along with this library; if not, write to the Free Software 19# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 20# 02110-1301 USA 21 22import getpass 23import os 24import pwd 25import sys 26 27 28class User(object): 29 30 def __init__(self, username): 31 self.myuid = os.getuid() 32 if username: 33 userinfo = pwd.getpwnam(username) 34 else: 35 self.asroot = False 36 userinfo = pwd.getpwuid(self.myuid) 37 (self.username, self.password, self.uid, self.gid, self.gecos, 38 self.homedir, self.shell) = userinfo 39 # if we are trying to modify another user we should be root 40 self.asroot = self.myuid != self.uid 41 42 def check(self): 43 """Check whether we can modify the user. 44 45 Check if the user is an LDAP user and whether we may modify the user 46 information. 47 """ 48 if self.asroot and self.myuid != 0: 49 print("%s: you may not modify user '%s'.\n" % 50 (sys.argv[0], self.username)) 51 sys.exit(1) 52 # FIXME: check if the user is an LDAP user 53 54 def get_passwd(self): 55 """Ask and return a password that is required to change the user.""" 56 # FIXME: only ask the password if we require it 57 # (e.g. when root and nslcd has userpwmoddn we don't need to) 58 return getpass.getpass( 59 'LDAP administrator password: ' 60 if self.asroot else 61 'LDAP password for %s: ' % self.username) 62 # FIXME: check if the provided password is valid 63