users: Rename LDAP user.

2026-01-28 08:03:36 +00:00 · 2015-05-27 20:20:05 -04:00 · 2015-05-27 20:20:05 -04:00 · 9f371d9a13
commit 9f371d9a13
parent 219c3f4b06
4 changed files with 52 additions and 7 deletions
--- a/actions/check-ldap-user-exists
+++ b/actions/check-ldap-user-exists
@ -16,9 +16,11 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #

+# Must be run as root.
+
 username="$1"

-results=$(ldapsearch -x -D 'cn=admin,dc=thisbox' -w $(sudo cat /var/lib/plinth/ldap-admin) -b 'ou=users,dc=thisbox' -LLL "(uid=$username)" uid)
+results=$(ldapsearch -x -D 'cn=admin,dc=thisbox' -w $(cat /var/lib/plinth/ldap-admin) -b 'ou=users,dc=thisbox' -LLL "(uid=$username)" uid)

 if [ -z "$results" ]; then
    echo "User does not exist"
--- a/actions/create-ldap-user
+++ b/actions/create-ldap-user
@ -16,6 +16,8 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #

+# Must be run as root.
+
 username="$1"
 password="$2"

--- a/actions/rename-ldap-user
+++ b/actions/rename-ldap-user
@ -0,0 +1,36 @@
+#!/bin/bash
+#
+# This file is part of Plinth.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+# Must be run as root.
+
+old_username="$1"
+new_username="$2"
+
+cat <<EOF |ldapmodify -x -D 'cn=admin,dc=thisbox' -w $(cat /var/lib/plinth/ldap-admin)
+dn: uid=$old_username,ou=users,dc=thisbox
+changetype: modrdn
+newrdn: uid=$new_username
+deleteoldrdn: 1
+EOF
+
+if [ $? -eq 0 ]; then
+    echo "Success: user renamed"
+else
+    echo "Failed: user rename failed"
+    exit 1
+fi
--- a/plinth/modules/users/forms.py
+++ b/plinth/modules/users/forms.py
@ -107,14 +107,19 @@ class UserUpdateForm(forms.ModelForm):
                    self.request,
                    _('Setting active status for POSIX system user failed.'))

-            try:
-                if self.username != user.get_username():
+            if self.username != user.get_username():
+                try:
                    actions.superuser_run('rename-user',
                                          [self.username, user.get_username()])
-            except ActionError:
-                messages.error(self.request,
-                               _('Renaming POSIX system user failed.'))
-
+                except ActionError:
+                    messages.error(self.request,
+                                   _('Renaming POSIX system user failed.'))
+                try:
+                    actions.superuser_run('rename-ldap-user',
+                                          [self.username, user.get_username()])
+                except ActionError:
+                    messages.error(self.request,
+                                   _('Renaming LDAP user failed.'))
        return user