2014-04-07 12:38:09 +00:00
|
|
|
# User creation spoke
|
|
|
|
#
|
2015-03-23 11:36:12 +00:00
|
|
|
# Copyright (C) 2013-2014 Red Hat, Inc.
|
2014-04-07 12:38:09 +00:00
|
|
|
#
|
|
|
|
# This copyrighted material is made available to anyone wishing to use,
|
|
|
|
# modify, copy, or redistribute it subject to the terms and conditions of
|
|
|
|
# the GNU General Public License v.2, or (at your option) any later version.
|
|
|
|
# This program is distributed in the hope that it will be useful, but WITHOUT
|
|
|
|
# ANY WARRANTY expressed or implied, including the implied warranties of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
|
|
|
|
# Public License for more details. You should have received a copy of the
|
|
|
|
# GNU General Public License along with this program; if not, write to the
|
|
|
|
# Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
|
|
# 02110-1301, USA. Any Red Hat trademarks that are incorporated in the
|
|
|
|
# source code or documentation are not subject to the GNU General Public
|
|
|
|
# License and may only be used or replicated with the express permission of
|
|
|
|
# Red Hat, Inc.
|
|
|
|
#
|
|
|
|
# Red Hat Author(s): Martin Sivak <msivak@redhat.com>
|
2015-03-23 11:36:12 +00:00
|
|
|
# Chris Lumens <clumens@redhat.com>
|
2014-04-07 12:38:09 +00:00
|
|
|
#
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
import re
|
2015-05-30 11:20:59 +00:00
|
|
|
import os
|
2015-03-23 11:36:12 +00:00
|
|
|
from pyanaconda.flags import flags
|
|
|
|
from pyanaconda.i18n import _, CN_
|
2014-04-07 12:38:09 +00:00
|
|
|
from pyanaconda.users import cryptPassword, validatePassword, guess_username
|
|
|
|
|
|
|
|
from pyanaconda.ui.gui.spokes import NormalSpoke
|
2015-03-23 11:36:12 +00:00
|
|
|
from pyanaconda.ui.gui import GUIObject
|
|
|
|
from pyanaconda.ui.categories.user_settings import UserSettingsCategory
|
2014-04-07 12:38:09 +00:00
|
|
|
from pyanaconda.ui.common import FirstbootSpokeMixIn
|
2015-03-23 11:36:12 +00:00
|
|
|
from pyanaconda.ui.helpers import InputCheck
|
|
|
|
from pyanaconda.ui.gui.helpers import GUISpokeInputCheckHandler, GUIDialogInputCheckHandler
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
from pyanaconda.constants import ANACONDA_ENVIRON, FIRSTBOOT_ENVIRON,\
|
|
|
|
PASSWORD_EMPTY_ERROR, PASSWORD_CONFIRM_ERROR_GUI, PASSWORD_STRENGTH_DESC,\
|
|
|
|
PASSWORD_WEAK, PASSWORD_WEAK_WITH_ERROR, PASSWORD_WEAK_CONFIRM,\
|
2015-05-30 11:20:59 +00:00
|
|
|
PASSWORD_WEAK_CONFIRM_WITH_ERROR, PASSWORD_DONE_TWICE,\
|
|
|
|
PW_ASCII_CHARS, PASSWORD_ASCII
|
2014-04-07 12:38:09 +00:00
|
|
|
from pyanaconda.regexes import GECOS_VALID, USERNAME_VALID, GROUPNAME_VALID, GROUPLIST_FANCY_PARSE
|
|
|
|
|
|
|
|
__all__ = ["UserSpoke", "AdvancedUserDialog"]
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
class AdvancedUserDialog(GUIObject, GUIDialogInputCheckHandler):
|
2016-04-10 04:00:00 +00:00
|
|
|
"""
|
|
|
|
.. inheritance-diagram:: AdvancedUserDialog
|
|
|
|
:parts: 3
|
|
|
|
"""
|
2015-03-23 11:36:12 +00:00
|
|
|
builderObjects = ["advancedUserDialog", "uid", "gid"]
|
|
|
|
mainWidgetName = "advancedUserDialog"
|
|
|
|
uiFile = "spokes/advanced_user.glade"
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
def _validateGroups(self, inputcheck):
|
|
|
|
groups_string = self.get_input(inputcheck.input_obj)
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
# Pass if the string is empty
|
|
|
|
if not groups_string:
|
|
|
|
return InputCheck.CHECK_OK
|
|
|
|
|
|
|
|
# Check each group name in the list
|
|
|
|
for group in groups_string.split(","):
|
|
|
|
group_name = GROUPLIST_FANCY_PARSE.match(group).group('name')
|
|
|
|
if not GROUPNAME_VALID.match(group_name):
|
|
|
|
return _("Invalid group name: %s") % group_name
|
|
|
|
|
|
|
|
return InputCheck.CHECK_OK
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
def __init__(self, user, groupDict, data):
|
2015-03-23 11:36:12 +00:00
|
|
|
GUIObject.__init__(self, data)
|
2016-04-10 04:00:00 +00:00
|
|
|
|
|
|
|
self._saveButton = self.builder.get_object("save_button")
|
|
|
|
GUIDialogInputCheckHandler.__init__(self, self._saveButton)
|
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
self._user = user
|
|
|
|
self._groupDict = groupDict
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
# Track whether the user has requested a home directory other
|
|
|
|
# than the default.
|
|
|
|
self._origHome = None
|
|
|
|
self._homeSet = False
|
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
def _grabObjects(self):
|
|
|
|
self._cUid = self.builder.get_object("c_uid")
|
|
|
|
self._cGid = self.builder.get_object("c_gid")
|
|
|
|
self._tHome = self.builder.get_object("t_home")
|
|
|
|
self._lHome = self.builder.get_object("l_home")
|
|
|
|
self._tGroups = self.builder.get_object("t_groups")
|
|
|
|
self._spinUid = self.builder.get_object("spin_uid")
|
|
|
|
self._spinGid = self.builder.get_object("spin_gid")
|
|
|
|
self._uid = self.builder.get_object("uid")
|
|
|
|
self._gid = self.builder.get_object("gid")
|
|
|
|
|
|
|
|
def initialize(self):
|
|
|
|
GUIObject.initialize(self)
|
|
|
|
|
|
|
|
self._grabObjects()
|
|
|
|
|
|
|
|
# Validate the group input box
|
2015-03-23 11:36:12 +00:00
|
|
|
self.add_check(self._tGroups, self._validateGroups)
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
def _apply_checkboxes(self, _editable=None, data=None):
|
2014-04-07 12:38:09 +00:00
|
|
|
"""Update the state of this screen according to the
|
|
|
|
checkbox states on the screen. It is called from
|
|
|
|
the toggled Gtk event.
|
|
|
|
"""
|
|
|
|
c_uid = self._cUid.get_active()
|
|
|
|
c_gid = self._cGid.get_active()
|
|
|
|
|
|
|
|
self._spinUid.set_sensitive(c_uid)
|
|
|
|
self._spinGid.set_sensitive(c_gid)
|
|
|
|
|
|
|
|
def _parse_groups(self):
|
|
|
|
group_strings = self._tGroups.get_text().split(",")
|
|
|
|
group_objects = []
|
|
|
|
|
|
|
|
for group in group_strings:
|
|
|
|
# Skip empty strings
|
|
|
|
if not group:
|
|
|
|
continue
|
|
|
|
|
|
|
|
(group_name, group_id) = GROUPLIST_FANCY_PARSE.match(group).groups()
|
|
|
|
if group_id:
|
|
|
|
group_id = int(group_id)
|
|
|
|
|
|
|
|
group_objects.append(self.data.GroupData(name=group_name, gid=group_id))
|
|
|
|
|
|
|
|
return group_objects
|
|
|
|
|
|
|
|
def refresh(self):
|
|
|
|
if self._user.homedir:
|
2015-03-23 11:36:12 +00:00
|
|
|
homedir = self._user.homedir
|
2014-04-07 12:38:09 +00:00
|
|
|
elif self._user.name:
|
|
|
|
homedir = "/home/" + self._user.name
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
self._tHome.set_text(homedir)
|
|
|
|
self._origHome = homedir
|
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
self._cUid.set_active(bool(self._user.uid))
|
|
|
|
self._cGid.set_active(bool(self._user.gid))
|
|
|
|
self._apply_checkboxes()
|
|
|
|
|
|
|
|
self._spinUid.update()
|
|
|
|
self._spinGid.update()
|
|
|
|
|
|
|
|
groups = []
|
|
|
|
for group_name in self._user.groups:
|
|
|
|
group = self._groupDict[group_name]
|
|
|
|
|
|
|
|
if group.name and group.gid is not None:
|
|
|
|
groups.append("%s (%d)" % (group.name, group.gid))
|
|
|
|
elif group.name:
|
|
|
|
groups.append(group.name)
|
|
|
|
elif group.gid is not None:
|
|
|
|
groups.append("(%d)" % (group.gid,))
|
|
|
|
|
|
|
|
self._tGroups.set_text(", ".join(groups))
|
|
|
|
|
|
|
|
def run(self):
|
|
|
|
self.window.show()
|
2016-04-10 04:00:00 +00:00
|
|
|
while True:
|
|
|
|
rc = self.window.run()
|
|
|
|
|
|
|
|
#OK clicked
|
|
|
|
if rc == 1:
|
|
|
|
# Input checks pass
|
|
|
|
if self.on_ok_clicked():
|
|
|
|
# If the user changed the home directory input, either this time or
|
|
|
|
# during any earlier run of the dialog, set homedir to the value
|
|
|
|
# in the input box.
|
|
|
|
homedir = self._tHome.get_text()
|
|
|
|
if not os.path.isabs(homedir):
|
|
|
|
homedir = "/" + homedir
|
|
|
|
if self._homeSet or self._origHome != homedir:
|
|
|
|
self._homeSet = True
|
|
|
|
self._user.homedir = homedir
|
|
|
|
|
|
|
|
if self._cUid.get_active():
|
|
|
|
self._user.uid = int(self._uid.get_value())
|
|
|
|
else:
|
|
|
|
self._user.uid = None
|
|
|
|
|
|
|
|
if self._cGid.get_active():
|
|
|
|
self._user.gid = int(self._gid.get_value())
|
|
|
|
else:
|
|
|
|
self._user.gid = None
|
|
|
|
|
|
|
|
groups = self._parse_groups()
|
|
|
|
self._user.groups = []
|
|
|
|
self._groupDict.clear()
|
|
|
|
for group in groups:
|
|
|
|
self._groupDict[group.name] = group
|
|
|
|
self._user.groups.append(group.name)
|
|
|
|
break
|
|
|
|
# Input checks fail, try again
|
|
|
|
else:
|
|
|
|
continue
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
#Cancel clicked, window destroyed...
|
2014-04-07 12:38:09 +00:00
|
|
|
else:
|
2016-04-10 04:00:00 +00:00
|
|
|
break
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
self.window.hide()
|
|
|
|
return rc
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
def on_uid_mnemonic_activate(self, widget, group_cycling, user_data=None):
|
|
|
|
# If this is the only widget with the mnemonic (group_cycling is False),
|
|
|
|
# and the checkbox is not currently toggled, toggle the checkbox and
|
|
|
|
# then set the focus to the UID spinner
|
|
|
|
if not group_cycling and not widget.get_active():
|
|
|
|
widget.set_active(True)
|
|
|
|
self._spinUid.grab_focus()
|
|
|
|
return True
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
# Otherwise just use the default signal handler
|
|
|
|
return False
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
def on_gid_mnemonic_activate(self, widget, group_cycling, user_data=None):
|
|
|
|
# Same as above, but for GID
|
|
|
|
if not group_cycling and not widget.get_active():
|
|
|
|
widget.set_active(True)
|
|
|
|
self._spinGid.grab_focus()
|
|
|
|
return True
|
|
|
|
|
|
|
|
return False
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
class UserSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler):
|
2016-04-10 04:00:00 +00:00
|
|
|
"""
|
|
|
|
.. inheritance-diagram:: UserSpoke
|
|
|
|
:parts: 3
|
|
|
|
"""
|
2014-04-07 12:38:09 +00:00
|
|
|
builderObjects = ["userCreationWindow"]
|
|
|
|
|
|
|
|
mainWidgetName = "userCreationWindow"
|
2015-03-23 11:36:12 +00:00
|
|
|
focusWidgetName = "t_fullname"
|
2014-04-07 12:38:09 +00:00
|
|
|
uiFile = "spokes/user.glade"
|
2015-03-23 11:36:12 +00:00
|
|
|
helpFile = "UserSpoke.xml"
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
category = UserSettingsCategory
|
|
|
|
|
|
|
|
icon = "avatar-default-symbolic"
|
2015-03-23 11:36:12 +00:00
|
|
|
title = CN_("GUI|Spoke", "_USER CREATION")
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def should_run(cls, environment, data):
|
2014-04-08 03:26:16 +00:00
|
|
|
# The Qubes installer still uses old firstboot to create users (TODO)
|
|
|
|
return False
|
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
# the user spoke should run always in the anaconda and in firstboot only
|
|
|
|
# when doing reconfig or if no user has been created in the installation
|
|
|
|
if environment == ANACONDA_ENVIRON:
|
|
|
|
return True
|
|
|
|
elif environment == FIRSTBOOT_ENVIRON and data is None:
|
|
|
|
# cannot decide, stay in the game and let another call with data
|
|
|
|
# available (will come) decide
|
|
|
|
return True
|
2016-04-10 04:00:00 +00:00
|
|
|
elif environment == FIRSTBOOT_ENVIRON and data and len(data.user.userList) == 0:
|
2014-04-07 12:38:09 +00:00
|
|
|
return True
|
|
|
|
else:
|
|
|
|
return False
|
|
|
|
|
|
|
|
def __init__(self, *args):
|
|
|
|
NormalSpoke.__init__(self, *args)
|
2015-03-23 11:36:12 +00:00
|
|
|
GUISpokeInputCheckHandler.__init__(self)
|
2014-04-07 12:38:09 +00:00
|
|
|
self._oldweak = None
|
|
|
|
|
|
|
|
def initialize(self):
|
|
|
|
NormalSpoke.initialize(self)
|
|
|
|
|
|
|
|
if self.data.user.userList:
|
|
|
|
self._user = self.data.user.userList[0]
|
|
|
|
else:
|
|
|
|
self._user = self.data.UserData()
|
2016-04-10 04:00:00 +00:00
|
|
|
self._wheel = self.data.GroupData(name="wheel")
|
2014-04-07 12:38:09 +00:00
|
|
|
self._groupDict = {"wheel": self._wheel}
|
|
|
|
|
|
|
|
# placeholders for the text boxes
|
|
|
|
self.fullname = self.builder.get_object("t_fullname")
|
|
|
|
self.username = self.builder.get_object("t_username")
|
|
|
|
self.pw = self.builder.get_object("t_password")
|
|
|
|
self.confirm = self.builder.get_object("t_verifypassword")
|
|
|
|
self.admin = self.builder.get_object("c_admin")
|
|
|
|
self.usepassword = self.builder.get_object("c_usepassword")
|
|
|
|
self.b_advanced = self.builder.get_object("b_advanced")
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
# Counters for checks that ask the user to click Done to confirm
|
|
|
|
self._waiveStrengthClicks = 0
|
|
|
|
self._waiveASCIIClicks = 0
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
self.guesser = {
|
|
|
|
self.username: True
|
|
|
|
}
|
|
|
|
|
|
|
|
# Updated during the password changed event and used by the password
|
|
|
|
# field validity checker
|
|
|
|
self._pwq_error = None
|
|
|
|
self._pwq_valid = True
|
|
|
|
|
|
|
|
self.pw_bar = self.builder.get_object("password_bar")
|
|
|
|
self.pw_label = self.builder.get_object("password_label")
|
|
|
|
|
|
|
|
# Configure levels for the password bar
|
|
|
|
self.pw_bar.add_offset_value("low", 2)
|
|
|
|
self.pw_bar.add_offset_value("medium", 3)
|
|
|
|
self.pw_bar.add_offset_value("high", 4)
|
|
|
|
|
2015-05-30 11:20:59 +00:00
|
|
|
# Configure the password policy, if available. Otherwise use defaults.
|
|
|
|
self.policy = self.data.anaconda.pwpolicy.get_policy("user")
|
|
|
|
if not self.policy:
|
|
|
|
self.policy = self.data.anaconda.PwPolicyData()
|
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
# indicate when the password was set by kickstart
|
|
|
|
self._user.password_kickstarted = self.data.user.seen
|
|
|
|
|
|
|
|
# Password checks, in order of importance:
|
|
|
|
# - if a password is required, is one specified?
|
|
|
|
# - if a password is specified and there is data in the confirm box, do they match?
|
|
|
|
# - if a password is specified and the confirm box is empty or match, how strong is it?
|
2015-03-23 11:36:12 +00:00
|
|
|
# - if a strong password is specified, does it contain non-ASCII data?
|
2014-04-07 12:38:09 +00:00
|
|
|
# - if a password is required, is there any data in the confirm box?
|
|
|
|
self.add_check(self.pw, self._checkPasswordEmpty)
|
2015-03-23 11:36:12 +00:00
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
# the password confirmation needs to be checked whenever either of the password
|
|
|
|
# fields change. attach to the confirm field so that errors focus on confirm,
|
|
|
|
# and check changes to the password field in password_changed
|
2014-04-07 12:38:09 +00:00
|
|
|
self._confirm_check = self.add_check(self.confirm, self._checkPasswordConfirm)
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
# Keep a reference to these checks, since they have to be manually run for the
|
2014-04-07 12:38:09 +00:00
|
|
|
# click Done twice check.
|
|
|
|
self._pwStrengthCheck = self.add_check(self.pw, self._checkPasswordStrength)
|
2015-03-23 11:36:12 +00:00
|
|
|
self._pwASCIICheck = self.add_check(self.pw, self._checkPasswordASCII)
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
self.add_check(self.confirm, self._checkPasswordEmpty)
|
|
|
|
|
|
|
|
# Allow empty usernames so the spoke can be exited without creating a user
|
2015-03-23 11:36:12 +00:00
|
|
|
self.add_re_check(self.username, re.compile(USERNAME_VALID.pattern + r'|^$'),
|
2015-05-30 11:20:59 +00:00
|
|
|
_("Invalid user name"))
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
self.add_re_check(self.fullname, GECOS_VALID, _("Full name cannot contain colon characters"))
|
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
# Modify the GUI based on the kickstart and policy information
|
|
|
|
# This needs to happen after the input checks have been created, since
|
|
|
|
# the Gtk signal handlers use the input check variables.
|
|
|
|
if self._user.password_kickstarted:
|
|
|
|
self.usepassword.set_active(self._user.password != "")
|
|
|
|
if not self._user.isCrypted:
|
|
|
|
self.pw.set_text(self._user.password)
|
|
|
|
self.confirm.set_text(self._user.password)
|
|
|
|
else:
|
|
|
|
self.usepassword.set_active(True)
|
|
|
|
self.pw.set_placeholder_text(_("The password was set by kickstart."))
|
|
|
|
self.confirm.set_placeholder_text(_("The password was set by kickstart."))
|
|
|
|
elif not self.policy.emptyok:
|
|
|
|
# Policy is that a non-empty password is required
|
|
|
|
self.usepassword.set_active(True)
|
|
|
|
|
|
|
|
if not self.policy.emptyok:
|
|
|
|
# User isn't allowed to change whether password is required or not
|
|
|
|
self.usepassword.set_sensitive(False)
|
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
self._advanced = AdvancedUserDialog(self._user, self._groupDict,
|
|
|
|
self.data)
|
|
|
|
self._advanced.initialize()
|
|
|
|
|
|
|
|
def refresh(self):
|
|
|
|
# Enable the input checks in case they were disabled on the last exit
|
|
|
|
for check in self.checks:
|
2015-03-23 11:36:12 +00:00
|
|
|
check.enabled = True
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
self.username.set_text(self._user.name)
|
|
|
|
self.fullname.set_text(self._user.gecos)
|
|
|
|
self.admin.set_active(self._wheel.name in self._user.groups)
|
|
|
|
|
|
|
|
self.pw.emit("changed")
|
|
|
|
self.confirm.emit("changed")
|
|
|
|
|
|
|
|
if self.username.get_text() and self.usepassword.get_active() and \
|
|
|
|
self._user.password == "":
|
|
|
|
self.pw.grab_focus()
|
|
|
|
elif self.fullname.get_text():
|
|
|
|
self.username.grab_focus()
|
|
|
|
else:
|
|
|
|
self.fullname.grab_focus()
|
|
|
|
|
|
|
|
self.b_advanced.set_sensitive(bool(self._user.name))
|
|
|
|
|
|
|
|
@property
|
|
|
|
def status(self):
|
|
|
|
if len(self.data.user.userList) == 0:
|
|
|
|
return _("No user will be created")
|
|
|
|
elif self._wheel.name in self.data.user.userList[0].groups:
|
|
|
|
return _("Administrator %s will be created") % self.data.user.userList[0].name
|
|
|
|
else:
|
|
|
|
return _("User %s will be created") % self.data.user.userList[0].name
|
|
|
|
|
|
|
|
@property
|
|
|
|
def mandatory(self):
|
2015-03-23 11:36:12 +00:00
|
|
|
""" Only mandatory if the root pw hasn't been set in the UI
|
|
|
|
eg. not mandatory if the root account was locked in a kickstart
|
|
|
|
"""
|
|
|
|
return not self.data.rootpw.password and not self.data.rootpw.lock
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
def apply(self):
|
|
|
|
# set the password only if the user enters anything to the text entry
|
|
|
|
# this should preserve the kickstart based password
|
|
|
|
if self.usepassword.get_active():
|
|
|
|
if self.pw.get_text():
|
|
|
|
self._user.password_kickstarted = False
|
|
|
|
self._user.password = cryptPassword(self.pw.get_text())
|
|
|
|
self._user.isCrypted = True
|
|
|
|
self.pw.set_placeholder_text("")
|
|
|
|
self.confirm.set_placeholder_text("")
|
|
|
|
|
|
|
|
# reset the password when the user unselects it
|
|
|
|
else:
|
|
|
|
self.pw.set_placeholder_text("")
|
|
|
|
self.confirm.set_placeholder_text("")
|
|
|
|
self._user.password = ""
|
|
|
|
self._user.isCrypted = False
|
|
|
|
self._user.password_kickstarted = False
|
|
|
|
|
|
|
|
self._user.name = self.username.get_text()
|
|
|
|
self._user.gecos = self.fullname.get_text()
|
|
|
|
|
|
|
|
# Remove any groups that were created in a previous visit to this spoke
|
|
|
|
self.data.group.groupList = [g for g in self.data.group.groupList \
|
|
|
|
if not hasattr(g, 'anaconda_group')]
|
|
|
|
|
|
|
|
# the user will be created only if the username is set
|
|
|
|
if self._user.name:
|
|
|
|
if self.admin.get_active() and \
|
|
|
|
self._wheel.name not in self._user.groups:
|
|
|
|
self._user.groups.append(self._wheel.name)
|
|
|
|
elif not self.admin.get_active() and \
|
|
|
|
self._wheel.name in self._user.groups:
|
|
|
|
self._user.groups.remove(self._wheel.name)
|
|
|
|
|
|
|
|
anaconda_groups = [self._groupDict[g] for g in self._user.groups
|
|
|
|
if g != self._wheel.name]
|
|
|
|
|
|
|
|
self.data.group.groupList += anaconda_groups
|
|
|
|
|
|
|
|
# Flag the groups as being created in this spoke
|
|
|
|
for g in anaconda_groups:
|
|
|
|
g.anaconda_group = True
|
|
|
|
|
|
|
|
if self._user not in self.data.user.userList:
|
|
|
|
self.data.user.userList.append(self._user)
|
|
|
|
|
|
|
|
elif self._user in self.data.user.userList:
|
|
|
|
self.data.user.userList.remove(self._user)
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
@property
|
|
|
|
def sensitive(self):
|
2015-05-30 11:20:59 +00:00
|
|
|
# Spoke cannot be entered if a user was set in the kickstart and the user
|
|
|
|
# policy doesn't allow changes.
|
2015-03-23 11:36:12 +00:00
|
|
|
return not (self.completed and flags.automatedInstall
|
2015-05-30 11:20:59 +00:00
|
|
|
and self.data.user.seen and not self.policy.changesok)
|
2015-03-23 11:36:12 +00:00
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
@property
|
|
|
|
def completed(self):
|
|
|
|
return len(self.data.user.userList) > 0
|
|
|
|
|
|
|
|
def _updatePwQuality(self):
|
|
|
|
"""This method updates the password indicators according
|
|
|
|
to the password entered by the user.
|
|
|
|
"""
|
|
|
|
pwtext = self.pw.get_text()
|
|
|
|
username = self.username.get_text()
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
# Reset the counters used for the "press Done twice" logic
|
|
|
|
self._waiveStrengthClicks = 0
|
|
|
|
self._waiveASCIIClicks = 0
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
self._pwq_valid, strength, self._pwq_error = validatePassword(pwtext, username)
|
|
|
|
|
|
|
|
if not pwtext:
|
|
|
|
val = 0
|
|
|
|
elif strength < 50:
|
|
|
|
val = 1
|
|
|
|
elif strength < 75:
|
|
|
|
val = 2
|
|
|
|
elif strength < 90:
|
|
|
|
val = 3
|
|
|
|
else:
|
|
|
|
val = 4
|
|
|
|
text = _(PASSWORD_STRENGTH_DESC[val])
|
|
|
|
|
|
|
|
self.pw_bar.set_value(val)
|
|
|
|
self.pw_label.set_text(text)
|
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
def usepassword_toggled(self, togglebutton=None, data=None):
|
2014-04-07 12:38:09 +00:00
|
|
|
"""Called by Gtk callback when the "Use password" check
|
|
|
|
button is toggled. It will make password entries in/sensitive."""
|
|
|
|
|
|
|
|
self.pw.set_sensitive(self.usepassword.get_active())
|
|
|
|
self.confirm.set_sensitive(self.usepassword.get_active())
|
|
|
|
|
|
|
|
# Re-check the password
|
|
|
|
self.pw.emit("changed")
|
|
|
|
self.confirm.emit("changed")
|
|
|
|
|
|
|
|
def password_changed(self, editable=None, data=None):
|
|
|
|
"""Update the password strength level bar"""
|
|
|
|
self._updatePwQuality()
|
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
# Update the password/confirm match check on changes to the main password field
|
|
|
|
self._confirm_check.update_check_status()
|
|
|
|
|
|
|
|
def username_changed(self, editable=None, data=None):
|
2014-04-07 12:38:09 +00:00
|
|
|
"""Called by Gtk callback when the username or hostname
|
|
|
|
entry changes. It disables the guess algorithm if the
|
|
|
|
user added his own text there and reenable it when the
|
|
|
|
user deletes the whole text."""
|
|
|
|
|
|
|
|
if editable.get_text() == "":
|
|
|
|
self.guesser[editable] = True
|
|
|
|
self.b_advanced.set_sensitive(False)
|
|
|
|
else:
|
|
|
|
self.guesser[editable] = False
|
|
|
|
self.b_advanced.set_sensitive(True)
|
|
|
|
|
|
|
|
# Re-run the password checks against the new username
|
|
|
|
self.pw.emit("changed")
|
|
|
|
self.confirm.emit("changed")
|
|
|
|
|
2016-04-10 04:00:00 +00:00
|
|
|
def full_name_changed(self, editable=None, data=None):
|
2014-04-07 12:38:09 +00:00
|
|
|
"""Called by Gtk callback when the full name field changes.
|
|
|
|
It guesses the username and hostname, strips diacritics
|
|
|
|
and make those lowercase.
|
|
|
|
"""
|
|
|
|
|
|
|
|
# after the text is updated in guesser, the guess has to be reenabled
|
|
|
|
if self.guesser[self.username]:
|
|
|
|
fullname = self.fullname.get_text()
|
|
|
|
username = guess_username(fullname)
|
|
|
|
self.username.set_text(username)
|
|
|
|
self.guesser[self.username] = True
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
def _checkPasswordEmpty(self, inputcheck):
|
2014-04-07 12:38:09 +00:00
|
|
|
"""Check whether a password has been specified at all.
|
2015-03-23 11:36:12 +00:00
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
This check is used for both the password and the confirmation.
|
|
|
|
"""
|
|
|
|
|
|
|
|
# If the password was set by kickstart, skip the strength check
|
2015-05-30 11:20:59 +00:00
|
|
|
if self._user.password_kickstarted and not self.policy.changesok:
|
2015-03-23 11:36:12 +00:00
|
|
|
return InputCheck.CHECK_OK
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
# Skip the check if no password is required
|
|
|
|
if (not self.usepassword.get_active()) or self._user.password_kickstarted:
|
2015-03-23 11:36:12 +00:00
|
|
|
return InputCheck.CHECK_OK
|
|
|
|
elif not self.get_input(inputcheck.input_obj):
|
|
|
|
if inputcheck.input_obj == self.pw:
|
2014-04-07 12:38:09 +00:00
|
|
|
return _(PASSWORD_EMPTY_ERROR)
|
|
|
|
else:
|
|
|
|
return _(PASSWORD_CONFIRM_ERROR_GUI)
|
|
|
|
else:
|
2015-03-23 11:36:12 +00:00
|
|
|
return InputCheck.CHECK_OK
|
2014-04-07 12:38:09 +00:00
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
def _checkPasswordConfirm(self, inputcheck):
|
2014-04-07 12:38:09 +00:00
|
|
|
"""If the user has entered confirmation data, check whether it matches the password."""
|
|
|
|
|
|
|
|
# Skip the check if no password is required
|
|
|
|
if (not self.usepassword.get_active()) or self._user.password_kickstarted:
|
2015-03-23 11:36:12 +00:00
|
|
|
result = InputCheck.CHECK_OK
|
2014-04-07 12:38:09 +00:00
|
|
|
elif self.confirm.get_text() and (self.pw.get_text() != self.confirm.get_text()):
|
|
|
|
result = _(PASSWORD_CONFIRM_ERROR_GUI)
|
|
|
|
else:
|
2015-03-23 11:36:12 +00:00
|
|
|
result = InputCheck.CHECK_OK
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
return result
|
|
|
|
|
2015-03-23 11:36:12 +00:00
|
|
|
def _checkPasswordStrength(self, inputcheck):
|
2014-04-07 12:38:09 +00:00
|
|
|
"""Update the error message based on password strength.
|
2015-03-23 11:36:12 +00:00
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
The password strength has already been checked in _updatePwQuality, called
|
|
|
|
previously in the signal chain. This method converts the data set from there
|
|
|
|
into an error message.
|
|
|
|
|
|
|
|
The password strength check can be waived by pressing "Done" twice. This
|
2015-03-23 11:36:12 +00:00
|
|
|
is controlled through the self._waiveStrengthClicks counter. The counter
|
2014-04-07 12:38:09 +00:00
|
|
|
is set in on_back_clicked, which also re-runs this check manually.
|
|
|
|
"""
|
|
|
|
|
|
|
|
# Skip the check if no password is required
|
|
|
|
if (not self.usepassword.get_active()) or \
|
|
|
|
((not self.pw.get_text()) and (self._user.password_kickstarted)):
|
2015-03-23 11:36:12 +00:00
|
|
|
return InputCheck.CHECK_OK
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
# If the password failed the validity check, fail this check
|
|
|
|
if (not self._pwq_valid) and (self._pwq_error):
|
|
|
|
return self._pwq_error
|
|
|
|
|
2015-05-30 11:20:59 +00:00
|
|
|
# use strength from policy, not bars
|
|
|
|
pw = self.pw.get_text()
|
|
|
|
username = self.username.get_text()
|
|
|
|
_valid, pwstrength, _error = validatePassword(pw, username, minlen=self.policy.minlen)
|
2015-03-23 11:36:12 +00:00
|
|
|
|
2015-05-30 11:20:59 +00:00
|
|
|
if pwstrength < self.policy.minquality:
|
2014-04-07 12:38:09 +00:00
|
|
|
# If Done has been clicked twice, waive the check
|
2015-03-23 11:36:12 +00:00
|
|
|
if self._waiveStrengthClicks > 1:
|
|
|
|
return InputCheck.CHECK_OK
|
|
|
|
elif self._waiveStrengthClicks == 1:
|
2014-04-07 12:38:09 +00:00
|
|
|
if self._pwq_error:
|
|
|
|
return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % self._pwq_error
|
|
|
|
else:
|
|
|
|
return _(PASSWORD_WEAK_CONFIRM)
|
|
|
|
else:
|
2015-05-30 11:20:59 +00:00
|
|
|
# non-strict allows done to be clicked twice
|
|
|
|
if self.policy.strict:
|
|
|
|
done_msg = ""
|
|
|
|
else:
|
|
|
|
done_msg = _(PASSWORD_DONE_TWICE)
|
|
|
|
|
2014-04-07 12:38:09 +00:00
|
|
|
if self._pwq_error:
|
2016-04-10 04:00:00 +00:00
|
|
|
return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error + " " + done_msg
|
2014-04-07 12:38:09 +00:00
|
|
|
else:
|
2015-05-30 11:20:59 +00:00
|
|
|
return _(PASSWORD_WEAK) % done_msg
|
2014-04-07 12:38:09 +00:00
|
|
|
else:
|
2015-03-23 11:36:12 +00:00
|
|
|
return InputCheck.CHECK_OK
|
|
|
|
|
|
|
|
def _checkPasswordASCII(self, inputcheck):
|
|
|
|
"""Set an error message if the password contains non-ASCII characters.
|
|
|
|
|
|
|
|
Like the password strength check, this check can be bypassed by
|
|
|
|
pressing Done twice.
|
|
|
|
"""
|
|
|
|
|
|
|
|
# If Done has been clicked, waive the check
|
|
|
|
if self._waiveASCIIClicks > 0:
|
|
|
|
return InputCheck.CHECK_OK
|
|
|
|
|
|
|
|
password = self.get_input(inputcheck.input_obj)
|
|
|
|
if password and any(char not in PW_ASCII_CHARS for char in password):
|
|
|
|
return _(PASSWORD_ASCII)
|
|
|
|
|
|
|
|
return InputCheck.CHECK_OK
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
def on_advanced_clicked(self, _button, data=None):
|
|
|
|
"""Handler for the Advanced.. button. It starts the Advanced dialog
|
|
|
|
for setting homedit, uid, gid and groups.
|
|
|
|
"""
|
|
|
|
|
|
|
|
self._user.name = self.username.get_text()
|
|
|
|
|
|
|
|
if self.admin.get_active() and \
|
|
|
|
self._wheel.name not in self._user.groups:
|
|
|
|
self._user.groups.append(self._wheel.name)
|
|
|
|
elif not self.admin.get_active() and \
|
|
|
|
self._wheel.name in self._user.groups:
|
|
|
|
self._user.groups.remove(self._wheel.name)
|
|
|
|
|
|
|
|
self._advanced.refresh()
|
2015-03-23 11:36:12 +00:00
|
|
|
with self.main_window.enlightbox(self._advanced.window):
|
2014-04-07 12:38:09 +00:00
|
|
|
self._advanced.run()
|
|
|
|
|
|
|
|
self.admin.set_active(self._wheel.name in self._user.groups)
|
|
|
|
|
|
|
|
def on_back_clicked(self, button):
|
2015-05-30 11:20:59 +00:00
|
|
|
# If the failed check is for non-ASCII characters,
|
|
|
|
# add a click to the counter and check again
|
2015-03-23 11:36:12 +00:00
|
|
|
failed_check = next(self.failed_checks_with_message, None)
|
2015-05-30 11:20:59 +00:00
|
|
|
if not self.policy.strict and failed_check == self._pwStrengthCheck:
|
2015-03-23 11:36:12 +00:00
|
|
|
self._waiveStrengthClicks += 1
|
|
|
|
self._pwStrengthCheck.update_check_status()
|
|
|
|
elif failed_check == self._pwASCIICheck:
|
|
|
|
self._waiveASCIIClicks += 1
|
|
|
|
self._pwASCIICheck.update_check_status()
|
2014-04-07 12:38:09 +00:00
|
|
|
|
|
|
|
# If there is no user set, skip the checks
|
|
|
|
if not self.username.get_text():
|
|
|
|
for check in self.checks:
|
2015-03-23 11:36:12 +00:00
|
|
|
check.enabled = False
|
|
|
|
|
|
|
|
if GUISpokeInputCheckHandler.on_back_clicked(self, button):
|
|
|
|
NormalSpoke.on_back_clicked(self, button)
|