diff options
Diffstat (limited to 'account.py')
-rw-r--r-- | account.py | 16 |
1 files changed, 9 insertions, 7 deletions
@@ -173,7 +173,7 @@ class AccountService: attr = [(ldap.MOD_REPLACE, 'mail', account.mail)] dn = self._format_dn([('uid',account.uid),('ou','users')]) self.connection.modify_s(dn, attr) - self._alter_passwords(account) + self._alter_passwords(account, as_admin=as_admin) self._unbind() @@ -251,15 +251,17 @@ class AccountService: self.binded = False - def _alter_passwords(self, account): + def _alter_passwords(self, account, as_admin=False): if account.new_password_root: dn = self._format_dn([('uid',account.uid),('ou','users')]) old, new = account.new_password_root - if self.admin: - self.connection.passwd_s(dn, None, new) + if as_admin: + self.connection.passwd_s(dn, None, new) else: - try: self.connection.passwd_s(dn, old, new) - except: raise InvalidPasswordError() + try: + self.connection.passwd_s(dn, old, new) + except ldap.UNWILLING_TO_PERFORM: + raise InvalidPasswordError() account.password = new @@ -268,7 +270,7 @@ class AccountService: for service, passwords in account.new_password_services.items(): dn = self._format_dn([('uid',account.uid),('cn',service),('ou','services')]) old, new = passwords - if self.admin: + if as_admin: self.connection.passwd_s(dn, None, new) else: self.connection.passwd_s(dn, old, new) |