diff --git a/account_manager/models.py b/account_manager/models.py index fe8b51a..4343634 100644 --- a/account_manager/models.py +++ b/account_manager/models.py @@ -16,7 +16,6 @@ class LdapUser(Model): # inetOrgPerson username = ldap_fields.CharField(db_column='uid', primary_key=True) - # rdn = '' password = ldap_fields.CharField(db_column='userPassword') first_name = ldap_fields.CharField(db_column='cn', blank=True) last_name = ldap_fields.CharField(db_column='sn', blank=True) @@ -25,18 +24,6 @@ class LdapUser(Model): mobile_phone = ldap_fields.CharField(db_column='mobile', blank=True) photo = ldap_fields.ImageField(db_column='jpegPhoto') - # def __init__(self, *args, **kwargs): - # self.rdn = kwargs.get('rdn', None) - # if self.rdn: - # del kwargs['rdn'] - # super().__init__(*args, **kwargs) - # - # def build_dn(self): - # """ - # Build the Distinguished Name for this entry. - # """ - # return "%s,%s,%s" % (self.build_rdn(), self.rdn, self.base_dn) - def __str__(self): return self.username @@ -53,23 +40,9 @@ class LdapGroup(Model): base_dn = "dc=stuve,dc=de" object_classes = ['groupOfNames'] - # posixGroup attributes - # rdn = '' name = ldap_fields.CharField(db_column='cn', max_length=200, primary_key=True) members = ldap_fields.ListField(db_column='member') - # def __init__(self, *args, **kwargs): - # self.rdn = kwargs.get('rdn', None) - # if self.rdn: - # del kwargs['rdn'] - # super().__init__(*args, **kwargs) - # - # def build_dn(self): - # """ - # Build the Distinguished Name for this entry. - # """ - # return "%s,%s,%s" % (self.build_rdn(), self.rdn, self.base_dn) - def __str__(self): return self.name diff --git a/account_manager/views.py b/account_manager/views.py index aa374cd..cbd0b79 100644 --- a/account_manager/views.py +++ b/account_manager/views.py @@ -3,18 +3,23 @@ from .models import LdapGroup, LdapUser from .forms import AddLDAPUserForm, AddLDAPGroupForm, RealmAddForm, RealmUpdateForm from account_helper.models import Realm from django.contrib.auth.models import Group -from django.contrib.auth.decorators import login_required, user_passes_test -from functools import wraps +from django.contrib.auth.decorators import login_required -# @login_required -# def userinfo(request): -# try: -# ldapuserprofile = UserProfile.objects.get(uid=request.user.username) -# except UserProfile.DoesNotExist: -# return HttpResponseRedirect('/login/') -# context = {'request': request, 'ldapuser': ldapuserprofile, } -# return render(request, 'myapp/userinfo.html', context) +def is_realm_admin(view_func): + def decorator(request, *args, **kwargs): + print(args) + print(kwargs) + realm_id = kwargs.get('id', None) + if realm_id and (request.user.is_superuser or len( + Realm.objects.filter(id=realm_id).filter( + admin_group__user__username__contains=request.user.username)) > 0): + return view_func(request, *args, **kwargs) + else: + return redirect('permission-denied') + + return decorator + @login_required def realm(request): @@ -42,21 +47,6 @@ def realm(request): return render(request, 'realm/realm_home.jinja2', {'realms': realms, 'form': form}) -def is_realm_admin(view_func): - def decorator(request, *args, **kwargs): - print(args) - print(kwargs) - realm_id = kwargs.get('id', None) - if realm_id and (request.user.is_superuser or len( - Realm.objects.filter(id=realm_id).filter( - admin_group__user__username__contains=request.user.username)) > 0): - return view_func(request, *args, **kwargs) - else: - return redirect('permission-denied') - - return decorator - - @login_required @is_realm_admin def realm_detail(request, id):