Implement default group, Close #24
This commit is contained in:
parent
66c7485028
commit
464c16f55c
@ -6,7 +6,8 @@ from django.db import models
|
|||||||
class Realm(models.Model):
|
class Realm(models.Model):
|
||||||
name = models.CharField(max_length=200, unique=True)
|
name = models.CharField(max_length=200, unique=True)
|
||||||
email = models.CharField(max_length=200)
|
email = models.CharField(max_length=200)
|
||||||
admin_group = models.ForeignKey(Group, models.PROTECT, blank=True, null=True)
|
admin_group = models.ForeignKey(Group, models.PROTECT, blank=True, null=True, related_name='admin_groups')
|
||||||
|
default_group = models.ForeignKey(Group, models.PROTECT, blank=True, null=True, related_name='default_groups')
|
||||||
ldap_base_dn = models.CharField(max_length=400, unique=True)
|
ldap_base_dn = models.CharField(max_length=400, unique=True)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
|
|||||||
@ -6,7 +6,7 @@ from django.forms import modelformset_factory
|
|||||||
|
|
||||||
class AddLDAPUserForm(forms.Form):
|
class AddLDAPUserForm(forms.Form):
|
||||||
username = forms.CharField(label='Nutzername', max_length=400)
|
username = forms.CharField(label='Nutzername', max_length=400)
|
||||||
email = forms.EmailField(label='E-Mail', required=False)
|
email = forms.EmailField(label='E-Mail')
|
||||||
|
|
||||||
|
|
||||||
class AdminUpdateLDAPUserForm(forms.Form):
|
class AdminUpdateLDAPUserForm(forms.Form):
|
||||||
@ -58,7 +58,10 @@ class RealmUpdateForm(forms.Form):
|
|||||||
name = forms.CharField(label='Bereichsname', max_length=200)
|
name = forms.CharField(label='Bereichsname', max_length=200)
|
||||||
admin_group = forms.ModelChoiceField(label='Admin Gruppe',
|
admin_group = forms.ModelChoiceField(label='Admin Gruppe',
|
||||||
help_text="Die Mitglieder dieser Gruppe darf den Bereich administieren",
|
help_text="Die Mitglieder dieser Gruppe darf den Bereich administieren",
|
||||||
queryset=LdapGroup.objects.all())
|
queryset=LdapGroup.objects.all(), required=False)
|
||||||
|
default_group = forms.ModelChoiceField(label='Default Gruppe',
|
||||||
|
help_text="Diese Gruppe wird jedem User der neu erstellt wird hinzugefügt werden",
|
||||||
|
queryset=LdapGroup.objects.all(), required=False)
|
||||||
|
|
||||||
|
|
||||||
UserFormset = modelformset_factory(
|
UserFormset = modelformset_factory(
|
||||||
|
|||||||
@ -73,26 +73,44 @@ def realm_detail(request, realm_id):
|
|||||||
@is_realm_admin
|
@is_realm_admin
|
||||||
def realm_update(request, realm_id):
|
def realm_update(request, realm_id):
|
||||||
if request.user.is_superuser:
|
if request.user.is_superuser:
|
||||||
realm_obj = Realm.objects.get(id=realm_id)
|
realm = Realm.objects.get(id=realm_id)
|
||||||
data = {'id': realm_obj.id, 'ldap_base_dn': realm_obj.ldap_base_dn, 'name': realm_obj.name,
|
LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}'
|
||||||
'email': realm_obj.email,
|
ldap_admin_group = None
|
||||||
'admin_group': realm_obj.admin_group}
|
if realm.admin_group:
|
||||||
|
ldap_admin_group = LdapGroup.objects.get(name=realm.admin_group.name)
|
||||||
|
ldap_default_group = None
|
||||||
|
if realm.default_group:
|
||||||
|
ldap_default_group = LdapGroup.objects.get(name=realm.default_group.name)
|
||||||
|
data = {'id': realm.id,
|
||||||
|
'ldap_base_dn': realm.ldap_base_dn,
|
||||||
|
'name': realm.name,
|
||||||
|
'email': realm.email,
|
||||||
|
'admin_group': ldap_admin_group,
|
||||||
|
'default_group': ldap_default_group}
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
form = RealmUpdateForm(request.POST)
|
form = RealmUpdateForm(request.POST)
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
realm_obj.name = form.cleaned_data['name']
|
realm.name = form.cleaned_data['name']
|
||||||
realm_obj.ldap_base_dn = form.cleaned_data['ldap_base_dn']
|
realm.ldap_base_dn = form.cleaned_data['ldap_base_dn']
|
||||||
realm_obj.email = form.cleaned_data['email']
|
realm.email = form.cleaned_data['email']
|
||||||
admin_ldap_group = form.cleaned_data['admin_group']
|
admin_ldap_group = form.cleaned_data['admin_group']
|
||||||
realm_obj.admin_group, _ = Group.objects.get_or_create(name=admin_ldap_group.name)
|
if admin_ldap_group:
|
||||||
realm_obj.save()
|
realm.admin_group, _ = Group.objects.get_or_create(name=admin_ldap_group.name)
|
||||||
return redirect('realm-detail', realm_obj.id)
|
else:
|
||||||
|
realm.admin_group = None
|
||||||
|
default_ldap_group = form.cleaned_data['default_group']
|
||||||
|
if default_ldap_group:
|
||||||
|
realm.default_group, _ = Group.objects.get_or_create(name=default_ldap_group.name)
|
||||||
|
else:
|
||||||
|
realm.default_group = None
|
||||||
|
realm.save()
|
||||||
|
return redirect('realm-detail', realm.id)
|
||||||
else:
|
else:
|
||||||
form = RealmUpdateForm(initial=data)
|
form = RealmUpdateForm(initial=data)
|
||||||
return render(request, 'realm/realm_update.jinja2', {'realm': realm_obj, 'form': form})
|
return render(request, 'realm/realm_update.jinja2', {'realm': realm, 'form': form})
|
||||||
else:
|
else:
|
||||||
realm_obj = Realm.objects.get(id=realm_id)
|
realm = Realm.objects.get(id=realm_id)
|
||||||
return render(request, 'realm/realm_update.jinja2', {'realm': realm_obj})
|
return render(request, 'realm/realm_update.jinja2', {'realm': realm})
|
||||||
|
|
||||||
|
|
||||||
def realm_delete(request, realm_id):
|
def realm_delete(request, realm_id):
|
||||||
|
|||||||
@ -39,7 +39,7 @@ def realm_user_detail(request, realm_id, user_dn):
|
|||||||
@login_required
|
@login_required
|
||||||
@is_realm_admin
|
@is_realm_admin
|
||||||
def user_add(request, realm_id):
|
def user_add(request, realm_id):
|
||||||
realm_obj = Realm.objects.get(id=realm_id)
|
realm = Realm.objects.get(id=realm_id)
|
||||||
# if this is a POST request we need to process the form data
|
# if this is a POST request we need to process the form data
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
# create a form instance and populate it with data from the request:
|
# create a form instance and populate it with data from the request:
|
||||||
@ -52,18 +52,22 @@ def user_add(request, realm_id):
|
|||||||
protocol = 'http'
|
protocol = 'http'
|
||||||
if request.is_secure():
|
if request.is_secure():
|
||||||
protocol = 'https'
|
protocol = 'https'
|
||||||
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
|
LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}'
|
||||||
LdapUser.create_with_django_user_creation_and_welcome_mail(realm=realm_obj,
|
LdapUser.create_with_django_user_creation_and_welcome_mail(realm=realm,
|
||||||
protocol=protocol,
|
protocol=protocol,
|
||||||
domain=current_site.domain,
|
domain=current_site.domain,
|
||||||
username=username,
|
username=username,
|
||||||
email=email)
|
email=email)
|
||||||
|
user = LdapUser.objects.get(username=username)
|
||||||
|
LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}'
|
||||||
|
default_ldap_group = LdapGroup.objects.get(name=realm.default_group.name)
|
||||||
|
ldap_add_user_to_groups(ldap_user=user.dn, user_groups=[default_ldap_group, ])
|
||||||
return redirect('realm-user-list', realm_id)
|
return redirect('realm-user-list', realm_id)
|
||||||
|
|
||||||
# if a GET (or any other method) we'll create a blank form
|
# if a GET (or any other method) we'll create a blank form
|
||||||
else:
|
else:
|
||||||
form = AddLDAPUserForm()
|
form = AddLDAPUserForm()
|
||||||
return render(request, 'user/realm_user_add.jinja2', {'form': form, 'realm': realm_obj})
|
return render(request, 'user/realm_user_add.jinja2', {'form': form, 'realm': realm})
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
|||||||
@ -166,7 +166,7 @@
|
|||||||
{% endmacro %}
|
{% endmacro %}
|
||||||
|
|
||||||
{% macro select_input(field, multiple=False) -%}
|
{% macro select_input(field, multiple=False) -%}
|
||||||
<div class="form-group">
|
<div class="">
|
||||||
<label for="{{ field.id_for_label }}">{{ field.label }}</label>
|
<label for="{{ field.id_for_label }}">{{ field.label }}</label>
|
||||||
<select
|
<select
|
||||||
{% if multiple %}multiple{% endif %}
|
{% if multiple %}multiple{% endif %}
|
||||||
|
|||||||
@ -29,7 +29,7 @@
|
|||||||
<li class="list-group-item">Admin Gruppe: <span class="text-warning">Noch ausstehend</span></li>
|
<li class="list-group-item">Admin Gruppe: <span class="text-warning">Noch ausstehend</span></li>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if realm.default_group %}
|
{% if realm.default_group %}
|
||||||
<li class="list-group-item">Default Gruppe: {{ realm.admin_group }}</li>
|
<li class="list-group-item">Default Gruppe: {{ realm.default_group }}</li>
|
||||||
{% else %}
|
{% else %}
|
||||||
<li class="list-group-item">Default Gruppe: <span class="text-warning">Noch ausstehend</span>
|
<li class="list-group-item">Default Gruppe: <span class="text-warning">Noch ausstehend</span>
|
||||||
</li>
|
</li>
|
||||||
|
|||||||
@ -8,7 +8,8 @@
|
|||||||
{{ mform.text_input(form.ldap_base_dn) }}
|
{{ mform.text_input(form.ldap_base_dn) }}
|
||||||
{{ mform.text_input(form.name) }}
|
{{ mform.text_input(form.name) }}
|
||||||
{{ mform.email_input(form.email) }}
|
{{ mform.email_input(form.email) }}
|
||||||
{{ mform.text_input(form.admin_group) }}
|
{{ mform.select_input(form.admin_group) }}
|
||||||
|
{{ mform.select_input(form.default_group) }}
|
||||||
<div class="d-flex mt-4">
|
<div class="d-flex mt-4">
|
||||||
<button type="submit" class="btn btn-primary mr-auto p-2">Speichern</button>
|
<button type="submit" class="btn btn-primary mr-auto p-2">Speichern</button>
|
||||||
<a href="{{ url('realm-detail', args = [realm.id]) }}"
|
<a href="{{ url('realm-detail', args = [realm.id]) }}"
|
||||||
|
|||||||
Reference in New Issue
Block a user