mgoetz/ldap_account_manager
Archived
2
2
Fork 0
Code Issues 9 Pull Requests Releases 2 Wiki Activity

Implement save user deletion as admin, Close #37

Browse Source
This commit is contained in:
Götz 2019-04-11 16:48:52 +02:00
parent ca070aa24a
commit 508c0d9c8f
4 changed files with 31 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
account_manager/urls.py
View File

@ -11,7 +11,6 @@ urlpatterns = [
path('realm/<int:realm_id>/update/', main_views.realm_update, name='realm-update'), path('realm/<int:realm_id>/update/', main_views.realm_update, name='realm-update'),
path('realm/<int:realm_id>/delete/confirm/', main_views.realm_delete_confirm, name='realm-delete-confirm'), path('realm/<int:realm_id>/delete/confirm/', main_views.realm_delete_confirm, name='realm-delete-confirm'),
path('realm/<int:realm_id>/delete/', main_views.realm_delete, name='realm-delete'), path('realm/<int:realm_id>/delete/', main_views.realm_delete, name='realm-delete'),
# path('realm/<int:realm_id>/mail/', main_views.realm_email_update, name='realm-mail-add-update'),
path('realm/<int:realm_id>/mail/test/', main_views.realm_email_test, name='realm-mail-test'), path('realm/<int:realm_id>/mail/test/', main_views.realm_email_test, name='realm-mail-test'),
# Realm User # Realm User
@ -21,16 +20,20 @@ urlpatterns = [
name='realm-user-detail'), name='realm-user-detail'),
path('realm/<int:realm_id>/user/<str:user_dn>/update/', account_manager.views.user_views.realm_user_update, path('realm/<int:realm_id>/user/<str:user_dn>/update/', account_manager.views.user_views.realm_user_update,
name='realm-user-update'), name='realm-user-update'),
path('realm/<int:realm_id>/user/<str:user_dn>/group/update/',
account_manager.views.user_views.realm_user_group_update,
name='realm-user-group-update'),
path('realm/<int:realm_id>/user/<str:user_dn>/group/update/add/', path('realm/<int:realm_id>/user/<str:user_dn>/group/update/add/',
account_manager.views.user_views.realm_user_group_update_add, account_manager.views.user_views.realm_user_group_update_add,
name='realm-user-group-update-add'), name='realm-user-group-update-add'),
path('realm/<int:realm_id>/user/<str:user_dn>/group/update/delete/', path('realm/<int:realm_id>/user/<str:user_dn>/group/update/delete/',
account_manager.views.user_views.realm_user_group_update_delete, account_manager.views.user_views.realm_user_group_update_delete,
name='realm-user-group-update-delete'), name='realm-user-group-update-delete'),
path('realm/<int:realm_id>/user/<str:user_dn>/group/update/', path('realm/<int:realm_id>/user/delete/single/<str:user_dn>/confirm/',
account_manager.views.user_views.realm_user_group_update, account_manager.views.user_views.realm_user_delete_confirm,
name='realm-user-group-update'), name='realm-user-delete-confirm'),
path('realm/<int:realm_id>/user/delete/single/<str:user_dn>/', account_manager.views.user_views.realm_user_delete, path('realm/<int:realm_id>/user/delete/single/<str:user_dn>/',
account_manager.views.user_views.realm_user_delete,
name='realm-user-delete'), name='realm-user-delete'),
path('realm/<int:realm_id>/user/delete/multiple', account_manager.views.user_views.realm_multiple_user_delete, path('realm/<int:realm_id>/user/delete/multiple', account_manager.views.user_views.realm_multiple_user_delete,
name='realm-multiple-user-delete'), name='realm-multiple-user-delete'),

17
account_manager/views/user_views.py
View File

@ -106,6 +106,18 @@ def realm_user_delete(request, realm_id, user_dn):
return redirect('realm-user-list', realm_id) return redirect('realm-user-list', realm_id)
@login_required
@is_realm_admin
def realm_user_delete_confirm(request, realm_id, user_dn):
realm = Realm.objects.get(id=realm_id)
LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}'
ldap_user = LdapUser.objects.get(dn=user_dn)
deletion_link = {'name': 'realm-user-delete', 'args': [realm.id, ldap_user.dn]}
cancel_link = {'name': 'realm-user-detail', 'args': [realm.id, ldap_user.dn]}
return render(request, 'user/user_confirm_delete.jinja2',
{'realm': realm, 'user': ldap_user, 'deletion_link': deletion_link, 'cancel_link': cancel_link})
def realm_multiple_user_delete(request, realm_id): def realm_multiple_user_delete(request, realm_id):
realm = Realm.objects.get(id=realm_id) realm = Realm.objects.get(id=realm_id)
if request.method == 'POST': if request.method == 'POST':
@ -150,7 +162,10 @@ def user_delete_confirm(request, realm_id, user_dn):
LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}' LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}'
ldap_user = LdapUser.objects.get(dn=user_dn) ldap_user = LdapUser.objects.get(dn=user_dn)
if request.user.username == ldap_user.username: if request.user.username == ldap_user.username:
return render(request, 'user/user_confirm_delete.jinja2', {'realm': realm, 'user': ldap_user}) deletion_link = {'name': 'user-delete', 'args': [ldap_user.dn, realm.id]}
cancel_link = {'name': 'realm-user-detail', 'args': [realm.id, ldap_user.dn]}
return render(request, 'user/user_confirm_delete.jinja2',
{'realm': realm, 'user': ldap_user, 'deletion_link': deletion_link, 'cancel_link': cancel_link})
else: else:
return redirect('permission-denied') return redirect('permission-denied')

2
templates/user/realm_user_detail.jinja2
View File

@ -30,7 +30,7 @@
<a href="{{ url('realm-user-update', args = [realm.id, user.dn]) }}" class="btn btn-primary mr-auto p-2"> <a href="{{ url('realm-user-update', args = [realm.id, user.dn]) }}" class="btn btn-primary mr-auto p-2">
Update User Update User
</a> </a>
<a href="{{ url('realm-user-delete', args = [realm.id, user.dn]) }}" class="btn btn-danger p-2"> <a href="{{ url('realm-user-delete-confirm', args = [realm.id, user.dn]) }}" class="btn btn-danger p-2">
Delete User Delete User
</a> </a>
</div> </div>

11
templates/user/user_confirm_delete.jinja2
View File

@ -4,18 +4,19 @@
<div class="row justify-content-center justify-content-sm-center"> <div class="row justify-content-center justify-content-sm-center">
<div class="col-12 col-sm-8 col-md-7 col-lg-5 col-xl-4 bg-white text-dark p-3 mt-5"> <div class="col-12 col-sm-8 col-md-7 col-lg-5 col-xl-4 bg-white text-dark p-3 mt-5">
<div class="alert alert-warning" role="alert"> <div class="alert alert-warning" role="alert">
<p>Achtung! Sie sind gerade dabei den Account von {{ user.username }} zu schließen.</p> <p>Achtung! Sie sind gerade dabei den Account von <strong>{{ user.username }}</strong> zu schließen.
</p>
<p>Falls Sie sich sicher sind, dass Sie diesen Nutzer löschen wollen, klicken Sie bitte auf "Nutzer <p>Falls Sie sich sicher sind, dass Sie diesen Nutzer löschen wollen, klicken Sie bitte auf "Nutzer
löschen". löschen".
<p>Hierdurch werden Ihre Zugangsdaten gelöscht. Bitte beachten Sie, dass Ihre Daten, die Sie in den <p>Hierdurch werden die Zugangsdaten gelöscht. Bitte beachten Sie, dass die Daten, die in den
Diensten hochgeladen haben, weiterhin bestehen bleiben.</p> Diensten hochgeladen wurden, weiterhin bestehen bleiben.</p>
<p>Um auch diese zu löschen müssen Sie zuvor Ihre Daten entsprechend löschen. </p> <p>Um auch diese zu löschen müssen Sie zuvor Ihre Daten entsprechend löschen. </p>
<p>Möchten Sie das Löschen der Accountdaten verhindern, klicken Sie auf "Abbrechen"</p> <p>Möchten Sie das Löschen der Accountdaten verhindern, klicken Sie auf "Abbrechen"</p>
</div> </div>
<div class="d-flex"> <div class="d-flex">
<a href="{{ url('realm-user-detail', args = [realm.id, user.dn]) }}" <a href="{{ url(cancel_link.name, args = cancel_link.args) }}"
class="btn btn-secondary mr-auto p-2">Abbrechen</a> class="btn btn-secondary mr-auto p-2">Abbrechen</a>
<a href="{{ url('user-delete', args = [user.dn, realm.id]) }}" <a href="{{ url(deletion_link.name, args = deletion_link.args) }}"
class="btn btn-danger p-2">Nutzer löschen</a> class="btn btn-danger p-2">Nutzer löschen</a>
</div> </div>
</div> </div>