diff --git a/account_helper/models.py b/account_helper/models.py index 95d1265..3f7943a 100644 --- a/account_helper/models.py +++ b/account_helper/models.py @@ -7,7 +7,7 @@ class Realm(models.Model): name = models.CharField(max_length=200, unique=True) email = models.EmailField(blank=True, null=True) admin_group = models.ForeignKey(Group, models.PROTECT, blank=True, null=True) - ldap_rdn_org = models.CharField(max_length=400, unique=True) + ldap_base_dn = models.CharField(max_length=400, unique=True) def __str__(self): return f'{self.name} - {self.ldap_rdn_org}' diff --git a/account_manager/forms.py b/account_manager/forms.py index 9da2168..3cb2c3f 100644 --- a/account_manager/forms.py +++ b/account_manager/forms.py @@ -5,7 +5,6 @@ from .models import LdapUser, LdapGroup class AddLDAPUserForm(forms.Form): - rdn = forms.ModelChoiceField(queryset=LdapUserRDN.objects.all()) username = forms.CharField(label='Nutzername', max_length=400) first_name = forms.CharField(label='Vorname', max_length=400) last_name = forms.CharField(label='Nachname', max_length=400) @@ -13,21 +12,21 @@ class AddLDAPUserForm(forms.Form): class AddLDAPGroupForm(forms.Form): - rdn = forms.ModelChoiceField(queryset=LdapGroupRDN.objects.all()) name = forms.CharField(label='name', max_length=400) + # TODO show only allowed user members = forms.ModelMultipleChoiceField(widget=forms.CheckboxSelectMultiple, queryset=LdapUser.objects.all()) class RealmAddForm(forms.Form): name = forms.CharField(label='Bereichsname', max_length=200) - ldap_rdn_org = forms.CharField(label='LDAP OU Pfad', - help_text='Angabe des Pfads zur Organisation, die die Ordnungseinheiten people und groups enthält. Ohne Routdn. Besipiel: "ou=people, ou=fs_wiai, ou=fachschaften, dc=stuve, dc=de" => ou=fs_wiai, ou=fachschaften, dc=stuve', + ldap_base_dn = forms.CharField(label='LDAP Base DN', + help_text='TODO', max_length=200) class RealmUpdateForm(forms.Form): - ldap_rdn_org = forms.CharField(label='LDAP OU Pfad', - help_text='Angabe des Pfads zur Organisation, die die Ordnungseinheiten people und groups enthält. Ohne Routdn. Besipiel: "ou=people, ou=fs_wiai, ou=fachschaften, dc=stuve, dc=de" => ou=fs_wiai, ou=fachschaften, dc=stuve', + ldap_base_dn = forms.CharField(label='LDAP Base DN', + help_text='TODO', max_length=200) name = forms.CharField(label='Bereichsname', max_length=200) email = forms.EmailField(label='E-Mail', required=False) diff --git a/account_manager/models.py b/account_manager/models.py index 603fc77..fe8b51a 100644 --- a/account_manager/models.py +++ b/account_manager/models.py @@ -9,13 +9,14 @@ class LdapUser(Model): Class for representing an LDAP user entry. """ # LDAP meta-data + ROOT_DN = "dc=stuve,dc=de" base_dn = "dc=stuve,dc=de" object_classes = ['inetOrgPerson'] last_modified = ldap_fields.DateTimeField(db_column='modifyTimestamp', blank=True) # inetOrgPerson username = ldap_fields.CharField(db_column='uid', primary_key=True) - rdn = '' + # rdn = '' password = ldap_fields.CharField(db_column='userPassword') first_name = ldap_fields.CharField(db_column='cn', blank=True) last_name = ldap_fields.CharField(db_column='sn', blank=True) @@ -24,17 +25,17 @@ class LdapUser(Model): mobile_phone = ldap_fields.CharField(db_column='mobile', blank=True) photo = ldap_fields.ImageField(db_column='jpegPhoto') - def __init__(self, *args, **kwargs): - self.rdn = kwargs.get('rdn', None) - if self.rdn: - del kwargs['rdn'] - super().__init__(*args, **kwargs) - - def build_dn(self): - """ - Build the Distinguished Name for this entry. - """ - return "%s,%s,%s" % (self.build_rdn(), self.rdn, self.base_dn) + # def __init__(self, *args, **kwargs): + # self.rdn = kwargs.get('rdn', None) + # if self.rdn: + # del kwargs['rdn'] + # super().__init__(*args, **kwargs) + # + # def build_dn(self): + # """ + # Build the Distinguished Name for this entry. + # """ + # return "%s,%s,%s" % (self.build_rdn(), self.rdn, self.base_dn) def __str__(self): return self.username @@ -48,25 +49,26 @@ class LdapGroup(Model): Class for representing an LDAP group entry. """ # LDAP meta-data + ROOT_DN = "dc=stuve,dc=de" base_dn = "dc=stuve,dc=de" object_classes = ['groupOfNames'] # posixGroup attributes - rdn = '' + # rdn = '' name = ldap_fields.CharField(db_column='cn', max_length=200, primary_key=True) members = ldap_fields.ListField(db_column='member') - def __init__(self, *args, **kwargs): - self.rdn = kwargs.get('rdn', None) - if self.rdn: - del kwargs['rdn'] - super().__init__(*args, **kwargs) - - def build_dn(self): - """ - Build the Distinguished Name for this entry. - """ - return "%s,%s,%s" % (self.build_rdn(), self.rdn, self.base_dn) + # def __init__(self, *args, **kwargs): + # self.rdn = kwargs.get('rdn', None) + # if self.rdn: + # del kwargs['rdn'] + # super().__init__(*args, **kwargs) + # + # def build_dn(self): + # """ + # Build the Distinguished Name for this entry. + # """ + # return "%s,%s,%s" % (self.build_rdn(), self.rdn, self.base_dn) def __str__(self): return self.name diff --git a/account_manager/urls.py b/account_manager/urls.py index e1921db..0d35b93 100644 --- a/account_manager/urls.py +++ b/account_manager/urls.py @@ -4,10 +4,13 @@ from . import views urlpatterns = [ path('realm/', views.realm, name='realm-home'), path('realm//', views.realm_detail, name='realm-detail'), - path('realm//user/', views.realm_user, name='realm-user-list'), + path('realm//users/', views.realm_user, name='realm-user-list'), path('realm//groups/', views.realm_groups, name='realm-group-list'), path('realm//update/', views.realm_update, name='realm-update'), + path('realm//user/', views.user_add, name='realm-user-add'), + path('realm//group/', views.group_add, name='realm-group-add'), + path('user/list/', views.userlist, name='user-list'), path('user/get//', views.user_detail, name='user'), diff --git a/account_manager/views.py b/account_manager/views.py index 079aa00..cce8dcb 100644 --- a/account_manager/views.py +++ b/account_manager/views.py @@ -37,14 +37,14 @@ def realm_detail(request, id): def realm_update(request, id): if request.user.is_superuser: realm_obj = Realm.objects.get(id=id) - data = {'id': realm_obj.id, 'ldap_rdn_org': realm_obj.ldap_rdn_org, 'name': realm_obj.name, + data = {'id': realm_obj.id, 'ldap_base_dn': realm_obj.ldap_base_dn, 'name': realm_obj.name, 'email': realm_obj.email, 'admin_group': realm_obj.admin_group} if request.method == 'POST': form = RealmUpdateForm(request.POST) if form.is_valid(): realm_obj.name = form.cleaned_data['name'] - realm_obj.ldap_rdn_org = form.cleaned_data['ldap_rdn_org'] + realm_obj.ldap_base_dn = form.cleaned_data['ldap_base_dn'] realm_obj.email = form.cleaned_data['email'] admin_ldap_group = form.cleaned_data['admin_group'] @@ -61,20 +61,21 @@ def realm_update(request, id): def realm_user(request, id): realm_obj = Realm.objects.get(id=id) - dn = f'uid=*,ou=people,{realm_obj.ldap_rdn_org},{LdapUser.base_dn}' - realm_users = LdapUser.objects.filter(dn=dn) + LdapUser.base_dn = realm_obj.ldap_base_dn + realm_users = LdapUser.objects.all() return render(request, 'realm/realm_user.jinja2', {'realm': realm_obj, 'realm_user': realm_users}) def realm_groups(request, id): realm_obj = Realm.objects.get(id=id) - dn = f'ou=groups,{realm_obj.ldap_rdn_org},{LdapUser.base_dn}' - LdapGroup.base_dn = dn + LdapGroup.base_dn = realm_obj.ldap_base_dn realm_groups_obj = LdapGroup.objects.all() return render(request, 'realm/realm_groups.jinja2', {'realm': realm_obj, 'realm_groups': realm_groups_obj}) def userlist(request): + LdapUser.base_dn = LdapUser.ROOT_DN + LdapGroup.base_dn = LdapGroup.ROOT_DN user = LdapUser.objects.all() groups = LdapGroup.objects.all() context = {'users': user, 'groups': groups} @@ -88,28 +89,28 @@ def user_detail(request, dn): return render(request, 'user/user_detail.jinja2', context) -def user_add(request): +def user_add(request, realm_id): + realm_obj = Realm.objects.get(id=realm_id) # if this is a POST request we need to process the form data if request.method == 'POST': # create a form instance and populate it with data from the request: form = AddLDAPUserForm(request.POST) # check whether it's valid: if form.is_valid(): - rdn = form.cleaned_data['rdn'] username = form.cleaned_data['username'] password = form.cleaned_data['password'] first_name = form.cleaned_data['first_name'] last_name = form.cleaned_data['last_name'] - LdapUser.objects.create(rdn=rdn, username=username, + LdapUser.base_dn = realm_obj.ldap_base_dn + LdapUser.objects.create(username=username, password=password, first_name=first_name, last_name=last_name, ) - return redirect('user-list') + return redirect('realm-user-list', realm_id) # if a GET (or any other method) we'll create a blank form else: form = AddLDAPUserForm() - - return render(request, 'user/user_add.jinja2', {'form': form}) + return render(request, 'user/user_add.jinja2', {'form': form, 'realm': realm_obj}) def group_detail(request, dn): @@ -118,22 +119,23 @@ def group_detail(request, dn): return render(request, 'user/group_detail.jinja2', context) -def group_add(request): +def group_add(request, realm_id): + realm_obj = Realm.objects.get(id=realm_id) # if this is a POST request we need to process the form data if request.method == 'POST': # create a form instance and populate it with data from the request: form = AddLDAPGroupForm(request.POST) # check whether it's valid: if form.is_valid(): - rdn = form.cleaned_data['rdn'] name = form.cleaned_data['name'] members = form.cleaned_data['members'] members = [member.dn for member in members] - LdapGroup.objects.create(rdn=rdn, name=name, members=members) - return redirect('user-list') + LdapGroup.base_dn = realm_obj.ldap_base_dn + LdapGroup.objects.create(name=name, members=members) + return redirect('realm-group-list', realm_id) # if a GET (or any other method) we'll create a blank form else: form = AddLDAPGroupForm() - return render(request, 'group/group_add.jinja2', {'form': form}) + return render(request, 'group/group_add.jinja2', {'form': form, 'realm': realm_obj}) diff --git a/templates/group/group_add.jinja2 b/templates/group/group_add.jinja2 index f957d6a..f74c4e9 100644 --- a/templates/group/group_add.jinja2 +++ b/templates/group/group_add.jinja2 @@ -1,4 +1,4 @@ -
+ {{ form.as_p() }} diff --git a/templates/realm/realm_detailed.jinja2 b/templates/realm/realm_detailed.jinja2 index 06e8668..ab24e84 100644 --- a/templates/realm/realm_detailed.jinja2 +++ b/templates/realm/realm_detailed.jinja2 @@ -3,7 +3,7 @@ Nutzer anlegen | Gruppe anlegen

Bereich {{ realm.name }}

Bereich Info

-

LDAP OU: {{ realm.ldap_rdn_org }}

+

LDAP OU: {{ realm.ldap_base_dn }}

Email: {{ realm.email }}

Admin Gruppe: {{ realm.admin_group }}

@@ -11,11 +11,11 @@

Bereichsinformationen anpassen

{% endblock %} - +

Nutzer hinzufügen

{% block user_content %}

Nutzer

{% endblock %} - +

Gruppen hinzufügen

{% block groups_content %}

Gruppen

{% endblock %} diff --git a/templates/realm/realm_groups.jinja2 b/templates/realm/realm_groups.jinja2 index d8c736c..8ca7b4f 100644 --- a/templates/realm/realm_groups.jinja2 +++ b/templates/realm/realm_groups.jinja2 @@ -5,11 +5,11 @@ {% for group in realm_groups %}

{{ group.name }}

DN: {{ group.dn }}

-

Nutzername: {{ group.name }}

-

Mitglieder

- {% for user in group.members %} -

{{ user }}

- {% endfor %} +{#

Nutzername: {{ group.name }}

#} +{#

Mitglieder

#} +{# {% for user in group.members %}#} +{#

{{ user }}

#} +{# {% endfor %}#}
{% endfor %} {% endblock %} diff --git a/templates/user/user_add.jinja2 b/templates/user/user_add.jinja2 index 7103d9f..402f37e 100644 --- a/templates/user/user_add.jinja2 +++ b/templates/user/user_add.jinja2 @@ -1,4 +1,4 @@ - + {{ form.as_p() }}