From a635d16a8aa0a84b893973112c97dc444a9f263e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20G=C3=B6tz?= Date: Wed, 12 Jun 2019 17:54:54 +0200 Subject: [PATCH] Change status codes, refractoring --- requirements.txt | 2 +- src/account_manager/main_views.py | 39 +++++-------------------- src/account_manager/models.py | 13 ++++++++- src/account_manager/utils/main_views.py | 35 +++++++++++++++------- src/account_manager/utils/user_views.py | 10 +++++++ src/account_manager/views/user_views.py | 12 ++++---- 6 files changed, 60 insertions(+), 51 deletions(-) create mode 100644 src/account_manager/utils/user_views.py diff --git a/requirements.txt b/requirements.txt index 5a3c09f..5955294 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,4 +3,4 @@ python-ldap==3.2.0 django-auth-ldap==1.7.0 django-ldapdb==1.3.0 Jinja2==2.10 -Pillow==2.2.1 +Pillow==2.2.1 \ No newline at end of file diff --git a/src/account_manager/main_views.py b/src/account_manager/main_views.py index 46db4ca..69b2a8f 100644 --- a/src/account_manager/main_views.py +++ b/src/account_manager/main_views.py @@ -5,14 +5,14 @@ from socket import timeout from django.contrib.auth.decorators import login_required from django.contrib.auth.models import Group, User -from django.core.exceptions import ObjectDoesNotExist from django.db import IntegrityError -from django.shortcuts import render, redirect, HttpResponse +from django.shortcuts import render, redirect from ldap import LDAPError from account_helper.models import Realm from account_manager.utils.mail_utils import realm_send_mail -from account_manager.utils.main_views import render_permission_denied_view, render_realm_detail_view +from account_manager.utils.main_views import render_permission_denied_view, render_realm_detail_view, \ + get_users_home_view from .forms import RealmAddForm, RealmUpdateForm from .models import LdapGroup, LdapUser @@ -34,37 +34,13 @@ def is_realm_admin(view_func): @login_required def realm_list(request): - user = request.user - if user.is_superuser: + django_user = request.user + if django_user.is_superuser: realms = Realm.objects.order_by('name').all() else: - realms = Realm.objects.filter(admin_group__user__username__contains=user.username).order_by('name').order_by( - 'name') - show_user = request.GET.get('show_user', False) - if show_user or (len(realms) == 0 and not user.is_superuser): - try: - LdapUser.base_dn = LdapUser.ROOT_DN - user = LdapUser.objects.get(username=user.username) - realm_base_dn = re.compile('(uid=[a-zA-Z0-9_-]*),(ou=[a-zA-Z_-]*),(.*)').match(user.dn).group(3) - realm = Realm.objects.get(ldap_base_dn=realm_base_dn) + realms = Realm.objects.filter(admin_group__user__username__contains=django_user.username).order_by('name') - return redirect('user-detail', realm.id, user.dn) - except ObjectDoesNotExist as err: - logger.info('Anmeldung fehlgeschlagen', err) - return HttpResponse("Invalid login. Please try again.") - elif len(realms) == 1: - return redirect('realm-detail', realms[0].id) - else: - realm_wrappers = [] - for realm in realms: - realm_wrappers.append(_get_group_user_count_wrapper(realm)) - return render(request, 'realm/realm_home.jinja2', {'realms': realms, 'realm_wrappers': realm_wrappers}) - - -def _get_group_user_count_wrapper(realm): - LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}' - LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}' - return {'realm': realm, 'group_count': LdapGroup.objects.count(), 'user_count': LdapUser.objects.count()} + return get_users_home_view(request, django_user, realms) @login_required @@ -83,6 +59,7 @@ def realm_add(request): realm.save() return render_realm_detail_view(request, realm.id, status_code=201) except IntegrityError as err: + # TODO: Load no extra fail view, use current add view return render(request, 'realm/realm_add_failed.jinja2', {'realm_name': name, 'error': err}, status=409) except LDAPError as err: diff --git a/src/account_manager/models.py b/src/account_manager/models.py index 4a1480c..f6f76e4 100644 --- a/src/account_manager/models.py +++ b/src/account_manager/models.py @@ -4,7 +4,7 @@ import os import re from datetime import datetime, timedelta -from django.contrib.auth.models import User +from django.contrib.auth.models import User, Group from django.core.exceptions import ObjectDoesNotExist from django.db import OperationalError from django.db.models import Q @@ -132,6 +132,9 @@ class LdapUser(Model): return (LdapUser.objects.filter(last_login__lte=last_semester) | LdapUser.objects.exclude( last_login__lte=datetime.now() + timedelta(days=1))) + def get_users_realm_base_dn(self): + return re.compile('(uid=[a-zA-Z0-9_-]*),(ou=[a-zA-Z_-]*),(.*)').match(self.dn).group(3) + @staticmethod def set_root_dn(realm): LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}' @@ -166,6 +169,14 @@ class LdapGroup(Model): group.members.remove(ldap_user_dn) group.save() + def get_django_group(self): + django_group, _ = Group.objects.get_or_create(name=self.name) + return django_group + + @staticmethod + def set_root_dn(realm): + LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}' + def __str__(self): return self.name diff --git a/src/account_manager/utils/main_views.py b/src/account_manager/utils/main_views.py index 9cb4f87..cc04728 100644 --- a/src/account_manager/utils/main_views.py +++ b/src/account_manager/utils/main_views.py @@ -2,17 +2,7 @@ from django.shortcuts import render from account_helper.models import Realm from account_manager.models import LdapUser, LdapGroup - - -# def render_realm_detail_page(realm_id, request, notice=""): -# realm = Realm.objects.get(id=realm_id) -# ldap_admin_group, ldap_default_group = get_default_admin_group(realm) -# LdapUser.base_dn = realm.ldap_base_dn -# inactive_users = LdapUser.get_inactive_users().count() -# return render(request, 'realm/realm_detailed.jinja2', -# {'realm': realm, 'ldap_admin_group': ldap_admin_group, 'ldap_default_group': ldap_default_group, -# 'inactive_user_count': inactive_users, 'users_count': LdapUser.objects.all().count(), -# 'notice': notice}) +from account_manager.utils.user_views import render_user_detail_view def render_realm_detail_view(request, realm_id, success_headline=None, success_text=None, error_headline=None, @@ -47,3 +37,26 @@ def get_default_admin_group(realm): def render_permission_denied_view(request): return render(request, 'permission_denied.jinja2', {}, status=403) + + +def get_group_user_count_wrapper(realm): + LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}' + LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}' + return {'realm': realm, 'group_count': LdapGroup.objects.count(), 'user_count': LdapUser.objects.count()} + + +def get_users_home_view(request, django_user, realms): + show_user = request.GET.get('show_user', False) + if show_user or (len(realms) == 0 and not django_user.is_superuser): + LdapUser.base_dn = LdapUser.ROOT_DN + ldap_user = LdapUser.objects.get(username=django_user.username) + realm = Realm.objects.get(ldap_base_dn=ldap_user.get_users_realm_base_dn()) + + return render_user_detail_view(request, realm, ldap_user) + elif len(realms) == 1: + return render_realm_detail_view(request, realms[0].id) + else: + realm_wrappers = [] + for realm in realms: + realm_wrappers.append(get_group_user_count_wrapper(realm)) + return render(request, 'realm/realm_home.jinja2', {'realms': realms, 'realm_wrappers': realm_wrappers}) diff --git a/src/account_manager/utils/user_views.py b/src/account_manager/utils/user_views.py new file mode 100644 index 0000000..c198f54 --- /dev/null +++ b/src/account_manager/utils/user_views.py @@ -0,0 +1,10 @@ +from django.shortcuts import render + +from account_manager.models import LdapUser, LdapGroup + + +def render_user_detail_view(request, realm, ldap_user): + user_wrapper = LdapUser.get_extended_user(ldap_user) + LdapGroup.base_dn = LdapGroup.ROOT_DN + groups = LdapGroup.objects.filter(members=ldap_user.dn) + return render(request, 'user/user_detail.jinja2', {'user': user_wrapper, 'groups': groups, 'realm': realm}) \ No newline at end of file diff --git a/src/account_manager/views/user_views.py b/src/account_manager/views/user_views.py index 1e312fb..3856550 100644 --- a/src/account_manager/views/user_views.py +++ b/src/account_manager/views/user_views.py @@ -1,5 +1,4 @@ import logging -import os from django.contrib.auth.decorators import login_required from django.contrib.auth.forms import PasswordResetForm @@ -8,7 +7,7 @@ from django.contrib.auth.views import PasswordResetConfirmView, PasswordChangeVi from django.contrib.sites.shortcuts import get_current_site from django.core.exceptions import ObjectDoesNotExist from django.db import IntegrityError -from django.http import HttpRequest, HttpResponseRedirect +from django.http import HttpRequest from django.shortcuts import render, redirect from django.utils.translation import gettext as _ from ldap import ALREADY_EXISTS, OBJECT_CLASS_VIOLATION @@ -26,6 +25,8 @@ from account_manager.utils.mail_utils import send_welcome_mail, send_deletion_ma from django.contrib.auth import logout from django.conf import settings +from account_manager.utils.user_views import render_user_detail_view + logger = logging.getLogger(__name__) @@ -80,12 +81,9 @@ def get_rendered_user_details(request, realm_id, user_dn, success_headline=None, def user_detail(request, realm_id, user_dn): realm = Realm.objects.get(id=realm_id) LdapUser.base_dn = realm.ldap_base_dn - LdapGroup.base_dn = LdapGroup.ROOT_DN + ldap_user = LdapUser.objects.get(dn=user_dn) - user = LdapUser.objects.get(dn=user_dn) - user_wrapper = LdapUser.get_extended_user(user) - groups = LdapGroup.objects.filter(members=user.dn) - return render(request, 'user/user_detail.jinja2', {'user': user_wrapper, 'groups': groups, 'realm': realm}) + return render_user_detail_view(request, realm, ldap_user) @login_required