Change status codes, refractoring
This commit is contained in:
parent
df298dc6e0
commit
a635d16a8a
@ -3,4 +3,4 @@ python-ldap==3.2.0
|
||||
django-auth-ldap==1.7.0
|
||||
django-ldapdb==1.3.0
|
||||
Jinja2==2.10
|
||||
Pillow==2.2.1
|
||||
Pillow==2.2.1
|
||||
@ -5,14 +5,14 @@ from socket import timeout
|
||||
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
from django.db import IntegrityError
|
||||
from django.shortcuts import render, redirect, HttpResponse
|
||||
from django.shortcuts import render, redirect
|
||||
from ldap import LDAPError
|
||||
|
||||
from account_helper.models import Realm
|
||||
from account_manager.utils.mail_utils import realm_send_mail
|
||||
from account_manager.utils.main_views import render_permission_denied_view, render_realm_detail_view
|
||||
from account_manager.utils.main_views import render_permission_denied_view, render_realm_detail_view, \
|
||||
get_users_home_view
|
||||
from .forms import RealmAddForm, RealmUpdateForm
|
||||
from .models import LdapGroup, LdapUser
|
||||
|
||||
@ -34,37 +34,13 @@ def is_realm_admin(view_func):
|
||||
|
||||
@login_required
|
||||
def realm_list(request):
|
||||
user = request.user
|
||||
if user.is_superuser:
|
||||
django_user = request.user
|
||||
if django_user.is_superuser:
|
||||
realms = Realm.objects.order_by('name').all()
|
||||
else:
|
||||
realms = Realm.objects.filter(admin_group__user__username__contains=user.username).order_by('name').order_by(
|
||||
'name')
|
||||
show_user = request.GET.get('show_user', False)
|
||||
if show_user or (len(realms) == 0 and not user.is_superuser):
|
||||
try:
|
||||
LdapUser.base_dn = LdapUser.ROOT_DN
|
||||
user = LdapUser.objects.get(username=user.username)
|
||||
realm_base_dn = re.compile('(uid=[a-zA-Z0-9_-]*),(ou=[a-zA-Z_-]*),(.*)').match(user.dn).group(3)
|
||||
realm = Realm.objects.get(ldap_base_dn=realm_base_dn)
|
||||
realms = Realm.objects.filter(admin_group__user__username__contains=django_user.username).order_by('name')
|
||||
|
||||
return redirect('user-detail', realm.id, user.dn)
|
||||
except ObjectDoesNotExist as err:
|
||||
logger.info('Anmeldung fehlgeschlagen', err)
|
||||
return HttpResponse("Invalid login. Please try again.")
|
||||
elif len(realms) == 1:
|
||||
return redirect('realm-detail', realms[0].id)
|
||||
else:
|
||||
realm_wrappers = []
|
||||
for realm in realms:
|
||||
realm_wrappers.append(_get_group_user_count_wrapper(realm))
|
||||
return render(request, 'realm/realm_home.jinja2', {'realms': realms, 'realm_wrappers': realm_wrappers})
|
||||
|
||||
|
||||
def _get_group_user_count_wrapper(realm):
|
||||
LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}'
|
||||
LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}'
|
||||
return {'realm': realm, 'group_count': LdapGroup.objects.count(), 'user_count': LdapUser.objects.count()}
|
||||
return get_users_home_view(request, django_user, realms)
|
||||
|
||||
|
||||
@login_required
|
||||
@ -83,6 +59,7 @@ def realm_add(request):
|
||||
realm.save()
|
||||
return render_realm_detail_view(request, realm.id, status_code=201)
|
||||
except IntegrityError as err:
|
||||
# TODO: Load no extra fail view, use current add view
|
||||
return render(request, 'realm/realm_add_failed.jinja2',
|
||||
{'realm_name': name, 'error': err}, status=409)
|
||||
except LDAPError as err:
|
||||
|
||||
@ -4,7 +4,7 @@ import os
|
||||
import re
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
from django.contrib.auth.models import User
|
||||
from django.contrib.auth.models import User, Group
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
from django.db import OperationalError
|
||||
from django.db.models import Q
|
||||
@ -132,6 +132,9 @@ class LdapUser(Model):
|
||||
return (LdapUser.objects.filter(last_login__lte=last_semester) | LdapUser.objects.exclude(
|
||||
last_login__lte=datetime.now() + timedelta(days=1)))
|
||||
|
||||
def get_users_realm_base_dn(self):
|
||||
return re.compile('(uid=[a-zA-Z0-9_-]*),(ou=[a-zA-Z_-]*),(.*)').match(self.dn).group(3)
|
||||
|
||||
@staticmethod
|
||||
def set_root_dn(realm):
|
||||
LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}'
|
||||
@ -166,6 +169,14 @@ class LdapGroup(Model):
|
||||
group.members.remove(ldap_user_dn)
|
||||
group.save()
|
||||
|
||||
def get_django_group(self):
|
||||
django_group, _ = Group.objects.get_or_create(name=self.name)
|
||||
return django_group
|
||||
|
||||
@staticmethod
|
||||
def set_root_dn(realm):
|
||||
LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}'
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
||||
@ -2,17 +2,7 @@ from django.shortcuts import render
|
||||
|
||||
from account_helper.models import Realm
|
||||
from account_manager.models import LdapUser, LdapGroup
|
||||
|
||||
|
||||
# def render_realm_detail_page(realm_id, request, notice=""):
|
||||
# realm = Realm.objects.get(id=realm_id)
|
||||
# ldap_admin_group, ldap_default_group = get_default_admin_group(realm)
|
||||
# LdapUser.base_dn = realm.ldap_base_dn
|
||||
# inactive_users = LdapUser.get_inactive_users().count()
|
||||
# return render(request, 'realm/realm_detailed.jinja2',
|
||||
# {'realm': realm, 'ldap_admin_group': ldap_admin_group, 'ldap_default_group': ldap_default_group,
|
||||
# 'inactive_user_count': inactive_users, 'users_count': LdapUser.objects.all().count(),
|
||||
# 'notice': notice})
|
||||
from account_manager.utils.user_views import render_user_detail_view
|
||||
|
||||
|
||||
def render_realm_detail_view(request, realm_id, success_headline=None, success_text=None, error_headline=None,
|
||||
@ -47,3 +37,26 @@ def get_default_admin_group(realm):
|
||||
|
||||
def render_permission_denied_view(request):
|
||||
return render(request, 'permission_denied.jinja2', {}, status=403)
|
||||
|
||||
|
||||
def get_group_user_count_wrapper(realm):
|
||||
LdapUser.base_dn = f'ou=people,{realm.ldap_base_dn}'
|
||||
LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}'
|
||||
return {'realm': realm, 'group_count': LdapGroup.objects.count(), 'user_count': LdapUser.objects.count()}
|
||||
|
||||
|
||||
def get_users_home_view(request, django_user, realms):
|
||||
show_user = request.GET.get('show_user', False)
|
||||
if show_user or (len(realms) == 0 and not django_user.is_superuser):
|
||||
LdapUser.base_dn = LdapUser.ROOT_DN
|
||||
ldap_user = LdapUser.objects.get(username=django_user.username)
|
||||
realm = Realm.objects.get(ldap_base_dn=ldap_user.get_users_realm_base_dn())
|
||||
|
||||
return render_user_detail_view(request, realm, ldap_user)
|
||||
elif len(realms) == 1:
|
||||
return render_realm_detail_view(request, realms[0].id)
|
||||
else:
|
||||
realm_wrappers = []
|
||||
for realm in realms:
|
||||
realm_wrappers.append(get_group_user_count_wrapper(realm))
|
||||
return render(request, 'realm/realm_home.jinja2', {'realms': realms, 'realm_wrappers': realm_wrappers})
|
||||
|
||||
10
src/account_manager/utils/user_views.py
Normal file
10
src/account_manager/utils/user_views.py
Normal file
@ -0,0 +1,10 @@
|
||||
from django.shortcuts import render
|
||||
|
||||
from account_manager.models import LdapUser, LdapGroup
|
||||
|
||||
|
||||
def render_user_detail_view(request, realm, ldap_user):
|
||||
user_wrapper = LdapUser.get_extended_user(ldap_user)
|
||||
LdapGroup.base_dn = LdapGroup.ROOT_DN
|
||||
groups = LdapGroup.objects.filter(members=ldap_user.dn)
|
||||
return render(request, 'user/user_detail.jinja2', {'user': user_wrapper, 'groups': groups, 'realm': realm})
|
||||
@ -1,5 +1,4 @@
|
||||
import logging
|
||||
import os
|
||||
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.forms import PasswordResetForm
|
||||
@ -8,7 +7,7 @@ from django.contrib.auth.views import PasswordResetConfirmView, PasswordChangeVi
|
||||
from django.contrib.sites.shortcuts import get_current_site
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
from django.db import IntegrityError
|
||||
from django.http import HttpRequest, HttpResponseRedirect
|
||||
from django.http import HttpRequest
|
||||
from django.shortcuts import render, redirect
|
||||
from django.utils.translation import gettext as _
|
||||
from ldap import ALREADY_EXISTS, OBJECT_CLASS_VIOLATION
|
||||
@ -26,6 +25,8 @@ from account_manager.utils.mail_utils import send_welcome_mail, send_deletion_ma
|
||||
from django.contrib.auth import logout
|
||||
from django.conf import settings
|
||||
|
||||
from account_manager.utils.user_views import render_user_detail_view
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
@ -80,12 +81,9 @@ def get_rendered_user_details(request, realm_id, user_dn, success_headline=None,
|
||||
def user_detail(request, realm_id, user_dn):
|
||||
realm = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = realm.ldap_base_dn
|
||||
LdapGroup.base_dn = LdapGroup.ROOT_DN
|
||||
ldap_user = LdapUser.objects.get(dn=user_dn)
|
||||
|
||||
user = LdapUser.objects.get(dn=user_dn)
|
||||
user_wrapper = LdapUser.get_extended_user(user)
|
||||
groups = LdapGroup.objects.filter(members=user.dn)
|
||||
return render(request, 'user/user_detail.jinja2', {'user': user_wrapper, 'groups': groups, 'realm': realm})
|
||||
return render_user_detail_view(request, realm, ldap_user)
|
||||
|
||||
|
||||
@login_required
|
||||
|
||||
Reference in New Issue
Block a user