Refractor view, Split views into seperate files
This commit is contained in:
parent
07c6d4d89f
commit
c204539cb6
107
account_manager/main_views.py
Normal file
107
account_manager/main_views.py
Normal file
@ -0,0 +1,107 @@
|
||||
from django.shortcuts import render, redirect
|
||||
from .models import LdapGroup, LdapUser
|
||||
from .forms import RealmAddForm, RealmUpdateForm
|
||||
from account_helper.models import Realm
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.contrib.auth.decorators import login_required
|
||||
|
||||
|
||||
def is_realm_admin(view_func):
|
||||
def decorator(request, *args, **kwargs):
|
||||
print(args)
|
||||
print(kwargs)
|
||||
realm_id = kwargs.get('realm_id', None)
|
||||
if realm_id and (request.user.is_superuser or len(
|
||||
Realm.objects.filter(id=realm_id).filter(
|
||||
admin_group__user__username__contains=request.user.username)) > 0):
|
||||
return view_func(request, *args, **kwargs)
|
||||
else:
|
||||
return redirect('permission-denied')
|
||||
|
||||
return decorator
|
||||
|
||||
|
||||
@login_required
|
||||
def realm_list(request):
|
||||
user = request.user
|
||||
if not user.is_superuser:
|
||||
realms = Realm.objects.filter(admin_group__user__username__contains=user.username)
|
||||
if len(realms) == 0:
|
||||
return redirect('user-detail')
|
||||
elif len(realms) == 1:
|
||||
return redirect('realm-detail', realms[0].id)
|
||||
else:
|
||||
return render(request, 'realm/realm_home.jinja2', {'realms': realms})
|
||||
else:
|
||||
realms = Realm.objects.all()
|
||||
if request.method == 'POST':
|
||||
form = RealmAddForm(request.POST)
|
||||
if form.is_valid():
|
||||
name = form.cleaned_data['name']
|
||||
ldap_base_dn = form.cleaned_data['ldap_base_dn']
|
||||
realm_obj = Realm.objects.create(name=name, ldap_base_dn=ldap_base_dn)
|
||||
realm_obj.save()
|
||||
return redirect('realm-detail', realm_obj.id)
|
||||
else:
|
||||
form = RealmAddForm()
|
||||
return render(request, 'realm/realm_home.jinja2', {'realms': realms, 'form': form})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_detail(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
return render(request, 'realm/realm_detailed.jinja2', {'realm': realm_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_update(request, realm_id):
|
||||
if request.user.is_superuser:
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
data = {'id': realm_obj.id, 'ldap_base_dn': realm_obj.ldap_base_dn, 'name': realm_obj.name,
|
||||
'email': realm_obj.email,
|
||||
'admin_group': realm_obj.admin_group}
|
||||
if request.method == 'POST':
|
||||
form = RealmUpdateForm(request.POST)
|
||||
if form.is_valid():
|
||||
realm_obj.name = form.cleaned_data['name']
|
||||
realm_obj.ldap_base_dn = form.cleaned_data['ldap_base_dn']
|
||||
realm_obj.email = form.cleaned_data['email']
|
||||
|
||||
admin_ldap_group = form.cleaned_data['admin_group']
|
||||
realm_obj.admin_group, _ = Group.objects.get_or_create(name=admin_ldap_group.name)
|
||||
realm_obj.save()
|
||||
return redirect('realm-detail', realm_obj.id)
|
||||
else:
|
||||
form = RealmUpdateForm(initial=data)
|
||||
return render(request, 'realm/realm_update.jinja2', {'realm': realm_obj, 'form': form})
|
||||
else:
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
return render(request, 'realm/realm_update.jinja2', {'realm': realm_obj})
|
||||
|
||||
|
||||
def realm_delete(request, realm_id):
|
||||
realm = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = realm.ldap_base_dn
|
||||
LdapGroup.base_dn = realm.ldap_base_dn
|
||||
ldap_users = LdapUser.objects.all()
|
||||
ldap_usernames = [user.username for user in ldap_users]
|
||||
ldap_groups = LdapGroup.objects.all()
|
||||
ldap_groupnames = [group.name for group in ldap_groups]
|
||||
django_user = User.objects.filter(username__contains=ldap_usernames)
|
||||
django_groups = Group.objects.filter(name__contains=ldap_groupnames)
|
||||
for user in django_user:
|
||||
user.delete()
|
||||
for group in django_groups:
|
||||
group.delete()
|
||||
for user in ldap_users:
|
||||
user.delete()
|
||||
for group in ldap_groups:
|
||||
group.delete()
|
||||
realm.delete()
|
||||
return redirect('realm-home')
|
||||
|
||||
|
||||
def permission_denied(request):
|
||||
return render(request, 'permission_denied.jinja2', {})
|
||||
@ -1,26 +1,30 @@
|
||||
from django.urls import path
|
||||
from . import views
|
||||
|
||||
import account_manager.views.group_views
|
||||
import account_manager.views.user_views
|
||||
from . import main_views
|
||||
|
||||
urlpatterns = [
|
||||
# Realm
|
||||
path('realm/', views.realm_home, name='realm-home'),
|
||||
path('realm/<int:realm_id>/', views.realm_detail, name='realm-detail'),
|
||||
path('realm/<int:realm_id>/update/', views.realm_update, name='realm-update'),
|
||||
path('realm/<int:realm_id>/delete/', views.realm_delete, name='realm-delete'),
|
||||
path('realm/', main_views.realm_list, name='realm-home'),
|
||||
path('realm/<int:realm_id>/', main_views.realm_detail, name='realm-detail'),
|
||||
path('realm/<int:realm_id>/update/', main_views.realm_update, name='realm-update'),
|
||||
path('realm/<int:realm_id>/delete/', main_views.realm_delete, name='realm-delete'),
|
||||
|
||||
# Realm User
|
||||
path('realm/<int:realm_id>/users/', views.realm_user, name='realm-user-list'),
|
||||
path('realm/<int:realm_id>/users/add/', views.user_add, name='realm-user-add'),
|
||||
path('realm/<int:realm_id>/user/<str:user_dn>/', views.user_detail, name='realm-user-detail'),
|
||||
path('realm/<int:realm_id>/user/<str:user_dn>/update/', views.user_update, name='realm-user-update'),
|
||||
path('realm/<int:realm_id>/user/<str:user_dn>/delete/', views.user_delete, name='realm-user-delete'),
|
||||
path('realm/<int:realm_id>/users/', account_manager.views.user_views.realm_user, name='realm-user-list'),
|
||||
path('realm/<int:realm_id>/users/add/', account_manager.views.user_views.user_add, name='realm-user-add'),
|
||||
path('realm/<int:realm_id>/user/<str:user_dn>/', account_manager.views.user_views.user_detail, name='realm-user-detail'),
|
||||
path('realm/<int:realm_id>/user/<str:user_dn>/update/', account_manager.views.user_views.user_update, name='realm-user-update'),
|
||||
path('realm/<int:realm_id>/user/<str:user_dn>/delete/', account_manager.views.user_views.user_delete, name='realm-user-delete'),
|
||||
|
||||
# Realm Group
|
||||
path('realm/<int:realm_id>/groups/', views.realm_groups, name='realm-group-list'),
|
||||
path('realm/<int:realm_id>/group/', views.user_add, name='realm-group-detail'),
|
||||
path('realm/<int:realm_id>/group/add/', views.group_add, name='realm-group-add'),
|
||||
path('realm/<int:realm_id>/user/<int:group_dn>/delete/', views.user_add, name='realm-group-delete'),
|
||||
path('realm/<int:realm_id>/groups/', account_manager.views.group_views.realm_groups, name='realm-group-list'),
|
||||
path('realm/<int:realm_id>/groups/add/', account_manager.views.group_views.group_add, name='realm-group-add'),
|
||||
path('realm/<int:realm_id>/group/<str:group_dn>/', account_manager.views.user_views.user_add, name='realm-group-detail'),
|
||||
path('realm/<int:realm_id>/group/<str:group_dn>/update/', account_manager.views.user_views.user_add, name='realm-group-update'),
|
||||
path('realm/<int:realm_id>/group/<str:group_dn>/delete/', account_manager.views.user_views.user_add, name='realm-group-delete'),
|
||||
|
||||
# Permission Info
|
||||
path('permission-denied', views.permission_denied, name='permission-denied')
|
||||
path('permission-denied', main_views.permission_denied, name='permission-denied')
|
||||
]
|
||||
|
||||
@ -1,232 +0,0 @@
|
||||
from django.shortcuts import render, redirect
|
||||
from .models import LdapGroup, LdapUser
|
||||
from .forms import AddLDAPUserForm, AddLDAPGroupForm, RealmAddForm, RealmUpdateForm
|
||||
from account_helper.models import Realm
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.contrib.auth.decorators import login_required
|
||||
|
||||
|
||||
def is_realm_admin(view_func):
|
||||
def decorator(request, *args, **kwargs):
|
||||
print(args)
|
||||
print(kwargs)
|
||||
realm_id = kwargs.get('realm_id', None)
|
||||
if realm_id and (request.user.is_superuser or len(
|
||||
Realm.objects.filter(id=realm_id).filter(
|
||||
admin_group__user__username__contains=request.user.username)) > 0):
|
||||
return view_func(request, *args, **kwargs)
|
||||
else:
|
||||
return redirect('permission-denied')
|
||||
|
||||
return decorator
|
||||
|
||||
|
||||
@login_required
|
||||
def realm_home(request):
|
||||
user = request.user
|
||||
if not user.is_superuser:
|
||||
realms = Realm.objects.filter(admin_group__user__username__contains=user.username)
|
||||
if len(realms) == 0:
|
||||
return redirect('user-detail')
|
||||
elif len(realms) == 1:
|
||||
return redirect('realm-detail', realms[0].id)
|
||||
else:
|
||||
return render(request, 'realm/realm_home.jinja2', {'realms': realms})
|
||||
else:
|
||||
realms = Realm.objects.all()
|
||||
if request.method == 'POST':
|
||||
form = RealmAddForm(request.POST)
|
||||
if form.is_valid():
|
||||
name = form.cleaned_data['name']
|
||||
ldap_base_dn = form.cleaned_data['ldap_base_dn']
|
||||
realm_obj = Realm.objects.create(name=name, ldap_base_dn=ldap_base_dn)
|
||||
realm_obj.save()
|
||||
return redirect('realm-detail', realm_obj.id)
|
||||
else:
|
||||
form = RealmAddForm()
|
||||
return render(request, 'realm/realm_home.jinja2', {'realms': realms, 'form': form})
|
||||
|
||||
|
||||
def realm_delete(request, realm_id):
|
||||
realm = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = realm.ldap_base_dn
|
||||
LdapGroup.base_dn = realm.ldap_base_dn
|
||||
ldap_users = LdapUser.objects.all()
|
||||
ldap_usernames = [user.username for user in ldap_users]
|
||||
ldap_groups = LdapGroup.objects.all()
|
||||
ldap_groupnames = [group.name for group in ldap_groups]
|
||||
django_user = User.objects.filter(username__contains=ldap_usernames)
|
||||
django_groups = Group.objects.filter(name__contains=ldap_groupnames)
|
||||
for user in django_user:
|
||||
user.delete()
|
||||
for group in django_groups:
|
||||
group.delete()
|
||||
for user in ldap_users:
|
||||
user.delete()
|
||||
for group in ldap_groups:
|
||||
group.delete()
|
||||
realm.delete()
|
||||
return redirect('realm-home')
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_detail(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
return render(request, 'realm/realm_detailed.jinja2', {'realm': realm_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_update(request, realm_id):
|
||||
if request.user.is_superuser:
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
data = {'id': realm_obj.id, 'ldap_base_dn': realm_obj.ldap_base_dn, 'name': realm_obj.name,
|
||||
'email': realm_obj.email,
|
||||
'admin_group': realm_obj.admin_group}
|
||||
if request.method == 'POST':
|
||||
form = RealmUpdateForm(request.POST)
|
||||
if form.is_valid():
|
||||
realm_obj.name = form.cleaned_data['name']
|
||||
realm_obj.ldap_base_dn = form.cleaned_data['ldap_base_dn']
|
||||
realm_obj.email = form.cleaned_data['email']
|
||||
|
||||
admin_ldap_group = form.cleaned_data['admin_group']
|
||||
realm_obj.admin_group, _ = Group.objects.get_or_create(name=admin_ldap_group.name)
|
||||
realm_obj.save()
|
||||
return redirect('realm-detail', realm_obj.id)
|
||||
else:
|
||||
form = RealmUpdateForm(initial=data)
|
||||
return render(request, 'realm/realm_update.jinja2', {'realm': realm_obj, 'form': form})
|
||||
else:
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
return render(request, 'realm/realm_update.jinja2', {'realm': realm_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_user(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = realm_obj.ldap_base_dn
|
||||
realm_users = LdapUser.objects.all()
|
||||
return render(request, 'realm/realm_user.jinja2', {'realm': realm_obj, 'realm_user': realm_users})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_groups(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapGroup.base_dn = realm_obj.ldap_base_dn
|
||||
realm_groups_obj = LdapGroup.objects.all()
|
||||
return render(request, 'realm/realm_groups.jinja2', {'realm': realm_obj, 'realm_groups': realm_groups_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_detail(request, realm_id, user_dn):
|
||||
realm = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = realm.ldap_base_dn
|
||||
user = LdapUser.objects.get(dn=user_dn)
|
||||
return render(request, 'user/user_detail.jinja2', {'user': user, 'realm': realm})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_add(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
# if this is a POST request we need to process the form data
|
||||
if request.method == 'POST':
|
||||
# create a form instance and populate it with data from the request:
|
||||
form = AddLDAPUserForm(request.POST)
|
||||
# check whether it's valid:
|
||||
if form.is_valid():
|
||||
username = form.cleaned_data['username']
|
||||
password = form.cleaned_data['password']
|
||||
first_name = form.cleaned_data['first_name']
|
||||
last_name = form.cleaned_data['last_name']
|
||||
email = form.cleaned_data['email']
|
||||
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
|
||||
LdapUser.objects.create(username=username,
|
||||
password=password, first_name=first_name,
|
||||
last_name=last_name, email=email)
|
||||
return redirect('realm-user-list', realm_id)
|
||||
|
||||
# if a GET (or any other method) we'll create a blank form
|
||||
else:
|
||||
form = AddLDAPUserForm()
|
||||
return render(request, 'user/user_add.jinja2', {'form': form, 'realm': realm_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_update(request, realm_id, user_dn):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
|
||||
ldap_user = LdapUser.objects.get(dn=user_dn)
|
||||
if request.method == 'POST':
|
||||
form = AddLDAPUserForm(request.POST)
|
||||
if form.is_valid():
|
||||
ldap_user.username = form.cleaned_data['username']
|
||||
password = form.cleaned_data['password']
|
||||
if password:
|
||||
ldap_user.password = password
|
||||
ldap_user.first_name = form.cleaned_data['first_name']
|
||||
ldap_user.last_name = form.cleaned_data['last_name']
|
||||
ldap_user.email = form.cleaned_data['email']
|
||||
ldap_user.save()
|
||||
|
||||
return redirect('realm-user-detail', realm_id, user_dn)
|
||||
else:
|
||||
form_data = {'username': ldap_user.username, 'first_name': ldap_user.first_name,
|
||||
'last_name': ldap_user.last_name, 'email': ldap_user.email}
|
||||
form = AddLDAPUserForm(initial=form_data)
|
||||
return render(request, 'user/user_detail.jinja2', {'form': form, 'realm': realm_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_delete(request, realm_id, user_dn):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
|
||||
LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
|
||||
ldap_user = LdapUser.objects.get(dn=user_dn)
|
||||
user_groups = LdapGroup.objects.filter(members__contains=ldap_user.dn)
|
||||
for group in user_groups:
|
||||
group.members.remove(ldap_user.dn)
|
||||
group.save()
|
||||
ldap_user.delete()
|
||||
return redirect('realm-user-list', realm_id)
|
||||
|
||||
|
||||
@login_required
|
||||
def group_detail(request, dn):
|
||||
group = LdapGroup.objects.get(dn=dn)
|
||||
context = {'group': group, }
|
||||
return render(request, 'user/group_detail.jinja2', context)
|
||||
|
||||
|
||||
@login_required
|
||||
def group_add(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
# if this is a POST request we need to process the form data
|
||||
if request.method == 'POST':
|
||||
# create a form instance and populate it with data from the request:
|
||||
form = AddLDAPGroupForm(request.POST)
|
||||
# check whether it's valid:
|
||||
if form.is_valid():
|
||||
name = form.cleaned_data['name']
|
||||
members = form.cleaned_data['members']
|
||||
members = [member.dn for member in members]
|
||||
LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
|
||||
LdapGroup.objects.create(name=name, members=members)
|
||||
return redirect('realm-group-list', realm_id)
|
||||
|
||||
# if a GET (or any other method) we'll create a blank form
|
||||
else:
|
||||
form = AddLDAPGroupForm()
|
||||
|
||||
return render(request, 'group/group_add.jinja2', {'form': form, 'realm': realm_obj})
|
||||
|
||||
|
||||
def permission_denied(request):
|
||||
return render(request, 'permission_denied.jinja2', {})
|
||||
0
account_manager/views/__init__.py
Normal file
0
account_manager/views/__init__.py
Normal file
46
account_manager/views/group_views.py
Normal file
46
account_manager/views/group_views.py
Normal file
@ -0,0 +1,46 @@
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.shortcuts import render, redirect
|
||||
|
||||
from account_helper.models import Realm
|
||||
from account_manager.forms import AddLDAPGroupForm
|
||||
from account_manager.models import LdapGroup
|
||||
from account_manager.main_views import is_realm_admin
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_groups(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapGroup.base_dn = realm_obj.ldap_base_dn
|
||||
realm_groups_obj = LdapGroup.objects.all()
|
||||
return render(request, 'realm/realm_groups.jinja2', {'realm': realm_obj, 'realm_groups': realm_groups_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
def group_detail(request, dn):
|
||||
group = LdapGroup.objects.get(dn=dn)
|
||||
context = {'group': group, }
|
||||
return render(request, 'user/group_detail.jinja2', context)
|
||||
|
||||
|
||||
@login_required
|
||||
def group_add(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
# if this is a POST request we need to process the form data
|
||||
if request.method == 'POST':
|
||||
# create a form instance and populate it with data from the request:
|
||||
form = AddLDAPGroupForm(request.POST)
|
||||
# check whether it's valid:
|
||||
if form.is_valid():
|
||||
name = form.cleaned_data['name']
|
||||
members = form.cleaned_data['members']
|
||||
members = [member.dn for member in members]
|
||||
LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
|
||||
LdapGroup.objects.create(name=name, members=members)
|
||||
return redirect('realm-group-list', realm_id)
|
||||
|
||||
# if a GET (or any other method) we'll create a blank form
|
||||
else:
|
||||
form = AddLDAPGroupForm()
|
||||
|
||||
return render(request, 'group/group_add.jinja2', {'form': form, 'realm': realm_obj})
|
||||
93
account_manager/views/user_views.py
Normal file
93
account_manager/views/user_views.py
Normal file
@ -0,0 +1,93 @@
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.shortcuts import render, redirect
|
||||
|
||||
from account_helper.models import Realm
|
||||
from account_manager.forms import AddLDAPUserForm
|
||||
from account_manager.models import LdapUser, LdapGroup
|
||||
from account_manager.main_views import is_realm_admin
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def realm_user(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = realm_obj.ldap_base_dn
|
||||
realm_users = LdapUser.objects.all()
|
||||
return render(request, 'realm/realm_user.jinja2', {'realm': realm_obj, 'realm_user': realm_users})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_detail(request, realm_id, user_dn):
|
||||
realm = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = realm.ldap_base_dn
|
||||
user = LdapUser.objects.get(dn=user_dn)
|
||||
return render(request, 'user/user_detail.jinja2', {'user': user, 'realm': realm})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_add(request, realm_id):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
# if this is a POST request we need to process the form data
|
||||
if request.method == 'POST':
|
||||
# create a form instance and populate it with data from the request:
|
||||
form = AddLDAPUserForm(request.POST)
|
||||
# check whether it's valid:
|
||||
if form.is_valid():
|
||||
username = form.cleaned_data['username']
|
||||
password = form.cleaned_data['password']
|
||||
first_name = form.cleaned_data['first_name']
|
||||
last_name = form.cleaned_data['last_name']
|
||||
email = form.cleaned_data['email']
|
||||
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
|
||||
LdapUser.objects.create(username=username,
|
||||
password=password, first_name=first_name,
|
||||
last_name=last_name, email=email)
|
||||
return redirect('realm-user-list', realm_id)
|
||||
|
||||
# if a GET (or any other method) we'll create a blank form
|
||||
else:
|
||||
form = AddLDAPUserForm()
|
||||
return render(request, 'user/user_add.jinja2', {'form': form, 'realm': realm_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_update(request, realm_id, user_dn):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
|
||||
ldap_user = LdapUser.objects.get(dn=user_dn)
|
||||
if request.method == 'POST':
|
||||
form = AddLDAPUserForm(request.POST)
|
||||
if form.is_valid():
|
||||
ldap_user.username = form.cleaned_data['username']
|
||||
password = form.cleaned_data['password']
|
||||
if password:
|
||||
ldap_user.password = password
|
||||
ldap_user.first_name = form.cleaned_data['first_name']
|
||||
ldap_user.last_name = form.cleaned_data['last_name']
|
||||
ldap_user.email = form.cleaned_data['email']
|
||||
ldap_user.save()
|
||||
|
||||
return redirect('realm-user-detail', realm_id, user_dn)
|
||||
else:
|
||||
form_data = {'username': ldap_user.username, 'first_name': ldap_user.first_name,
|
||||
'last_name': ldap_user.last_name, 'email': ldap_user.email}
|
||||
form = AddLDAPUserForm(initial=form_data)
|
||||
return render(request, 'user/user_detail.jinja2', {'form': form, 'realm': realm_obj})
|
||||
|
||||
|
||||
@login_required
|
||||
@is_realm_admin
|
||||
def user_delete(request, realm_id, user_dn):
|
||||
realm_obj = Realm.objects.get(id=realm_id)
|
||||
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
|
||||
LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
|
||||
ldap_user = LdapUser.objects.get(dn=user_dn)
|
||||
user_groups = LdapGroup.objects.filter(members__contains=ldap_user.dn)
|
||||
for group in user_groups:
|
||||
group.members.remove(ldap_user.dn)
|
||||
group.save()
|
||||
ldap_user.delete()
|
||||
return redirect('realm-user-list', realm_id)
|
||||
Reference in New Issue
Block a user