Implement realm update

account_helper/admin.py

@@ -1,3 +1,7 @@
 from django.contrib import admin
+from .models import Realm, LdapGroupRDN, LdapUserRDN
 
 # Register your models here.
+admin.site.register(Realm)
+admin.site.register(LdapGroupRDN)
+admin.site.register(LdapUserRDN)

account_manager/forms.py

@@ -6,9 +6,9 @@ from .models import LdapUser, LdapGroup
 
 class AddLDAPUserForm(forms.Form):
     rdn = forms.ModelChoiceField(queryset=LdapUserRDN.objects.all())
-    username = forms.CharField(label='username', max_length=400)
-    first_name = forms.CharField(label='first_name', max_length=400)
-    last_name = forms.CharField(label='last_name', max_length=400)
+    username = forms.CharField(label='Nutzername', max_length=400)
+    first_name = forms.CharField(label='Vorname', max_length=400)
+    last_name = forms.CharField(label='Nachname', max_length=400)
     password = forms.CharField(widget=forms.PasswordInput)
 
 
@@ -19,12 +19,18 @@ class AddLDAPGroupForm(forms.Form):
 
 
 class RealmAddForm(forms.Form):
-    name = forms.CharField(label='name', max_length=200)
-    ldap_rdn_org = forms.CharField(label='ldap_rdn_org', max_length=200)
+    name = forms.CharField(label='Bereichsname', max_length=200)
+    ldap_rdn_org = forms.CharField(label='LDAP OU Pfad',
+                                   help_text='Angabe des Pfads zur Organisation, die die Ordnungseinheiten people und groups enthält. Ohne Routdn. Besipiel: "ou=people, ou=fs_wiai, ou=fachschaften, dc=stuve, dc=de" => ou=fs_wiai, ou=fachschaften, dc=stuve',
+                                   max_length=200)
 
 
 class RealmUpdateForm(forms.Form):
-    ldap_rdn_org = forms.CharField(label='ldap_rdn_org', max_length=200)
-    name = forms.CharField(label='name', max_length=200)
-    email = forms.EmailField()
-    admin_group = forms.ModelChoiceField(widget=forms.CheckboxSelectMultiple, queryset=LdapGroup.objects.all())
+    ldap_rdn_org = forms.CharField(label='LDAP OU Pfad',
+                                   help_text='Angabe des Pfads zur Organisation, die die Ordnungseinheiten people und groups enthält. Ohne Routdn. Besipiel: "ou=people, ou=fs_wiai, ou=fachschaften, dc=stuve, dc=de" => ou=fs_wiai, ou=fachschaften, dc=stuve',
+                                   max_length=200)
+    name = forms.CharField(label='Bereichsname', max_length=200)
+    email = forms.EmailField(label='E-Mail', required=False)
+    admin_group = forms.ModelChoiceField(label='Admin Grouppe',
+                                         help_text="Die Mitglieder dieser Gruppe darf den Bereich administieren",
+                                         queryset=LdapGroup.objects.all())

account_manager/management/commands/import_ldap_user.py

@@ -17,7 +17,6 @@ class Command(BaseCommand):
             ldap_dn = ldap_config[1].split(',')
             ldap_dn.pop(0)
             ldap_dn = ",".join(ldap_dn)
-            print(ldap_dn)
             results = ldap_server.search_s(ldap_dn, ldap.SCOPE_SUBTREE,
                                            "(objectClass=inetOrgPerson)")
 

account_manager/urls.py

@@ -7,7 +7,7 @@ urlpatterns = [
     path('user/list/', views.userlist, name='user-list'),
     path('user/get/<str:dn>/', views.user_detail, name='user'),
 
-    path('user/add/', views.adduser, name='user-add'),
-    path('group/add/', views.addgroup, name='group-add'),
+    path('user/add/', views.user_add, name='user-add'),
+    path('group/add/', views.group_add, name='group-add'),
     path('group/get/<str:dn>/', views.group_detail, name='group'),
 ]

account_manager/views.py

@@ -2,6 +2,7 @@ from django.shortcuts import render, redirect
 from .models import LdapGroup, LdapUser
 from .forms import AddLDAPUserForm, AddLDAPGroupForm, RealmAddForm, RealmUpdateForm
 from account_helper.models import Realm
+from django.contrib.auth.models import User, Group
 
 
 # @login_required
@@ -37,14 +38,17 @@ def realm_detail(request, id):
         if request.method == 'POST':
             form = RealmUpdateForm(request.POST)
             if form.is_valid():
-                name = form.cleaned_data['name']
-                ldap_rdn_org = form.cleaned_data['ldap_rdn_org']
-                realm_obj = Realm.objects.create(name=name, ldap_rdn_org=ldap_rdn_org)
+                realm_obj.name = form.cleaned_data['name']
+                realm_obj.ldap_rdn_org = form.cleaned_data['ldap_rdn_org']
+                realm_obj.email = form.cleaned_data['email']
+
+                admin_ldap_group = form.cleaned_data['admin_group']
+                realm_obj.admin_group, _ = Group.objects.get_or_create(name=admin_ldap_group.name)
                 realm_obj.save()
                 return redirect('realm-detail', realm_obj.id)
         else:
             form = RealmUpdateForm(initial=data)
-            return render(request, 'realm/realm_detailed.jinja', {'realm': realm_obj, 'form': form})
+        return render(request, 'realm/realm_detailed.jinja', {'realm': realm_obj, 'form': form})
     else:
         realm_obj = Realm.objects.get(id=id)
         return render(request, 'realm/realm_detailed.jinja', {'realm': realm_obj})
@@ -55,22 +59,16 @@ def userlist(request):
     groups = LdapGroup.objects.all()
     context = {'users': user, 'groups': groups}
 
-    return render(request, 'user_list.jinja', context)
+    return render(request, 'user/user_list.jinja', context)
 
 
 def user_detail(request, dn):
     user = LdapUser.objects.get(dn=dn)
     context = {'user': user, }
-    return render(request, 'user_detail.jinja', context)
+    return render(request, 'user/user_detail.jinja', context)
 
 
-def group_detail(request, dn):
-    group = LdapGroup.objects.get(dn=dn)
-    context = {'group': group, }
-    return render(request, 'group_detail.jinja', context)
-
-
-def adduser(request):
+def user_add(request):
     # if this is a POST request we need to process the form data
     if request.method == 'POST':
         # create a form instance and populate it with data from the request:
@@ -91,10 +89,16 @@ def adduser(request):
     else:
         form = AddLDAPUserForm()
 
-    return render(request, 'user_add.jinja', {'form': form})
+    return render(request, 'user/user_add.jinja', {'form': form})
 
 
-def addgroup(request):
+def group_detail(request, dn):
+    group = LdapGroup.objects.get(dn=dn)
+    context = {'group': group, }
+    return render(request, 'user/group_detail.jinja', context)
+
+
+def group_add(request):
     # if this is a POST request we need to process the form data
     if request.method == 'POST':
         # create a form instance and populate it with data from the request:
@@ -112,4 +116,4 @@ def addgroup(request):
     else:
         form = AddLDAPGroupForm()
 
-    return render(request, 'group_add.jinja', {'form': form})
+    return render(request, 'group/group_add.jinja', {'form': form})

core/settings.py

@@ -148,34 +148,23 @@ AUTHENTICATION_BACKENDS = [
 
 AUTH_LDAP_1_SERVER_URI = "ldap://localhost:1389"
 AUTH_LDAP_1_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,ou=fs_wiai,ou=fachschaften,dc=stuve,dc=de"
-AUTH_LDAP_1_GROUP_SEARCH = LDAPSearch("ou=groups,ou=fs_wiai,ou=fachschaften,dc=stuve,dc=de",
-                                      ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
-                                      )
-AUTH_LDAP_1_GROUP_TYPE = GroupOfNamesType()
+AUTH_LDAP_1_GROUP_SEARCH = LDAPSearch("dc=stuve,dc=de",
+                                    ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
+                                    )
+AUTH_LDAP_1_GROUP_TYPE = GroupOfNamesType(name_attr='cn')
+AUTH_LDAP_1_MIRROR_GROUPS = True
 
 AUTH_LDAP_2_SERVER_URI = "ldap://localhost:1389"
 AUTH_LDAP_2_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,ou=fs_sowi,ou=fachschaften,dc=stuve,dc=de"
-AUTH_LDAP_2_GROUP_SEARCH = LDAPSearch("ou=groups,ou=fs_sowi,ou=fachschaften,dc=stuve,dc=de",
-                                      ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
-                                      )
-AUTH_LDAP_2_GROUP_TYPE = GroupOfNamesType()
+AUTH_LDAP_2_GROUP_SEARCH = LDAPSearch("dc=stuve,dc=de",
+                                    ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
+                                    )
+AUTH_LDAP_2_GROUP_TYPE = GroupOfNamesType(name_attr='cn')
+AUTH_LDAP_2_MIRROR_GROUPS = True
 
-AUTH_LDAP_PROFILE_ATTR_MAP = {
-    "uid": "uid",
-    "cn": "cn",
-    "sn": "sn",
-    "givenName": "givenName",
-    "userPassword": "userPassword",
-    "shadowLastChange": "shadowLastChange",
-    "shadowMax": "shadowMax",
-    "shadowWarning": "shadowWarning",
-    "loginShell": "loginShell",
-    "uidNumber": "uidNumber",
-    "gidNumber": "gidNumber",
-    "homeDirectory": "homeDirectory",
-    "gecos": "gecos",
-    "mail": "mail",
-    "l": "l",
-    "telephoneNumber": "telephoneNumber",
+AUTH_LDAP_USER_ATTR_MAP = {
+    'first_name': 'cn',
+    'last_name': 'sn',
+    'email': 'mail',
 }
 AUTH_PROFILE_MODULE = 'account_manager.UserProfile'

templates/realm/realm_detailed.jinja

@@ -1,11 +1,23 @@
 {% extends 'base.jinja' %}
 {% block content %}
     <a href="{{ url('user-add') }}">Nutzer anlegen</a> | <a href="{{ url('group-add') }}">Gruppe anlegen</a>
+    <h1>Bereich {{ realm.name }}</h1>
+    <h2>Bereich Info</h2>
+    <p>LDAP OU: {{ realm.ldap_rdn_org }}</p>
+    <p>Email: {{ realm.email }}</p>
+    <p>Admin Gruppe: {{ realm.admin_group }}</p>
 
-    <h2>Neuen Bereich anlegen</h2>
+    <h2>Bereichsinformationen anpassen</h2>
     <form method="post">
         <input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
         {{ form.as_p()|safe }}
         <button type="submit">Speichern</button>
     </form>
+
+    <h2>Nutzer</h2>
+    {% block user_content %}
+    {% endblock %}
+    <h2>Gruppen</h2>
+    {% block gruppen_content %}
+    {% endblock %}
 {% endblock %}