mgoetz/ldap_account_manager
Archived
2
2
Fork 0
Code Issues 9 Pull Requests Releases 2 Wiki Activity

Implement multiple user deletion, Fix password reset mail link

Browse Source
This commit is contained in:
Götz 2019-04-05 19:02:02 +02:00
parent c1e3417f5a
commit dee17a8223
7 changed files with 44 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
account_manager/forms.py
View File

@ -7,6 +7,10 @@ class AddLDAPUserForm(forms.Form):
email = forms.EmailField(label='E-Mail', required=False) email = forms.EmailField(label='E-Mail', required=False)
class UserDeleteListForm(forms.Form):
ldap_users = forms.ModelMultipleChoiceField(widget=forms.CheckboxSelectMultiple, queryset=LdapUser.objects.all())
class AddLDAPGroupForm(forms.Form): class AddLDAPGroupForm(forms.Form):
name = forms.CharField(label='name', max_length=400) name = forms.CharField(label='name', max_length=400)
# TODO show only allowed user # TODO show only allowed user

4
account_manager/urls.py
View File

@ -18,8 +18,10 @@ urlpatterns = [
name='realm-user-detail'), name='realm-user-detail'),
path('realm/<int:realm_id>/user/<str:user_dn>/update/', account_manager.views.user_views.realm_user_update, path('realm/<int:realm_id>/user/<str:user_dn>/update/', account_manager.views.user_views.realm_user_update,
name='realm-user-update'), name='realm-user-update'),
path('realm/<int:realm_id>/user/<str:user_dn>/delete/', account_manager.views.user_views.realm_user_delete, path('realm/<int:realm_id>/user/delete/s/<str:user_dn>/', account_manager.views.user_views.realm_user_delete,
name='realm-user-delete'), name='realm-user-delete'),
path('realm/<int:realm_id>/user/delete/multiple', account_manager.views.user_views.realm_multiple_user_delete,
name='realm-multiple-user-delete'),
# Realm Group # Realm Group
path('realm/<int:realm_id>/groups/', account_manager.views.group_views.realm_groups, name='realm-group-list'), path('realm/<int:realm_id>/groups/', account_manager.views.group_views.realm_groups, name='realm-group-list'),

29
account_manager/views/user_views.py
View File

@ -2,7 +2,7 @@ from django.contrib.auth.decorators import login_required
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from account_helper.models import Realm from account_helper.models import Realm
from account_manager.forms import AddLDAPUserForm from account_manager.forms import AddLDAPUserForm, UserDeleteListForm
from account_manager.models import LdapUser, LdapGroup from account_manager.models import LdapUser, LdapGroup
from django.contrib.auth.models import User from django.contrib.auth.models import User
from account_manager.main_views import is_realm_admin from account_manager.main_views import is_realm_admin
@ -79,7 +79,23 @@ def realm_user_delete(request, realm_id, user_dn):
LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}' LdapUser.base_dn = f'ou=people,{realm_obj.ldap_base_dn}'
LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}' LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
ldap_user = LdapUser.objects.get(dn=user_dn) ldap_user = LdapUser.objects.get(dn=user_dn)
return user_delete_controller(request, ldap_user, realm_id, 'realm-user-list') user_delete_controller(ldap_user)
return redirect('realm-user-list', realm_id)
def realm_multiple_user_delete(request, realm_id):
realm = Realm.objects.get(id=realm_id)
if request.method == 'POST':
form = UserDeleteListForm(request.POST)
if form.is_valid():
ldap_users = form.cleaned_data['ldap_users']
for ldap_user in ldap_users:
# TODO: Failure catchup
user_delete_controller(ldap_user)
return redirect('realm-user-list', realm_id)
# TODO: Form not valid
form = UserDeleteListForm()
return render(request, 'realm/realm_user_multiple_delete.jinja2', {'form': form, 'realm': realm})
@login_required @login_required
@ -101,7 +117,8 @@ def user_delete(request, realm_id, user_dn):
LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}' LdapGroup.base_dn = f'ou=groups,{realm_obj.ldap_base_dn}'
ldap_user = LdapUser.objects.get(dn=user_dn) ldap_user = LdapUser.objects.get(dn=user_dn)
if request.user.username == ldap_user.username: if request.user.username == ldap_user.username:
return user_delete_controller(request, ldap_user, realm_id, 'account-deleted') user_delete_controller(ldap_user)
return redirect('account-deleted', realm_id)
else: else:
return redirect('permission-denied') return redirect('permission-denied')
@ -131,7 +148,7 @@ def user_update_controller(ldap_user, realm_id, realm_obj, request, user_dn, red
return render(request, detail_page, {'form': form, 'realm': realm_obj}) return render(request, detail_page, {'form': form, 'realm': realm_obj})
def user_delete_controller(request, ldap_user, realm_id, redirect_name): def user_delete_controller(ldap_user):
user_groups = LdapGroup.objects.filter(members__contains=ldap_user.dn) user_groups = LdapGroup.objects.filter(members__contains=ldap_user.dn)
for group in user_groups: for group in user_groups:
@ -143,14 +160,12 @@ def user_delete_controller(request, ldap_user, realm_id, redirect_name):
django_user.delete() django_user.delete()
except ObjectDoesNotExist: except ObjectDoesNotExist:
pass pass
return redirect(redirect_name, realm_id) return
class LdapPasswordResetConfirmView(PasswordResetConfirmView): class LdapPasswordResetConfirmView(PasswordResetConfirmView):
def form_valid(self, form): def form_valid(self, form):
user = form.save() user = form.save()
password = form.cleaned_data['new_password1'] password = form.cleaned_data['new_password1']
print(password)
LdapUser.password_reset(user, password) LdapUser.password_reset(user, password)
return super().form_valid(form) return super().form_valid(form)

4
templates/realm/realm_user.jinja2
View File

@ -1,8 +1,10 @@
{% extends 'realm/realm_detailed.jinja2' %} {% extends 'realm/realm_detailed.jinja2' %}
{% block user_content %} {% block user_content %}
<h2>Nutzer</h2> <h2>Nutzer</h2>
<a href="{{ url('realm-multiple-user-delete', args=[realm.id]) }}"> Mehrere Nutzer Löschen</a>
{% for user in realm_user %} {% for user in realm_user %}
<p>{{ user.username }} - <a href="{{ url('realm-user-detail', args=[realm.id, user.dn]) }}">{{ user.dn }}</a> <p>
{{ user.username }} - <a href="{{ url('realm-user-detail', args=[realm.id, user.dn]) }}">{{ user.dn }}</a>
</p> </p>
{% endfor %} {% endfor %}
{% endblock %} {% endblock %}

10
templates/realm/realm_user_multiple_delete.jinja2 Normal file
View File

@ -0,0 +1,10 @@
{% extends 'realm/realm_detailed.jinja2' %}
{% block user_content %}
<h2>Nutzer</h2>
<a href="{{ url('realm-user-list', args=[realm.id]) }}">Abrechen</a>
<form action="{{ url('realm-multiple-user-delete', args=[realm.id]) }}" method="post">
<input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
<input type="submit" value="Ausführen">
{{ form.as_p() }}
</form>
{% endblock %}

1
templates/registration/login.html
View File

@ -13,6 +13,7 @@
<button type="submit">Login</button> <button type="submit">Login</button>
</form> </form>
</div> </div>
<a href="{{ url('password_reset') }}">Passwort vergessen?</a>
</div> </div>
</div> </div>
{% endblock %} {% endblock %}

2
templates/registration/password_reset_email.html
View File

@ -1,3 +1,3 @@
Someone asked for password reset for email {{ email }}. Follow the link below: Someone asked for password reset for email {{ email }}. Follow the link below:
{{ protocol }}://{{ domain }}{{ url('password_reset_confirm', kwargs={'uidb64':uid, 'token':token}) }} {{ protocol }}://{{ domain }}{{ url('ldap_password_reset_confirm', kwargs={'uidb64':uid, 'token':token}) }}