mgoetz/ldap_account_manager
Archived
2
2
Fork 0
Code Issues 9 Pull Requests Releases 2 Wiki Activity

Add class violation handling for delete user

Browse Source
This commit is contained in:
Götz 2019-04-14 23:44:52 +02:00
parent c472ba4927
commit f410e6de7a
3 changed files with 35 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/account_manager/views/user_views.py
View File

@ -113,7 +113,15 @@ def realm_user_delete(request, realm_id, user_dn):
LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}' LdapGroup.base_dn = f'ou=groups,{realm.ldap_base_dn}'
ldap_user = LdapUser.objects.get(dn=user_dn) ldap_user = LdapUser.objects.get(dn=user_dn)
if _is_deleteable_user(realm, ldap_user): if _is_deleteable_user(realm, ldap_user):
user_delete_controller(ldap_user, realm) try:
user_delete_controller(ldap_user, realm)
except OBJECT_CLASS_VIOLATION as err:
deletion_link = {'name': 'realm-user-delete', 'args': [realm.id, ldap_user.dn]}
cancel_link = {'name': 'realm-user-detail', 'args': [realm.id, ldap_user.dn]}
return render(request, 'user/user_confirm_delete.jinja2',
{'realm': realm, 'user': ldap_user, 'deletion_link': deletion_link,
'cancel_link': cancel_link,
'extra_errors': f'Der Nutzer {ldap_user.username} konnte nicht gelöscht werden, da er der letzte Nutzer einer Gruppe ist. Bitte lösche die Gruppe zuerst oder trage einen anderen Nutzer in die Gruppe ein.'})
return redirect('realm-user-list', realm_id) return redirect('realm-user-list', realm_id)
else: else:
return redirect('permission-denied') return redirect('permission-denied')
@ -141,7 +149,15 @@ def realm_multiple_user_delete(request, realm_id):
ldap_users = form.cleaned_data['ldap_users'] ldap_users = form.cleaned_data['ldap_users']
for ldap_user in ldap_users: for ldap_user in ldap_users:
if _is_deleteable_user(realm, ldap_user): if _is_deleteable_user(realm, ldap_user):
user_delete_controller(ldap_user, realm) try:
user_delete_controller(ldap_user, realm)
except OBJECT_CLASS_VIOLATION as err:
blocked_users, deletable_users = get_deletable_blocked_users(ldap_users, realm)
return render(request, 'realm/realm_user_multiple_delete.jinja2',
{'form': form, 'realm': realm, 'deletable_users': deletable_users,
'blocked_users': blocked_users,
'confirm': True,
'extra_errors': f'Nutzer {ldap_user} konnte nicht gelöscht werden, da er der letzte Nutzer einer Gruppe ist. Bitte tragen Sie vorher den Nutzer aus der Gruppe aus. Das löschen der restlichen Nutzer wurde unterbrochen.'})
return redirect('realm-user-list', realm_id) return redirect('realm-user-list', realm_id)
return redirect('realm-user-list', realm.id) return redirect('realm-user-list', realm.id)
@ -154,13 +170,7 @@ def realm_multiple_user_delete_confirm(request, realm_id):
form = UserDeleteListForm(request.POST) form = UserDeleteListForm(request.POST)
if form.is_valid(): if form.is_valid():
ldap_users = form.cleaned_data['ldap_users'] ldap_users = form.cleaned_data['ldap_users']
deletable_users = [] blocked_users, deletable_users = get_deletable_blocked_users(ldap_users, realm)
blocked_users = []
for ldap_user in ldap_users:
if _is_deleteable_user(realm, ldap_user):
deletable_users.append(ldap_user)
else:
blocked_users.append(ldap_user)
return render(request, 'realm/realm_user_multiple_delete.jinja2', return render(request, 'realm/realm_user_multiple_delete.jinja2',
{'form': form, 'realm': realm, 'deletable_users': deletable_users, {'form': form, 'realm': realm, 'deletable_users': deletable_users,
'blocked_users': blocked_users, 'blocked_users': blocked_users,
@ -173,6 +183,17 @@ def realm_multiple_user_delete_confirm(request, realm_id):
{'form': form, 'realm': realm, 'users': users}) {'form': form, 'realm': realm, 'users': users})
def get_deletable_blocked_users(ldap_users, realm):
deletable_users = []
blocked_users = []
for ldap_user in ldap_users:
if _is_deleteable_user(realm, ldap_user):
deletable_users.append(ldap_user)
else:
blocked_users.append(ldap_user)
return blocked_users, deletable_users
def _is_deleteable_user(realm, user): def _is_deleteable_user(realm, user):
user_groups = LdapGroup.get_user_groups(realm, user, LdapGroup.ROOT_DN) user_groups = LdapGroup.get_user_groups(realm, user, LdapGroup.ROOT_DN)
user_group_names = [group.name for group in user_groups] user_group_names = [group.name for group in user_groups]

2
src/templates/realm/realm_user_multiple_delete.jinja2
View File

@ -1,8 +1,10 @@
{% extends 'realm/realm_detailed.jinja2' %} {% extends 'realm/realm_detailed.jinja2' %}
{% import 'macros/form_macros.jinja2' as mform %} {% import 'macros/form_macros.jinja2' as mform %}
{% import 'macros/utils_macros.jinja2' as mutils %}
{% block detail_content %} {% block detail_content %}
<h2>Nutzer löschen</h2> <h2>Nutzer löschen</h2>
{{ mutils.get_warning_box(extra_errors) }}
{% if blocked_users %} {% if blocked_users %}
<div class="alert alert-warning"> <div class="alert alert-warning">
<h3>Admin User festgestellt</h3> <h3>Admin User festgestellt</h3>

3
src/templates/user/user_confirm_delete.jinja2
View File

@ -1,6 +1,9 @@
{% extends 'base.jinja2' %} {% extends 'base.jinja2' %}
{% import 'macros/utils_macros.jinja2' as mutils %}
{% block content %} {% block content %}
<div class="col-12 "> <div class="col-12 ">
{{ mutils.get_warning_box(extra_errors) }}
<div class="row justify-content-center justify-content-sm-center"> <div class="row justify-content-center justify-content-sm-center">
<div class="col-12 col-sm-8 col-md-7 col-lg-5 col-xl-4 bg-white text-dark p-3 mt-5"> <div class="col-12 col-sm-8 col-md-7 col-lg-5 col-xl-4 bg-white text-dark p-3 mt-5">
<div class="alert alert-warning" role="alert"> <div class="alert alert-warning" role="alert">