Merge branch 'issue-52'

2f7a430d · Guba Sándor · d6ad029d · df0f23e4 · 2f7a430d · 2f7a430d
Commit 2f7a430d authored Feb 12, 2014 by Guba Sándor
Expand all Hide whitespace changes
Inline Side-by-side

Showing with 59 additions and 3 deletions

circle/circle/settings/base.py
+5 -0

circle/dashboard/migrations/0004_auto__add_groupprofile.py
+0 -0

circle/dashboard/models.py
+54 -3

No files found.
--- a/circle/circle/settings/base.py
+++ b/circle/circle/settings/base.py
@@ -382,6 +382,11 @@ if get_env_variable('DJANGO_SAML', 'FALSE') == 'TRUE':
        'DJANGO_SAML_ATTRIBUTE_MAPPING',
        '{"mail": ["email"], "sn": ["last_name"], '
        '"uid": ["username"], "cn": ["first_name"]}'))
+    SAML_GROUP_ATTRIBUTES = get_env_variable(
+        'DJANGO_SAML_GROUP_ATTRIBUTES', '').split(',')
+    SAML_GROUP_OWNER_ATTRIBUTES = get_env_variable(
+        'DJANGO_SAML_GROUP_OWNER_ATTRIBUTES', '').split(',')
+
    SAML_CREATE_UNKNOWN_USER = True
    if get_env_variable('DJANGO_SAML_ORG_ID_ATTRIBUTE', False) != False:
        SAML_ORG_ID_ATTRIBUTE = get_env_variable(

--- a/circle/dashboard/migrations/0004_auto__add_groupprofile.py
+++ b/circle/dashboard/migrations/0004_auto__add_groupprofile.py
--- a/circle/dashboard/models.py
+++ b/circle/dashboard/models.py
+from itertools import chain
 from logging import getLogger

 from django.conf import settings
-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, Group
 from django.contrib.auth.signals import user_logged_in
 from django.db.models import (
-    Model, ForeignKey, OneToOneField, CharField, IntegerField
+    Model, ForeignKey, OneToOneField, CharField, IntegerField, TextField
 )
 from django.utils.translation import ugettext_lazy as _

 from vm.models import Instance
+from acl.models import AclBase

 logger = getLogger(__name__)

@@ -30,6 +32,33 @@ class Profile(Model):
    instance_limit = IntegerField(default=5)


+class GroupProfile(AclBase):
+    ACL_LEVELS = (
+        ('operator', _('operator')),
+        ('owner', _('owner')),
+    )
+
+    group = OneToOneField(Group)
+    org_id = CharField(
+        unique=True, blank=True, null=True, max_length=64,
+        help_text=_('Unique identifier of the group at the organization.'))
+    description = TextField()
+
+    @classmethod
+    def search(cls, name):
+        try:
+            return cls.objects.get(org_id=name).group
+        except cls.DoesNotExist:
+            return Group.objects.get(name=name)
+
+
+def get_or_create_profile(self):
+    obj, created = GroupProfile.objects.get_or_create(group_id=self.pk)
+    return obj
+
+Group.profile = property(get_or_create_profile)
+
+
 def create_profile(sender, user, request, **kwargs):
    if not user.pk:
        return False
@@ -65,7 +94,29 @@ if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'):
        else:
            logger.debug("org_id of %s already added to user %s's profile",
                         value, sender.username)
-        return False
+        memberatrs = getattr(settings, 'SAML_GROUP_ATTRIBUTES', [])
+        for group in chain(*[attributes[i] for i in memberatrs]):
+            try:
+                g = GroupProfile.search(group)
+            except Group.DoesNotExist:
+                logger.debug('cant find membergroup %s', group)
+            else:
+                logger.debug('could find membergroup %s (%s)',
+                             group, unicode(g))
+                g.user_set.add(sender)
+
+        owneratrs = getattr(settings, 'SAML_GROUP_OWNER_ATTRIBUTES', [])
+        for group in chain(*[attributes[i] for i in owneratrs]):
+            try:
+                g = GroupProfile.search(group)
+            except Group.DoesNotExist:
+                logger.debug('cant find ownergroup %s', group)
+            else:
+                logger.debug('could find ownergroup %s (%s)',
+                             group, unicode(g))
+                g.profile.set_level(sender, 'owner')
+
+        return False  # User did not change

    pre_user_save.connect(save_org_id)