Commit 2f7a430d by Guba Sándor

Merge branch 'issue-52'

parents d6ad029d df0f23e4
......@@ -382,6 +382,11 @@ if get_env_variable('DJANGO_SAML', 'FALSE') == 'TRUE':
'DJANGO_SAML_ATTRIBUTE_MAPPING',
'{"mail": ["email"], "sn": ["last_name"], '
'"uid": ["username"], "cn": ["first_name"]}'))
SAML_GROUP_ATTRIBUTES = get_env_variable(
'DJANGO_SAML_GROUP_ATTRIBUTES', '').split(',')
SAML_GROUP_OWNER_ATTRIBUTES = get_env_variable(
'DJANGO_SAML_GROUP_OWNER_ATTRIBUTES', '').split(',')
SAML_CREATE_UNKNOWN_USER = True
if get_env_variable('DJANGO_SAML_ORG_ID_ATTRIBUTE', False) != False:
SAML_ORG_ID_ATTRIBUTE = get_env_variable(
......
from itertools import chain
from logging import getLogger
from django.conf import settings
from django.contrib.auth.models import User
from django.contrib.auth.models import User, Group
from django.contrib.auth.signals import user_logged_in
from django.db.models import (
Model, ForeignKey, OneToOneField, CharField, IntegerField
Model, ForeignKey, OneToOneField, CharField, IntegerField, TextField
)
from django.utils.translation import ugettext_lazy as _
from vm.models import Instance
from acl.models import AclBase
logger = getLogger(__name__)
......@@ -30,6 +32,33 @@ class Profile(Model):
instance_limit = IntegerField(default=5)
class GroupProfile(AclBase):
ACL_LEVELS = (
('operator', _('operator')),
('owner', _('owner')),
)
group = OneToOneField(Group)
org_id = CharField(
unique=True, blank=True, null=True, max_length=64,
help_text=_('Unique identifier of the group at the organization.'))
description = TextField()
@classmethod
def search(cls, name):
try:
return cls.objects.get(org_id=name).group
except cls.DoesNotExist:
return Group.objects.get(name=name)
def get_or_create_profile(self):
obj, created = GroupProfile.objects.get_or_create(group_id=self.pk)
return obj
Group.profile = property(get_or_create_profile)
def create_profile(sender, user, request, **kwargs):
if not user.pk:
return False
......@@ -65,7 +94,29 @@ if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'):
else:
logger.debug("org_id of %s already added to user %s's profile",
value, sender.username)
return False
memberatrs = getattr(settings, 'SAML_GROUP_ATTRIBUTES', [])
for group in chain(*[attributes[i] for i in memberatrs]):
try:
g = GroupProfile.search(group)
except Group.DoesNotExist:
logger.debug('cant find membergroup %s', group)
else:
logger.debug('could find membergroup %s (%s)',
group, unicode(g))
g.user_set.add(sender)
owneratrs = getattr(settings, 'SAML_GROUP_OWNER_ATTRIBUTES', [])
for group in chain(*[attributes[i] for i in owneratrs]):
try:
g = GroupProfile.search(group)
except Group.DoesNotExist:
logger.debug('cant find ownergroup %s', group)
else:
logger.debug('could find ownergroup %s (%s)',
group, unicode(g))
g.profile.set_level(sender, 'owner')
return False # User did not change
pre_user_save.connect(save_org_id)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment