Commit 2f7a430d by Guba Sándor

Merge branch 'issue-52'

parents d6ad029d df0f23e4
...@@ -382,6 +382,11 @@ if get_env_variable('DJANGO_SAML', 'FALSE') == 'TRUE': ...@@ -382,6 +382,11 @@ if get_env_variable('DJANGO_SAML', 'FALSE') == 'TRUE':
'DJANGO_SAML_ATTRIBUTE_MAPPING', 'DJANGO_SAML_ATTRIBUTE_MAPPING',
'{"mail": ["email"], "sn": ["last_name"], ' '{"mail": ["email"], "sn": ["last_name"], '
'"uid": ["username"], "cn": ["first_name"]}')) '"uid": ["username"], "cn": ["first_name"]}'))
SAML_GROUP_ATTRIBUTES = get_env_variable(
'DJANGO_SAML_GROUP_ATTRIBUTES', '').split(',')
SAML_GROUP_OWNER_ATTRIBUTES = get_env_variable(
'DJANGO_SAML_GROUP_OWNER_ATTRIBUTES', '').split(',')
SAML_CREATE_UNKNOWN_USER = True SAML_CREATE_UNKNOWN_USER = True
if get_env_variable('DJANGO_SAML_ORG_ID_ATTRIBUTE', False) != False: if get_env_variable('DJANGO_SAML_ORG_ID_ATTRIBUTE', False) != False:
SAML_ORG_ID_ATTRIBUTE = get_env_variable( SAML_ORG_ID_ATTRIBUTE = get_env_variable(
......
from itertools import chain
from logging import getLogger from logging import getLogger
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import User from django.contrib.auth.models import User, Group
from django.contrib.auth.signals import user_logged_in from django.contrib.auth.signals import user_logged_in
from django.db.models import ( from django.db.models import (
Model, ForeignKey, OneToOneField, CharField, IntegerField Model, ForeignKey, OneToOneField, CharField, IntegerField, TextField
) )
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from vm.models import Instance from vm.models import Instance
from acl.models import AclBase
logger = getLogger(__name__) logger = getLogger(__name__)
...@@ -30,6 +32,33 @@ class Profile(Model): ...@@ -30,6 +32,33 @@ class Profile(Model):
instance_limit = IntegerField(default=5) instance_limit = IntegerField(default=5)
class GroupProfile(AclBase):
ACL_LEVELS = (
('operator', _('operator')),
('owner', _('owner')),
)
group = OneToOneField(Group)
org_id = CharField(
unique=True, blank=True, null=True, max_length=64,
help_text=_('Unique identifier of the group at the organization.'))
description = TextField()
@classmethod
def search(cls, name):
try:
return cls.objects.get(org_id=name).group
except cls.DoesNotExist:
return Group.objects.get(name=name)
def get_or_create_profile(self):
obj, created = GroupProfile.objects.get_or_create(group_id=self.pk)
return obj
Group.profile = property(get_or_create_profile)
def create_profile(sender, user, request, **kwargs): def create_profile(sender, user, request, **kwargs):
if not user.pk: if not user.pk:
return False return False
...@@ -65,7 +94,29 @@ if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'): ...@@ -65,7 +94,29 @@ if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'):
else: else:
logger.debug("org_id of %s already added to user %s's profile", logger.debug("org_id of %s already added to user %s's profile",
value, sender.username) value, sender.username)
return False memberatrs = getattr(settings, 'SAML_GROUP_ATTRIBUTES', [])
for group in chain(*[attributes[i] for i in memberatrs]):
try:
g = GroupProfile.search(group)
except Group.DoesNotExist:
logger.debug('cant find membergroup %s', group)
else:
logger.debug('could find membergroup %s (%s)',
group, unicode(g))
g.user_set.add(sender)
owneratrs = getattr(settings, 'SAML_GROUP_OWNER_ATTRIBUTES', [])
for group in chain(*[attributes[i] for i in owneratrs]):
try:
g = GroupProfile.search(group)
except Group.DoesNotExist:
logger.debug('cant find ownergroup %s', group)
else:
logger.debug('could find ownergroup %s (%s)',
group, unicode(g))
g.profile.set_level(sender, 'owner')
return False # User did not change
pre_user_save.connect(save_org_id) pre_user_save.connect(save_org_id)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment