Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gyuricska Milán
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
2de30027
authored
Feb 15, 2017
by
Czémán Arnold
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
dashboard: Move ldap functions to ldap_utils module
parent
2ef3e434
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
86 additions
and
74 deletions
+86
-74
circle/dashboard/ldap_utils.py
+81
-0
circle/dashboard/models.py
+5
-74
No files found.
circle/dashboard/ldap_utils.py
0 → 100644
View file @
2de30027
import
logging
from
django.conf
import
settings
from
django.contrib.auth.models
import
Group
from
.models
import
GroupProfile
,
FutureMember
,
Profile
import
ldap
from
django_auth_ldap.backend
import
LDAPSettings
logger
=
logging
.
getLogger
(
__name__
)
def
ldap_connect
(
ldap_settings
):
conn
=
ldap
.
initialize
(
ldap_settings
.
SERVER_URI
)
for
opt
,
value
in
ldap_settings
.
CONNECTION_OPTIONS
.
items
():
conn
.
set_option
(
opt
,
value
)
conn
.
simple_bind_s
(
ldap_settings
.
BIND_DN
,
ldap_settings
.
BIND_PASSWORD
)
return
conn
def
owns
(
conn
,
ldap_settings
,
ownerattr
,
user_dn
,
group_name
):
group
=
ldap_settings
.
GROUP_SEARCH
.
search_with_additional_term_string
(
"(cn=
%
s)"
%
group_name
)
.
execute
(
conn
)
if
len
(
group
)
==
0
:
return
False
group
=
group
[
0
]
owners
=
group
[
1
]
.
get
(
ownerattr
,
[])
return
user_dn
in
map
(
unicode
.
upper
,
owners
)
def
ldap_save_org_id
(
sender
,
user
,
ldap_user
,
**
kwargs
):
logger
.
debug
(
"ldap_save_org_id called by
%
s"
,
user
.
username
)
user_dn
=
ldap_user
.
dn
.
upper
()
if
user
.
pk
is
None
:
user
.
save
()
logger
.
debug
(
"ldap_save_org_id saved user
%
s"
,
unicode
(
user
))
profile
,
created
=
Profile
.
objects
.
get_or_create
(
user
=
user
)
if
created
or
profile
.
org_id
!=
user_dn
:
logger
.
info
(
"org_id of
%
s added to user
%
s's profile"
,
user_dn
,
user
.
username
)
profile
.
org_id
=
user_dn
profile
.
save
()
else
:
logger
.
debug
(
"org_id of
%
s already added to user
%
s's profile"
,
user_dn
,
user
.
username
)
group_dns
=
map
(
unicode
.
upper
,
ldap_user
.
group_dns
)
for
group
in
group_dns
:
try
:
g
=
GroupProfile
.
search
(
group
)
except
Group
.
DoesNotExist
:
logger
.
debug
(
'cant find membergroup
%
s'
,
group
)
else
:
logger
.
debug
(
'could find membergroup
%
s (
%
s)'
,
group
,
unicode
(
g
))
g
.
user_set
.
add
(
user
)
for
i
in
FutureMember
.
objects
.
filter
(
org_id__iexact
=
user_dn
):
i
.
group
.
user_set
.
add
(
user
)
i
.
delete
()
ownerattr
=
settings
.
LDAP_GROUP_OWNER_ATTRIBUTE
ldap_settings
=
LDAPSettings
()
# connection will close, when object destroys
# https://www.python-ldap.org/doc/html/ldap.html#ldap-objects
conn
=
ldap_connect
(
ldap_settings
)
for
group
in
zip
(
group_dns
,
ldap_user
.
group_names
):
try
:
g
=
GroupProfile
.
search
(
group
[
0
])
except
Group
.
DoesNotExist
:
logger
.
debug
(
'cant find ownergroup
%
s'
,
group
[
0
])
else
:
if
owns
(
conn
,
ldap_settings
,
ownerattr
,
user_dn
,
group
[
1
]):
logger
.
debug
(
'could find ownergroup
%
s (
%
s)'
,
group
[
0
],
unicode
(
g
))
g
.
profile
.
set_level
(
user
,
'owner'
)
else
:
logger
.
debug
(
'cant find ownergroup
%
s'
,
group
[
0
])
return
False
# User did not change
circle/dashboard/models.py
View file @
2de30027
...
@@ -320,6 +320,7 @@ def get_or_create_profile(self):
...
@@ -320,6 +320,7 @@ def get_or_create_profile(self):
obj
,
created
=
GroupProfile
.
objects
.
get_or_create
(
group_id
=
self
.
pk
)
obj
,
created
=
GroupProfile
.
objects
.
get_or_create
(
group_id
=
self
.
pk
)
return
obj
return
obj
Group
.
profile
=
property
(
get_or_create_profile
)
Group
.
profile
=
property
(
get_or_create_profile
)
...
@@ -338,6 +339,7 @@ def create_profile(user):
...
@@ -338,6 +339,7 @@ def create_profile(user):
def
create_profile_hook
(
sender
,
user
,
request
,
**
kwargs
):
def
create_profile_hook
(
sender
,
user
,
request
,
**
kwargs
):
return
create_profile
(
user
)
return
create_profile
(
user
)
user_logged_in
.
connect
(
create_profile_hook
)
user_logged_in
.
connect
(
create_profile_hook
)
if
hasattr
(
settings
,
'SAML_ORG_ID_ATTRIBUTE'
):
if
hasattr
(
settings
,
'SAML_ORG_ID_ATTRIBUTE'
):
...
@@ -401,81 +403,10 @@ if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'):
...
@@ -401,81 +403,10 @@ if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'):
pre_user_save
.
connect
(
saml_save_org_id
)
pre_user_save
.
connect
(
saml_save_org_id
)
if
(
hasattr
(
settings
,
'LDAP_ORG_ID_ATTRIBUTE'
)
and
if
getattr
(
settings
,
'LDAP_ORG_ID_ATTRIBUTE'
,
False
):
settings
.
LDAP_ORG_ID_ATTRIBUTE
):
logger
.
debug
(
"Register ldap_save_org_id to django-ldap-auth populate user"
)
logger
.
debug
(
"Register ldap_save_org_id to django-ldap-auth populate user"
)
from
django_auth_ldap.backend
import
populate_user
,
LDAPSettings
from
django_auth_ldap.backend
import
populate_user
import
ldap
from
.ldap_utils
import
ldap_save_org_id
def
ldap_connect
(
ldap_settings
):
conn
=
ldap
.
initialize
(
ldap_settings
.
SERVER_URI
)
for
opt
,
value
in
ldap_settings
.
CONNECTION_OPTIONS
.
items
():
conn
.
set_option
(
opt
,
value
)
conn
.
simple_bind_s
(
ldap_settings
.
BIND_DN
,
ldap_settings
.
BIND_PASSWORD
)
return
conn
def
owns
(
conn
,
ldap_settings
,
ownerattr
,
user_dn
,
group_name
):
group
=
ldap_settings
.
GROUP_SEARCH
.
search_with_additional_term_string
(
"(cn=
%
s)"
%
group_name
)
.
execute
(
conn
)
if
len
(
group
)
==
0
:
return
False
group
=
group
[
0
]
owners
=
group
[
1
]
.
get
(
ownerattr
,
[])
return
user_dn
in
map
(
unicode
.
upper
,
owners
)
def
ldap_save_org_id
(
sender
,
user
,
ldap_user
,
**
kwargs
):
logger
.
debug
(
"ldap_save_org_id called by
%
s"
,
user
.
username
)
user_dn
=
ldap_user
.
dn
.
upper
()
if
user
.
pk
is
None
:
user
.
save
()
logger
.
debug
(
"ldap_save_org_id saved user
%
s"
,
unicode
(
user
))
profile
,
created
=
Profile
.
objects
.
get_or_create
(
user
=
user
)
if
created
or
profile
.
org_id
!=
user_dn
:
logger
.
info
(
"org_id of
%
s added to user
%
s's profile"
,
user_dn
,
user
.
username
)
profile
.
org_id
=
user_dn
profile
.
save
()
else
:
logger
.
debug
(
"org_id of
%
s already added to user
%
s's profile"
,
user_dn
,
user
.
username
)
group_dns
=
map
(
unicode
.
upper
,
ldap_user
.
group_dns
)
for
group
in
group_dns
:
try
:
g
=
GroupProfile
.
search
(
group
)
except
Group
.
DoesNotExist
:
logger
.
debug
(
'cant find membergroup
%
s'
,
group
)
else
:
logger
.
debug
(
'could find membergroup
%
s (
%
s)'
,
group
,
unicode
(
g
))
g
.
user_set
.
add
(
user
)
for
i
in
FutureMember
.
objects
.
filter
(
org_id__iexact
=
user_dn
):
i
.
group
.
user_set
.
add
(
user
)
i
.
delete
()
ownerattr
=
settings
.
LDAP_GROUP_OWNER_ATTRIBUTE
ldap_settings
=
LDAPSettings
()
# connection will close, when object destroys
# https://www.python-ldap.org/doc/html/ldap.html#ldap-objects
conn
=
ldap_connect
(
ldap_settings
)
for
group
in
zip
(
group_dns
,
ldap_user
.
group_names
):
try
:
g
=
GroupProfile
.
search
(
group
[
0
])
except
Group
.
DoesNotExist
:
logger
.
debug
(
'cant find ownergroup
%
s'
,
group
[
0
])
else
:
if
owns
(
conn
,
ldap_settings
,
ownerattr
,
user_dn
,
group
[
1
]):
logger
.
debug
(
'could find ownergroup
%
s (
%
s)'
,
group
[
0
],
unicode
(
g
))
g
.
profile
.
set_level
(
user
,
'owner'
)
else
:
logger
.
debug
(
'cant find ownergroup
%
s'
,
group
[
0
])
return
False
# User did not change
populate_user
.
connect
(
ldap_save_org_id
)
populate_user
.
connect
(
ldap_save_org_id
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment