def manage_editUserRoles(self, user_dn, role_dns=[], REQUEST=None):
""" Edit the roles (groups) of a user """
all_groups = self.getGroups(attr='dn')
cur_groups = self.getGroups(dn=user_dn, attr='dn')
operations = []
luf = self.getLUF()
user = self.getUserByDN(user_dn)
if user is None:
return
for role_dn in role_dns:
if role_dn not in all_groups:
newgroup_type = 'groupOfUniqueNames'
newgroup_member = GROUP_MEMBER_MAP.get(newgroup_type)
newgroup_name = luf._delegate.explode_dn(role_dn, 1)[0]
connection = luf._connect()
attr_list = [ ('objectClass', ['top', newgroup_type])
, ('cn', newgroup_name)
, (newgroup_member, [user_dn, luf._binduid])
]
connection.add_s(role_dn, attr_list)
for group in all_groups:
if group in cur_groups and group not in role_dns:
operations.append({ 'op' : luf._delegate.DELETE
, 'target' : group
, 'type' : luf.getGroupType(group)
} )
elif group in role_dns and group not in cur_groups:
operations.append({ 'op' : luf._delegate.ADD
, 'target' : group
, 'type' : luf.getGroupType(group)
} )
if operations:
connection = luf._connect()
for to_do in operations:
mod_list = ( ( to_do['op']
, GROUP_MEMBER_MAP.get(to_do['type'])
, user_dn
), )
try:
connection.modify_s(to_do['target'], mod_list)
except Exception, e:
msg = str(e)
msg = 'Roles changed for %s' % (user_dn)
def manage_editUserRoles(self, user_dn, role_dns=[], REQUEST=None):
""" Edit the roles (groups) of a user """
all_groups = self.getGroups(attr='dn')
cur_groups = self.getGroups(dn=user_dn, attr='dn')
operations = []
luf = self.getLUF()
user = self.getUserByDN(user_dn)
if user is None:
return
for role_dn in role_dns:
if role_dn not in all_groups:
newgroup_type = 'groupOfUniqueNames'
newgroup_member = GROUP_MEMBER_MAP.get(newgroup_type)
newgroup_name = luf._delegate.explode_dn(role_dn, 1)[0]
connection = luf._connect()
attr_list = [('objectClass', ['top', newgroup_type]),
('cn', newgroup_name),
(newgroup_member, [user_dn, luf._binduid])]
connection.add_s(role_dn, attr_list)
for group in all_groups:
if group in cur_groups and group not in role_dns:
operations.append({
'op': luf._delegate.DELETE,
'target': group,
'type': luf.getGroupType(group)
})
elif group in role_dns and group not in cur_groups:
operations.append({
'op': luf._delegate.ADD,
'target': group,
'type': luf.getGroupType(group)
})
if operations:
connection = luf._connect()
for to_do in operations:
mod_list = ((to_do['op'], GROUP_MEMBER_MAP.get(to_do['type']),
user_dn), )
try:
connection.modify_s(to_do['target'], mod_list)
except Exception, e:
msg = str(e)
msg = 'Roles changed for %s' % (user_dn)
def manage_editGroupRoles(self, user_dn, role_dns=[], REQUEST=None):
""" Edit the roles (groups) of a group """
from Products.LDAPUserFolder.utils import GROUP_MEMBER_MAP
try:
from Products.LDAPUserFolder.LDAPDelegate import ADD, DELETE
except ImportError:
# Support for LDAPUserFolder >= 2.6
ADD = self._delegate.ADD
DELETE = self._delegate.DELETE
msg = ""
## Log(LOG_DEBUG, "assigning", role_dns, "to", user_dn)
all_groups = self.getGroups(attr='dn')
cur_groups = self.getGroups(dn=user_dn, attr='dn')
group_dns = []
for group in role_dns:
if group.find('=') == -1:
group_dns.append('cn=%s,%s' % (group, self.groups_base))
else:
group_dns.append(group)
if self._local_groups:
if len(role_dns) == 0:
del self._groups_store[user_dn]
else:
self._groups_store[user_dn] = role_dns
else:
for group in all_groups:
member_attr = GROUP_MEMBER_MAP.get(self.getGroupType(group))
if group in cur_groups and group not in group_dns:
action = DELETE
elif group in group_dns and group not in cur_groups:
action = ADD
else:
action = None
if action is not None:
msg = self._delegate.modify(
group
, action
, {member_attr : [user_dn]}
)
## Log(LOG_DEBUG, "group", group, "subgroup", user_dn, "result", msg)
if msg:
raise RuntimeError, msg
def manage_editGroupRoles(self, user_dn, role_dns=[], REQUEST=None):
""" Edit the roles (groups) of a group """
from Products.LDAPUserFolder.utils import GROUP_MEMBER_MAP
try:
from Products.LDAPUserFolder.LDAPDelegate import ADD, DELETE
except ImportError:
# Support for LDAPUserFolder >= 2.6
ADD = self._delegate.ADD
DELETE = self._delegate.DELETE
msg = ""
## Log(LOG_DEBUG, "assigning", role_dns, "to", user_dn)
all_groups = self.getGroups(attr='dn')
cur_groups = self.getGroups(dn=user_dn, attr='dn')
group_dns = []
for group in role_dns:
if group.find('=') == -1:
group_dns.append('cn=%s,%s' % (group, self.groups_base))
else:
group_dns.append(group)
if self._local_groups:
if len(role_dns) == 0:
del self._groups_store[user_dn]
else:
self._groups_store[user_dn] = role_dns
else:
for group in all_groups:
member_attr = GROUP_MEMBER_MAP.get(self.getGroupType(group))
if group in cur_groups and group not in group_dns:
action = DELETE
elif group in group_dns and group not in cur_groups:
action = ADD
else:
action = None
if action is not None:
msg = self._delegate.modify(group, action,
{member_attr: [user_dn]})
## Log(LOG_DEBUG, "group", group, "subgroup", user_dn, "result", msg)
if msg:
raise RuntimeError, msg
