def createLDAPPlugin(id="ldap-plugin"):
pas = getPAS()
config = getUtility(ILDAPConfiguration)
if config.ldap_type == u"AD":
klass = PloneActiveDirectoryMultiPlugin
else:
klass = PloneLDAPMultiPlugin
genericPluginCreation(
pas,
klass,
id=id,
title="Plone managed LDAP",
login_attr=str(config.schema[config.login_attribute].ldap_name),
uid_attr=str(config.schema[config.userid_attribute].ldap_name),
rdn_attr=str(config.schema[config.rdn_attribute].ldap_name),
users_base=config.user_base or "",
users_scope=config.user_scope,
groups_base=config.group_base or "",
groups_scope=config.group_scope,
binduid=config.bind_dn or "",
bindpwd=config.bind_password or "",
encryption=config.password_encryption,
roles=config.default_user_roles or "",
read_only=config.read_only,
obj_classes=config.user_object_classes,
)
plugin = getattr(pas, id)
plugin.groupid_attr = "cn"
directlyProvides(plugin, IManagedLDAPPlugin)
enablePASInterfaces()
enableCaching(config.cache)
def createLDAPPlugin(id="ldap-plugin"):
pas = getPAS()
config = getUtility(ILDAPConfiguration)
if config.ldap_type == u"AD":
klass = PloneActiveDirectoryMultiPlugin
else:
klass = PloneLDAPMultiPlugin
genericPluginCreation(
pas,
klass,
id=id,
title="Plone managed LDAP",
login_attr=str(config.schema[config.login_attribute].ldap_name),
uid_attr=str(config.schema[config.userid_attribute].ldap_name),
rdn_attr=str(config.schema[config.rdn_attribute].ldap_name),
users_base=config.user_base or "",
users_scope=config.user_scope,
groups_base=config.group_base or "",
groups_scope=config.group_scope,
binduid=config.bind_dn or "",
bindpwd=config.bind_password or "",
encryption=config.password_encryption,
roles=config.default_user_roles or "",
read_only=config.read_only,
obj_classes=config.user_object_classes)
plugin = getattr(pas, id)
plugin.groupid_attr = "cn"
directlyProvides(plugin, IManagedLDAPPlugin)
enablePASInterfaces()
enableCaching(config.cache)
def activatePloneLDAPPlugin(portal):
"""
Go in the acl and active our plugin
"""
acl = portal.acl_users
if "ldap" not in acl.objectIds():
luf = genericPluginCreation(
acl,
PloneLDAPMultiPlugin,
id="ldap",
title="LDAP Connexion",
login_attr="cn",
uid_attr="cn",
users_base="dc=gitesdewallonie,dc=net",
users_scope=2,
roles="Member",
groups_base="ou=groups,dc=gitesdewallonie,dc=net",
groups_scope=2,
binduid="cn=admin,dc=gitesdewallonie,dc=net",
bindpwd="phoneph0ne",
binduid_usage=1,
rdn_attr="cn",
obj_classes="person,organizationalPerson,gites-proprietaire",
local_groups=0,
use_ssl=0,
encryption="SHA",
read_only=0,
LDAP_server="clavius.affinitic.be",
REQUEST=None,
)
luf.manage_addLDAPSchemaItem("registeredAddress", "email", public_name="email")
luf.manage_addLDAPSchemaItem("title", "fullname", public_name="fullname")
luf.manage_addLDAPSchemaItem("pk", "pk", public_name="pk")
luf.manage_addGroupMapping("Proprietaire", "Proprietaire")
interfaces = [
"IAuthenticationPlugin",
"ICredentialsResetPlugin",
"IGroupEnumerationPlugin",
"IGroupIntrospection",
"IGroupManagement",
"IGroupsPlugin",
"IPropertiesPlugin",
"IRoleEnumerationPlugin",
"IRolesPlugin",
"IUserAdderPlugin",
"IUserEnumerationPlugin",
"IUserManagement",
]
ldap = getattr(acl, "ldap")
ldap.manage_activateInterfaces(interfaces)
for interface in interfaces:
interface_object = acl.plugins._getInterfaceFromName(interface)
acl.plugins.movePluginsUp(interface_object, ["ldap"])
def activatePloneLDAPPlugin(portal):
"""
Go in the acl and active our plugin
"""
acl = portal.acl_users
if 'ldap' not in acl.objectIds():
luf = genericPluginCreation(acl, PloneLDAPMultiPlugin, id='ldap',
title='LDAP Connexion', login_attr='cn', uid_attr='cn',
users_base="dc=gitesdewallonie,dc=net",
users_scope=2, roles="Member",
groups_base="ou=groups,dc=gitesdewallonie,dc=net",
groups_scope=2, binduid="cn=admin,dc=gitesdewallonie,dc=net",
bindpwd='*****',
binduid_usage=1, rdn_attr='cn',
obj_classes='person,organizationalPerson',
local_groups=0, use_ssl=0, encryption='SHA',
read_only=0, LDAP_server="kepler.interne.affinitic.be", REQUEST=None)
luf.manage_addLDAPSchemaItem("registeredAddress", "email",
public_name="email")
luf.manage_addLDAPSchemaItem("title", "fullname",
public_name="fullname")
interfaces = ['IAuthenticationPlugin',
'ICredentialsResetPlugin',
'IGroupEnumerationPlugin',
'IGroupIntrospection',
'IGroupManagement',
'IGroupsPlugin',
'IPropertiesPlugin',
'IRoleEnumerationPlugin',
'IRolesPlugin',
'IUserAdderPlugin',
'IUserEnumerationPlugin',
'IUserManagement']
ldap = getattr(acl, 'ldap')
ldap.manage_activateInterfaces(interfaces)
for interface in interfaces:
interface_object = acl.plugins._getInterfaceFromName(interface)
acl.plugins.movePluginsUp(interface_object, ['ldap'])
def manage_addEnhancedPloneLDAPMultiPlugin(self, id, title, LDAP_server,
login_attr, uid_attr, users_base, users_scope, roles, groups_base,
groups_scope, binduid, bindpwd, binduid_usage=1, rdn_attr='cn',
local_groups=0, use_ssl=0, encryption='SHA', read_only=0, REQUEST=None):
"""Add an Enhanced Plone LDAP plugin to the site"""
luf = genericPluginCreation(self, EnhancedPloneLDAPMultiPlugin, id=id,
title=title, login_attr=login_attr, uid_attr=uid_attr,
users_base=users_base, users_scope=users_scope, roles=roles,
groups_base=groups_base, groups_scope=groups_scope, binduid=binduid,
bindpwd=bindpwd, binduid_usage=binduid_usage, rdn_attr=rdn_attr,
local_groups=local_groups, use_ssl=use_ssl, encryption=encryption,
read_only=read_only, LDAP_server=LDAP_server, REQUEST=None)
luf._ldapschema["cn"]["public_name"]="fullname"
luf.manage_addLDAPSchemaItem("mail", "Email Address", public_name="email")
# Redirect back to the user folder
if REQUEST is not None:
return REQUEST["RESPONSE"].redirect(
"%s/manage_workspace?manage_tabs_message=Enhanced+LDAP"
"+Multi+Plugin+added" %self.absolute_url())
