Esempio n. 1
0
File: conf.py Progetto: y0d4a/pcapdb
    def get_context_data(self, **kwargs):
        context = super().get_context_data(**kwargs)

        # We use loading this page as an excuse to clean up groups.
        # We should probably pull this out and call it explicitly whenever the admin
        # or ldap_users group is changed.

        # Get all the unused, untyped groups (LDAP groups with no associated user).
        unused_unlabeled = Group.objects.filter(type=None, user=None)
        for grp in unused_unlabeled:
            grp.delete()

        if settings.LDAP_AUTH_ENABLED and not settings.LDAP_GROUPS_ENABLED:

            orphaned_users = set()

            # Make sure we have only one ldap required group.
            ldap_user_grp = None
            ldap_user_grps = Group.objects.filter(type__type='ldap_users')
            for grp in ldap_user_grps:
                if grp.name != settings.LDAP_REQUIRED_GROUP:
                    orphaned_users.union(grp.user_set.all())
                    log.info(
                        "Someone changed the ldap users group in the config. Deleting"
                        "old group: {}".format(grp.name))
                    grp.delete()
                else:
                    ldap_user_grp = grp

            if ldap_user_grp is None:
                # We have no group labeled as our required group that is actually it.
                # Try to get one that isn't properly labeled.
                try:
                    ldap_user_grp = Group.objects.get(
                        name=settings.LDAP_REQUIRED_GROUP)
                except Group.DoesNotExist:
                    # Or if that fails, make it.
                    ldap_user_grp = Group(name=settings.LDAP_REQUIRED_GROUP)
                    ldap_user_grp.save()

                # Now label it.
                grp_type = GroupTypeModel(group=ldap_user_grp,
                                          type='ldap_users')
                ldap_user_grp.type = grp_type
                grp_type.save()

            # Reassign the orphaned users
            for user in orphaned_users:
                ldap_user_grp.user_set.add(user)

        admin_group = None
        orphaned_admins = set()
        for grp in Group.objects.filter(type__type='admin'):
            # Delete any extra, old admin groups. This happens when you change the admin
            # group name.
            if grp.name != settings.ADMIN_GROUP:
                orphaned_admins.union(grp.user_set.all())
                log.info(
                    "Orphaned admin group deleted ({}). This happens when the admin "
                    "group name changes in the configuration.".format(
                        grp.name))
                grp.delete()
            else:
                admin_group = grp

        if admin_group is None:
            # Find the admin group, or create it if it doesn't exist.
            try:
                admin_group = Group.objects.get(name=settings.ADMIN_GROUP)
            except Group.DoesNotExist:
                admin_group = Group(name=settings.ADMIN_GROUP)
                admin_group.save()

            admin_group_type = GroupTypeModel(group=admin_group, type='admin')
            admin_group_type.save()
            admin_group.save()

        # Reassign the orphaned users.
        for user in orphaned_admins:
            admin_group.user_set.add(user)

        query = Q(type__type='site') | Q(type__type='site_admin') | Q(
            type__type='admin')
        if settings.LDAP_AUTH_ENABLED and not settings.LDAP_GROUPS_ENABLED:
            query |= Q(type__type='ldap_users')

        groups = Group.objects.filter(query)

        context['user_extra'] = UserExtraModel
        context['groups'] = groups

        context['default_tz'] = settings.DEFAULT_TZ
        context['timezones'] = UserExtraModel.TIMEZONES

        return context