def add_ldap_groups(request):
"""
add_ldap_groups(request) -> reply
Handler for importing LDAP groups into the Hue database.
If a group has been previously imported, this will sync membership within the
group with the LDAP server. If --import-members is specified, it will import
all unimported users.
"""
if not request.user.is_superuser:
raise PopupException(_("You must be a superuser to add another group."), error_code=401)
if request.method == 'POST':
form = AddLdapGroupsForm(request.POST)
if form.is_valid():
groupname_pattern = form.cleaned_data['groupname_pattern']
import_by_dn = form.cleaned_data['dn']
import_members = form.cleaned_data['import_members']
import_members_recursive = form.cleaned_data['import_members_recursive']
try:
groups = import_ldap_groups(groupname_pattern, import_members=import_members, import_members_recursive=import_members_recursive, sync_users=True, import_by_dn=import_by_dn)
except ldap.LDAPError, e:
LOG.error(_("LDAP Exception: %s") % e)
raise PopupException(_('There was an error when communicating with LDAP'), detail=str(e))
if groups:
return redirect(reverse(list_groups))
else:
errors = form._errors.setdefault('groupname_pattern', ErrorList())
errors.append(_('Could not get LDAP details for groups in pattern %s') % groupname_pattern)
def add_ldap_groups(request):
"""
add_ldap_groups(request) -> reply
Handler for importing LDAP groups into the Hue database.
If a group has been previously imported, this will sync membership within the
group with the LDAP server. If --import-members is specified, it will import
all unimported users.
"""
if not request.user.is_superuser:
raise PopupException(
_("You must be a superuser to add another group."), error_code=401)
if request.method == 'POST':
form = AddLdapGroupsForm(request.POST)
if form.is_valid():
groupname_pattern = form.cleaned_data['groupname_pattern']
import_by_dn = form.cleaned_data['dn']
import_members = form.cleaned_data['import_members']
import_members_recursive = form.cleaned_data[
'import_members_recursive']
is_ensuring_home_directories = form.cleaned_data[
'ensure_home_directories']
server = form.cleaned_data.get('server')
try:
connection = ldap_access.get_connection_from_server(server)
groups = import_ldap_groups(
connection,
groupname_pattern,
import_members=import_members,
import_members_recursive=import_members_recursive,
sync_users=True,
import_by_dn=import_by_dn)
except ldap.LDAPError, e:
LOG.error(_("LDAP Exception: %s") % e)
raise PopupException(
_('There was an error when communicating with LDAP'),
detail=str(e))
except AssertionError, e:
raise PopupException(
_('There was a problem with some of the LDAP information'),
detail=str(e))
unique_users = set()
if is_ensuring_home_directories and groups:
for group in groups:
for user in group.user_set.all():
unique_users.add(user)
for user in unique_users:
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
raise PopupException(_(
"Exception creating home directory for LDAP user %s in group %s."
) % (user, group),
detail=e)
LOG.error(_("LDAP Exception: %s") % e)
raise PopupException(
_('There was an error when communicating with LDAP'),
detail=str(e))
if groups:
return redirect(reverse(list_groups))
else:
errors = form._errors.setdefault('groupname_pattern',
ErrorList())
errors.append(
_('Could not get LDAP details for groups in pattern %s') %
groupname_pattern)
else:
form = AddLdapGroupsForm()
return render('edit_group.mako', request,
dict(form=form, action=request.path, ldap=True))
def sync_ldap_users_groups(request):
"""
Handler for syncing the Hue database with LDAP users and groups.
This will not import any users or groups that don't already exist in Hue. All
user information and group memberships will be updated based on the LDAP
server's current state.
"""
if not request.user.is_superuser:
raise PopupException(