def render(self): portal = getSite() # Delete the LDAPUPC if exists if getattr(portal.acl_users, 'ldapUPC', None): portal.acl_users.manage_delObjects('ldapUPC') # try: manage_addPloneLDAPMultiPlugin(portal.acl_users, "ldapexterns", title="ldapexterns", use_ssl=1, login_attr="cn", uid_attr="cn", local_groups=0, users_base="ou=users,ou=upcnet,dc=upcnet,dc=es", users_scope=2, roles="Authenticated,Member", groups_base="ou=groups,ou=upcnet,dc=upcnet,dc=es", groups_scope=2, read_only=True, binduid="cn=ldap,ou=upcnet,dc=upcnet,dc=es", bindpwd=LDAP_PASSWORD, rdn_attr="cn", LDAP_server="ldap.upcnet.es", encryption="SSHA") portal.acl_users.ldapexterns.acl_users.manage_edit("ldapexterns", "cn", "cn", "ou=users,ou=upcnet,dc=upcnet,dc=es", 2, "Authenticated,Member", "ou=groups,ou=upcnet,dc=upcnet,dc=es", 2, "cn=ldap,ou=upcnet,dc=upcnet,dc=es", LDAP_PASSWORD, 1, "cn", "top,person,inetOrgPerson", 0, 0, "SSHA", 0, '') plugin = portal.acl_users['ldapexterns'] # Activate plugins (all) plugin.manage_activateInterfaces(['IAuthenticationPlugin', 'ICredentialsResetPlugin', 'IGroupEnumerationPlugin', 'IGroupIntrospection', 'IGroupManagement', 'IGroupsPlugin', 'IUserAdderPlugin', 'IUserEnumerationPlugin', 'IUserManagement']) # In case to have more than one server for fault tolerance # LDAPUserFolder.manage_addServer(portal.acl_users.ldapUPC.acl_users, "ldap.upc.edu", '636', use_ssl=1) # Redefine some schema properties LDAPUserFolder.manage_deleteLDAPSchemaItems(portal.acl_users.ldapexterns.acl_users, ldap_names=['sn'], REQUEST=None) LDAPUserFolder.manage_deleteLDAPSchemaItems(portal.acl_users.ldapexterns.acl_users, ldap_names=['cn'], REQUEST=None) LDAPUserFolder.manage_addLDAPSchemaItem(portal.acl_users.ldapexterns.acl_users, ldap_name='sn', friendly_name='Last Name', public_name='fullname') LDAPUserFolder.manage_addLDAPSchemaItem(portal.acl_users.ldapexterns.acl_users, ldap_name='cn', friendly_name='Canonical Name') # Update the preference of the plugins portal.acl_users.plugins.movePluginsUp(IUserAdderPlugin, ['ldapexterns']) portal.acl_users.plugins.movePluginsUp(IGroupManagement, ['ldapexterns']) # Move the ldapUPC to the top of the active plugins. # Otherwise member.getProperty('email') won't work properly. # from Products.PluggableAuthService.interfaces.plugins import IPropertiesPlugin # portal.acl_users.plugins.movePluginsUp(IPropertiesPlugin, ['ldapUPC']) # portal.acl_users.plugins.manage_movePluginsUp('IPropertiesPlugin', ['ldapUPC'], context.REQUEST.RESPONSE) # except: # pass # Add LDAP plugin cache plugin = portal.acl_users['ldapexterns'] plugin.ZCacheable_setManagerId('RAMCache') return 'Done.'
def render(self): portal = getSite() if HAS_LDAP: try: manage_addPloneLDAPMultiPlugin(portal.acl_users, "ldapUPC", title="ldapUPC", use_ssl=1, login_attr="cn", uid_attr="cn", local_groups=0, users_base="ou=Users,dc=upc,dc=edu", users_scope=2, roles="Authenticated", groups_base="ou=Groups,dc=upc,dc=edu", groups_scope=2, read_only=True, binduid="cn=ldap.serveis,ou=users,dc=upc,dc=edu", bindpwd=LDAP_PASSWORD, rdn_attr="cn", LDAP_server="ldap.upc.edu", encryption="SSHA") portal.acl_users.ldapUPC.acl_users.manage_edit("ldapUPC", "cn", "cn", "ou=Users,dc=upc,dc=edu", 2, "Authenticated", "ou=Groups,dc=upc,dc=edu", 2, "cn=ldap.serveis,ou=users,dc=upc,dc=edu", LDAP_PASSWORD, 1, "cn", "top,person", 0, 0, "SSHA", 1, '') plugin = portal.acl_users['ldapUPC'] plugin.manage_activateInterfaces(['IGroupEnumerationPlugin', 'IGroupsPlugin', 'IGroupIntrospection', 'IAuthenticationPlugin', 'IUserEnumerationPlugin']) # Comentem la linia per a que no afegeixi # LDAPUserFolder.manage_addServer(portal.acl_users.ldapUPC.acl_users, "ldap.upc.edu", '636', use_ssl=1) LDAPUserFolder.manage_deleteLDAPSchemaItems(portal.acl_users.ldapUPC.acl_users, ldap_names=['sn'], REQUEST=None) LDAPUserFolder.manage_addLDAPSchemaItem(portal.acl_users.ldapUPC.acl_users, ldap_name='sn', friendly_name='Last Name', public_name='name') # Move the ldapUPC to the top of the active plugins. # Otherwise member.getProperty('email') won't work properly. # from Products.PluggableAuthService.interfaces.plugins import IPropertiesPlugin # portal.acl_users.plugins.movePluginsUp(IPropertiesPlugin, ['ldapUPC']) # portal.acl_users.plugins.manage_movePluginsUp('IPropertiesPlugin', ['ldapUPC'], context.REQUEST.RESPONSE) except: logger.debug("Something bad happened and the LDAP has not been created properly") try: plugin = portal.acl_users['ldapUPC'] plugin.ZCacheable_setManagerId('RAMCache') portal_role_manager = portal.acl_users['portal_role_manager'] portal_role_manager.assignRolesToPrincipal(["Manager"], "UPC.Plone.Admins") portal_role_manager.assignRolesToPrincipal(["Manager"], "UPCnet.Plone.Admins") portal_role_manager.assignRolesToPrincipal(["Manager"], "UPCnet.ATIC") portal_role_manager.assignRolesToPrincipal(["Manager"], "UPCNET.Frontoffice.2n.nivell") except: logger.debug("Something bad happened and the LDAP has not been configured properly") else: logger.debug("You do not have LDAP libraries in your current buildout configuration. POSOK.")
def uninstall(context): """Uninstall script""" # Do something at the end of the uninstallation of this package. if context.readDataFile('genweb.tfemarket_ldap.txt') is None: return portal = context.getSite() ldap_acl_users = getattr(portal.acl_users, 'ldapUPC').acl_users LDAPUserFolder.manage_deleteLDAPSchemaItems(ldap_acl_users, ldap_names=[ 'sn1', 'sn2', 'givenName', 'unit', 'unitCode', 'segmentation', 'typology', 'DNIpassport', 'telephoneNumber', 'mail' ], REQUEST=None)
def render(self): portal = getSite() if HAS_LDAP: try: manage_addPloneLDAPMultiPlugin(portal.acl_users, 'ldapUPC', title='ldapUPC', use_ssl=1, login_attr='cn', uid_attr='cn', local_groups=0, users_base='ou=Users,dc=upc,dc=edu', users_scope=2, roles='Authenticated', groups_base='ou=Groups,dc=upc,dc=edu', groups_scope=2, read_only=True, binduid='cn=ldap.serveis,ou=users,dc=upc,dc=edu', bindpwd=LDAP_PASSWORD, rdn_attr='cn', LDAP_server='ldap.upc.edu', encryption='SSHA') portal.acl_users.ldapUPC.acl_users.manage_edit('ldapUPC', 'cn', 'cn', 'ou=Users,dc=upc,dc=edu', 2, 'Authenticated', 'ou=Groups,dc=upc,dc=edu', 2, 'cn=ldap.serveis,ou=users,dc=upc,dc=edu', LDAP_PASSWORD, 1, 'cn', 'top,person', 0, 0, 'SSHA', 1, '') plugin = portal.acl_users['ldapUPC'] plugin.manage_activateInterfaces(['IGroupEnumerationPlugin', 'IGroupsPlugin', 'IGroupIntrospection', 'IAuthenticationPlugin', 'IUserEnumerationPlugin']) # Comentem la linia per a que no afegeixi # LDAPUserFolder.manage_addServer(portal.acl_users.ldapUPC.acl_users, 'ldap.upc.edu', '636', use_ssl=1) LDAPUserFolder.manage_deleteLDAPSchemaItems(portal.acl_users.ldapUPC.acl_users, ldap_names=['sn'], REQUEST=None) LDAPUserFolder.manage_addLDAPSchemaItem(portal.acl_users.ldapUPC.acl_users, ldap_name='sn', friendly_name='Last Name', public_name='name') # Move the ldapUPC to the top of the active plugins. # Otherwise member.getProperty('email') won't work properly. # from Products.PluggableAuthService.interfaces.plugins import IPropertiesPlugin # portal.acl_users.plugins.movePluginsUp(IPropertiesPlugin, ['ldapUPC']) # portal.acl_users.plugins.manage_movePluginsUp('IPropertiesPlugin', ['ldapUPC'], context.REQUEST.RESPONSE) except: logger.debug('Something bad happened and the LDAP has not been created properly') try: plugin = portal.acl_users['ldapUPC'] plugin.ZCacheable_setManagerId('RAMCache') portal_role_manager = portal.acl_users['portal_role_manager'] portal_role_manager.assignRolesToPrincipal(['Manager'], 'UPC.Plone.Admins') portal_role_manager.assignRolesToPrincipal(['Manager'], 'UPCnet.Plone.Admins') portal_role_manager.assignRolesToPrincipal(['Manager'], 'UPCnet.ATIC') except: logger.debug('Something bad happened and the LDAP has not been configured properly') else: logger.debug('You do not have LDAP libraries in your current buildout configuration. POSOK.')
def setupVarious(context): # Ordinarily, GenericSetup handlers check for the existence of XML files. # Here, we are not parsing an XML file, but we use this text file as a # flag to check that we actually meant for this import step to be run. # The file is found in profiles/default. if context.readDataFile('upc.genwebupc_various.txt') is None: return # Add additional setup code here # portal = context.getSite() transforms = getToolByName(portal, 'portal_transforms') transform = getattr(transforms, 'safe_html') valid = transform.get_parameter_value('valid_tags') nasty = transform.get_parameter_value('nasty_tags') # GW4 Valid tags gw4_valid = ['script', 'object', 'embed', 'param', 'iframe', 'applet'] for tag in gw4_valid: # Acceptar a la llista de valides valid[tag] = 1 # Eliminar de la llista no desitjades if tag in nasty: del nasty[tag] stripped = transform.get_parameter_value('stripped_attributes') # GW4 remove some stripped for tag in ['cellspacing', 'cellpadding', 'valign']: if tag in stripped: stripped.remove(tag) kwargs = {} kwargs['valid_tags'] = valid kwargs['nasty_tags'] = nasty kwargs['stripped_attributes'] = stripped for k in list(kwargs): if isinstance(kwargs[k], dict): v = kwargs[k] kwargs[k + '_key'] = v.keys() kwargs[k + '_value'] = [str(s) for s in v.values()] del kwargs[k] transform.set_parameters(**kwargs) transform._p_changed = True transform.reload() try: manage_addPloneLDAPMultiPlugin( portal.acl_users, "ldapUPC", title="ldapUPC", use_ssl=1, login_attr="cn", uid_attr="cn", local_groups=0, users_base="ou=Users,dc=upc,dc=edu", users_scope=2, roles="Authenticated", groups_base="ou=Groups,dc=upc,dc=edu", groups_scope=2, read_only=True, binduid="cn=ldap.upc,ou=Users,dc=upc,dc=edu", bindpwd=LDAP_PASSWORD, rdn_attr="cn", LDAP_server="ldap.upc.edu", encryption="SSHA") portal.acl_users.ldapUPC.acl_users.manage_edit( "ldapUPC", "cn", "cn", "ou=Users,dc=upc,dc=edu", 2, "Authenticated", "ou=Groups,dc=upc,dc=edu", 2, "cn=ldap.upc,ou=Users,dc=upc,dc=edu", LDAP_PASSWORD, 1, "cn", "top,person", 0, 0, "SSHA", 1, '') plugin = portal.acl_users['ldapUPC'] plugin.manage_activateInterfaces(['IGroupEnumerationPlugin', 'IGroupsPlugin', 'IPropertiesPlugin', 'IGroupIntrospection', 'IAuthenticationPlugin', 'IRolesPlugin', 'IUserEnumerationPlugin', 'IRoleEnumerationPlugin']) #Comentem la linia per a que no afegeixi #LDAPUserFolder.manage_addServer(portal.acl_users.ldapUPC.acl_users, "ldap.upc.edu", '636', use_ssl=1) LDAPUserFolder.manage_deleteLDAPSchemaItems(portal.acl_users.ldapUPC.acl_users, ldap_names=['sn'], REQUEST=None) LDAPUserFolder.manage_addLDAPSchemaItem(portal.acl_users.ldapUPC.acl_users, ldap_name='sn', friendly_name='Last Name', public_name='name') # Move the ldapUPC to the top of the active plugins. # Otherwise member.getProperty('email') won't work properly. from Products.PluggableAuthService.interfaces.plugins import IPropertiesPlugin portal.acl_users.plugins.movePluginsUp(IPropertiesPlugin, ['ldapUPC']) #portal.acl_users.plugins.manage_movePluginsUp('IPropertiesPlugin', ['ldapUPC'], context.REQUEST.RESPONSE) except: pass #try: # Fora el sistema de cookies que fan buscar al LDAP cn=* # portal.acl_users.manage_delObjects('credentials_cookie_auth') #except: # pass plugin = portal.acl_users['ldapUPC'] plugin.ZCacheable_setManagerId('RAMCache') portal_role_manager = portal.acl_users['portal_role_manager'] portal_role_manager.assignRolesToPrincipal(["Manager"], "UPC.Plone.Admins") portal_role_manager.assignRolesToPrincipal(["Manager"], "UPCnet.Plone.Admins") portal_role_manager.assignRolesToPrincipal(["Manager"], "UPCnet.ATIC") portal_role_manager.assignRolesToPrincipal(["Manager"], "UPCNET.Frontoffice.2n.nivell") # deshabilitem inline editing site_properties = ISiteSchema(portal) site_properties.enable_inline_editing = False # configurem pagina per defecte portal.setLayout("homepage") # configurem els estats del calendari pct = getToolByName(portal, 'portal_calendar') pct.calendar_states = ('published', 'intranet') # Fixem el primer dia de la setmana com dilluns (0) pct.firstweekday = 0 transaction.commit()
def render(self): portal = getSite() ldap_name = self.request.form.get('ldap_name', 'ldap') ldap_server = self.request.form.get('ldap_server') branch_name = self.request.form.get('branch_name') base_dn = self.request.form.get('base_dn') branch_admin_cn = self.request.form.get('branch_admin_cn') branch_admin_password = self.request.form.get('branch_admin_password') allow_manage_users = self.request.form.get('allow_manage_users', False) users_base = 'ou=users,ou={},{}'.format(branch_name, base_dn) groups_base = 'ou=groups,ou={},{}'.format(branch_name, base_dn) bind_uid = 'cn={},ou={},{}'.format(branch_admin_cn, branch_name, base_dn) # Delete if exists if getattr(portal.acl_users, ldap_name, None): portal.acl_users.manage_delObjects('ldapUPC') manage_addPloneLDAPMultiPlugin( portal.acl_users, ldap_name, use_ssl=1, login_attr='cn', uid_attr='cn', local_groups=0, rdn_attr='cn', encryption='SSHA', read_only=True, roles='Authenticated,Member', groups_scope=2, users_scope=2, title=ldap_name, LDAP_server=ldap_server, users_base=users_base, groups_base=groups_base, binduid=bind_uid, bindpwd=branch_admin_password) ldap_acl_users = getattr(portal.acl_users, ldap_name).acl_users ldap_acl_users.manage_edit( ldap_name, 'cn', 'cn', users_base, 2, 'Authenticated,Member', groups_base, 2, bind_uid, branch_admin_password, 1, 'cn', 'top,person,inetOrgPerson', 0, 0, 'SSHA', 0, '') plugin = portal.acl_users[ldap_name] active_plugins = [ 'IAuthenticationPlugin', 'ICredentialsResetPlugin', 'IGroupEnumerationPlugin', 'IGroupIntrospection', 'IGroupManagement', 'IGroupsPlugin', 'IPropertiesPlugin', 'IRoleEnumerationPlugin', 'IRolesPlugin', 'IUserAdderPlugin', 'IUserEnumerationPlugin'] if allow_manage_users: active_plugins.append('IUserManagement') plugin.manage_activateInterfaces(active_plugins) # Redefine some schema properties LDAPUserFolder.manage_deleteLDAPSchemaItems(ldap_acl_users, ldap_names=['sn'], REQUEST=None) LDAPUserFolder.manage_deleteLDAPSchemaItems(ldap_acl_users, ldap_names=['cn'], REQUEST=None) LDAPUserFolder.manage_addLDAPSchemaItem(ldap_acl_users, ldap_name='sn', friendly_name='Last Name', public_name='fullname') LDAPUserFolder.manage_addLDAPSchemaItem(ldap_acl_users, ldap_name='cn', friendly_name='Canonical Name') # Update the preference of the plugins portal.acl_users.plugins.movePluginsUp(IUserAdderPlugin, [ldap_name]) portal.acl_users.plugins.movePluginsUp(IGroupManagement, [ldap_name]) # Add LDAP plugin cache plugin = portal.acl_users[ldap_name] plugin.ZCacheable_setManagerId('RAMCache') return 'Done.'
def render(self): portal = getSite() # Delete the LDAPUPC if exists if getattr(portal.acl_users, 'ldapUPC', None): portal.acl_users.manage_delObjects('ldapUPC') # try: manage_addPloneLDAPMultiPlugin(portal.acl_users, 'ldapexterns', title='ldapexterns', use_ssl=1, login_attr='cn', uid_attr='cn', local_groups=0, users_base='ou=users,ou=upcnet,dc=upcnet,dc=es', users_scope=2, roles='Authenticated,Member', groups_base='ou=groups,ou=upcnet,dc=upcnet,dc=es', groups_scope=2, read_only=True, binduid='cn=ldap,ou=upcnet,dc=upcnet,dc=es', bindpwd=LDAP_PASSWORD, rdn_attr='cn', LDAP_server='ldap.upcnet.es', encryption='SSHA') portal.acl_users.ldapexterns.acl_users.manage_edit('ldapexterns', 'cn', 'cn', 'ou=users,ou=upcnet,dc=upcnet,dc=es', 2, 'Authenticated,Member', 'ou=groups,ou=upcnet,dc=upcnet,dc=es', 2, 'cn=ldap,ou=upcnet,dc=upcnet,dc=es', LDAP_PASSWORD, 1, 'cn', 'top,person,inetOrgPerson', 0, 0, 'SSHA', 0, '') plugin = portal.acl_users['ldapexterns'] # Activate plugins (all) plugin.manage_activateInterfaces(['IAuthenticationPlugin', 'ICredentialsResetPlugin', 'IGroupEnumerationPlugin', 'IGroupIntrospection', 'IGroupManagement', 'IGroupsPlugin', 'IUserAdderPlugin', 'IUserEnumerationPlugin', 'IUserManagement', 'IPropertiesPlugin', 'IRoleEnumerationPlugin', 'IRolesPlugin']) # In case to have more than one server for fault tolerance # LDAPUserFolder.manage_addServer(portal.acl_users.ldapUPC.acl_users, "ldap.upc.edu", '636', use_ssl=1) # Redefine some schema properties LDAPUserFolder.manage_deleteLDAPSchemaItems(portal.acl_users.ldapexterns.acl_users, ldap_names=['sn'], REQUEST=None) LDAPUserFolder.manage_deleteLDAPSchemaItems(portal.acl_users.ldapexterns.acl_users, ldap_names=['cn'], REQUEST=None) LDAPUserFolder.manage_addLDAPSchemaItem(portal.acl_users.ldapexterns.acl_users, ldap_name='sn', friendly_name='Last Name', public_name='fullname') LDAPUserFolder.manage_addLDAPSchemaItem(portal.acl_users.ldapexterns.acl_users, ldap_name='cn', friendly_name='Canonical Name') # Update the preference of the plugins portal.acl_users.plugins.movePluginsUp(IUserAdderPlugin, ['ldapexterns']) portal.acl_users.plugins.movePluginsUp(IGroupManagement, ['ldapexterns']) # Move the ldapUPC to the top of the active plugins. # Otherwise member.getProperty('email') won't work properly. # from Products.PluggableAuthService.interfaces.plugins import IPropertiesPlugin # portal.acl_users.plugins.movePluginsUp(IPropertiesPlugin, ['ldapUPC']) # portal.acl_users.plugins.manage_movePluginsUp('IPropertiesPlugin', ['ldapUPC'], context.REQUEST.RESPONSE) # except: # pass # Add LDAP plugin cache plugin = portal.acl_users['ldapexterns'] plugin.ZCacheable_setManagerId('RAMCache') #Configuracion por defecto de los grupos de LDAP de externs groups_query = u'(&(objectClass=groupOfUniqueNames))' user_groups_query = u'(&(objectClass=groupOfUniqueNames)(uniqueMember=%s))' api.portal.set_registry_record('genweb.controlpanel.core.IGenwebCoreControlPanelSettings.groups_query', groups_query) api.portal.set_registry_record('genweb.controlpanel.core.IGenwebCoreControlPanelSettings.user_groups_query', user_groups_query) return 'Done. groupOfUniqueNames in LDAP Controlpanel Search'