def group_add(request): if request.method == 'POST': form = UserGroupForm(request.POST) message = None if form.is_valid(): try: if form.data['name'] == 'admin': message = _("Admin is a reserved group") raise Exception if _valid_name_regex.search(form.data['name']) == None: message = _("Invalid user group name: '{value}'. Identifiers must begin with a letter or an underscore (_). Subsequent characters can be letters, underscores or numbers").format(value=form.data['name']) raise Exception group = UserGroup( name = form.data['name'], description = form.data['description'] ) group.save() core_services.ldap_add_group(group) core_services.add_data_directory(group) return redirect('group_list') except Exception as e: print str(e) return render_to_response('group_add.html', {'form': form, 'message': message}, context_instance=RequestContext(request)) else: return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request)) else: form = UserGroupForm() return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request))
def user(request): error = 'success' if request.method == 'POST': username = request.POST.get('username') password = request.POST.get('password') nickname = request.POST.get('nickname') level = request.POST.get('level') id_insert = UserGroup(username=username, password=password, nickname=nickname, level=level, create_time=datetime.time()) try: id_insert.save() except Exception as e: error = e logData = { 'username': '******', 'nickname': '系统管理员', 'operate_action': errconfig.actionConfig['AC0002'] + nickname + '(' + username + ')' } logOperate.write_log(logData) return HttpResponseRedirect('UserGroup/user/', {'error': error}) return render(request, 'UserGroup/user.html')
def group_manage(request, aid=None, action=None): if request.user.has_perms(['asset.view_user', 'asset.edit_user']): page_name = '' if aid and action: group = get_object_or_404(UserGroup, pk=aid) if action == 'edit': page_name = '编辑组' if action == 'delete': group.delete() Message.objects.create(type=u'用户分组管理', user=request.user.first_name, action=u'删除分组', action_ip=UserIP(request), content=u'删除分组 %s'%group.name) return redirect('user_group_list') else: group = UserGroup() action = 'add' page_name = '新增用户组' if request.method == 'POST': form = GroupForm(request.POST, instance=group) if form.is_valid(): command_list = form.cleaned_data['command'] directory_list = form.cleaned_data['directory'] user_select = request.POST.getlist('user_sel') user_delete = request.POST.getlist('user_del') host_select = request.POST.getlist('host_sel') host_delete = request.POST.getlist('host_del') group_select = request.POST.getlist('group_sel') group_delete = request.POST.getlist('group_del') perm_select = request.POST.getlist('perm_sel') perm_delete = request.POST.getlist('perm_del') if action == 'add' or action == 'edit': form.save group.save() group.user_group_set.add(*user_select) group.user_group_set.remove(*user_delete) group.user_set.add(*user_select) group.user_set.remove(*user_delete) group.host_usergroup_set.add(*host_select) group.host_usergroup_set.remove(*host_delete) group.group_usergroup_set.add(*group_select) group.group_usergroup_set.remove(*group_delete) group.permissions.add(*perm_select) group.permissions.remove(*perm_delete) if action == 'edit': group.command.clear() group.directory.clear() group.command.add(*command_list) group.directory.add(*directory_list) Message.objects.create(type=u'用户分组管理', user=request.user.first_name, action=page_name, action_ip=UserIP(request), content=u'%s %s'%(page_name, group.name)) return redirect('user_group_list') else: form = GroupForm(instance=group) return render(request, 'userauth_group_manage.html', {'form':form, 'page_name':page_name, 'action':action, 'aid':aid}) else: raise Http404
def group_add(request): error = '' user_all = UserName.objects.all() if request.method == 'POST': groupname = request.POST.get('groupname') print groupname,type(groupname) name = request.POST.get('name') comment = request.POST.get('comment') #获取前端复选返回的users列表 users = request.POST.getlist('qsl', '') users_str = ','.join(users) try: # 对用户组为空、用户组已存在的异常进行处理 if UserGroup.objects.filter(groupname=groupname): error = u'%s already exits.' % groupname #return render(request, 'group/group_add.html', {'error':error}) raise ServerError(error) if not groupname: error = u'用户组groupname不能为空' raise ServerError(error) group = UserGroup() group.groupname = groupname group.name = name group.comment = comment group.save() groupid = UserGroup.objects.get(groupname=groupname) if len(users_str) > 0: user_list = ','.join(users).split(',') for user in user_list: user_obj = UserName.objects.get(username=user) user_obj.group.add(groupid) return HttpResponseRedirect('/auser/group/list/') return HttpResponseRedirect('/auser/group/list/') except ServerError: pass except TypeError: error = u'添加用户组失败' #group = UserGroup() #group.groupname = groupname #group.name = name #group.comment = comment #group.save() #groupid = UserGroup.objects.get(groupname=groupname) #if len(users_str) > 0: # user_list = ','.join(users).split(',') # for user in user_list: # user_obj = UserName.objects.get(username=user) # user_obj.group.add(groupid) # return HttpResponseRedirect('/auser/group/list/') #return HttpResponseRedirect('/auser/group/list/') return render(request,'group/group_add.html', {'error':error,'user_all':user_all})
def ldap_create_admin_group(self): if self.is_enabled: try: dn = str("cn=admin,ou=groups," + self.domain) attrs = {} attrs['objectclass'] = ['top', 'posixGroup'] attrs['cn'] = str('admin') attrs['gidNumber'] = str('501') ldif = modlist.addModlist(attrs) self.ldap.add_s(dn, ldif) except ldap.LDAPError, e: pass try: if not UserGroup.objects.filter(name="admin").exists(): group = UserGroup(name='admin', description=_('Group for admin users')) group.save() except Exception as e: pass
def user_add(request): ad_suffix = GVSIGOL_LDAP['AD'] if not ad_suffix: show_pass_form = True else: show_pass_form = False if request.method == 'POST': form = UserCreateForm(request.POST) if form.is_valid(): assigned_groups = [] is_staff = False if 'is_staff' in form.data: is_staff = True is_superuser = False if 'is_superuser' in form.data: is_superuser = True is_staff = True assigned_groups = [] for key in form.data: if 'group-' in key: assigned_groups.append(int(key.split('-')[1])) try: if form.data['password1'] == form.data['password2']: user = User(username=form.data['username'].lower(), first_name=u''.join( form.data['first_name']).encode('utf-8'), last_name=u''.join( form.data['last_name']).encode('utf-8'), email=form.data['email'].lower(), is_superuser=is_superuser, is_staff=is_staff) user.set_password(form.data['password1']) user.save() #admin_group = UserGroup.objects.get(name__exact='admin') aux = UserGroup.objects.filter(name="admin") if aux.count() > 1: print "WARNING: table gvsigol_auth_usergroup inconsistent !!!!!!!!!!!" admin_group = aux[0] if user.is_superuser: core_services.ldap_add_user(user, form.data['password1'], True) core_services.ldap_add_group_member(user, admin_group) usergroup_user = UserGroupUser(user=user, user_group=admin_group) usergroup_user.save() else: core_services.ldap_add_user(user, form.data['password1'], False) #core_services.ldap_add_group_member(user, admin_group) for ag in assigned_groups: user_group = UserGroup.objects.get(id=ag) usergroup_user = UserGroupUser(user=user, user_group=user_group) usergroup_user.save() core_services.ldap_add_group_member(user, user_group) #User backend if is_superuser or is_staff: ugroup = UserGroup( name='ug_' + form.data['username'].lower(), description=_(u'User group for') + ': ' + form.data['username'].lower()) ugroup.save() ugroup_user = UserGroupUser(user=user, user_group=ugroup) ugroup_user.save() core_services.ldap_add_group(ugroup) core_services.add_data_directory(ugroup) core_services.ldap_add_group_member(user, ugroup) url = mapservice_backend.getBaseUrl() + '/' ws_name = 'ws_' + form.data['username'].lower() if mapservice_backend.createWorkspace( ws_name, url + ws_name, '', url + ws_name + '/wms', url + ws_name + '/wfs', url + ws_name + '/wcs', url + 'gwc/service/wms'): # save it on DB if successfully created newWs = Workspace( name=ws_name, description='', uri=url + ws_name, wms_endpoint=url + ws_name + '/wms', wfs_endpoint=url + ws_name + '/wfs', wcs_endpoint=url + ws_name + '/wcs', cache_endpoint=url + 'gwc/service/wms', created_by=user.username, is_public=False) newWs.save() ds_name = 'ds_' + form.data['username'].lower() services_utils.create_datastore( request, user.username, ds_name, newWs) mapservice_backend.reload_nodes() auth_utils.sendMail(user, form.data['password1']) return redirect('user_list') except Exception as e: print "ERROR: Problem creating user " + str(e) errors = [] #errors.append({'message': _("The username already exists")}) groups = auth_utils.get_all_groups() return render_to_response( 'user_add.html', { 'form': form, 'groups': groups, 'errors': errors, 'show_pass_form': show_pass_form }, context_instance=RequestContext(request)) else: groups = auth_utils.get_all_groups() return render_to_response('user_add.html', { 'form': form, 'groups': groups, 'show_pass_form': show_pass_form }, context_instance=RequestContext(request)) else: form = UserCreateForm() groups = auth_utils.get_all_groups() return render_to_response('user_add.html', { 'form': form, 'groups': groups, 'show_pass_form': show_pass_form }, context_instance=RequestContext(request))