def group_add(request):
if request.method == 'POST':
form = UserGroupForm(request.POST)
message = None
if form.is_valid():
try:
if form.data['name'] == 'admin':
message = _("Admin is a reserved group")
raise Exception
if _valid_name_regex.search(form.data['name']) == None:
message = _("Invalid user group name: '{value}'. Identifiers must begin with a letter or an underscore (_). Subsequent characters can be letters, underscores or numbers").format(value=form.data['name'])
raise Exception
group = UserGroup(
name = form.data['name'],
description = form.data['description']
)
group.save()
core_services.ldap_add_group(group)
core_services.add_data_directory(group)
return redirect('group_list')
except Exception as e:
print str(e)
return render_to_response('group_add.html', {'form': form, 'message': message}, context_instance=RequestContext(request))
else:
return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request))
else:
form = UserGroupForm()
return render_to_response('group_add.html', {'form': form}, context_instance=RequestContext(request))
def user(request):
error = 'success'
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
nickname = request.POST.get('nickname')
level = request.POST.get('level')
id_insert = UserGroup(username=username,
password=password,
nickname=nickname,
level=level,
create_time=datetime.time())
try:
id_insert.save()
except Exception as e:
error = e
logData = {
'username':
'******',
'nickname':
'系统管理员',
'operate_action':
errconfig.actionConfig['AC0002'] + nickname + '(' + username + ')'
}
logOperate.write_log(logData)
return HttpResponseRedirect('UserGroup/user/', {'error': error})
return render(request, 'UserGroup/user.html')
def group_manage(request, aid=None, action=None):
if request.user.has_perms(['asset.view_user', 'asset.edit_user']):
page_name = ''
if aid and action:
group = get_object_or_404(UserGroup, pk=aid)
if action == 'edit':
page_name = '编辑组'
if action == 'delete':
group.delete()
Message.objects.create(type=u'用户分组管理', user=request.user.first_name, action=u'删除分组', action_ip=UserIP(request),
content=u'删除分组 %s'%group.name)
return redirect('user_group_list')
else:
group = UserGroup()
action = 'add'
page_name = '新增用户组'
if request.method == 'POST':
form = GroupForm(request.POST, instance=group)
if form.is_valid():
command_list = form.cleaned_data['command']
directory_list = form.cleaned_data['directory']
user_select = request.POST.getlist('user_sel')
user_delete = request.POST.getlist('user_del')
host_select = request.POST.getlist('host_sel')
host_delete = request.POST.getlist('host_del')
group_select = request.POST.getlist('group_sel')
group_delete = request.POST.getlist('group_del')
perm_select = request.POST.getlist('perm_sel')
perm_delete = request.POST.getlist('perm_del')
if action == 'add' or action == 'edit':
form.save
group.save()
group.user_group_set.add(*user_select)
group.user_group_set.remove(*user_delete)
group.user_set.add(*user_select)
group.user_set.remove(*user_delete)
group.host_usergroup_set.add(*host_select)
group.host_usergroup_set.remove(*host_delete)
group.group_usergroup_set.add(*group_select)
group.group_usergroup_set.remove(*group_delete)
group.permissions.add(*perm_select)
group.permissions.remove(*perm_delete)
if action == 'edit':
group.command.clear()
group.directory.clear()
group.command.add(*command_list)
group.directory.add(*directory_list)
Message.objects.create(type=u'用户分组管理', user=request.user.first_name, action=page_name, action_ip=UserIP(request),
content=u'%s %s'%(page_name, group.name))
return redirect('user_group_list')
else:
form = GroupForm(instance=group)
return render(request, 'userauth_group_manage.html', {'form':form, 'page_name':page_name, 'action':action, 'aid':aid})
else:
raise Http404
def group_manage(request, aid=None, action=None):
if request.user.has_perms(['asset.view_user', 'asset.edit_user']):
page_name = ''
if aid and action:
group = get_object_or_404(UserGroup, pk=aid)
if action == 'edit':
page_name = '编辑组'
if action == 'delete':
group.delete()
Message.objects.create(type=u'用户分组管理', user=request.user.first_name, action=u'删除分组', action_ip=UserIP(request),
content=u'删除分组 %s'%group.name)
return redirect('user_group_list')
else:
group = UserGroup()
action = 'add'
page_name = '新增用户组'
if request.method == 'POST':
form = GroupForm(request.POST, instance=group)
if form.is_valid():
command_list = form.cleaned_data['command']
directory_list = form.cleaned_data['directory']
user_select = request.POST.getlist('user_sel')
user_delete = request.POST.getlist('user_del')
host_select = request.POST.getlist('host_sel')
host_delete = request.POST.getlist('host_del')
group_select = request.POST.getlist('group_sel')
group_delete = request.POST.getlist('group_del')
perm_select = request.POST.getlist('perm_sel')
perm_delete = request.POST.getlist('perm_del')
if action == 'add' or action == 'edit':
form.save
group.save()
group.user_group_set.add(*user_select)
group.user_group_set.remove(*user_delete)
group.user_set.add(*user_select)
group.user_set.remove(*user_delete)
group.host_usergroup_set.add(*host_select)
group.host_usergroup_set.remove(*host_delete)
group.group_usergroup_set.add(*group_select)
group.group_usergroup_set.remove(*group_delete)
group.permissions.add(*perm_select)
group.permissions.remove(*perm_delete)
if action == 'edit':
group.command.clear()
group.directory.clear()
group.command.add(*command_list)
group.directory.add(*directory_list)
Message.objects.create(type=u'用户分组管理', user=request.user.first_name, action=page_name, action_ip=UserIP(request),
content=u'%s %s'%(page_name, group.name))
return redirect('user_group_list')
else:
form = GroupForm(instance=group)
return render(request, 'userauth_group_manage.html', {'form':form, 'page_name':page_name, 'action':action, 'aid':aid})
else:
raise Http404
def group_add(request):
error = ''
user_all = UserName.objects.all()
if request.method == 'POST':
groupname = request.POST.get('groupname')
print groupname,type(groupname)
name = request.POST.get('name')
comment = request.POST.get('comment')
#获取前端复选返回的users列表
users = request.POST.getlist('qsl', '')
users_str = ','.join(users)
try:
# 对用户组为空、用户组已存在的异常进行处理
if UserGroup.objects.filter(groupname=groupname):
error = u'%s already exits.' % groupname
#return render(request, 'group/group_add.html', {'error':error})
raise ServerError(error)
if not groupname:
error = u'用户组groupname不能为空'
raise ServerError(error)
group = UserGroup()
group.groupname = groupname
group.name = name
group.comment = comment
group.save()
groupid = UserGroup.objects.get(groupname=groupname)
if len(users_str) > 0:
user_list = ','.join(users).split(',')
for user in user_list:
user_obj = UserName.objects.get(username=user)
user_obj.group.add(groupid)
return HttpResponseRedirect('/auser/group/list/')
return HttpResponseRedirect('/auser/group/list/')
except ServerError:
pass
except TypeError:
error = u'添加用户组失败'
#group = UserGroup()
#group.groupname = groupname
#group.name = name
#group.comment = comment
#group.save()
#groupid = UserGroup.objects.get(groupname=groupname)
#if len(users_str) > 0:
# user_list = ','.join(users).split(',')
# for user in user_list:
# user_obj = UserName.objects.get(username=user)
# user_obj.group.add(groupid)
# return HttpResponseRedirect('/auser/group/list/')
#return HttpResponseRedirect('/auser/group/list/')
return render(request,'group/group_add.html', {'error':error,'user_all':user_all})
def ldap_create_admin_group(self):
if self.is_enabled:
try:
dn = str("cn=admin,ou=groups," + self.domain)
attrs = {}
attrs['objectclass'] = ['top', 'posixGroup']
attrs['cn'] = str('admin')
attrs['gidNumber'] = str('501')
ldif = modlist.addModlist(attrs)
self.ldap.add_s(dn, ldif)
except ldap.LDAPError, e:
pass
try:
if not UserGroup.objects.filter(name="admin").exists():
group = UserGroup(name='admin',
description=_('Group for admin users'))
group.save()
except Exception as e:
pass
def user_add(request):
ad_suffix = GVSIGOL_LDAP['AD']
if not ad_suffix:
show_pass_form = True
else:
show_pass_form = False
if request.method == 'POST':
form = UserCreateForm(request.POST)
if form.is_valid():
assigned_groups = []
is_staff = False
if 'is_staff' in form.data:
is_staff = True
is_superuser = False
if 'is_superuser' in form.data:
is_superuser = True
is_staff = True
assigned_groups = []
for key in form.data:
if 'group-' in key:
assigned_groups.append(int(key.split('-')[1]))
try:
if form.data['password1'] == form.data['password2']:
user = User(username=form.data['username'].lower(),
first_name=u''.join(
form.data['first_name']).encode('utf-8'),
last_name=u''.join(
form.data['last_name']).encode('utf-8'),
email=form.data['email'].lower(),
is_superuser=is_superuser,
is_staff=is_staff)
user.set_password(form.data['password1'])
user.save()
#admin_group = UserGroup.objects.get(name__exact='admin')
aux = UserGroup.objects.filter(name="admin")
if aux.count() > 1:
print "WARNING: table gvsigol_auth_usergroup inconsistent !!!!!!!!!!!"
admin_group = aux[0]
if user.is_superuser:
core_services.ldap_add_user(user,
form.data['password1'],
True)
core_services.ldap_add_group_member(user, admin_group)
usergroup_user = UserGroupUser(user=user,
user_group=admin_group)
usergroup_user.save()
else:
core_services.ldap_add_user(user,
form.data['password1'],
False)
#core_services.ldap_add_group_member(user, admin_group)
for ag in assigned_groups:
user_group = UserGroup.objects.get(id=ag)
usergroup_user = UserGroupUser(user=user,
user_group=user_group)
usergroup_user.save()
core_services.ldap_add_group_member(user, user_group)
#User backend
if is_superuser or is_staff:
ugroup = UserGroup(
name='ug_' + form.data['username'].lower(),
description=_(u'User group for') + ': ' +
form.data['username'].lower())
ugroup.save()
ugroup_user = UserGroupUser(user=user,
user_group=ugroup)
ugroup_user.save()
core_services.ldap_add_group(ugroup)
core_services.add_data_directory(ugroup)
core_services.ldap_add_group_member(user, ugroup)
url = mapservice_backend.getBaseUrl() + '/'
ws_name = 'ws_' + form.data['username'].lower()
if mapservice_backend.createWorkspace(
ws_name, url + ws_name, '',
url + ws_name + '/wms', url + ws_name + '/wfs',
url + ws_name + '/wcs',
url + 'gwc/service/wms'):
# save it on DB if successfully created
newWs = Workspace(
name=ws_name,
description='',
uri=url + ws_name,
wms_endpoint=url + ws_name + '/wms',
wfs_endpoint=url + ws_name + '/wfs',
wcs_endpoint=url + ws_name + '/wcs',
cache_endpoint=url + 'gwc/service/wms',
created_by=user.username,
is_public=False)
newWs.save()
ds_name = 'ds_' + form.data['username'].lower()
services_utils.create_datastore(
request, user.username, ds_name, newWs)
mapservice_backend.reload_nodes()
auth_utils.sendMail(user, form.data['password1'])
return redirect('user_list')
except Exception as e:
print "ERROR: Problem creating user " + str(e)
errors = []
#errors.append({'message': _("The username already exists")})
groups = auth_utils.get_all_groups()
return render_to_response(
'user_add.html', {
'form': form,
'groups': groups,
'errors': errors,
'show_pass_form': show_pass_form
},
context_instance=RequestContext(request))
else:
groups = auth_utils.get_all_groups()
return render_to_response('user_add.html', {
'form': form,
'groups': groups,
'show_pass_form': show_pass_form
},
context_instance=RequestContext(request))
else:
form = UserCreateForm()
groups = auth_utils.get_all_groups()
return render_to_response('user_add.html', {
'form': form,
'groups': groups,
'show_pass_form': show_pass_form
},
context_instance=RequestContext(request))
