def save(self, widget, data): settings = ugm_users(self.model) attrmap = settings.attrs.users_form_attrmap for key in attrmap: if key in ['id', 'login', 'userPassword']: continue extracted = data.fetch('userform.%s' % key).extracted if not extracted: if key in self.model.attrs: del self.model.attrs[key] else: self.model.attrs[key] = extracted # set object classes if missing # XXX: move to cone.ldap ocs = self.model.model.context.attrs['objectClass'] for oc in settings.attrs.users_object_classes: if isinstance(ocs, compat.STR_TYPE): ocs = [ocs] if oc not in ocs: ocs.append(oc) if ocs != self.model.model.context.attrs['objectClass']: self.model.model.context.attrs['objectClass'] = ocs password = data.fetch('userform.userPassword').extracted self.model.model.context() if password is not UNSET: uid = self.model.name self.model.parent.backend.passwd(uid, None, password)
def save(self, widget, data): settings = ugm_users(self.model) attrmap = settings.attrs.users_form_attrmap extracted = dict() for key, val in attrmap.items(): val = data.fetch('userform.%s' % key).extracted if not val: continue extracted[key] = val # possibly extracted by other behaviors # XXX: call next at the end in all extension behaviors to reduce # database queries. for key, val in self.model.attrs.items(): extracted[key] = val users = self.model.parent.backend uid = extracted.pop('id') password = extracted.pop('userPassword') users.create(uid, **extracted) users() if self.model.local_manager_consider_for_user: groups = users.parent.groups for gid in self.model.local_manager_default_gids: groups[gid].add(uid) groups() self.request.environ['next_resource'] = uid if password is not UNSET: users.passwd(uid, None, password) self.model.parent.invalidate() # Access already added user after invalidation. If not done, there's # some kind of race condition with ajax continuation. # XXX: figure out why. self.model.parent[uid]
def user_default_sort_column(self): """XXX: not generic, move """ settings = ugm_users(self.model) attrs = self.user_attrs sort = settings.attrs.users_listing_default_column if not sort in attrs: return attrs[0] return sort
def save(self, widget, data): settings = ugm_users(self.model) attrmap = settings.attrs.users_form_attrmap for key in attrmap: if key in ['id', 'login', 'userPassword']: continue extracted = data.fetch('userform.%s' % key).extracted if not extracted: if key in self.model.attrs: del self.model.attrs[key] else: self.model.attrs[key] = extracted password = data.fetch('userform.userPassword').extracted self.model.model.context() if password is not UNSET: id = self.model.name self.model.parent.backend.passwd(id, None, password)
def test_utils(self): server_settings = ugm_server(root) self.assertTrue(isinstance(server_settings, ServerSettings)) self.assertEqual(server_settings.name, 'ugm_server') users_settings = ugm_users(root) self.assertTrue(isinstance(users_settings, UsersSettings)) self.assertEqual(users_settings.name, 'ugm_users') groups_settings = ugm_groups(root) self.assertTrue(isinstance(groups_settings, GroupsSettings)) self.assertEqual(groups_settings.name, 'ugm_groups') self.assertEqual(ugm_backend.name, 'ldap') backend = ugm_backend.ugm self.assertTrue(isinstance(backend, Ugm)) self.assertEqual(backend.name, 'ldap_ugm') self.assertTrue(backend is ugm_backend.ugm) ugm_backend.initialize() self.assertFalse(backend is ugm_backend.ugm)
def save(self, widget, data): settings = ugm_users(self.model) attrmap = settings.attrs.users_form_attrmap extracted = dict() for key, val in attrmap.items(): val = data.fetch('userform.%s' % key).extracted if not val: continue extracted[key] = val users = self.model.parent.backend id = extracted.pop('id') password = extracted.pop('userPassword') #user = users.create(id, **extracted) users.create(id, **extracted) self.request.environ['next_resource'] = id users() if password is not UNSET: users.passwd(id, None, password) self.model.parent.invalidate() # XXX: access already added user after invalidation. # if not done, there's some kind of race condition with ajax # continuation. figure out why. self.model.parent[id]
def remote_add_user(model, request): """Add user via remote service. Returns a JSON response containing success state and a message indicating what happened:: { success: true, // respective false message: 'message' } Expected request parameters: id New user id. password User password to be set initially (optional). roles Comma seperated role names the user initially has. groups Comma seperated groups names the user should initially be member of. attr.* User attributes to be set. I.e. ``attr.mail`` would set the mail attribute for newly created user. All request parameters prefixed with ``attr`` get checked against user attribute attrmap from settings. Restrictions - All values, whether single or multi valued, are passed as string or list of strings to the create function. """ params = request.params uid = params.get('id') if not uid: return { 'success': False, 'message': u"No user ID given.", } users = model.backend if uid in users: return { 'success': False, 'message': u"User with given ID already exists.", } password = params.get('password') add_roles = params.get('roles', '') add_roles = [val.strip() for val in add_roles.split(',') if val] add_groups = params.get('groups', '') add_groups = [val.strip() for val in add_groups.split(',') if val] attrs = dict() for key, val in params.items(): if not key.startswith('attr.'): continue key = key[key.find('.') + 1:] attrs[key] = val settings = ugm_users(model) attrmap = settings.attrs.users_form_attrmap exposed = settings.attrs.users_exposed_attributes if not exposed: exposed = list() valid_attrs = attrmap.keys() + exposed checked_attrs = dict() for key in valid_attrs: val = attrs.get(key) if not val: continue checked_attrs[key] = val try: user = users.create(uid, **checked_attrs) message = u"" from cone.app.security import DEFAULT_ROLES available_roles = [role[0] for role in DEFAULT_ROLES] for role in add_roles: if role not in available_roles: message += u"Role '%s' given but inexistent. " % role continue user.add_role(role) groups = users.parent.groups for group in add_groups: if group not in groups: message += u"Group '%s' given but inexistent. " % group continue groups[group].add(uid) users.parent() if password is not None: users.passwd(uid, None, password) message += u"Created user with ID '%s'." % uid return { 'success': True, 'message': message, } except Exception as e: return { 'success': False, 'message': str(e), } finally: model.invalidate()
def _get_auth_attrs(self): config = ugm_users(self.model) aliases = config.attrs.users_aliases_attrmap return aliases['id'], aliases['login']
def form_attrmap(self): settings = ugm_users(self.model) return settings.attrs.users_form_attrmap
def user_list_columns(self): """XXX: not generic, move """ settings = ugm_users(self.model) defs = settings.attrs.users_listing_columns return self.calc_list_columns(defs)
def user_attrs(self): """XXX: not generic, move """ settings = ugm_users(self.model) return settings.attrs.users_listing_columns.keys()