Add basic delegation editing.

2025-02-25 18:55:28 -06:00 · 2007-10-15 13:07:39 -07:00 · 2007-10-15 13:07:39 -07:00 · 233915b780
commit 233915b780
parent fbbdd27b53
7 changed files with 170 additions and 36 deletions
--- a/ipa-python/aci.py
+++ b/ipa-python/aci.py
@ -18,6 +18,8 @@
 import re
 import urllib

+import ipa.ipautil
+
 class ACI:
    """
    Holds the basic data for an ACI entry, as stored in the cn=accounts
@ -30,6 +32,7 @@ class ACI:
        self.source_group = ''
        self.dest_group = ''
        self.attrs = []
+        self.orig_acistr = acistr
        if acistr is not None:
            self.parse_acistr(acistr)

@ -52,6 +55,16 @@ class ACI:
                                       urllib.quote(self.source_group, "/=, "))
        return acistr

+    def to_dict(self):
+        result = ipa.ipautil.CIDict()
+        result['name'] = self.name
+        result['source_group'] = self.source_group
+        result['dest_group'] = self.dest_group
+        result['attrs'] = self.attrs
+        result['orig_acistr'] = self.orig_acistr
+
+        return result
+
    def _match(self, prefix, inputstr):
        """Returns inputstr with prefix removed, or else raises a
           SyntaxError."""
@ -90,6 +103,8 @@ class ACI:
    def parse_acistr(self, acistr):
        """Parses the acistr.  If the string isn't recognized, a SyntaxError
           is raised."""
+        self.orig_acistr = acistr
+
        acistr = self._match('(targetattr=', acistr)
        (attrstr, acistr) = self._match_str(acistr)
        self.attrs = attrstr.split(' || ')
--- a/ipa-server/ipa-gui/ipagui/forms/delegate.py
+++ b/ipa-server/ipa-gui/ipagui/forms/delegate.py
@ -52,10 +52,12 @@ class DelegateFields():
    dest_group_cn = widgets.HiddenField(name="dest_group_cn",
        label="For People in Group")

+    orig_acistr = widgets.HiddenField(name="orig_acistr")
+
    attrs = widgets.CheckBoxList(name="attrs", label="Can Modify",
            options=aci_checkbox_attrs, validator=validators.NotEmpty)

-class DelegateNewValidator(validators.Schema):
+class DelegateValidator(validators.Schema):
    name = validators.String(not_empty=True)
    source_group_dn = validators.String(not_empty=True,
        messages = { 'empty': _("Please choose a group"), })
@ -64,7 +66,7 @@ class DelegateNewValidator(validators.Schema):
    attrs = validators.NotEmpty(
        messages = { 'empty': _("Please select at least one value"), })

-class DelegateNewForm(widgets.Form):
+class DelegateForm(widgets.Form):
    params = ['delegate', 'attr_list']

    hidden_fields = [
@ -72,15 +74,17 @@ class DelegateNewForm(widgets.Form):
      DelegateFields.dest_group_dn,
      DelegateFields.source_group_cn,
      DelegateFields.dest_group_cn,
+      DelegateFields.orig_acistr,
    ]

-    validator = DelegateNewValidator()
+    validator = DelegateValidator()

    def __init__(self, *args, **kw):
-        super(DelegateNewForm,self).__init__(*args, **kw)
+        super(DelegateForm,self).__init__(*args, **kw)
+        # TODO - rename to delegateform
        (self.template_c, self.template) = widgets.meta.load_kid_template(
                "ipagui.templates.delegatenewform")
        self.delegate = DelegateFields

    def update_params(self, params):
-        super(DelegateNewForm,self).update_params(params)
+        super(DelegateForm,self).update_params(params)
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
@ -1,6 +1,7 @@
 import os
 from pickle import dumps, loads
 from base64 import b64encode, b64decode
+import copy

 import cherrypy
 import turbogears
@ -20,7 +21,7 @@ import ldap.dn

 aci_fields = ['*', 'aci']

-delegate_new_form = ipagui.forms.delegate.DelegateNewForm()
+delegate_form = ipagui.forms.delegate.DelegateForm()

 class DelegationController(IPAController):

@ -35,20 +36,25 @@ class DelegationController(IPAController):
        """Display delegate page"""
        client = self.get_ipaclient()
        delegate = {}
-        delegate['source_group_cn'] = "Please choose"
-        delegate['dest_group_cn'] = "Please choose"
+        delegate['source_group_cn'] = "Please choose:"
+        delegate['dest_group_cn'] = "Please choose:"

-        return dict(form=delegate_new_form, delegate=delegate)
+        return dict(form=delegate_form, delegate=delegate)

    @expose()
    @identity.require(identity.not_anonymous())
    def create(self, **kw):
        """Creates a new delegation"""
+        self.restrict_post()
        client = self.get_ipaclient()

-        tg_errors, kw = self.delegatecreatevalidate(**kw)
+        if kw.get('submit', '').startswith('Cancel'):
+            turbogears.flash("Add delegation cancelled")
+            raise turbogears.redirect('/delegate/list')
+
+        tg_errors, kw = self.delegatevalidate(**kw)
        if tg_errors:
-            return dict(form=delegate_new_form, delegate=kw,
+            return dict(form=delegate_form, delegate=kw,
                    tg_template='ipagui.templates.delegatenew')

        try:
@ -65,28 +71,90 @@ class DelegationController(IPAController):
            client.update_entry(aci_entry)
        except ipaerror.IPAError, e:
            turbogears.flash("Delgate add failed: " + str(e))
-            return dict(form=delegate_new_form, delegate=kw,
+            return dict(form=delegate_form, delegate=kw,
                    tg_template='ipagui.templates.delegatenew')

        turbogears.flash("delegate created")
        raise turbogears.redirect('/delegate/list')
-# 
-#     @expose("ipagui.templates.delegateedit")
-#     @identity.require(identity.not_anonymous())
-#     def edit(self):
-#         """Display delegate page"""
-#         client = self.get_ipaclient()
-# 
-#         return dict(userfields=ipagui.forms.user.UserFields())
-# 
-#     @expose()
-#     @identity.require(identity.not_anonymous())
-#     def update(self, **kw):
-#         """Display delegate page"""
-#         client = self.get_ipaclient()
-# 
-#         turbogears.flash("delegate updated")
-#         raise turbogears.redirect('/delegate/list')
+
+    @expose("ipagui.templates.delegateedit")
+    @identity.require(identity.not_anonymous())
+    def edit(self, acistr, tg_errors=None):
+        """Display delegate page"""
+        if tg_errors:
+            turbogears.flash("There was a problem with the form!")
+
+        client = self.get_ipaclient()
+
+        try:
+            aci_entry = client.get_aci_entry(aci_fields)
+            aci = ipa.aci.ACI(acistr)
+            group_dn_to_cn = self.extract_group_cns([aci], client)
+
+            delegate = aci.to_dict()
+            delegate['source_group_dn'] = delegate['source_group']
+            delegate['source_group_cn'] = group_dn_to_cn[delegate['source_group_dn']]
+            delegate['dest_group_dn'] = delegate['dest_group']
+            delegate['dest_group_cn'] = group_dn_to_cn[delegate['dest_group_dn']]
+
+            return dict(form=delegate_form, delegate=delegate)
+        except (SyntaxError, ipaerror.IPAError), e:
+            turbogears.flash("Delegation edit failed: " + str(e))
+            raise turbogears.redirect('/delegate/list')
+
+
+    @expose()
+    @identity.require(identity.not_anonymous())
+    def update(self, **kw):
+        """Display delegate page"""
+        self.restrict_post()
+        client = self.get_ipaclient()
+
+        if kw.get('submit', '').startswith('Cancel'):
+            turbogears.flash("Edit delegation cancelled")
+            raise turbogears.redirect('/delegate/list')
+
+        tg_errors, kw = self.delegatevalidate(**kw)
+        if tg_errors:
+            return dict(form=delegate_form, delegate=kw,
+                    tg_template='ipagui.templates.delegatenew')
+
+        try:
+            aci_entry = client.get_aci_entry(aci_fields)
+
+            aci_str_list = aci_entry.getValues('aci')
+            if aci_str_list is None:
+                aci_str_list = []
+
+            try :
+                old_aci_index = aci_str_list.index(kw['orig_acistr'])
+            except ValueError:
+                turbogears.flash("Delegation update failed:<br />" +
+                        "The delegation you were attempting to update has been " +
+                        "concurrently modified.  Please cancel the edit " +
+                        "and try editing the delegation again.")
+                return dict(form=delegate_form, delegate=kw,
+                            tg_template='ipagui.templates.delegateedit')
+
+            new_aci = ipa.aci.ACI()
+            new_aci.name = kw.get('name')
+            new_aci.source_group = kw.get('source_group_dn')
+            new_aci.dest_group = kw.get('dest_group_dn')
+            new_aci.attrs = kw.get('attrs')
+            new_aci_str = new_aci.export_to_string()
+
+            new_aci_str_list = copy.copy(aci_str_list)
+            new_aci_str_list[old_aci_index] = new_aci_str
+            aci_entry.setValue('aci', new_aci_str_list)
+
+            client.update_entry(aci_entry)
+
+            turbogears.flash("delegate updated")
+            raise turbogears.redirect('/delegate/list')
+        except (SyntaxError, ipaerror.IPAError), e:
+            turbogears.flash("Delegation update failed: " + str(e))
+            return dict(form=delegate_form, delegate=kw,
+                        tg_template='ipagui.templates.delegateedit')

    @expose("ipagui.templates.delegatelist")
    @identity.require(identity.not_anonymous())
@ -94,7 +162,12 @@ class DelegationController(IPAController):
        """Display delegate page"""
        client = self.get_ipaclient()

-        aci_entry = client.get_aci_entry(aci_fields)
+        try:
+            aci_entry = client.get_aci_entry(aci_fields)
+        except ipaerror.IPAError, e:
+            turbogears.flash("Delegation list failed: " + str(e))
+            raise turbogears.redirect('/')
+
        aci_str_list = aci_entry.getValues('aci')
        if aci_str_list is None:
            aci_str_list = []
@ -135,9 +208,9 @@ class DelegationController(IPAController):
                which_group=kw.get('which_group'),
                counter=groups_counter)

-    @validate(form=delegate_new_form)
+    @validate(form=delegate_form)
    @identity.require(identity.not_anonymous())
-    def delegatecreatevalidate(self, tg_errors=None, **kw):
+    def delegatevalidate(self, tg_errors=None, **kw):
        return tg_errors, kw

    def extract_group_cns(self, aci_list, client):
--- a/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid
+++ b/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid
@ -0,0 +1,16 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"
+    py:extends="'delegatelayout.kid'">
+<head>
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/>
+<title>Edit Delegation</title>
+</head>
+<body>
+
+    <h2>Edit Delegation</h2>
+
+    ${form.display(action=tg.url("/delegate/update"), value=delegate,
+                   actionname='Edit')}
+
+</body>
+</html>
--- a/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid
+++ b/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid
@ -41,7 +41,13 @@
          >${dest_cn}</a>
      </td>
      <td>
-        <a href="${tg.url('/delegate/edit')}">edit</a> (TODO)<br />
+        <?python
+        # it's probably a bad idea to use a GET string here.
+        # orig_acistr may be quite long
+        # TODO - change to use a form/POST
+        #
+        ?>
+        <a href="${tg.url('/delegate/edit', acistr=aci.orig_acistr)}">edit</a><br />
      </td>
    </tr>
    </tbody>
--- a/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid
+++ b/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid
@ -9,7 +9,8 @@

    <h2>Add Delegation</h2>

-    ${form.display(action=tg.url("/delegate/create"), value=delegate)}
+    ${form.display(action=tg.url("/delegate/create"), value=delegate,
+                   actionname='Add')}

 </body>
 </html>
--- a/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid
+++ b/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid
@ -49,9 +49,15 @@

    <table class="formtable" cellpadding="2" cellspacing="0" border="0">
      <tr>
+        <th>
+          <input type="submit" class="submitbutton" name="submit"
+                 value="${actionname} Delegation"/>
+          <br />
+        </th>
        <td>
          <input type="submit" class="submitbutton" name="submit"
-                 value="Add Delegation"/>
+                 value="Cancel ${actionname}"/>
+          <br />
        </td>
      </tr>
    </table>
@ -143,12 +149,25 @@

    <table class="formtable" cellpadding="2" cellspacing="0" border="0">
      <tr>
+        <th>
+          <input type="submit" class="submitbutton" name="submit"
+                 value="${actionname} Delegation"/>
+        </th>
        <td>
          <input type="submit" class="submitbutton" name="submit"
-                 value="Add Delegation"/>
+                 value="Cancel ${actionname}"/>
        </td>
      </tr>
    </table>

+  <script py:if="not value.get('source_group_dn')">
+      new Effect.Appear($('source_searcharea'), {duration: 0.25});
+      new Effect.Fade($('source_change_link'), {duration: 0.25});
+  </script>
+  <script py:if="not value.get('dest_group_dn')">
+      new Effect.Appear($('dest_searcharea'), {duration: 0.25});
+      new Effect.Fade($('dest_change_link'), {duration: 0.25});
+  </script>
+
  </form>
 </div>