IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add basic delegation editing.

Browse Source
This commit is contained in:
Kevin McCarthy 2007-10-15 13:07:39 -07:00
parent fbbdd27b53
commit 233915b780
7 changed files with 170 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ipa-python/aci.py
View File

@ -18,6 +18,8 @@
import re import re
import urllib import urllib
import ipa.ipautil
class ACI: class ACI:
""" """
Holds the basic data for an ACI entry, as stored in the cn=accounts Holds the basic data for an ACI entry, as stored in the cn=accounts
@ -30,6 +32,7 @@ class ACI:
self.source_group = '' self.source_group = ''
self.dest_group = '' self.dest_group = ''
self.attrs = [] self.attrs = []
self.orig_acistr = acistr
if acistr is not None: if acistr is not None:
self.parse_acistr(acistr) self.parse_acistr(acistr)
@ -52,6 +55,16 @@ class ACI:
urllib.quote(self.source_group, "/=, ")) urllib.quote(self.source_group, "/=, "))
return acistr return acistr
def to_dict(self):
result = ipa.ipautil.CIDict()
result['name'] = self.name
result['source_group'] = self.source_group
result['dest_group'] = self.dest_group
result['attrs'] = self.attrs
result['orig_acistr'] = self.orig_acistr
return result
def _match(self, prefix, inputstr): def _match(self, prefix, inputstr):
"""Returns inputstr with prefix removed, or else raises a """Returns inputstr with prefix removed, or else raises a
SyntaxError.""" SyntaxError."""
@ -90,6 +103,8 @@ class ACI:
def parse_acistr(self, acistr): def parse_acistr(self, acistr):
"""Parses the acistr. If the string isn't recognized, a SyntaxError """Parses the acistr. If the string isn't recognized, a SyntaxError
is raised.""" is raised."""
self.orig_acistr = acistr
acistr = self._match('(targetattr=', acistr) acistr = self._match('(targetattr=', acistr)
(attrstr, acistr) = self._match_str(acistr) (attrstr, acistr) = self._match_str(acistr)
self.attrs = attrstr.split(' || ') self.attrs = attrstr.split(' || ')

14
ipa-server/ipa-gui/ipagui/forms/delegate.py
View File

@ -52,10 +52,12 @@ class DelegateFields():
dest_group_cn = widgets.HiddenField(name="dest_group_cn", dest_group_cn = widgets.HiddenField(name="dest_group_cn",
label="For People in Group") label="For People in Group")
orig_acistr = widgets.HiddenField(name="orig_acistr")
attrs = widgets.CheckBoxList(name="attrs", label="Can Modify", attrs = widgets.CheckBoxList(name="attrs", label="Can Modify",
options=aci_checkbox_attrs, validator=validators.NotEmpty) options=aci_checkbox_attrs, validator=validators.NotEmpty)
class DelegateNewValidator(validators.Schema): class DelegateValidator(validators.Schema):
name = validators.String(not_empty=True) name = validators.String(not_empty=True)
source_group_dn = validators.String(not_empty=True, source_group_dn = validators.String(not_empty=True,
messages = { 'empty': _("Please choose a group"), }) messages = { 'empty': _("Please choose a group"), })
@ -64,7 +66,7 @@ class DelegateNewValidator(validators.Schema):
attrs = validators.NotEmpty( attrs = validators.NotEmpty(
messages = { 'empty': _("Please select at least one value"), }) messages = { 'empty': _("Please select at least one value"), })
class DelegateNewForm(widgets.Form): class DelegateForm(widgets.Form):
params = ['delegate', 'attr_list'] params = ['delegate', 'attr_list']
hidden_fields = [ hidden_fields = [
@ -72,15 +74,17 @@ class DelegateNewForm(widgets.Form):
DelegateFields.dest_group_dn, DelegateFields.dest_group_dn,
DelegateFields.source_group_cn, DelegateFields.source_group_cn,
DelegateFields.dest_group_cn, DelegateFields.dest_group_cn,
DelegateFields.orig_acistr,
] ]
validator = DelegateNewValidator() validator = DelegateValidator()
def __init__(self, *args, **kw): def __init__(self, *args, **kw):
super(DelegateNewForm,self).__init__(*args, **kw) super(DelegateForm,self).__init__(*args, **kw)
# TODO - rename to delegateform
(self.template_c, self.template) = widgets.meta.load_kid_template( (self.template_c, self.template) = widgets.meta.load_kid_template(
"ipagui.templates.delegatenewform") "ipagui.templates.delegatenewform")
self.delegate = DelegateFields self.delegate = DelegateFields
def update_params(self, params): def update_params(self, params):
super(DelegateNewForm,self).update_params(params) super(DelegateForm,self).update_params(params)

125
ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
View File

@ -1,6 +1,7 @@
import os import os
from pickle import dumps, loads from pickle import dumps, loads
from base64 import b64encode, b64decode from base64 import b64encode, b64decode
import copy
import cherrypy import cherrypy
import turbogears import turbogears
@ -20,7 +21,7 @@ import ldap.dn
aci_fields = ['*', 'aci'] aci_fields = ['*', 'aci']
delegate_new_form = ipagui.forms.delegate.DelegateNewForm() delegate_form = ipagui.forms.delegate.DelegateForm()
class DelegationController(IPAController): class DelegationController(IPAController):
@ -35,20 +36,25 @@ class DelegationController(IPAController):
"""Display delegate page""" """Display delegate page"""
client = self.get_ipaclient() client = self.get_ipaclient()
delegate = {} delegate = {}
delegate['source_group_cn'] = "Please choose" delegate['source_group_cn'] = "Please choose:"
delegate['dest_group_cn'] = "Please choose" delegate['dest_group_cn'] = "Please choose:"
return dict(form=delegate_new_form, delegate=delegate) return dict(form=delegate_form, delegate=delegate)
@expose() @expose()
@identity.require(identity.not_anonymous()) @identity.require(identity.not_anonymous())
def create(self, **kw): def create(self, **kw):
"""Creates a new delegation""" """Creates a new delegation"""
self.restrict_post()
client = self.get_ipaclient() client = self.get_ipaclient()
tg_errors, kw = self.delegatecreatevalidate(**kw) if kw.get('submit', '').startswith('Cancel'):
turbogears.flash("Add delegation cancelled")
raise turbogears.redirect('/delegate/list')
tg_errors, kw = self.delegatevalidate(**kw)
if tg_errors: if tg_errors:
return dict(form=delegate_new_form, delegate=kw, return dict(form=delegate_form, delegate=kw,
tg_template='ipagui.templates.delegatenew') tg_template='ipagui.templates.delegatenew')
try: try:
@ -65,28 +71,90 @@ class DelegationController(IPAController):
client.update_entry(aci_entry) client.update_entry(aci_entry)
except ipaerror.IPAError, e: except ipaerror.IPAError, e:
turbogears.flash("Delgate add failed: " + str(e)) turbogears.flash("Delgate add failed: " + str(e))
return dict(form=delegate_new_form, delegate=kw, return dict(form=delegate_form, delegate=kw,
tg_template='ipagui.templates.delegatenew') tg_template='ipagui.templates.delegatenew')
turbogears.flash("delegate created") turbogears.flash("delegate created")
raise turbogears.redirect('/delegate/list') raise turbogears.redirect('/delegate/list')
#
# @expose("ipagui.templates.delegateedit") @expose("ipagui.templates.delegateedit")
# @identity.require(identity.not_anonymous()) @identity.require(identity.not_anonymous())
# def edit(self): def edit(self, acistr, tg_errors=None):
# """Display delegate page""" """Display delegate page"""
# client = self.get_ipaclient() if tg_errors:
# turbogears.flash("There was a problem with the form!")
# return dict(userfields=ipagui.forms.user.UserFields())
# client = self.get_ipaclient()
# @expose()
# @identity.require(identity.not_anonymous()) try:
# def update(self, **kw): aci_entry = client.get_aci_entry(aci_fields)
# """Display delegate page""" aci = ipa.aci.ACI(acistr)
# client = self.get_ipaclient() group_dn_to_cn = self.extract_group_cns([aci], client)
#
# turbogears.flash("delegate updated") delegate = aci.to_dict()
# raise turbogears.redirect('/delegate/list') delegate['source_group_dn'] = delegate['source_group']
delegate['source_group_cn'] = group_dn_to_cn[delegate['source_group_dn']]
delegate['dest_group_dn'] = delegate['dest_group']
delegate['dest_group_cn'] = group_dn_to_cn[delegate['dest_group_dn']]
return dict(form=delegate_form, delegate=delegate)
except (SyntaxError, ipaerror.IPAError), e:
turbogears.flash("Delegation edit failed: " + str(e))
raise turbogears.redirect('/delegate/list')
@expose()
@identity.require(identity.not_anonymous())
def update(self, **kw):
"""Display delegate page"""
self.restrict_post()
client = self.get_ipaclient()
if kw.get('submit', '').startswith('Cancel'):
turbogears.flash("Edit delegation cancelled")
raise turbogears.redirect('/delegate/list')
tg_errors, kw = self.delegatevalidate(**kw)
if tg_errors:
return dict(form=delegate_form, delegate=kw,
tg_template='ipagui.templates.delegatenew')
try:
aci_entry = client.get_aci_entry(aci_fields)
aci_str_list = aci_entry.getValues('aci')
if aci_str_list is None:
aci_str_list = []
try :
old_aci_index = aci_str_list.index(kw['orig_acistr'])
except ValueError:
turbogears.flash("Delegation update failed:<br />" +
"The delegation you were attempting to update has been " +
"concurrently modified. Please cancel the edit " +
"and try editing the delegation again.")
return dict(form=delegate_form, delegate=kw,
tg_template='ipagui.templates.delegateedit')
new_aci = ipa.aci.ACI()
new_aci.name = kw.get('name')
new_aci.source_group = kw.get('source_group_dn')
new_aci.dest_group = kw.get('dest_group_dn')
new_aci.attrs = kw.get('attrs')
new_aci_str = new_aci.export_to_string()
new_aci_str_list = copy.copy(aci_str_list)
new_aci_str_list[old_aci_index] = new_aci_str
aci_entry.setValue('aci', new_aci_str_list)
client.update_entry(aci_entry)
turbogears.flash("delegate updated")
raise turbogears.redirect('/delegate/list')
except (SyntaxError, ipaerror.IPAError), e:
turbogears.flash("Delegation update failed: " + str(e))
return dict(form=delegate_form, delegate=kw,
tg_template='ipagui.templates.delegateedit')
@expose("ipagui.templates.delegatelist") @expose("ipagui.templates.delegatelist")
@identity.require(identity.not_anonymous()) @identity.require(identity.not_anonymous())
@ -94,7 +162,12 @@ class DelegationController(IPAController):
"""Display delegate page""" """Display delegate page"""
client = self.get_ipaclient() client = self.get_ipaclient()
try:
aci_entry = client.get_aci_entry(aci_fields) aci_entry = client.get_aci_entry(aci_fields)
except ipaerror.IPAError, e:
turbogears.flash("Delegation list failed: " + str(e))
raise turbogears.redirect('/')
aci_str_list = aci_entry.getValues('aci') aci_str_list = aci_entry.getValues('aci')
if aci_str_list is None: if aci_str_list is None:
aci_str_list = [] aci_str_list = []
@ -135,9 +208,9 @@ class DelegationController(IPAController):
which_group=kw.get('which_group'), which_group=kw.get('which_group'),
counter=groups_counter) counter=groups_counter)
@validate(form=delegate_new_form) @validate(form=delegate_form)
@identity.require(identity.not_anonymous()) @identity.require(identity.not_anonymous())
def delegatecreatevalidate(self, tg_errors=None, **kw): def delegatevalidate(self, tg_errors=None, **kw):
return tg_errors, kw return tg_errors, kw
def extract_group_cns(self, aci_list, client): def extract_group_cns(self, aci_list, client):

16
ipa-server/ipa-gui/ipagui/templates/delegateedit.kid Normal file
View File

@ -0,0 +1,16 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"
py:extends="'delegatelayout.kid'">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/>
<title>Edit Delegation</title>
</head>
<body>
<h2>Edit Delegation</h2>
${form.display(action=tg.url("/delegate/update"), value=delegate,
actionname='Edit')}
</body>
</html>

8
ipa-server/ipa-gui/ipagui/templates/delegatelist.kid
View File

@ -41,7 +41,13 @@
>${dest_cn}</a> >${dest_cn}</a>
</td> </td>
<td> <td>
<a href="${tg.url('/delegate/edit')}">edit</a> (TODO)<br /> <?python
# it's probably a bad idea to use a GET string here.
# orig_acistr may be quite long
# TODO - change to use a form/POST
#
?>
<a href="${tg.url('/delegate/edit', acistr=aci.orig_acistr)}">edit</a><br />
</td> </td>
</tr> </tr>
</tbody> </tbody>

3
ipa-server/ipa-gui/ipagui/templates/delegatenew.kid
View File

@ -9,7 +9,8 @@
<h2>Add Delegation</h2> <h2>Add Delegation</h2>
${form.display(action=tg.url("/delegate/create"), value=delegate)} ${form.display(action=tg.url("/delegate/create"), value=delegate,
actionname='Add')}
</body> </body>
</html> </html>

23
ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid
View File

@ -49,9 +49,15 @@
<table class="formtable" cellpadding="2" cellspacing="0" border="0"> <table class="formtable" cellpadding="2" cellspacing="0" border="0">
<tr> <tr>
<th>
<input type="submit" class="submitbutton" name="submit"
value="${actionname} Delegation"/>
<br />
</th>
<td> <td>
<input type="submit" class="submitbutton" name="submit" <input type="submit" class="submitbutton" name="submit"
value="Add Delegation"/> value="Cancel ${actionname}"/>
<br />
</td> </td>
</tr> </tr>
</table> </table>
@ -143,12 +149,25 @@
<table class="formtable" cellpadding="2" cellspacing="0" border="0"> <table class="formtable" cellpadding="2" cellspacing="0" border="0">
<tr> <tr>
<th>
<input type="submit" class="submitbutton" name="submit"
value="${actionname} Delegation"/>
</th>
<td> <td>
<input type="submit" class="submitbutton" name="submit" <input type="submit" class="submitbutton" name="submit"
value="Add Delegation"/> value="Cancel ${actionname}"/>
</td> </td>
</tr> </tr>
</table> </table>
<script py:if="not value.get('source_group_dn')">
new Effect.Appear($('source_searcharea'), {duration: 0.25});
new Effect.Fade($('source_change_link'), {duration: 0.25});
</script>
<script py:if="not value.get('dest_group_dn')">
new Effect.Appear($('dest_searcharea'), {duration: 0.25});
new Effect.Fade($('dest_change_link'), {duration: 0.25});
</script>
</form> </form>
</div> </div>