Show the list of groups a user belongs to.

ipa-server/ipa-gui/ipagui/controllers.py

@@ -251,7 +251,9 @@ class Root(controllers.RootController):
         client.set_krbccache(os.environ["KRB5CCNAME"])
         try:
             user = client.get_user_by_uid(uid, user_fields)
-            return dict(user=user.toDict(), fields=forms.user.UserFields())
+            user_groups = client.get_groups_by_member(user.dn, ['cn'])
+            return dict(user=user.toDict(), fields=forms.user.UserFields(),
+                        user_groups=user_groups)
         except ipaerror.IPAError, e:
             turbogears.flash("User show failed: " + str(e))
             raise turbogears.redirect("/")

ipa-server/ipa-gui/ipagui/templates/usershow.kid

@@ -90,6 +90,14 @@ else:
       </tr>
     </table>
 
+    <div class="formsection">Groups</div>
+    <div py:for="group in user_groups">
+      <a href="${tg.url('/groupshow', cn=group.cn)}">${group.cn}</a>
+    </div>
+
+    <br/>
+    <br/>
+
     <a href="${tg.url('/useredit', uid=user.get('uid'))}">edit</a>
 
 </body>

ipa-server/xmlrpc-server/funcs.py

@@ -204,6 +204,20 @@ class IPAServer:
     
         return self.convert_entry(ent)
 
+    def __get_list (self, base, filter, sattrs=None, opts=None):
+        """Gets a list of entries. Each is converted to a dict of values.
+           Multi-valued fields are represented as lists.
+        """
+        entries = []
+
+        conn = self.getConnection(opts)
+        try:
+            entries = conn.getList(base, self.scope, filter, sattrs)
+        finally:
+            self.releaseConnection(conn)
+
+        return map(self.convert_entry, entries)
+
     def __update_entry (self, oldentry, newentry, opts=None):
         """Update an LDAP entry
 
@@ -571,7 +585,7 @@ class IPAServer:
         cn = self.__safe_filter(cn)
         filter = "(cn=" + cn + ")"
         return self.__get_entry(self.basedn, filter, sattrs, opts)
-    
+
     def get_group_by_dn (self, dn, sattrs=None, opts=None):
         """Get a specific group's entry. Return as a dict of values.
            Multi-valued fields are represented as lists.
@@ -579,7 +593,16 @@ class IPAServer:
 
         filter = "(objectClass=*)"
         return self.__get_entry(dn, filter, sattrs, opts)
-    
+
+    def get_groups_by_member (self, member_dn, sattrs=None, opts=None):
+        """Get a specific group's entry. Return as a dict of values.
+           Multi-valued fields are represented as lists.
+        """
+
+        filter = "(&(objectClass=posixGroup)(uniqueMember=%s))" % member_dn
+
+        return self.__get_list(self.basedn, filter, sattrs, opts)
+
     def add_group (self, group, group_container=None, opts=None):
         """Add a group in LDAP. Takes as input a dict where the key is the
            attribute name and the value is either a string or in the case

ipa-server/xmlrpc-server/ipaxmlrpc.py

@@ -326,6 +326,7 @@ def handler(req, profiling=False):
             h.register_function(f.modifyPassword)
             h.register_function(f.get_group_by_cn)
             h.register_function(f.get_group_by_dn)
+            h.register_function(f.get_groups_by_member)
             h.register_function(f.add_group)
             h.register_function(f.find_groups)
             h.register_function(f.add_user_to_group)