From ef2619bdf488b2d11f19e87a8bdf09c4fcbacda4 Mon Sep 17 00:00:00 2001
From: nd <git@notandy.de>
Date: Mon, 13 Jul 2020 01:09:06 +0200
Subject: [PATCH] merged user and group blueprint
---
uffd/__init__.py | 4 +-
uffd/default_config.cfg | 1 +
uffd/group/__init__.py | 3 --
uffd/group/models.py | 47 ------------------
uffd/group/views.py | 32 -------------
uffd/selfservice/views.py | 3 +-
uffd/user/__init__.py | 4 +-
uffd/user/models.py | 46 +++++++++++++++++-
uffd/{group => user}/templates/group.html | 0
.../{group => user}/templates/group_list.html | 0
uffd/user/views.py | 48 ++++++++++++++-----
11 files changed, 87 insertions(+), 101 deletions(-)
delete mode 100644 uffd/group/__init__.py
delete mode 100644 uffd/group/models.py
delete mode 100644 uffd/group/views.py
rename uffd/{group => user}/templates/group.html (100%)
rename uffd/{group => user}/templates/group_list.html (100%)
diff --git a/uffd/__init__.py b/uffd/__init__.py
index bef39eba..30280972 100644
--- a/uffd/__init__.py
+++ b/uffd/__init__.py
@@ -40,10 +40,10 @@ def create_app(test_config=None):
db.init_app(app)
# pylint: disable=C0415
- from uffd import user, group, selfservice, session, csrf, ldap
+ from uffd import user, selfservice, session, csrf, ldap
# pylint: enable=C0415
- for i in user.bp + group.bp + selfservice.bp + session.bp + csrf.bp + ldap.bp:
+ for i in user.bp + selfservice.bp + session.bp + csrf.bp + ldap.bp:
app.register_blueprint(i)
@app.route("/")
diff --git a/uffd/default_config.cfg b/uffd/default_config.cfg
index c1c227a9..d616cc5f 100644
--- a/uffd/default_config.cfg
+++ b/uffd/default_config.cfg
@@ -8,3 +8,4 @@ LDAP_USER_GID=20001
LDAP_USER_MIN_UID=10000
LDAP_USER_MAX_UID=18999
SESSION_LIFETIME_SECONDS=3600
+ACL_LDAP_GROUP_USEREDIT="admins"
diff --git a/uffd/group/__init__.py b/uffd/group/__init__.py
deleted file mode 100644
index 1cb45d0f..00000000
--- a/uffd/group/__init__.py
+++ /dev/null
@@ -1,3 +0,0 @@
-from .views import bp as ui_bp
-
-bp = [ui_bp]
diff --git a/uffd/group/models.py b/uffd/group/models.py
deleted file mode 100644
index 5006c097..00000000
--- a/uffd/group/models.py
+++ /dev/null
@@ -1,47 +0,0 @@
-from uffd import ldap
-
-class Group():
- gid = None
- name = None
- description = None
-
- def __init__(self, gid=None, name='', members=None, description=''):
- self.gid = gid
- self.name = name
- if isinstance(members, str):
- members = [members]
- self.members_ldap = members
- self._members = None
- self.description = description
-
- @classmethod
- def from_ldap(cls, ldapobject):
- return Group(
- gid=ldapobject['gidNumber'].value,
- name=ldapobject['cn'].value,
- members=ldapobject['uniqueMember'],
- description=ldapobject['description'].value if 'description' in ldapobject else '',
- )
-
- @classmethod
- def from_ldap_dn(cls, dn):
- conn = ldap.get_conn()
- conn.search(dn, '(objectClass=groupOfUniqueNames)')
- if not len(conn.entries) == 1:
- return None
- return Group.from_ldap(conn.entries[0])
-
- def to_ldap(self, new):
- pass
-
- def get_members(self):
- from uffd.user.models import User
- if self._members:
- return self._members
- members = []
- for i in self.members_ldap:
- newmember = User.from_ldap_dn(i)
- if newmember:
- members.append(newmember)
- self._members = members
- return members
diff --git a/uffd/group/views.py b/uffd/group/views.py
deleted file mode 100644
index d14e2ad3..00000000
--- a/uffd/group/views.py
+++ /dev/null
@@ -1,32 +0,0 @@
-from flask import Blueprint, current_app, render_template
-
-from uffd.navbar import register_navbar
-from uffd.ldap import get_conn, escape_filter_chars
-from uffd.session import login_required, is_valid_session
-
-from .models import Group
-
-bp = Blueprint("group", __name__, template_folder='templates', url_prefix='/group/')
-
-@bp.before_request
-@login_required()
-def group_acl():
- pass
-
-@bp.route("/")
-@register_navbar('Groups', icon='layer-group', blueprint=bp, visible=is_valid_session)
-def group_list():
- conn = get_conn()
- conn.search(current_app.config["LDAP_BASE_GROUPS"], '(objectclass=groupOfUniqueNames)')
- groups = []
- for i in conn.entries:
- groups.append(Group.from_ldap(i))
- return render_template('group_list.html', groups=groups)
-
-@bp.route("/<int:gid>")
-def group_show(gid):
- conn = get_conn()
- conn.search(current_app.config["LDAP_BASE_GROUPS"], '(&(objectclass=groupOfUniqueNames)(gidNumber={}))'.format((escape_filter_chars(gid))))
- assert len(conn.entries) == 1
- group = Group.from_ldap(conn.entries[0])
- return render_template('group.html', group=group)
diff --git a/uffd/selfservice/views.py b/uffd/selfservice/views.py
index 36077985..21b01a20 100644
--- a/uffd/selfservice/views.py
+++ b/uffd/selfservice/views.py
@@ -3,8 +3,7 @@ from flask import Blueprint, render_template, request, url_for, redirect, flash,
from uffd.navbar import register_navbar
from uffd.csrf import csrf_protect
-from uffd.user.models import User
-from uffd.group.models import Group
+from uffd.user.models import User, Group
from uffd.session import get_current_user, login_required, is_valid_session
from uffd.ldap import get_conn, escape_filter_chars
diff --git a/uffd/user/__init__.py b/uffd/user/__init__.py
index 1cb45d0f..fc51d02b 100644
--- a/uffd/user/__init__.py
+++ b/uffd/user/__init__.py
@@ -1,3 +1,3 @@
-from .views import bp as ui_bp
+from .views import bp_user, bp_group
-bp = [ui_bp]
+bp = [bp_user, bp_group]
diff --git a/uffd/user/models.py b/uffd/user/models.py
index 4a711b13..2c8792ae 100644
--- a/uffd/user/models.py
+++ b/uffd/user/models.py
@@ -71,7 +71,6 @@ class User():
return result
def get_groups(self):
- from uffd.group.models import Group
if self._groups:
return self._groups
groups = []
@@ -108,3 +107,48 @@ class User():
def set_password(self, value):
self.newpassword = value
+
+class Group():
+ gid = None
+ name = None
+ description = None
+
+ def __init__(self, gid=None, name='', members=None, description=''):
+ self.gid = gid
+ self.name = name
+ if isinstance(members, str):
+ members = [members]
+ self.members_ldap = members
+ self._members = None
+ self.description = description
+
+ @classmethod
+ def from_ldap(cls, ldapobject):
+ return Group(
+ gid=ldapobject['gidNumber'].value,
+ name=ldapobject['cn'].value,
+ members=ldapobject['uniqueMember'],
+ description=ldapobject['description'].value if 'description' in ldapobject else '',
+ )
+
+ @classmethod
+ def from_ldap_dn(cls, dn):
+ conn = ldap.get_conn()
+ conn.search(dn, '(objectClass=groupOfUniqueNames)')
+ if not len(conn.entries) == 1:
+ return None
+ return Group.from_ldap(conn.entries[0])
+
+ def to_ldap(self, new):
+ pass
+
+ def get_members(self):
+ if self._members:
+ return self._members
+ members = []
+ for i in self.members_ldap:
+ newmember = User.from_ldap_dn(i)
+ if newmember:
+ members.append(newmember)
+ self._members = members
+ return members
diff --git a/uffd/group/templates/group.html b/uffd/user/templates/group.html
similarity index 100%
rename from uffd/group/templates/group.html
rename to uffd/user/templates/group.html
diff --git a/uffd/group/templates/group_list.html b/uffd/user/templates/group_list.html
similarity index 100%
rename from uffd/group/templates/group_list.html
rename to uffd/user/templates/group_list.html
diff --git a/uffd/user/views.py b/uffd/user/views.py
index b2217d81..c24ab9fa 100644
--- a/uffd/user/views.py
+++ b/uffd/user/views.py
@@ -5,17 +5,17 @@ from uffd.csrf import csrf_protect
from uffd.ldap import get_conn, escape_filter_chars
from uffd.session import login_required, is_valid_session
-from .models import User
+from .models import User, Group
-bp = Blueprint("user", __name__, template_folder='templates', url_prefix='/user/')
-
-@bp.before_request
-@login_required(group='admins')
+bp_user = Blueprint("user", __name__, template_folder='templates', url_prefix='/user/')
+@bp_user.before_request
+#@login_required(group=current_app.config('ACL_LDAP_GROUP_USEREDIT'))
+@login_required()
def user_acl():
pass
-@bp.route("/")
-@register_navbar('Users', icon='users', blueprint=bp, visible=is_valid_session)
+@bp_user.route("/")
+@register_navbar('Users', icon='users', blueprint=bp_user, visible=is_valid_session)
def user_list():
conn = get_conn()
conn.search(current_app.config["LDAP_BASE_USER"], '(objectclass=person)')
@@ -24,8 +24,8 @@ def user_list():
users.append(User.from_ldap(i))
return render_template('user_list.html', users=users)
-@bp.route("/<int:uid>")
-@bp.route("/new")
+@bp_user.route("/<int:uid>")
+@bp_user.route("/new")
def user_show(uid=None):
if not uid:
user = User()
@@ -38,8 +38,8 @@ def user_show(uid=None):
ldif = conn.entries[0].entry_to_ldif()
return render_template('user.html', user=user, user_ldif=ldif)
-@bp.route("/<int:uid>/update", methods=['POST'])
-@bp.route("/new", methods=['POST'])
+@bp_user.route("/<int:uid>/update", methods=['POST'])
+@bp_user.route("/new", methods=['POST'])
def user_update(uid=False):
conn = get_conn()
if uid:
@@ -65,7 +65,7 @@ def user_update(uid=False):
flash('Error updating user: {}'.format(conn.result['message']))
return redirect(url_for('.user_list'))
-@bp.route("/<int:uid>/del")
+@bp_user.route("/<int:uid>/del")
@csrf_protect
def user_delete(uid):
conn = get_conn()
@@ -76,3 +76,27 @@ def user_delete(uid):
else:
flash('Could not delete user: {}'.format(conn.result['message']))
return redirect(url_for('.user_list'))
+
+bp_group = Blueprint("group", __name__, template_folder='templates', url_prefix='/group/')
+@bp_group.before_request
+@login_required()
+def group_acl():
+ pass
+
+@bp_group.route("/")
+@register_navbar('Groups', icon='layer-group', blueprint=bp_group, visible=is_valid_session)
+def group_list():
+ conn = get_conn()
+ conn.search(current_app.config["LDAP_BASE_GROUPS"], '(objectclass=groupOfUniqueNames)')
+ groups = []
+ for i in conn.entries:
+ groups.append(Group.from_ldap(i))
+ return render_template('group_list.html', groups=groups)
+
+@bp_group.route("/<int:gid>")
+def group_show(gid):
+ conn = get_conn()
+ conn.search(current_app.config["LDAP_BASE_GROUPS"], '(&(objectclass=groupOfUniqueNames)(gidNumber={}))'.format((escape_filter_chars(gid))))
+ assert len(conn.entries) == 1
+ group = Group.from_ldap(conn.entries[0])
+ return render_template('group.html', group=group)
--
GitLab