render barebones ldap profile of any user
parent
a94c138829
commit
4732fb7066
|
@ -0,0 +1,36 @@
|
|||
{% extends 'basic.html' %}
|
||||
{% block content %}
|
||||
<h1>User: {{ username }}</h1>
|
||||
|
||||
<p>Full LDAP record:</p>
|
||||
|
||||
<table class="table profile-table">
|
||||
<tr>
|
||||
<th scope="col">Attribute</th>
|
||||
<th scope="col">Attribute</th>
|
||||
<th scope="col" class="profile-table-value">Value</th>
|
||||
</tr>
|
||||
{% for attr, attr_readable, value in profile %}
|
||||
<tr>
|
||||
<td>{{ attr }}</td>
|
||||
<td>{{ attr_readable if attr_readable else '' }}</td>
|
||||
<td class="profile-table-value">{{ value }}</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
||||
{% endblock %}
|
||||
|
||||
{% block head %}
|
||||
<style type="text/css">
|
||||
.profile-table td, .profile-table th {
|
||||
overflow: hidden;
|
||||
overflow-wrap: anywhere;
|
||||
width: 200px;
|
||||
}
|
||||
.profile-table td.profile-table-value,
|
||||
.profile-table th.profile-table-value {
|
||||
width: max-content;
|
||||
}
|
||||
</style>
|
||||
{% endblock %}
|
|
@ -4,6 +4,7 @@ import functools
|
|||
|
||||
import ldap
|
||||
import kerberos
|
||||
import re
|
||||
|
||||
import flask
|
||||
import flask_wtf
|
||||
|
@ -251,7 +252,7 @@ def ldap_get_all_users_groupped(conn):
|
|||
|
||||
return groupped_users
|
||||
|
||||
@app.route('/admin')
|
||||
@app.route('/admin/')
|
||||
@login_required
|
||||
def admin_list():
|
||||
# TODO: check if user is admin
|
||||
|
@ -260,3 +261,36 @@ def admin_list():
|
|||
|
||||
return flask.render_template('admin/list.html', user_groups=user_groups)
|
||||
|
||||
def ldap_get_user(conn, uid):
|
||||
profile = []
|
||||
for user, attrs in conn.search_s(config.dn_format % uid, ldap.SCOPE_SUBTREE):
|
||||
for attr, values in attrs.items():
|
||||
for value in values:
|
||||
profile.append((attr, value.decode()))
|
||||
|
||||
return profile
|
||||
|
||||
def rendered_ldap_profile(profile):
|
||||
rendered_profile = []
|
||||
for attr, value in profile:
|
||||
attr_sanitized = attr.lower()
|
||||
attr_full_name = config.full_name.get(attr_sanitized, attr_sanitized)
|
||||
attr_readable_name = config.readable_names.get(attr_full_name)
|
||||
rendered_profile.append((attr, attr_readable_name, value))
|
||||
|
||||
rendered_profile.sort(key=lambda x: x[1] is None)
|
||||
return rendered_profile
|
||||
|
||||
def ldap_validate_uid(uid):
|
||||
if not re.match(r'^[a-z-_][a-z0-9-_]*\Z', uid, flags=re.I):
|
||||
raise RuntimeError('Invalid uid')
|
||||
|
||||
@app.route('/admin/users/<uid>')
|
||||
@login_required
|
||||
def admin_user_view(uid):
|
||||
conn = context.get_connection()
|
||||
ldap_validate_uid(uid)
|
||||
|
||||
profile = ldap_get_user(conn, uid)
|
||||
|
||||
return flask.render_template('admin/user.html', username=uid, profile=rendered_ldap_profile(profile))
|
||||
|
|
Loading…
Reference in New Issue