render list of all ldap users

2023-09-20 22:00:23 +02:00 · 2023-09-20 22:00:23 +02:00 · a94c138829
parent e876fd65a5
commit a94c138829
3 changed files with 63 additions and 0 deletions
--- a/webapp/config.py.dist
+++ b/webapp/config.py.dist
@ -8,6 +8,13 @@ dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl"

 ldapweb_admin_group = 'cn=ldap-admin,ou=Group,dc=hackerspace,dc=pl'

+ldap_people = 'ou=People,dc=hackerspace,dc=pl'
+admin_groups = {
+    'Fatty': 'cn=fatty,ou=Group,dc=hackerspace,dc=pl',
+    'Starving': 'cn=starving,ou=Group,dc=hackerspace,dc=pl',
+    'Potato': 'cn=potato,ou=Group,dc=hackerspace,dc=pl',
+}
+
 admin_dn = 'cn=ldapweb,ou=Services,dc=hackerspace,dc=pl'
 admin_pw = 'changeme'

--- a/webapp/templates/admin/list.html
+++ b/webapp/templates/admin/list.html
@ -0,0 +1,14 @@
+{% extends 'basic.html' %}
+{% block content %}
+<p>Good evening, professor {{ session['username'] }}. All LDAP accounts:</p>
+
+{% for group_name, users in user_groups %}
+  <h2>{{ group_name }}</h2>
+  <ul>
+    {% for uid, name in users %}
+    <li><a href="/admin/users/{{ uid }}">{{ uid }} ({{ name }})</a></li>
+    {% endfor %}
+  </ul>
+{% endfor %}
+
+{% endblock %}
--- a/webapp/views.py
+++ b/webapp/views.py
@ -217,4 +217,46 @@ def del_attr(uid):
 def mod_attr(uid):
    return attr_op('mod', None, uid)

+def ldap_not_in(patterns):
+    joined_patterns = ''.join(f'({p})' for p in patterns)
+    one_of_pattern = f'(|{joined_patterns})'
+    return f'!{one_of_pattern}'
+
+def ldap_get_users_list(conn, query='&'):
+    all_users = []
+    results = conn.search_s(config.ldap_people, ldap.SCOPE_SUBTREE, f'(&(uid=*)(cn=*)({query}))', attrlist=['uid', 'cn'])
+    for user, attrs in results:
+        user_uid = attrs['uid'][0].decode()
+        user_cn = attrs['cn'][0].decode()
+        all_users.append((user_uid, user_cn))
+
+    all_users.sort(key=lambda user: user[0].lower())
+    return all_users
+
+def ldap_get_all_users_groupped(conn):
+    group_queries = [
+        (group_name, f'memberOf={pattern}')
+        for group_name, pattern in config.admin_groups.items()
+    ]
+
+    groupped_users = [
+        (group_name, ldap_get_users_list(conn, query))
+        for group_name, query in group_queries
+    ]
+
+    other_users_query = ldap_not_in(query for _, query in group_queries)
+    groupped_users.append(
+        ('Other', ldap_get_users_list(conn, other_users_query))
+    )
+
+    return groupped_users
+
+@app.route('/admin')
+@login_required
+def admin_list():
+    # TODO: check if user is admin
+    conn = context.get_connection()
+    user_groups = ldap_get_all_users_groupped(conn)
+
+    return flask.render_template('admin/list.html', user_groups=user_groups)