render list of all ldap users
parent
e876fd65a5
commit
a94c138829
|
@ -8,6 +8,13 @@ dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl"
|
|||
|
||||
ldapweb_admin_group = 'cn=ldap-admin,ou=Group,dc=hackerspace,dc=pl'
|
||||
|
||||
ldap_people = 'ou=People,dc=hackerspace,dc=pl'
|
||||
admin_groups = {
|
||||
'Fatty': 'cn=fatty,ou=Group,dc=hackerspace,dc=pl',
|
||||
'Starving': 'cn=starving,ou=Group,dc=hackerspace,dc=pl',
|
||||
'Potato': 'cn=potato,ou=Group,dc=hackerspace,dc=pl',
|
||||
}
|
||||
|
||||
admin_dn = 'cn=ldapweb,ou=Services,dc=hackerspace,dc=pl'
|
||||
admin_pw = 'changeme'
|
||||
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
{% extends 'basic.html' %}
|
||||
{% block content %}
|
||||
<p>Good evening, professor {{ session['username'] }}. All LDAP accounts:</p>
|
||||
|
||||
{% for group_name, users in user_groups %}
|
||||
<h2>{{ group_name }}</h2>
|
||||
<ul>
|
||||
{% for uid, name in users %}
|
||||
<li><a href="/admin/users/{{ uid }}">{{ uid }} ({{ name }})</a></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
{% endfor %}
|
||||
|
||||
{% endblock %}
|
|
@ -217,4 +217,46 @@ def del_attr(uid):
|
|||
def mod_attr(uid):
|
||||
return attr_op('mod', None, uid)
|
||||
|
||||
def ldap_not_in(patterns):
|
||||
joined_patterns = ''.join(f'({p})' for p in patterns)
|
||||
one_of_pattern = f'(|{joined_patterns})'
|
||||
return f'!{one_of_pattern}'
|
||||
|
||||
def ldap_get_users_list(conn, query='&'):
|
||||
all_users = []
|
||||
results = conn.search_s(config.ldap_people, ldap.SCOPE_SUBTREE, f'(&(uid=*)(cn=*)({query}))', attrlist=['uid', 'cn'])
|
||||
for user, attrs in results:
|
||||
user_uid = attrs['uid'][0].decode()
|
||||
user_cn = attrs['cn'][0].decode()
|
||||
all_users.append((user_uid, user_cn))
|
||||
|
||||
all_users.sort(key=lambda user: user[0].lower())
|
||||
return all_users
|
||||
|
||||
def ldap_get_all_users_groupped(conn):
|
||||
group_queries = [
|
||||
(group_name, f'memberOf={pattern}')
|
||||
for group_name, pattern in config.admin_groups.items()
|
||||
]
|
||||
|
||||
groupped_users = [
|
||||
(group_name, ldap_get_users_list(conn, query))
|
||||
for group_name, query in group_queries
|
||||
]
|
||||
|
||||
other_users_query = ldap_not_in(query for _, query in group_queries)
|
||||
groupped_users.append(
|
||||
('Other', ldap_get_users_list(conn, other_users_query))
|
||||
)
|
||||
|
||||
return groupped_users
|
||||
|
||||
@app.route('/admin')
|
||||
@login_required
|
||||
def admin_list():
|
||||
# TODO: check if user is admin
|
||||
conn = context.get_connection()
|
||||
user_groups = ldap_get_all_users_groupped(conn)
|
||||
|
||||
return flask.render_template('admin/list.html', user_groups=user_groups)
|
||||
|
||||
|
|
Loading…
Reference in New Issue