ldap user: show groups
parent
84abc355b9
commit
def69fb5d3
|
@ -8,6 +8,7 @@ dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl"
|
||||||
|
|
||||||
ldapweb_admin_group = 'cn=ldap-admin,ou=Group,dc=hackerspace,dc=pl'
|
ldapweb_admin_group = 'cn=ldap-admin,ou=Group,dc=hackerspace,dc=pl'
|
||||||
|
|
||||||
|
ldap_base = 'dc=hackerspace,dc=pl'
|
||||||
ldap_people = 'ou=People,dc=hackerspace,dc=pl'
|
ldap_people = 'ou=People,dc=hackerspace,dc=pl'
|
||||||
admin_groups = {
|
admin_groups = {
|
||||||
'Fatty': 'cn=fatty,ou=Group,dc=hackerspace,dc=pl',
|
'Fatty': 'cn=fatty,ou=Group,dc=hackerspace,dc=pl',
|
||||||
|
|
|
@ -2,9 +2,18 @@
|
||||||
{% block content %}
|
{% block content %}
|
||||||
<h1>User: {{ uid }}</h1>
|
<h1>User: {{ uid }}</h1>
|
||||||
|
|
||||||
<a class="btn btn-default" href="/admin" role="button">Back</a>
|
<div style="margin-bottom: 10px">
|
||||||
|
<a class="btn btn-default" href="/admin" role="button">Back</a>
|
||||||
|
|
||||||
<a class="btn btn-default" href="https://kasownik.hackerspace.pl/admin/member/{{ uid }}" role="button" target="_blank">View user in Kasownik</a>
|
<a class="btn btn-default" href="https://kasownik.hackerspace.pl/admin/member/{{ uid }}" role="button" target="_blank">View user in Kasownik</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
<strong>Belongs to groups:</strong>
|
||||||
|
{% for group_name in groups %}
|
||||||
|
<a href="/admin/groups/{{ group_name }}">{{ group_name }}</a>,
|
||||||
|
{% endfor %}
|
||||||
|
</p>
|
||||||
|
|
||||||
<p>Full LDAP record:</p>
|
<p>Full LDAP record:</p>
|
||||||
|
|
||||||
|
|
|
@ -268,6 +268,15 @@ def rendered_ldap_profile(profile):
|
||||||
rendered_profile.sort(key=lambda x: x[1] is None)
|
rendered_profile.sort(key=lambda x: x[1] is None)
|
||||||
return rendered_profile
|
return rendered_profile
|
||||||
|
|
||||||
|
def ldap_get_user_groups(conn, uid):
|
||||||
|
groups = []
|
||||||
|
user_dn = config.dn_format % uid
|
||||||
|
filter = f'(&(objectClass=groupOfUniqueNames)(uniqueMember={user_dn}))'
|
||||||
|
for group_dn, attrs in conn.search_s(config.ldap_base, ldap.SCOPE_SUBTREE, filter):
|
||||||
|
groups.append(attrs['cn'][0].decode())
|
||||||
|
|
||||||
|
return groups
|
||||||
|
|
||||||
def ldap_validate_uid(uid):
|
def ldap_validate_uid(uid):
|
||||||
if not re.match(r'^[a-z-_][a-z0-9-_]*\Z', uid, flags=re.I):
|
if not re.match(r'^[a-z-_][a-z0-9-_]*\Z', uid, flags=re.I):
|
||||||
raise RuntimeError('Invalid uid')
|
raise RuntimeError('Invalid uid')
|
||||||
|
@ -282,5 +291,6 @@ def admin_user_view(uid):
|
||||||
ldap_validate_uid(uid)
|
ldap_validate_uid(uid)
|
||||||
|
|
||||||
profile = ldap_get_user(conn, uid)
|
profile = ldap_get_user(conn, uid)
|
||||||
|
groups = ldap_get_user_groups(conn, uid)
|
||||||
|
|
||||||
return flask.render_template('admin/user.html', uid=uid, profile=rendered_ldap_profile(profile))
|
return flask.render_template('admin/user.html', uid=uid, profile=rendered_ldap_profile(profile), groups=groups)
|
||||||
|
|
Loading…
Reference in New Issue