75 lines
2.1 KiB
Python
75 lines
2.1 KiB
Python
import flask_wtf
|
|
import wtforms
|
|
import secrets
|
|
import os
|
|
|
|
hackerspace_name = 'Warsaw Hackerspace'
|
|
secret_key = secrets.token_hex(32)
|
|
|
|
# Kerberos configuration
|
|
|
|
kadmin_principal_map = "{}@HACKERSPACE.PL"
|
|
|
|
# LDAP configuration
|
|
|
|
ldap_url = 'ldap://ldap.hackerspace.pl'
|
|
ldap_base = 'dc=hackerspace,dc=pl'
|
|
ldap_people = 'ou=people,dc=hackerspace,dc=pl'
|
|
ldap_user_dn_format = 'uid={},ou=people,dc=hackerspace,dc=pl'
|
|
ldap_group_dn_format = 'cn={},ou=group,dc=hackerspace,dc=pl'
|
|
|
|
# user groups allowed to see /admin
|
|
ldap_admin_groups = os.getenv('LDAPWEB_ADMIN_GROUPS', 'ldap-admin,staff,zarzad').split(',')
|
|
|
|
# user groups indicating that a user is active
|
|
ldap_active_groups = os.getenv('LDAPWEB_ACTIVE_GROUPS', 'fatty,starving,potato').split(',')
|
|
|
|
# service user with admin privileges (for admin listings, creating new users)
|
|
ldap_admin_dn = os.getenv('LDAPWEB_ADMIN_DN', 'cn=ldapweb,ou=services,dc=hackerspace,dc=pl')
|
|
ldap_admin_password = os.getenv('LDAPWEB_ADMIN_PASSWORD', 'unused')
|
|
|
|
# LDAP attribute configuration
|
|
|
|
readable_names = {
|
|
'commonname': 'Common Name',
|
|
'givenname': 'Given Name',
|
|
'gecos': 'GECOS (public name)',
|
|
'surname': 'Surname',
|
|
'loginshell': 'Shell',
|
|
'telephonenumber': 'Phone Number',
|
|
'mobiletelephonenumber': 'Mobile Number',
|
|
'sshpublickey': 'SSH Public Key',
|
|
'mifareidhash': 'MIFARE ID Hash',
|
|
'mail': 'Email Adress',
|
|
'mailroutingaddress': 'Email Adress (external)',
|
|
}
|
|
|
|
full_name = {
|
|
'cn': 'commonname',
|
|
'gecos': 'gecos',
|
|
'sn': 'surname',
|
|
'mobile': 'mobiletelephonenumber',
|
|
'l': 'locality',
|
|
}
|
|
|
|
can_add = set([
|
|
'telephonenumber',
|
|
'mobiletelephonenumber',
|
|
'sshpublickey',
|
|
])
|
|
can_delete = can_add
|
|
can_modify = can_add | set([
|
|
'givenname',
|
|
'surname',
|
|
'commonname',
|
|
'gecos',
|
|
])
|
|
can = { 'add': can_add, 'mod': can_modify, 'del': can_delete }
|
|
admin_required = set()
|
|
|
|
default_field = (wtforms.fields.StringField, {})
|
|
fields = {
|
|
'mobiletelephonenumber': (wtforms.fields.StringField, {'validators': [wtforms.validators.Regexp(r'[+0-9 ]+')]}),
|
|
'telephonenumber': (wtforms.fields.StringField, {'validators': [wtforms.validators.Regexp(r'[+0-9 ]+')]}),
|
|
}
|