debut gestion groupes dans page & ajout page administration

2013-01-14 23:22:41 +01:00 · 2013-01-14 23:22:41 +01:00 · 6305e1c9cc
commit 6305e1c9cc
parent 4ed3cf9b33
14 changed files with 237 additions and 2 deletions
--- a/Brie/brie/config/groups_enum.py
+++ b/Brie/brie/config/groups_enum.py
@ -0,0 +1,7 @@
+# -*- coding: utf-8 -*-
+
+responsablereseau = "responsablereseau"
+admin = "admin"
+membreca = "membreca"
+tresorier = "tresorier"
+respsalleinfo = "respsalleinfo"
--- a/Brie/brie/controllers/administration.py
+++ b/Brie/brie/controllers/administration.py
@ -0,0 +1,80 @@
+# -*- coding: utf-8 -*-
+
+from tg import session
+from tg.controllers import redirect
+from tg.decorators import expose, validate
+
+from brie.lib.camembert_helpers import *
+
+from brie.config import ldap_config
+from brie.lib.ldap_helper import *
+from brie.model import DBSession
+from brie.model.camembert import Interface
+from brie.model.ldap import *
+
+from brie.controllers import auth
+from brie.controllers.auth import AuthenticatedBaseController, AuthenticatedRestController
+
+from operator import itemgetter
+
+
+class GroupAddMemberController(AuthenticatedRestController):
+    
+    @expose()
+    def post(self, group_cn, user_dn):
+        groups_of_user = Groupes.get_by_user_dn(self.user, user_dn)
+
+        if group_cn in groups_of_user:
+            redirect("/administration/")
+        #end if
+
+        target_group = Groupes.get_by_cn(self.user, group_cn)
+
+        if target_group is None:
+            redirect("/administration/")
+        #end if
+
+        attr = Groupes.unique_member_attr(user_dn)
+        self.user.ldap_bind.add_attr(target_group.dn, attr)
+
+        redirect("/administration/")
+    #end def
+
+#end class
+
+class GroupController(AuthenticatedBaseController):
+    add_member = GroupAddMemberController()
+
+    @expose()
+    def delete_member(self, group_cn, user_dn):
+        groups_of_user = Groupes.get_by_user_dn(self.user, user_dn)
+
+        if group_cn in groups_of_user:
+            target_group = Groupes.get_by_cn(self.user, group_cn)
+            
+            attr = Groupes.unique_member_attr(user_dn)
+            self.user.ldap_bind.delete_attr(target_group.dn, attr)
+        #end if
+
+        redirect("/administration/")
+    #end def
+
+#end class
+        
+
+class AdministrationController(AuthenticatedBaseController):
+    groups = GroupController()
+
+    @expose("brie.templates.show.error")
+    def error_no_entry(self):
+        return { "error" : "Entrée non existante" }
+
+    @expose("brie.templates.administration.index")
+    def index(self):
+        groups = Groupes.get_all(self.user)
+        all_users = sorted(Member.get_all(self.user), key=lambda u: u.cn.first())
+
+        return { "user" : self.user, "groups_ldap" : groups, "all_users" : all_users }
+    #end def
+#end class
+
--- a/Brie/brie/controllers/auth.py
+++ b/Brie/brie/controllers/auth.py
@ -117,17 +117,33 @@ class AuthHandler(object):

 class AuthenticatedRestController(RestController):
    user = None
+    require_group = None

    def __before__(self, *args, **kwargs):
        self.user = current.get_user_or_redirect()
+
+        if self.require_group is not None:
+            if self.require_group not in self.user.groups.list():
+                redirect("/error/permission_denied/")
+            #end if
+        #end if
+            
    #end def
 #end def

 class AuthenticatedBaseController(BaseController):
    user = None
+    require_group = None
    
    def __before__(self, *args, **kwargs):
        self.user = current.get_user_or_redirect()
+
+        if self.require_group is not None:
+            if self.require_group not in self.user.groups.list():
+                redirect("/error/permission_denied/")
+            #end if
+        #end if
+
    #end def
 #end def

--- a/Brie/brie/controllers/edit.py
+++ b/Brie/brie/controllers/edit.py
@ -7,6 +7,7 @@ from tg.decorators import expose, validate
 from brie.lib.camembert_helpers import *

 from brie.config import ldap_config
+from brie.config import groups_enum
 from brie.lib.ldap_helper import *
 from brie.model import DBSession
 from brie.model.ldap import *
@ -22,6 +23,8 @@ from operator import itemgetter

 """ Controller d'affichage de details de membres, chambres et interfaces """ 
 class EditController(AuthenticatedBaseController):
+    require_group = groups_enum.admin
+
    show = None
    wifi = None

@ -62,6 +65,8 @@ class EditController(AuthenticatedBaseController):
 #end class

 class WifiRestController(AuthenticatedRestController):
+    require_group = groups_enum.respsalleinfo
+
    show = None

    def __init__(self, new_show):
--- a/Brie/brie/controllers/error.py
+++ b/Brie/brie/controllers/error.py
@ -0,0 +1,29 @@
+# -*- coding: utf-8 -*-
+
+from tg import session
+from tg.controllers import redirect
+from tg.decorators import expose, validate
+
+from brie.lib.camembert_helpers import *
+
+from brie.config import ldap_config
+from brie.lib.ldap_helper import *
+from brie.model import DBSession
+from brie.model.camembert import Interface
+from brie.model.ldap import *
+
+from brie.controllers import auth
+from brie.controllers.auth import AuthenticatedBaseController, AuthenticatedRestController
+
+from operator import itemgetter
+
+
+class ErrorController(AuthenticatedBaseController):
+
+    @expose("brie.templates.error.permission_denied")
+    def permission_denied(self):
+        return {}
+    #end def
+
+#end class
+
--- a/Brie/brie/controllers/rooms.py
+++ b/Brie/brie/controllers/rooms.py
@ -6,6 +6,7 @@ from brie.lib.base import BaseController
 from brie.lib.camembert_helpers import *

 from brie.config import ldap_config
+from brie.config import groups_enum
 from brie.lib.ldap_helper import *
 from brie.model import DBSession
 from brie.model.camembert import *
@ -18,6 +19,9 @@ from operator import itemgetter


 class RoomsController(AuthenticatedBaseController):
+    require_group = groups_enum.admin
+
+
    __default_color = "ok_color"
    __error_colors = {
        "PAS PAYE" : "non_paye_color",
--- a/Brie/brie/controllers/root.py
+++ b/Brie/brie/controllers/root.py
@ -15,6 +15,8 @@ from brie.controllers.auth import AuthRestController
 from brie.controllers.rooms import RoomsController
 from brie.controllers.show import ShowController
 from brie.controllers.edit import EditController
+from brie.controllers.administration import AdministrationController
+from brie.controllers.error import ErrorController

 from brie.model.camembert import Materiel

@ -41,6 +43,8 @@ class RootController(BaseController):
    rooms = RoomsController()
    show = ShowController()
    edit = EditController(show)
+    administration = AdministrationController()
+    error = ErrorController()
    
    @expose('brie.templates.index')
    def index(self):
--- a/Brie/brie/model/ldap.py
+++ b/Brie/brie/model/ldap.py
@ -31,6 +31,11 @@ class Member(object):
        return user_session.ldap_bind.search_first(ldap_config.username_base_dn, "(uid=" + uid + ")")
    #end def

+    @staticmethod
+    def get_all(user_session):
+        return user_session.ldap_bind.search(ldap_config.username_base_dn, "(objectClass=pacatnetMember)")
+    #end def
+
 #end class

 class Room(object):
@ -157,5 +162,27 @@ class Groupes(object):
        #end for

        return groups
-    #end 
+    #end def
+
+    @staticmethod
+    def get_by_cn(user_session, cn):
+        results = user_session.ldap_bind.search_first(ldap_config.group_base_dn, "(&(objectClass=groupOfUniqueNames)(cn=" + cn + "))")
+
+        return results
+    #end def
+
+    @staticmethod
+    def get_all(user_session):
+        results = user_session.ldap_bind.search(ldap_config.group_base_dn, "(objectClass=groupOfUniqueNames)")
+
+        return results
+    #end def
+
+    @staticmethod
+    def unique_member_attr(member_dn):
+        return {
+            "uniqueMember" : str(member_dn)
+        }
+    #end def
+
 #end class
--- a/Brie/brie/public/css/common.css
+++ b/Brie/brie/public/css/common.css
@ -53,4 +53,16 @@ input[type="submit"]
    padding: 5px;
 }

+.param_block {
+    vertical-align: top;
+}
+
+.inline_block {
+    display: inline-block;
+    margin-bottom: 17px;
+}
+
+.enum_block {
+    display: block;
+}

--- a/Brie/brie/templates/administration/init.py
+++ b/Brie/brie/templates/administration/init.py
--- a/Brie/brie/templates/administration/index.html
+++ b/Brie/brie/templates/administration/index.html
@ -0,0 +1,40 @@
+<html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude">
+    <head>
+        <link rel="stylesheet" type="text/css" href="/css/common.css" />
+        <link rel="stylesheet" type="text/css" href="/css/show.css" />
+    </head>
+    <body>
+        <a class="button" href="/" >RETOUR</a>
+        <div class="section" >
+            <span class="section_name show_section_name">GROUPES</span>
+            <div py:for="group in groups_ldap">
+                <span class="item_name">${group.cn.first()}</span>
+                <div class="inline_block param_block" py:choose="group.uniqueMember">
+                    <py:when test="None">
+                        <span class="enum_block">aucun membre</span>
+                    </py:when>
+                    <py:otherwise>
+                        <span class="enum_block" py:for="member in group.uniqueMember.values">${member}  <a class="link_button" href="groups/delete_member/${group.cn.first()}/${member}">retirer</a></span>
+                    </py:otherwise>
+                </div>
+            </div>
+        </div>
+        <div class="section">
+            <div>
+                <span class="item_name">ajouter</span>
+                <form class="inline_block" method="post" action="groups/add_member/">
+                    <select name="user_dn">
+                        <option py:for="user in all_users" value="${user.dn}">${user.cn.first()}</option>
+                    </select>
+                    &nbsp;à&nbsp;
+                    <select name="group_cn">
+                        <option py:for="group in groups_ldap" value="${group.cn.first()}">
+                            ${group.cn.first()}
+                        </option>
+                    </select>
+                    <input type="submit" class="button" value="GO"></input>
+                </form>
+            </div>
+        </div>
+    </body>
+</html>
--- a/Brie/brie/templates/error/init.py
+++ b/Brie/brie/templates/error/init.py
--- a/Brie/brie/templates/error/permission_denied.html
+++ b/Brie/brie/templates/error/permission_denied.html
@ -0,0 +1,9 @@
+<html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude">
+    <head>
+        <link rel="stylesheet" type="text/css" href="/css/common.css" />
+        <link rel="stylesheet" type="text/css" href="/css/show.css" />
+    </head>
+    <body>
+        <p>permission denied</p>
+    </body>
+</html>
--- a/Brie/brie/templates/index.html
+++ b/Brie/brie/templates/index.html
@ -9,7 +9,9 @@

        <div py:if="user is not None">
            <div class="section">
-                <a py:if="user.groups.admin" class="section_name show_section_name button" href="/rooms/" >CHAMBRES</a>
+                <span class="section_name show_section_name"></span>
+                <a py:if="user.groups.admin" class="button" href="/rooms/" >CHAMBRES</a>
+                <a py:if="user.groups.responsablereseau" class="button" href="/administration/" >ADMINISTRATION</a>
            </div>
            <div class="section" >
                <span class="section_name show_section_name">DEBUG</span>