OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

[ADD] users_ldap_push

pull/287/head
Holger Brunn 9 years ago
parent
a219268105
commit
6703b8a9cc
16 changed files with 732 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 84
      users_ldap_push/README.rst
  2. 21
      users_ldap_push/__init__.py
  3. 44
      users_ldap_push/__openerp__.py
  4. 23
      users_ldap_push/models/__init__.py
  5. 64
      users_ldap_push/models/res_company_ldap.py
  6. 40
      users_ldap_push/models/res_company_ldap_field_mapping.py
  7. 31
      users_ldap_push/models/res_partner.py
  8. 175
      users_ldap_push/models/res_users.py
  9. 3
      users_ldap_push/security/ir.model.access.csv
  10. BIN
      users_ldap_push/static/description/icon.png
  11. 20
      users_ldap_push/tests/__init__.py
  12. 104
      users_ldap_push/tests/test_users_ldap_push.py
  13. 27
      users_ldap_push/views/res_company.xml
  14. 44
      users_ldap_push/views/res_users.xml
  15. 20
      users_ldap_push/wizards/__init__.py
  16. 32
      users_ldap_push/wizards/change_password_user.py

84
users_ldap_push/README.rst
View File

@ -0,0 +1,84 @@
.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg
:alt: License: AGPL-3
==================
Push users to LDAP
==================
This module was written in order to use Odoo as a frontend for creating LDAP
entries by creating user records. Updates to the user record will be propagated
to the linked LDAP entry afterwards.
When users change their passwords, they will be updated in the LDAP directory
too.
Configuration
=============
On the LDAP parameters of your company, check *Create ldap entry* in order to
activate this functionality. Be sure to configure a bind DN that has
appropriate permissions to create and modify entries.
Fill in the object classes newly created entries should contain, separated by
colons. Those classes will determine which mappings from Odoo fields to LDAP
attributes you need. This is highly dependent on your LDAP setup.
For a standard slapd setup, you might want to use object classes
`inetOrgPerson,shadowAccount` and the following mapping:
========== ============== ==
Odoo field LDAP attribute DN
========== ============== ==
Login userid X
Name cn
Name sn
========== ============== ==
Matching is done by the new field *ldap_entry_dn*, so after installing this
module, you'll probably want to set this field. The module will write it when
a user logs in via Odoo.
Usage
=====
When you create or update users, their corresponding LDAP entries will be
updated too.
When creating users, there's a checkbox 'LDAP user' which allows you to push
the new user to your LDAP directory. This of course only works if you have
field mappings for all mandatory fields in your schema.
.. image:: https://odoo-community.org/website/image/ir.attachment/5784_f2813bd/datas
:alt: Try me on Runbot
:target: https://runbot.odoo-community.org/runbot/149/8.0
Bug Tracker
===========
Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-tools/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us smashing it by providing a detailed and welcomed feedback
`here <https://github.com/OCA/server-tools/issues/new?body=module:%20users_ldap_push%0Aversion:%208.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
Credits
=======
Contributors
------------
* Holger Brunn <hbrunn@therp.nl>
Maintainer
----------
.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org
This module is maintained by the OCA.
OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.
To contribute to this module, please visit http://odoo-community.org.

21
users_ldap_push/__init__.py
View File

@ -0,0 +1,21 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV <http://therp.nl>.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from . import models
from . import wizards

44
users_ldap_push/__openerp__.py
View File

@ -0,0 +1,44 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV <http://therp.nl>.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
{
"name": "Push users to LDAP",
"version": "8.0.1.0.0",
"author": "Therp BV,Odoo Community Association (OCA)",
"license": "AGPL-3",
"category": "Authentication",
"summary": "Creates a ldap entry when you create a user in Odoo",
"depends": [
'auth_ldap',
'mail',
],
"data": [
"views/res_users.xml",
"views/res_company.xml",
'security/ir.model.access.csv',
],
"qweb": [
],
"test": [
],
"installable": True,
"external_dependencies": {
'python': ['ldap'],
},
}

23
users_ldap_push/models/__init__.py
View File

@ -0,0 +1,23 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV <http://therp.nl>.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from . import res_company_ldap
from . import res_company_ldap_field_mapping
from . import res_users
from . import res_partner

64
users_ldap_push/models/res_company_ldap.py
View File

@ -0,0 +1,64 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV (<http://therp.nl>).
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from openerp import _, models, fields, api, exceptions
class ResCompanyLdap(models.Model):
_inherit = 'res.company.ldap'
@api.model
def _create_ldap_entry_field_mappings_default(self):
return [
(0, 0, {
'field_id':
self.env.ref('base.field_res_users_login').id,
'attribute': 'userid',
'use_for_dn': True,
}),
]
create_ldap_entry = fields.Boolean('Create ldap entry', default=True)
create_ldap_entry_base = fields.Char(
'Create ldap entry in subtree',
help='Leave empty to use your LDAP base')
create_ldap_entry_objectclass = fields.Char(
'Object class', default='account',
help='Separate object classes by comma if you need more than one')
create_ldap_entry_field_mappings = fields.One2many(
'res.company.ldap.field_mapping', 'ldap_id', string='Field mappings',
default=_create_ldap_entry_field_mappings_default)
@api.model
def get_or_create_user(self, conf, login, ldap_entry):
user_id = super(ResCompanyLdap, self).get_or_create_user(
conf, login, ldap_entry)
if user_id:
self.env['res.users'].browse(user_id).write({
'ldap_entry_dn': ldap_entry[0],
})
return user_id
@api.constrains('create_ldap_entry_field_mappings')
def _constrain_create_ldap_entry_field_mappings(self):
for this in self:
if len(this.create_ldap_entry_field_mappings
.filtered('use_for_dn')) != 1:
raise exceptions.ValidationError(
_('You need to set exactly one mapping as DN'))

40
users_ldap_push/models/res_company_ldap_field_mapping.py
View File

@ -0,0 +1,40 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV (<http://therp.nl>).
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from openerp import models, fields, api
class ResCompanyLdapFieldMapping(models.Model):
_name = 'res.company.ldap.field_mapping'
_description = 'Mapping from Odoo fields to ldap attributes'
field_id = fields.Many2one(
'ir.model.fields', string='Odoo field', required=True,
domain=lambda self: self._field_id_domain())
attribute = fields.Char('LDAP attribute', required=True)
use_for_dn = fields.Boolean('DN')
ldap_id = fields.Many2one(
'res.company.ldap', string='LDAP configuration', required=True)
@api.model
def _field_id_domain(self):
return [
('model_id', '=', self.env.ref('base.model_res_users').id),
('ttype', 'in', ['selection', 'char', 'text', 'integer', 'float']),
]

31
users_ldap_push/models/res_partner.py
View File

@ -0,0 +1,31 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV (<http://therp.nl>).
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from openerp import models, api
class ResPartner(models.Model):
_inherit = 'res.partner'
@api.multi
def write(self, vals):
result = super(ResPartner, self).write(vals)
self.filtered('user_ids.is_ldap_user').mapped('user_ids')\
.push_to_ldap(vals)
return result

175
users_ldap_push/models/res_users.py
View File

@ -0,0 +1,175 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV (<http://therp.nl>).
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
import ldap
import ldap.modlist
import logging
from openerp import _, models, fields, api, exceptions
_logger = logging.getLogger(__name__)
class ResUsers(models.Model):
_inherit = 'res.users'
ldap_entry_dn = fields.Char('LDAP DN', readonly=True)
is_ldap_user = fields.Boolean(
'LDAP user', compute='_compute_is_ldap_user', default=True)
@api.model
@api.returns('self', lambda record: record.id)
def create(self, values):
result = super(ResUsers, self).create(values)
result.push_to_ldap(values)
return result
@api.multi
def write(self, values):
result = super(ResUsers, self).write(values)
self.push_to_ldap(values)
return result
@api.multi
def _push_to_ldap_possible(self, values):
return bool(self._get_ldap_configuration())
@api.multi
def _get_ldap_configuration(self):
self.ensure_one()
return self.sudo().company_id.ldaps.filtered('create_ldap_entry')[:1]
@api.multi
def _get_ldap_values(self, values):
self.ensure_one()
conf = self._get_ldap_configuration()
result = {}
for mapping in conf.create_ldap_entry_field_mappings:
field_name = mapping.field_id.name
if field_name not in values or not values[field_name]:
continue
result[mapping.attribute] = [str(values[field_name])]
if result:
result['objectClass'] = conf.create_ldap_entry_objectclass\
.encode('utf-8').split(',')
return result
@api.multi
def _get_ldap_dn(self, values):
self.ensure_one()
conf = self._get_ldap_configuration()
dn = conf.create_ldap_entry_field_mappings.filtered('use_for_dn')
assert dn, 'No DN attribute mapping given!'
assert self[dn.field_id.name], 'DN attribute empty!'
return '%s=%s,%s' % (
dn.attribute,
ldap.dn.escape_dn_chars(self[dn.field_id.name].encode('utf-8')),
conf.create_ldap_entry_base or conf.ldap_base)
@api.multi
def push_to_ldap(self, values):
for this in self:
if not values.get('is_ldap_user') and not this.is_ldap_user:
continue
if not this._push_to_ldap_possible(values):
continue
ldap_values = this._get_ldap_values(values)
if not ldap_values:
continue
ldap_configuration = this._get_ldap_configuration()
ldap_connection = ldap_configuration.connect(
ldap_configuration.read()[0])
ldap_connection.simple_bind_s(
(ldap_configuration.ldap_binddn or '').encode('utf-8'),
(ldap_configuration.ldap_password or '').encode('utf-8'))
try:
if not this.ldap_entry_dn:
this._push_to_ldap_create(
ldap_connection, ldap_configuration, values,
ldap_values)
if this.ldap_entry_dn:
this._push_to_ldap_write(
ldap_connection, ldap_configuration, values,
ldap_values)
except ldap.LDAPError as e:
_logger.exception(e)
raise exceptions.Warning(_('Error'), e.message)
finally:
ldap_connection.unbind_s()
@api.multi
def _push_to_ldap_create(self, ldap_connection, ldap_configuration, values,
ldap_values):
self.ensure_one()
dn = self._get_ldap_dn(values)
ldap_connection.add_s(
dn,
ldap.modlist.addModlist(ldap_values))
self.write({'ldap_entry_dn': dn})
@api.multi
def _push_to_ldap_write(self, ldap_connection, ldap_configuration, values,
ldap_values):
self.ensure_one()
dn = self.ldap_entry_dn.encode('utf-8')
dn_mapping = ldap_configuration.create_ldap_entry_field_mappings\
.filtered('use_for_dn')
if dn_mapping.attribute in ldap_values:
ldap_values.pop(dn_mapping.attribute)
ldap_entry = ldap_connection.search_s(
dn, ldap.SCOPE_BASE, '(objectClass=*)',
map(lambda x: x.encode('utf-8'), ldap_values.keys()))
assert ldap_entry, '%s not found!' % self.ldap_entry_dn
ldap_entry = ldap_entry[0][1]
ldap_connection.modify_s(
dn,
ldap.modlist.modifyModlist(ldap_entry, ldap_values))
@api.one
@api.depends('ldap_entry_dn')
def _compute_is_ldap_user(self):
self.is_ldap_user = bool(self.ldap_entry_dn)
@api.one
def _change_ldap_password(self, new_passwd, auth_dn=None,
auth_passwd=None):
ldap_configuration = self.env.user.sudo()._get_ldap_configuration()
ldap_connection = ldap_configuration.connect(
ldap_configuration.read()[0])
dn = auth_dn or ldap_configuration.ldap_binddn
old_passwd = auth_passwd or ldap_configuration.ldap_password
ldap_connection.simple_bind_s(
dn.encode('utf-8'), old_passwd.encode('utf-8'))
self.env['ir.model.access'].check('res.users', 'write')
self.env.user.check_access_rule('write')
try:
ldap_connection.passwd_s(
self.ldap_entry_dn, None, new_passwd.encode('utf-8'))
except ldap.LDAPError, e:
raise exceptions.Warning(_('Error'), e.message)
finally:
ldap_connection.unbind_s()
return True
@api.model
def change_password(self, old_passwd, new_passwd):
if self.env.user.is_ldap_user:
return self.env.user._change_ldap_password(
new_passwd, auth_dn=self.env.user.ldap_entry_dn,
auth_passwd=old_passwd)
return super(ResUsers, self).change_password(old_passwd, new_passwd)

3
users_ldap_push/security/ir.model.access.csv
View File

@ -0,0 +1,3 @@
"id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink"
read_field_mappings,Read field mappings,model_res_company_ldap_field_mapping,,1,0,0,0
crud_field_mappings,CRUD field mappings,model_res_company_ldap_field_mapping,base.group_system,1,1,1,1

BIN
users_ldap_push/static/description/icon.png
View File

Side by Side

After

Width: 128  |  Height: 128  |  Size: 9.2 KiB

20
users_ldap_push/tests/__init__.py
View File

@ -0,0 +1,20 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV <http://therp.nl>.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from . import test_users_ldap_push

104
users_ldap_push/tests/test_users_ldap_push.py
View File

@ -0,0 +1,104 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV <http://therp.nl>.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
import ldap
from openerp.tests.common import TransactionCase
class FakeLdapConnection(object):
def __init__(self):
self.entries = {}
def simple_bind_s(self, dn, passwd):
pass
def add_s(self, dn, modlist):
self.entries[dn] = modlist
def search_s(self, dn, scope, ldap_filter, attributes):
if dn in self.entries:
return [(dn, dict(self.entries[dn]))]
return None
def modify_s(self, dn, modlist):
if dn not in self.entries:
raise ldap.NO_SUCH_OBJECT()
for operation, attribute, value in modlist:
if operation == ldap.MOD_ADD:
self.entries[dn].append((attribute, value))
continue
def unbind_s(self):
pass
class TestUsersLdapPush(TransactionCase):
def test_users_ldap_push(self):
company = self.env['res.company'].create({
'name': 'testcompany',
'ldaps': [(0, 0, {
'ldap_base': 'dc=test',
'ldap_filter': '(uid=%s)',
'create_ldap_entry_field_mappings': [
(
0, 0, {
'field_id':
self.env.ref('base.field_res_users_login').id,
'attribute': 'userid',
'use_for_dn': True,
},
),
(
0, 0, {
'field_id':
self.env.ref('base.field_res_users_name').id,
'attribute': 'sn',
},
),
],
})],
})
fake_ldap = FakeLdapConnection()
self.env['res.company.ldap']._patch_method(
'connect', lambda x, y: fake_ldap)
user = self.env['res.users'].create({
'name': 'testuser',
'login': 'testuser',
'company_ids': [(6, 0, company.ids)],
'company_id': company.id,
'is_ldap_user': False,
})
self.assertFalse(user.ldap_entry_dn)
user.unlink()
user = self.env['res.users'].create({
'name': 'testuser',
'login': 'testuser',
'company_ids': [(6, 0, company.ids)],
'company_id': company.id,
'is_ldap_user': True,
})
self.assertTrue(fake_ldap.entries[user.ldap_entry_dn])
self.assertEqual(
dict(fake_ldap.entries[user.ldap_entry_dn])['userid'],
[user.login])
user.partner_id.write({'name': 'testuser2'})
self.assertTrue([
v for a, v in fake_ldap.entries[user.ldap_entry_dn]
if v == ['testuser2']
])

27
users_ldap_push/views/res_company.xml
View File

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<openerp>
<data>
<record id="company_form_view" model="ir.ui.view">
<field name="model">res.company</field>
<field name="inherit_id" ref="auth_ldap.company_form_view" />
<field name="arch" type="xml">
<xpath expr="//field[@name='ldaps']/form//field[@name='create_user']" position="after">
<field name="create_ldap_entry" />
</xpath>
<xpath expr="//field[@name='ldaps']/form/group" position="after">
<group name="users_ldap_push" attrs="{'invisible': [('create_ldap_entry', '!=', True)]}">
<field name="create_ldap_entry_base" />
<field name="create_ldap_entry_objectclass" attrs="{'required': [('create_ldap_entry', '=', True)]}"/>
<field name="create_ldap_entry_field_mappings" attrs="{'required': [('create_ldap_entry', '=', True)]}">
<tree editable="bottom">
<field name="field_id" />
<field name="attribute" />
<field name="use_for_dn" />
</tree>
</field>
</group>
</xpath>
</field>
</record>
</data>
</openerp>

44
users_ldap_push/views/res_users.xml
View File

@ -0,0 +1,44 @@
<?xml version="1.0" encoding="UTF-8"?>
<openerp>
<data>
<record id="view_users_simple_form" model="ir.ui.view">
<field name="model">res.users</field>
<field name="inherit_id" ref="base.view_users_simple_form" />
<field name="arch" type="xml">
<field name="email" position="after">
<field name="is_ldap_user" invisible="1" readonly="0" />
</field>
</field>
</record>
<record id="view_users_form" model="ir.ui.view">
<field name="model">res.users</field>
<field name="inherit_id" ref="base.view_users_form" />
<field name="arch" type="xml">
<field name="active" position="after">
<field name="is_ldap_user" attrs="{'readonly': [('id', '!=', False)], 'invisible': [('id', '!=', False)]}" />
<field name="ldap_entry_dn" attrs="{'invisible': [('ldap_entry_dn', '=', False)]}" />
</field>
</field>
</record>
<record id="view_users_form_technical" model="ir.ui.view">
<field name="model">res.users</field>
<field name="inherit_id" ref="users_ldap_push.view_users_form" />
<field name="groups_id" eval="[(4, ref('base.group_no_one'))]" />
<field name="arch" type="xml">
<field name="ldap_entry_dn" position="attributes">
<attribute name="attrs" />
<attribute name="readonly">0</attribute>
</field>
</field>
</record>
<record id="view_users_search" model="ir.ui.view">
<field name="model">res.users</field>
<field name="inherit_id" ref="base.view_users_search" />
<field name="arch" type="xml">
<search position="inside">
<filter name="is_ldap_user" string="LDAP users" domain="[('ldap_entry_dn', '!=', False)]" />
</search>
</field>
</record>
</data>
</openerp>

20
users_ldap_push/wizards/__init__.py
View File

@ -0,0 +1,20 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV <http://therp.nl>.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from . import change_password_user

32
users_ldap_push/wizards/change_password_user.py
View File

@ -0,0 +1,32 @@
# -*- coding: utf-8 -*-
##############################################################################
#
# This module copyright (C) 2015 Therp BV (<http://therp.nl>).
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
##############################################################################
from openerp import models, api
class ChangePasswordUser(models.TransientModel):
_inherit = 'change.password.user'
@api.multi
def change_password_button(self):
for user_line in self.filtered('user_id.is_ldap_user'):
user_line.user_id._change_ldap_password(user_line.new_passwd)
user_line.new_passwd = False
return super(ChangePasswordUser, self.filtered(
lambda x: not x.user_id.is_ldap_user)).change_password_button()
Write Preview
Loading…
Cancel
Save