OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

[PEP8] users_ldap_groups

pull/21/head
Sandy Carter 10 years ago
committed by Sandy Carter
parent
2e49b18431
commit
d29ee343b5
3 changed files with 99 additions and 88 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      users_ldap_groups/__openerp__.py
  2. 41
      users_ldap_groups/users_ldap_groups.py
  3. 21
      users_ldap_groups/users_ldap_groups_operators.py

1
users_ldap_groups/__openerp__.py
View File

@ -59,4 +59,3 @@ user's ldap record's attribute named [attribute].
'python': ['ldap'], 'python': ['ldap'],
}, },
} }
# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:

41
users_ldap_groups/users_ldap_groups.py
View File

@ -23,7 +23,7 @@ from openerp.osv import fields, orm
import logging import logging
import users_ldap_groups_operators import users_ldap_groups_operators
import inspect import inspect
import sys
class CompanyLDAPGroupMapping(orm.Model): class CompanyLDAPGroupMapping(orm.Model):
_name = 'res.company.ldap.group_mapping' _name = 'res.company.ldap.group_mapping'
@ -32,44 +32,52 @@ class CompanyLDAPGroupMapping(orm.Model):
def _get_operators(self, cr, uid, context=None): def _get_operators(self, cr, uid, context=None):
operators = [] operators = []
for name, operator in inspect.getmembers(users_ldap_groups_operators,
members = inspect.getmembers(
users_ldap_groups_operators,
lambda cls: inspect.isclass(cls) lambda cls: inspect.isclass(cls)
and cls!=users_ldap_groups_operators.LDAPOperator):
and cls != users_ldap_groups_operators.LDAPOperator)
for name, operator in members:
operators.append((name, name)) operators.append((name, name))
return tuple(operators) return tuple(operators)
_columns = { _columns = {
'ldap_id': fields.many2one('res.company.ldap', 'LDAP server',
required=True),
'ldap_attribute': fields.char('LDAP attribute', size=64,
'ldap_id': fields.many2one('res.company.ldap', 'LDAP server', required=True),
'ldap_attribute': fields.char(
'LDAP attribute', size=64,
help='The LDAP attribute to check.\n' help='The LDAP attribute to check.\n'
'For active directory, use memberOf.'), 'For active directory, use memberOf.'),
'operator': fields.selection(_get_operators, 'Operator',
'operator': fields.selection(
_get_operators, 'Operator',
help='The operator to check the attribute against the value\n' help='The operator to check the attribute against the value\n'
'For active directory, use \'contains\'', required=True), 'For active directory, use \'contains\'', required=True),
'value': fields.char('Value', size=1024,
'value': fields.char(
'Value', size=1024,
help='The value to check the attribute against.\n' help='The value to check the attribute against.\n'
'For active directory, use the dn of the desired group', 'For active directory, use the dn of the desired group',
required=True), required=True),
'group': fields.many2one('res.groups', 'OpenERP group',
'group': fields.many2one(
'res.groups', 'OpenERP group',
help='The OpenERP group to assign', required=True), help='The OpenERP group to assign', required=True),
} }
class CompanyLDAP(orm.Model): class CompanyLDAP(orm.Model):
_inherit = 'res.company.ldap' _inherit = 'res.company.ldap'
_columns = { _columns = {
'group_mappings': fields.one2many('res.company.ldap.group_mapping',
'group_mappings': fields.one2many(
'res.company.ldap.group_mapping',
'ldap_id', 'Group mappings', 'ldap_id', 'Group mappings',
help='Define how OpenERP groups are assigned to ldap users'), help='Define how OpenERP groups are assigned to ldap users'),
'only_ldap_groups': fields.boolean('Only ldap groups',
'only_ldap_groups': fields.boolean(
'Only ldap groups',
help='If this is checked, manual changes to group membership are ' help='If this is checked, manual changes to group membership are '
'undone on every login (so OpenERP groups are always synchronous ' 'undone on every login (so OpenERP groups are always synchronous '
'with LDAP groups). If not, manually added groups are preserved.') 'with LDAP groups). If not, manually added groups are preserved.')
} }
_default = { _default = {
'only_ldap_groups': False
'only_ldap_groups': False,
} }
def get_or_create_user(self, cr, uid, conf, login, ldap_entry, context=None): def get_or_create_user(self, cr, uid, conf, login, ldap_entry, context=None):
@ -83,10 +91,10 @@ class CompanyLDAP(orm.Model):
conf_all = self.read(cr, uid, conf['id'], ['only_ldap_groups']) conf_all = self.read(cr, uid, conf['id'], ['only_ldap_groups'])
if(conf_all['only_ldap_groups']): if(conf_all['only_ldap_groups']):
logger.debug('deleting all groups from user %d' % user_id) logger.debug('deleting all groups from user %d' % user_id)
userobj.write(cr, uid, [user_id], {'groups_id': [(5, )]})
userobj.write(cr, uid, [user_id], {'groups_id': [(5, )]}, context=context)
for mapping in mappingobj.read(cr, uid, mappingobj.search(cr, uid,
[('ldap_id', '=', conf['id'])]), []):
for mapping in mappingobj.read(cr, uid, mappingobj.search(
cr, uid, [('ldap_id', '=', conf['id'])]), []):
operator = getattr(users_ldap_groups_operators, mapping['operator'])() operator = getattr(users_ldap_groups_operators, mapping['operator'])()
logger.debug('checking mapping %s' % mapping) logger.debug('checking mapping %s' % mapping)
if operator.check_value(ldap_entry, mapping['ldap_attribute'], if operator.check_value(ldap_entry, mapping['ldap_attribute'],
@ -94,5 +102,6 @@ class CompanyLDAP(orm.Model):
logger.debug('adding user %d to group %s' % logger.debug('adding user %d to group %s' %
(user_id, mapping['group'][1])) (user_id, mapping['group'][1]))
userobj.write(cr, uid, [user_id], userobj.write(cr, uid, [user_id],
{'groups_id': [(4, mapping['group'][0])]})
{'groups_id': [(4, mapping['group'][0])]},
context=context)
return user_id return user_id

21
users_ldap_groups/users_ldap_groups_operators.py
View File

@ -20,24 +20,27 @@
############################################################################## ##############################################################################
from string import Template from string import Template
class LDAPOperator: class LDAPOperator:
pass pass
class contains(LDAPOperator): class contains(LDAPOperator):
def check_value(self, ldap_entry, attribute, value, ldap_config, company,
logger):
def check_value(self, ldap_entry, attribute, value, ldap_config, company, logger):
return (attribute in ldap_entry[1]) and (value in ldap_entry[1][attribute]) return (attribute in ldap_entry[1]) and (value in ldap_entry[1][attribute])
class equals(LDAPOperator): class equals(LDAPOperator):
def check_value(self, ldap_entry, attribute, value, ldap_config, company,
logger):
return (attribute in ldap_entry[1]) and (str(value)==str(ldap_entry[1][attribute]))
def check_value(self, ldap_entry, attribute, value, ldap_config, company, logger):
return attribute in ldap_entry[1] and unicode(value) == unicode(ldap_entry[1][attribute])
class query(LDAPOperator): class query(LDAPOperator):
def check_value(self, ldap_entry, attribute, value, ldap_config, company,
logger):
query_string=Template(value).safe_substitute(dict([(attribute,
ldap_entry[1][attribute][0]) for attribute in ldap_entry[1]]))
def check_value(self, ldap_entry, attribute, value, ldap_config, company, logger):
query_string = Template(value).safe_substitute(dict(
[(attr, ldap_entry[1][attribute][0]) for attr in ldap_entry[1]]
)
)
logger.debug('evaluating query group mapping, filter: %s' % query_string) logger.debug('evaluating query group mapping, filter: %s' % query_string)
results = company.query(ldap_config, query_string) results = company.query(ldap_config, query_string)
logger.debug(results) logger.debug(results)

Write Preview
Loading…
Cancel
Save