add LDAP Group Membership Policy
This commit is contained in:
parent
e4baf8c21e
commit
f7c0c0146a
|
@ -5,7 +5,8 @@ from django.contrib.admin.widgets import FilteredSelectMultiple
|
|||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
from passbook.admin.forms.source import SOURCE_FORM_FIELDS
|
||||
from passbook.ldap.models import LDAPSource
|
||||
from passbook.core.forms.policies import GENERAL_FIELDS
|
||||
from passbook.ldap.models import LDAPGroupMembershipPolicy, LDAPSource
|
||||
|
||||
|
||||
class LDAPSourceForm(forms.ModelForm):
|
||||
|
@ -32,58 +33,18 @@ class LDAPSourceForm(forms.ModelForm):
|
|||
'base_dn': _('Base DN'),
|
||||
}
|
||||
|
||||
# class GeneralSettingsForm(SettingsForm):
|
||||
# """general settings form"""
|
||||
# MODE_AUTHENTICATION_BACKEND = 'auth_backend'
|
||||
# MODE_CREATE_USERS = 'create_users'
|
||||
# MODE_CHOICES = (
|
||||
# (MODE_AUTHENTICATION_BACKEND, _('Authentication Backend')),
|
||||
# (MODE_CREATE_USERS, _('Create Users'))
|
||||
# )
|
||||
|
||||
# namespace = 'passbook.ldap'
|
||||
# settings = ['enabled', 'mode']
|
||||
class LDAPGroupMembershipPolicyForm(forms.ModelForm):
|
||||
"""LDAPGroupMembershipPolicy Form"""
|
||||
|
||||
# widgets = {
|
||||
# 'enabled': forms.BooleanField(required=False),
|
||||
# 'mode': forms.ChoiceField(widget=forms.RadioSelect, choices=MODE_CHOICES),
|
||||
# }
|
||||
class Meta:
|
||||
|
||||
|
||||
# class ConnectionSettings(SettingsForm):
|
||||
# """Connection settings form"""
|
||||
|
||||
# namespace = 'passbook.ldap'
|
||||
# settings = ['server', 'server:tls', 'bind:user', 'bind:password', 'domain']
|
||||
|
||||
# attrs_map = {
|
||||
# 'server': {'placeholder': 'dc1.corp.exmaple.com'},
|
||||
# 'bind:user': {'placeholder': 'Administrator'},
|
||||
# 'domain': {'placeholder': 'corp.example.com'},
|
||||
# }
|
||||
|
||||
# widgets = {
|
||||
# 'server:tls': forms.BooleanField(required=False, label=_('Server TLS')),
|
||||
# }
|
||||
|
||||
|
||||
# class AuthenticationBackendSettings(SettingsForm):
|
||||
# """Authentication backend settings"""
|
||||
|
||||
# namespace = 'passbook.ldap'
|
||||
# settings = ['base']
|
||||
|
||||
# attrs_map = {
|
||||
# 'base': {'placeholder': 'DN in which to search for users'},
|
||||
# }
|
||||
|
||||
|
||||
# class CreateUsersSettings(SettingsForm):
|
||||
# """Create users settings"""
|
||||
|
||||
# namespace = 'passbook.ldap'
|
||||
# settings = ['create_base']
|
||||
|
||||
# attrs_map = {
|
||||
# 'create_base': {'placeholder': 'DN in which to create users'},
|
||||
# }
|
||||
model = LDAPGroupMembershipPolicy
|
||||
fields = GENERAL_FIELDS + ['dn', ]
|
||||
widgets = {
|
||||
'name': forms.TextInput(),
|
||||
'dn': forms.TextInput(),
|
||||
}
|
||||
labels = {
|
||||
'dn': _('DN')
|
||||
}
|
||||
|
|
28
passbook/ldap/migrations/0002_ldapgroupmembershippolicy.py
Normal file
28
passbook/ldap/migrations/0002_ldapgroupmembershippolicy.py
Normal file
|
@ -0,0 +1,28 @@
|
|||
# Generated by Django 2.1.7 on 2019-03-10 18:38
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('passbook_core', '0020_groupmembershippolicy'),
|
||||
('passbook_ldap', '0001_initial'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='LDAPGroupMembershipPolicy',
|
||||
fields=[
|
||||
('policy_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Policy')),
|
||||
('dn', models.TextField()),
|
||||
('source', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='passbook_ldap.LDAPSource')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'LDAP Group Membership Policy',
|
||||
'verbose_name_plural': 'LDAP Group Membership Policys',
|
||||
},
|
||||
bases=('passbook_core.policy',),
|
||||
),
|
||||
]
|
|
@ -3,7 +3,7 @@
|
|||
from django.db import models
|
||||
from django.utils.translation import gettext as _
|
||||
|
||||
from passbook.core.models import Source
|
||||
from passbook.core.models import Policy, Source, User
|
||||
|
||||
|
||||
class LDAPSource(Source):
|
||||
|
@ -37,30 +37,19 @@ class LDAPSource(Source):
|
|||
verbose_name = _('LDAP Source')
|
||||
verbose_name_plural = _('LDAP Sources')
|
||||
|
||||
class LDAPGroupMembershipPolicy(Policy):
|
||||
"""Policy to check if a user is in a certain LDAP Group"""
|
||||
|
||||
# class LDAPModification(UUIDModel, CreatedUpdatedModel):
|
||||
# """Store LDAP Data in DB if LDAP Server is unavailable"""
|
||||
# ACTION_ADD = 'ADD'
|
||||
# ACTION_MODIFY = 'MODIFY'
|
||||
dn = models.TextField()
|
||||
source = models.ForeignKey('LDAPSource', on_delete=models.CASCADE)
|
||||
|
||||
# ACTIONS = (
|
||||
# (ACTION_ADD, 'ADD'),
|
||||
# (ACTION_MODIFY, 'MODIFY'),
|
||||
# )
|
||||
form = 'passbook.ldap.forms.LDAPGroupMembershipPolicyForm'
|
||||
|
||||
# dn = models.CharField(max_length=255)
|
||||
# action = models.CharField(max_length=17, choices=ACTIONS, default=ACTION_MODIFY)
|
||||
# data = JSONField()
|
||||
def passes(self, user: User):
|
||||
"""Check if user instance passes this policy"""
|
||||
raise NotImplementedError()
|
||||
|
||||
# def __str__(self):
|
||||
# return "LDAPModification %d from %s" % (self.pk, self.created)
|
||||
class Meta:
|
||||
|
||||
|
||||
# class LDAPGroupMapping(UUIDModel, CreatedUpdatedModel):
|
||||
# """Model to map an LDAP Group to a passbook group"""
|
||||
|
||||
# ldap_dn = models.TextField()
|
||||
# group = models.ForeignKey(Group, on_delete=models.CASCADE)
|
||||
|
||||
# def __str__(self):
|
||||
# return "LDAPGroupMapping %s -> %s" % (self.ldap_dn, self.group.name)
|
||||
verbose_name = _('LDAP Group Membership Policy')
|
||||
verbose_name_plural = _('LDAP Group Membership Policys')
|
||||
|
|
Reference in a new issue