add LDAP Group Membership Policy
This commit is contained in:
parent
e4baf8c21e
commit
f7c0c0146a
|
@ -5,7 +5,8 @@ from django.contrib.admin.widgets import FilteredSelectMultiple
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
|
|
||||||
from passbook.admin.forms.source import SOURCE_FORM_FIELDS
|
from passbook.admin.forms.source import SOURCE_FORM_FIELDS
|
||||||
from passbook.ldap.models import LDAPSource
|
from passbook.core.forms.policies import GENERAL_FIELDS
|
||||||
|
from passbook.ldap.models import LDAPGroupMembershipPolicy, LDAPSource
|
||||||
|
|
||||||
|
|
||||||
class LDAPSourceForm(forms.ModelForm):
|
class LDAPSourceForm(forms.ModelForm):
|
||||||
|
@ -32,58 +33,18 @@ class LDAPSourceForm(forms.ModelForm):
|
||||||
'base_dn': _('Base DN'),
|
'base_dn': _('Base DN'),
|
||||||
}
|
}
|
||||||
|
|
||||||
# class GeneralSettingsForm(SettingsForm):
|
|
||||||
# """general settings form"""
|
|
||||||
# MODE_AUTHENTICATION_BACKEND = 'auth_backend'
|
|
||||||
# MODE_CREATE_USERS = 'create_users'
|
|
||||||
# MODE_CHOICES = (
|
|
||||||
# (MODE_AUTHENTICATION_BACKEND, _('Authentication Backend')),
|
|
||||||
# (MODE_CREATE_USERS, _('Create Users'))
|
|
||||||
# )
|
|
||||||
|
|
||||||
# namespace = 'passbook.ldap'
|
class LDAPGroupMembershipPolicyForm(forms.ModelForm):
|
||||||
# settings = ['enabled', 'mode']
|
"""LDAPGroupMembershipPolicy Form"""
|
||||||
|
|
||||||
# widgets = {
|
class Meta:
|
||||||
# 'enabled': forms.BooleanField(required=False),
|
|
||||||
# 'mode': forms.ChoiceField(widget=forms.RadioSelect, choices=MODE_CHOICES),
|
|
||||||
# }
|
|
||||||
|
|
||||||
|
model = LDAPGroupMembershipPolicy
|
||||||
# class ConnectionSettings(SettingsForm):
|
fields = GENERAL_FIELDS + ['dn', ]
|
||||||
# """Connection settings form"""
|
widgets = {
|
||||||
|
'name': forms.TextInput(),
|
||||||
# namespace = 'passbook.ldap'
|
'dn': forms.TextInput(),
|
||||||
# settings = ['server', 'server:tls', 'bind:user', 'bind:password', 'domain']
|
}
|
||||||
|
labels = {
|
||||||
# attrs_map = {
|
'dn': _('DN')
|
||||||
# 'server': {'placeholder': 'dc1.corp.exmaple.com'},
|
}
|
||||||
# 'bind:user': {'placeholder': 'Administrator'},
|
|
||||||
# 'domain': {'placeholder': 'corp.example.com'},
|
|
||||||
# }
|
|
||||||
|
|
||||||
# widgets = {
|
|
||||||
# 'server:tls': forms.BooleanField(required=False, label=_('Server TLS')),
|
|
||||||
# }
|
|
||||||
|
|
||||||
|
|
||||||
# class AuthenticationBackendSettings(SettingsForm):
|
|
||||||
# """Authentication backend settings"""
|
|
||||||
|
|
||||||
# namespace = 'passbook.ldap'
|
|
||||||
# settings = ['base']
|
|
||||||
|
|
||||||
# attrs_map = {
|
|
||||||
# 'base': {'placeholder': 'DN in which to search for users'},
|
|
||||||
# }
|
|
||||||
|
|
||||||
|
|
||||||
# class CreateUsersSettings(SettingsForm):
|
|
||||||
# """Create users settings"""
|
|
||||||
|
|
||||||
# namespace = 'passbook.ldap'
|
|
||||||
# settings = ['create_base']
|
|
||||||
|
|
||||||
# attrs_map = {
|
|
||||||
# 'create_base': {'placeholder': 'DN in which to create users'},
|
|
||||||
# }
|
|
||||||
|
|
28
passbook/ldap/migrations/0002_ldapgroupmembershippolicy.py
Normal file
28
passbook/ldap/migrations/0002_ldapgroupmembershippolicy.py
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
# Generated by Django 2.1.7 on 2019-03-10 18:38
|
||||||
|
|
||||||
|
import django.db.models.deletion
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('passbook_core', '0020_groupmembershippolicy'),
|
||||||
|
('passbook_ldap', '0001_initial'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.CreateModel(
|
||||||
|
name='LDAPGroupMembershipPolicy',
|
||||||
|
fields=[
|
||||||
|
('policy_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Policy')),
|
||||||
|
('dn', models.TextField()),
|
||||||
|
('source', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='passbook_ldap.LDAPSource')),
|
||||||
|
],
|
||||||
|
options={
|
||||||
|
'verbose_name': 'LDAP Group Membership Policy',
|
||||||
|
'verbose_name_plural': 'LDAP Group Membership Policys',
|
||||||
|
},
|
||||||
|
bases=('passbook_core.policy',),
|
||||||
|
),
|
||||||
|
]
|
|
@ -3,7 +3,7 @@
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
|
|
||||||
from passbook.core.models import Source
|
from passbook.core.models import Policy, Source, User
|
||||||
|
|
||||||
|
|
||||||
class LDAPSource(Source):
|
class LDAPSource(Source):
|
||||||
|
@ -37,30 +37,19 @@ class LDAPSource(Source):
|
||||||
verbose_name = _('LDAP Source')
|
verbose_name = _('LDAP Source')
|
||||||
verbose_name_plural = _('LDAP Sources')
|
verbose_name_plural = _('LDAP Sources')
|
||||||
|
|
||||||
|
class LDAPGroupMembershipPolicy(Policy):
|
||||||
|
"""Policy to check if a user is in a certain LDAP Group"""
|
||||||
|
|
||||||
# class LDAPModification(UUIDModel, CreatedUpdatedModel):
|
dn = models.TextField()
|
||||||
# """Store LDAP Data in DB if LDAP Server is unavailable"""
|
source = models.ForeignKey('LDAPSource', on_delete=models.CASCADE)
|
||||||
# ACTION_ADD = 'ADD'
|
|
||||||
# ACTION_MODIFY = 'MODIFY'
|
|
||||||
|
|
||||||
# ACTIONS = (
|
form = 'passbook.ldap.forms.LDAPGroupMembershipPolicyForm'
|
||||||
# (ACTION_ADD, 'ADD'),
|
|
||||||
# (ACTION_MODIFY, 'MODIFY'),
|
|
||||||
# )
|
|
||||||
|
|
||||||
# dn = models.CharField(max_length=255)
|
def passes(self, user: User):
|
||||||
# action = models.CharField(max_length=17, choices=ACTIONS, default=ACTION_MODIFY)
|
"""Check if user instance passes this policy"""
|
||||||
# data = JSONField()
|
raise NotImplementedError()
|
||||||
|
|
||||||
# def __str__(self):
|
class Meta:
|
||||||
# return "LDAPModification %d from %s" % (self.pk, self.created)
|
|
||||||
|
|
||||||
|
verbose_name = _('LDAP Group Membership Policy')
|
||||||
# class LDAPGroupMapping(UUIDModel, CreatedUpdatedModel):
|
verbose_name_plural = _('LDAP Group Membership Policys')
|
||||||
# """Model to map an LDAP Group to a passbook group"""
|
|
||||||
|
|
||||||
# ldap_dn = models.TextField()
|
|
||||||
# group = models.ForeignKey(Group, on_delete=models.CASCADE)
|
|
||||||
|
|
||||||
# def __str__(self):
|
|
||||||
# return "LDAPGroupMapping %s -> %s" % (self.ldap_dn, self.group.name)
|
|
||||||
|
|
Reference in a new issue