1
0
Fork 0
mirror of https://github.com/retspen/webvirtcloud synced 2024-12-24 23:25:24 +00:00

Added Technicians group

This commit is contained in:
Info-IIG 2022-06-14 15:10:33 +02:00
parent c817d3e61a
commit de2dce7573
3 changed files with 45 additions and 11 deletions

View file

@ -0,0 +1,15 @@
from django.db import models, migrations
def apply_migration(apps, schema_editor):
Group = apps.get_model('auth', 'Group')
Group.objects.create(name='Technicians')
class Migration(migrations.Migration):
dependencies = [
('admin', '0002_auto_20200609_0830'),
]
operations = [
migrations.RunPython(apply_migration)
]

View file

@ -1,5 +1,5 @@
from django.contrib.auth.backends import ModelBackend
from django.contrib.auth.models import User
from django.contrib.auth.models import User, Group
from django.conf import settings
from accounts.models import UserAttributes, UserInstance, UserSSHKey
from django.contrib.auth.models import Permission
@ -44,21 +44,36 @@ try:
# Get the user information from the LDAP if he can be authenticated
isAdmin = False
isStaff = False
isTechnician = False
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None:
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
return None
else:
isStaff = True
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_TECHNICIANS) is None:
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
return None
else:
isTechnician = True
else:
isStaff = True
else:
isAdmin = True
isStaff = True
isAdmin = True
isStaff = True
techniciansGroup = Group.objects.get(name='Technicians')
try:
user = User.objects.get(username=username)
attributes = UserAttributes.objects.get(user=user)
user.is_staff = isStaff
user.is_superuser = isAdmin
if isTechnician is False and user.groups.filter(name='Technicians').exists():
user.groups.remove(techniciansGroup)
elif isTechnician is True and user.groups.filter(name='Technicians').exists() is False:
user.groups.add(techniciansGroup)
else:
print("The user is already in the Technicians group")
user.save()
# TODO VERIFY
except User.DoesNotExist:
print("authenticate-create new user: {}".format(username))
@ -68,6 +83,8 @@ try:
user.is_superuser = isAdmin
user.set_password(uuid.uuid4().hex)
user.save()
if isTechnician is True:
user.groups.add(techniciansGroup)
maxInstances = 1
maxCpus = 1
maxMemory = 128

View file

@ -269,10 +269,12 @@ LDAP_ROOT_DN = ''
## Queries to identify the users, i use groupOfUniqueNames on openldap
### PLEASE BE SURE memberOf overlay is activated on slapd
## e.g. memberOf=cn=admins,cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
## e.g. memberOf=cn=admins,cn=staff,cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
LDAP_SEARCH_GROUP_FILTER_ADMINS = ''
## e.g. memberOf=cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
## e.g. memberOf=cn=staff,cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
LDAP_SEARCH_GROUP_FILTER_STAFF = ''
## e.g. memberOf=cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
LDAP_SEARCH_GROUP_FILTER_TECHNICIANS = ''
## e.g. memberOf=cn=webvirtcloud,ou=groups,dc=kendar,dc=org
LDAP_SEARCH_GROUP_FILTER_USERS = ''