mirror of
https://github.com/retspen/webvirtcloud
synced 2024-12-24 23:25:24 +00:00
Added Technicians group
This commit is contained in:
parent
c817d3e61a
commit
de2dce7573
3 changed files with 45 additions and 11 deletions
15
admin/migrations/0003_create_group_technicians.py
Normal file
15
admin/migrations/0003_create_group_technicians.py
Normal file
|
@ -0,0 +1,15 @@
|
|||
from django.db import models, migrations
|
||||
|
||||
def apply_migration(apps, schema_editor):
|
||||
Group = apps.get_model('auth', 'Group')
|
||||
Group.objects.create(name='Technicians')
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('admin', '0002_auto_20200609_0830'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.RunPython(apply_migration)
|
||||
]
|
|
@ -1,5 +1,5 @@
|
|||
from django.contrib.auth.backends import ModelBackend
|
||||
from django.contrib.auth.models import User
|
||||
from django.contrib.auth.models import User, Group
|
||||
from django.conf import settings
|
||||
from accounts.models import UserAttributes, UserInstance, UserSSHKey
|
||||
from django.contrib.auth.models import Permission
|
||||
|
@ -44,21 +44,36 @@ try:
|
|||
# Get the user information from the LDAP if he can be authenticated
|
||||
isAdmin = False
|
||||
isStaff = False
|
||||
isTechnician = False
|
||||
|
||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None:
|
||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
|
||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
|
||||
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
|
||||
return None
|
||||
else:
|
||||
isStaff = True
|
||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
|
||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_TECHNICIANS) is None:
|
||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
|
||||
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
|
||||
return None
|
||||
else:
|
||||
isTechnician = True
|
||||
else:
|
||||
isStaff = True
|
||||
else:
|
||||
isAdmin = True
|
||||
isStaff = True
|
||||
isAdmin = True
|
||||
isStaff = True
|
||||
|
||||
techniciansGroup = Group.objects.get(name='Technicians')
|
||||
|
||||
try:
|
||||
user = User.objects.get(username=username)
|
||||
attributes = UserAttributes.objects.get(user=user)
|
||||
user.is_staff = isStaff
|
||||
user.is_superuser = isAdmin
|
||||
if isTechnician is False and user.groups.filter(name='Technicians').exists():
|
||||
user.groups.remove(techniciansGroup)
|
||||
elif isTechnician is True and user.groups.filter(name='Technicians').exists() is False:
|
||||
user.groups.add(techniciansGroup)
|
||||
else:
|
||||
print("The user is already in the Technicians group")
|
||||
user.save()
|
||||
# TODO VERIFY
|
||||
except User.DoesNotExist:
|
||||
print("authenticate-create new user: {}".format(username))
|
||||
|
@ -68,6 +83,8 @@ try:
|
|||
user.is_superuser = isAdmin
|
||||
user.set_password(uuid.uuid4().hex)
|
||||
user.save()
|
||||
if isTechnician is True:
|
||||
user.groups.add(techniciansGroup)
|
||||
maxInstances = 1
|
||||
maxCpus = 1
|
||||
maxMemory = 128
|
||||
|
|
|
@ -269,10 +269,12 @@ LDAP_ROOT_DN = ''
|
|||
## Queries to identify the users, i use groupOfUniqueNames on openldap
|
||||
|
||||
### PLEASE BE SURE memberOf overlay is activated on slapd
|
||||
## e.g. memberOf=cn=admins,cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||
## e.g. memberOf=cn=admins,cn=staff,cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||
LDAP_SEARCH_GROUP_FILTER_ADMINS = ''
|
||||
## e.g. memberOf=cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||
## e.g. memberOf=cn=staff,cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||
LDAP_SEARCH_GROUP_FILTER_STAFF = ''
|
||||
## e.g. memberOf=cn=technicians,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||
LDAP_SEARCH_GROUP_FILTER_TECHNICIANS = ''
|
||||
## e.g. memberOf=cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||
LDAP_SEARCH_GROUP_FILTER_USERS = ''
|
||||
|
||||
|
|
Loading…
Reference in a new issue