Files
@ 87f0800abc7b
Branch filter:
Location: kallithea/rhodecode/controllers/admin/ldap_settings.py
87f0800abc7b
4.9 KiB
text/x-python
#227 Initial version of repository groups permissions system
- implemented none/read/write/admin permissions for groups
- wrote more tests for permissions, and new permissions groups
- a lot of code garden, splitted logic into proper models
- permissions on groups doesn't propagate yet to repositories
- deprecated some methods on api for managing permissions on
repositories for users, and users groups
- implemented none/read/write/admin permissions for groups
- wrote more tests for permissions, and new permissions groups
- a lot of code garden, splitted logic into proper models
- permissions on groups doesn't propagate yet to repositories
- deprecated some methods on api for managing permissions on
repositories for users, and users groups
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 | # -*- coding: utf-8 -*-
"""
rhodecode.controllers.admin.ldap_settings
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ldap controller for RhodeCode
:created_on: Nov 26, 2010
:author: marcink
:copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
:license: GPLv3, see COPYING for more details.
"""
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import logging
import formencode
import traceback
from formencode import htmlfill
from pylons import request, response, session, tmpl_context as c, url
from pylons.controllers.util import abort, redirect
from pylons.i18n.translation import _
from sqlalchemy.exc import DatabaseError
from rhodecode.lib.base import BaseController, render
from rhodecode.lib import helpers as h
from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
from rhodecode.lib.exceptions import LdapImportError
from rhodecode.model.forms import LdapSettingsForm
from rhodecode.model.db import RhodeCodeSetting
log = logging.getLogger(__name__)
class LdapSettingsController(BaseController):
search_scope_choices = [('BASE', _('BASE'),),
('ONELEVEL', _('ONELEVEL'),),
('SUBTREE', _('SUBTREE'),),
]
search_scope_default = 'SUBTREE'
tls_reqcert_choices = [('NEVER', _('NEVER'),),
('ALLOW', _('ALLOW'),),
('TRY', _('TRY'),),
('DEMAND', _('DEMAND'),),
('HARD', _('HARD'),),
]
tls_reqcert_default = 'DEMAND'
tls_kind_choices = [('PLAIN', _('No encryption'),),
('LDAPS', _('LDAPS connection'),),
('START_TLS', _('START_TLS on LDAP connection'),)
]
tls_kind_default = 'PLAIN'
@LoginRequired()
@HasPermissionAllDecorator('hg.admin')
def __before__(self):
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
c.search_scope_choices = self.search_scope_choices
c.tls_reqcert_choices = self.tls_reqcert_choices
c.tls_kind_choices = self.tls_kind_choices
c.search_scope_cur = self.search_scope_default
c.tls_reqcert_cur = self.tls_reqcert_default
c.tls_kind_cur = self.tls_kind_default
super(LdapSettingsController, self).__before__()
def index(self):
defaults = RhodeCodeSetting.get_ldap_settings()
c.search_scope_cur = defaults.get('ldap_search_scope')
c.tls_reqcert_cur = defaults.get('ldap_tls_reqcert')
c.tls_kind_cur = defaults.get('ldap_tls_kind')
return htmlfill.render(
render('admin/ldap/ldap.html'),
defaults=defaults,
encoding="UTF-8",
force_defaults=True,)
def ldap_settings(self):
"""POST ldap create and store ldap settings"""
_form = LdapSettingsForm([x[0] for x in self.tls_reqcert_choices],
[x[0] for x in self.search_scope_choices],
[x[0] for x in self.tls_kind_choices])()
try:
form_result = _form.to_python(dict(request.POST))
try:
for k, v in form_result.items():
if k.startswith('ldap_'):
setting = RhodeCodeSetting.get_by_name(k)
setting.app_settings_value = v
self.sa.add(setting)
self.sa.commit()
h.flash(_('Ldap settings updated successfully'),
category='success')
except (DatabaseError,):
raise
except LdapImportError:
h.flash(_('Unable to activate ldap. The "python-ldap" library '
'is missing.'), category='warning')
except formencode.Invalid, errors:
e = errors.error_dict or {}
return htmlfill.render(
render('admin/ldap/ldap.html'),
defaults=errors.value,
errors=e,
prefix_error=False,
encoding="UTF-8")
except Exception:
log.error(traceback.format_exc())
h.flash(_('error occurred during update of ldap settings'),
category='error')
return redirect(url('ldap_home'))
|