summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrederic Peters <fpeters@0d.be>2008-04-10 11:34:46 (GMT)
committerFrederic Peters <fpeters@0d.be>2008-04-10 11:34:46 (GMT)
commit0471aa89415932d05f3c6f8ad3800bf55d3e02c5 (patch)
tree48d6c22003f511db37a3352c59996d1af3d76318
parent13f7142182fb19f31d718f23d6b4701c5c2f4804 (diff)
downloadpratic-0471aa89415932d05f3c6f8ad3800bf55d3e02c5.zip
pratic-0471aa89415932d05f3c6f8ad3800bf55d3e02c5.tar.gz
pratic-0471aa89415932d05f3c6f8ad3800bf55d3e02c5.tar.bz2
handle service accesses
-rw-r--r--idp/extra/modules/directory.py17
-rw-r--r--idp/extra/modules/identities_ui.ptl65
2 files changed, 77 insertions, 5 deletions
diff --git a/idp/extra/modules/directory.py b/idp/extra/modules/directory.py
index 3d1c7e7..d472b03 100644
--- a/idp/extra/modules/directory.py
+++ b/idp/extra/modules/directory.py
@@ -126,6 +126,7 @@ class Agent:
facsimileTelephoneNumber = None
mobile = None
cdg59agentSirhCode = None
+ cdg59serviceAccesses = None
ldap_entry = None
@@ -143,6 +144,10 @@ class Agent:
self.cdg59isAdmin = (self.cdg59isAdmin == 'TRUE')
self.cdg59isDisabled = (self.cdg59isDisabled == 'TRUE')
+ if data.get('cdg59serviceAccesses'):
+ self.cdg59serviceAccesses = [utf8toiso(x) for x in data.get('cdg59serviceAccesses')]
+ else:
+ self.cdg59serviceAccesses = []
self.username = data.get('uid')[0]
@@ -186,11 +191,14 @@ class Agent:
store.ldap_conn.delete_s(self.ldap_entry[0])
-def get_agents(collectivity):
+def get_agents(collectivity, sorted = False):
store = get_store()
result = store.ldap_conn.search_s(collectivity.dn,
ldap.SCOPE_SUBTREE, 'objectClass=cdg59agent')
- return [Agent(x) for x in result]
+ agents = [Agent(x) for x in result]
+ if sorted:
+ agents.sort(lambda x,y: cmp(x.sn.lower(), y.sn.lower()))
+ return agents
def get_agent(collectivity, username):
store = get_store()
@@ -283,7 +291,10 @@ class ServiceInstance:
store = get_store()
result = store.ldap_conn.search_s(store.pratic_ldap_base,
ldap.SCOPE_SUBTREE, '(&(cdg59sid=%s)(objectClass=cdg59service))' % self.cdg59siid)
- self._name = utf8toiso(result[0][1]['cn'][0])
+ try:
+ self._name = utf8toiso(result[0][1]['cn'][0])
+ except IndexError:
+ self._name = '%s (e)' % self.cdg59siid
return self._name
name = property(get_name)
diff --git a/idp/extra/modules/identities_ui.ptl b/idp/extra/modules/identities_ui.ptl
index 19bd585..4a31508 100644
--- a/idp/extra/modules/identities_ui.ptl
+++ b/idp/extra/modules/identities_ui.ptl
@@ -161,7 +161,7 @@ class AgentDirectory(Directory):
class IdentitiesDirectory(Directory):
- _q_exports = ['', 'new', 'lookup_sirh']
+ _q_exports = ['', 'new', 'lookup_sirh', 'authorizations']
collectivity = None
@@ -205,9 +205,11 @@ class IdentitiesDirectory(Directory):
'<p>'
'<a href="new">%s</a>' % _('Add a new Agent')
+ if user.is_admin() or user.is_local_admin():
+ ' <a href="authorizations">%s</a>' % _('Manage Authorizations')
'</p>'
'<ul class="biglist">'
- for agent in directory.get_agents(self.collectivity):
+ for agent in directory.get_agents(self.collectivity, sorted = True):
if agent.cdg59isDisabled:
'<li class="biglistitem disabled">'
elif agent.cdg59isAdmin:
@@ -227,6 +229,65 @@ class IdentitiesDirectory(Directory):
'<a href="../">%s</a>' % _('Back')
'</p>'
+ def authorizations [html] (self):
+ if not self.collectivity:
+ raise errors.TraversalError()
+
+ user = get_session().get_user_object()
+ if not (user.is_admin() or user.is_local_admin()):
+ raise errors.AccessForbiddenError()
+
+ if get_request().get_method() == 'POST':
+ return self.authorizations_submit()
+
+ html_top('identities', _('Authorizations Management'))
+ get_response().breadcrumb.append(('authorizations', _('Authorizations Management')))
+
+ get_session().display_message()
+
+ services = directory.get_service_instances(self.collectivity)
+
+ '<form method="post">'
+ '<table>'
+ '<thead>'
+ '<tr>'
+ '<td></td>'
+ for service in services:
+ '<th>%s</th>' % service.name
+ '</tr>'
+ '</thead>'
+ '<tbody>'
+ for agent in directory.get_agents(self.collectivity, sorted = True):
+ if agent.cdg59isDisabled:
+ '<tr class="disabled">'
+ else:
+ '<tr>'
+ '<th>%s</th>' % agent.cn
+ for service in services:
+ '<td>'
+ '<input name="%s" type="checkbox" value="%s"' % (agent.username, service.cdg59siid)
+ if service.cdg59siid in agent.cdg59serviceAccesses:
+ ' checked="checked"'
+ '/>'
+ '</td>'
+ '</tr>'
+ '</tbody>'
+ '</table>'
+
+ '<input type="submit" value="%s"/>' % _('Submit')
+ '</form>'
+
+ def authorizations_submit(self):
+ form = get_request().form
+ for agent in directory.get_agents(self.collectivity):
+ accesses = agent.cdg59serviceAccesses
+ new_value = form.get(agent.username, [])
+ if sorted(accesses) != sorted(new_value):
+ agent.cdg59serviceAccesses = new_value
+ agent.save(changed = ['cdg59serviceAccesses'])
+ get_session().message = ('info', _('New authorizations saved succesfully.'))
+ return redirect('authorizations')
+
def lookup_sirh(self):
form = Form(action = 'lookup_sirh')
form.add(StringWidget, 'sirh', title = _('Search on SIRH Code'), size = 10,