256 lines
9.8 KiB
Plaintext
256 lines
9.8 KiB
Plaintext
import random
|
|
import lasso
|
|
|
|
from quixote import get_response, get_request, get_session, redirect
|
|
from quixote.directory import Directory
|
|
|
|
from menu import *
|
|
|
|
from qommon import emails
|
|
from qommon import errors
|
|
from qommon import misc, get_cfg
|
|
from lcs.users import User
|
|
|
|
import qommon.ident
|
|
from qommon.form import *
|
|
|
|
|
|
class UserUI:
|
|
def __init__(self, user):
|
|
self.user = user
|
|
|
|
def form(self):
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
formdef = User.get_formdef()
|
|
users_cfg = get_cfg('users', {})
|
|
|
|
form = Form(enctype='multipart/form-data')
|
|
if not formdef or not users_cfg.get('field_name'):
|
|
form.add(StringWidget, 'name', title = _('Name'), required = True, size=30,
|
|
value = self.user.name)
|
|
if not formdef or not users_cfg.get('field_email'):
|
|
form.add(EmailWidget, 'email', title = _('Email'), required = False, size=30,
|
|
value = self.user.email)
|
|
if formdef:
|
|
formdef.add_fields_to_form(form, form_data = self.user.form_data)
|
|
form.add(CheckboxWidget, 'is_admin', title = _('Administrator Account'),
|
|
value = self.user.is_admin)
|
|
|
|
for klass in [x for x in qommon.ident.get_method_classes() if x.key in ident_methods]:
|
|
if klass.method_admin_widget:
|
|
value = klass().get_value(self.user)
|
|
form.add(klass.method_admin_widget, 'method_%s' % klass.key, required = True,
|
|
value = value)
|
|
|
|
form.add_submit('submit', _('Submit'))
|
|
form.add_submit('cancel', _('Cancel'))
|
|
return form
|
|
|
|
def submit_form(self, form):
|
|
formdef = User.get_formdef()
|
|
if not self.user:
|
|
self.user = User()
|
|
for f in ('name', 'email', 'is_admin'):
|
|
widget = form.get_widget(f)
|
|
if widget:
|
|
setattr(self.user, f, widget.parse())
|
|
if formdef:
|
|
data = formdef.get_data(form)
|
|
users_cfg = get_cfg('users', {})
|
|
if users_cfg.get('field_name'):
|
|
self.user.name = data.get(users_cfg.get('field_name'))
|
|
if users_cfg.get('field_email'):
|
|
self.user.email = data.get(users_cfg.get('field_email'))
|
|
self.user.form_data = data
|
|
|
|
# user is stored first so it get an id; necessary for some ident
|
|
# methods
|
|
self.user.store()
|
|
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
for klass in [x for x in qommon.ident.get_method_classes() if x.key in ident_methods]:
|
|
widget = form.get_widget('method_%s' % klass.key)
|
|
if widget:
|
|
klass().submit(self.user, widget)
|
|
|
|
# XXX: and store!
|
|
# XXX 2: but pay attention to errors set on widget (think
|
|
# "duplicate username") (and the calling method will also
|
|
# have to check this)
|
|
|
|
|
|
class UserPage(Directory):
|
|
_q_exports = ['', 'edit', 'delete', 'token', 'debug']
|
|
|
|
def __init__(self, component):
|
|
self.user = User.get(component)
|
|
self.user_ui = UserUI(self.user)
|
|
get_response().breadcrumb.append((component + '/', self.user.name))
|
|
|
|
def _q_index [html] (self):
|
|
html_top('users', '%s - %s' % (_('User'), self.user.name))
|
|
'<h2>%s - %s</h2>' % (_('User'), self.user.name)
|
|
'<div class="form">'
|
|
'<div class="title">%s</div>' % _('Name')
|
|
'<div class="StringWidget content">%s</div>' % self.user.name
|
|
if self.user.email:
|
|
'<div class="title">%s</div>' % _('Email')
|
|
'<div class="StringWidget content">%s</div>' % self.user.email
|
|
if self.user.is_admin:
|
|
'<div class="title">%s</div>' % _('Roles')
|
|
'<div class="StringWidget content"><ul>'
|
|
if self.user.is_admin:
|
|
'<li><strong>%s</strong></li>' % _('Site Administrator')
|
|
'</ul></div>'
|
|
if self.user.lasso_dump:
|
|
identity = lasso.Identity.newFromDump(self.user.lasso_dump)
|
|
server = misc.get_lasso_server()
|
|
if len(identity.providerIds) and server:
|
|
'<h3>%s</h3>' % _('Liberty Alliance Details')
|
|
'<div class="StringWidget content"><ul>'
|
|
for pid in identity.providerIds:
|
|
provider = server.getProvider(pid)
|
|
label = misc.get_provider_label(provider)
|
|
if label:
|
|
label = '%s (%s)' % (label, pid)
|
|
else:
|
|
label = pid
|
|
federation = identity.getFederation(pid)
|
|
'<li>'
|
|
_('Account federated with %s') % label
|
|
'<br />'
|
|
if federation.localNameIdentifier:
|
|
_("local: ") + federation.localNameIdentifier.content
|
|
if federation.remoteNameIdentifier:
|
|
_("remote: ") + federation.remoteNameIdentifier.content
|
|
'</li>'
|
|
'</ul></div>'
|
|
|
|
if get_cfg('debug', {}).get('debug_mode', False):
|
|
'<h4>%s</h4>' % _('Lasso Identity Dump')
|
|
'<pre>%s</pre>' % self.user.lasso_dump
|
|
'</div>'
|
|
|
|
def debug [html] (self):
|
|
get_response().breadcrumb.append( ('debug', _('Debug')) )
|
|
html_top('users', 'Debug')
|
|
"<h2>Debug - %s</h2>" % self.user.name
|
|
"<pre>"
|
|
self.user.lasso_dump
|
|
"</pre>"
|
|
|
|
def edit [html] (self):
|
|
form = self.user_ui.form()
|
|
if form.get_widget('cancel').parse():
|
|
return redirect('..')
|
|
|
|
display_form = (not form.is_submitted() or form.has_errors())
|
|
|
|
if display_form:
|
|
get_response().breadcrumb.append( ('edit', _('Edit')) )
|
|
html_top('users', title = _('Edit User'))
|
|
'<h2>%s</h2>' % _('Edit User')
|
|
form.render()
|
|
else:
|
|
self.user_ui.submit_form(form)
|
|
return redirect('..')
|
|
|
|
def delete [html] (self):
|
|
form = Form(enctype="multipart/form-data")
|
|
form.widgets.append(HtmlWidget('<p>%s</p>' % _(
|
|
"You are about to irrevocably delete this user.")))
|
|
form.add_submit("submit", _("Submit"))
|
|
form.add_submit("cancel", _("Cancel"))
|
|
if form.get_widget('cancel').parse():
|
|
return redirect('..')
|
|
if not form.is_submitted() or form.has_errors():
|
|
get_response().breadcrumb.append(('delete', _('Delete')))
|
|
html_top('users', title = _('Delete User'))
|
|
'<h2>%s %s</h2>' % (_('Deleting User:'), self.user.name)
|
|
form.render()
|
|
else:
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
for klass in [x for x in qommon.ident.get_method_classes() if x.key in ident_methods]:
|
|
klass().delete(self.user)
|
|
self.user.remove_self()
|
|
return redirect('..')
|
|
|
|
|
|
class UsersDirectory(Directory):
|
|
_q_exports = ['', 'new']
|
|
|
|
def _q_index [html] (self):
|
|
get_response().breadcrumb.append( ('users/', _('Users')) )
|
|
html_top('users', title = _('Users'))
|
|
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
if ident_methods == ['idp'] and len(get_cfg('idp', {}).items()) == 0:
|
|
'<p>%s</p>' % _('Liberty support must be setup before creating users.')
|
|
else:
|
|
"""<ul id="nav-users-admin">
|
|
<li><a href="new">%s</a></li>
|
|
</ul>""" % (_('New User'))
|
|
|
|
debug_cfg = get_cfg('debug', {})
|
|
|
|
users = User.select(order_by = 'name')
|
|
|
|
'<ul class="biglist">'
|
|
for user in users:
|
|
'<li>'
|
|
'<strong class="label">%s</strong>' % user.display_name
|
|
if user.email:
|
|
'<p class="details">'
|
|
user.email
|
|
'</p>'
|
|
|
|
'<p class="commands">'
|
|
command_icon('%s/' % user.id, 'view')
|
|
command_icon('%s/edit' % user.id, 'edit')
|
|
command_icon('%s/delete' % user.id, 'remove')
|
|
if debug_cfg.get('logger', False):
|
|
command_icon('../logger/by_user/%s/' % user.id, 'logs',
|
|
label = _('Logs'), icon = 'stock_harddisk_16.png')
|
|
'</p></li>'
|
|
'</ul>'
|
|
|
|
def new [html] (self):
|
|
get_response().breadcrumb.append( ('users/', _('Users')) )
|
|
get_response().breadcrumb.append( ('new', _('New')) )
|
|
ident_methods = get_cfg('identification', {}).get('methods', [])
|
|
if ident_methods == ['idp'] and len(get_cfg('idp', {}).items()) == 0:
|
|
return error_page('users',
|
|
_('Liberty support must be setup before creating users.'))
|
|
# XXX: user must be logged in to get here
|
|
user = User()
|
|
user_ui = UserUI(user)
|
|
first_user = User.count() == 0
|
|
if first_user:
|
|
user.is_admin = first_user
|
|
form = user_ui.form()
|
|
if form.get_widget('cancel').parse():
|
|
return redirect('.')
|
|
|
|
if not form.is_submitted() or form.has_errors():
|
|
html_top('users', title = _('New User'))
|
|
'<h2>%s</h2>' % _('New User')
|
|
form.render()
|
|
else:
|
|
user_ui.submit_form(form)
|
|
if first_user:
|
|
req = get_request()
|
|
if req.user:
|
|
user_ui.user.name_identifiers = req.user.name_identifiers
|
|
user_ui.user.lasso_dump = req.user.lasso_dump
|
|
user_ui.user.store()
|
|
get_session().set_user(user_ui.user.id)
|
|
return redirect('.')
|
|
|
|
def _q_lookup(self, component):
|
|
get_response().breadcrumb.append( ('users/', _('Users')) )
|
|
try:
|
|
return UserPage(component)
|
|
except KeyError:
|
|
raise errors.TraversalError()
|
|
|