debug de l'ajout du support SupAnn
This commit is contained in:
parent
5fd91dfb6f
commit
7787374c2a
|
@ -5,7 +5,18 @@ class UnitAssignmentForm(forms.Form):
|
|||
nom = forms.CharField(max_length=100, label="Nom")
|
||||
prenom = forms.CharField(max_length=100, label="Prenom")
|
||||
email = forms.CharField(max_length=100, label="Email")
|
||||
nameid = forms.CharField(max_length=100, label="NameID")
|
||||
nameid = forms.CharField(max_length=100, label="NameID") #Obsolete
|
||||
|
||||
# Attributes from the Internet2 eduPerson and RENATER SupAnn2009 specifications:
|
||||
ep_principal_name = forms.CharField(max_length=100, label="eduPersonPrincipalName")
|
||||
s_etablissement = forms.CharField(max_length=100, label="supannEtablissement")
|
||||
ep_primary_affiliation = forms.CharField(max_length=100, label="eduPersonPrimaryAffiliation")
|
||||
ep_affiliation = forms.CharField(max_length=100, label="eduPersonAffiliation")
|
||||
s_entite_affectation_principale = forms.CharField(max_length=100, label="supannEntiteAffectationPrincipale")
|
||||
s_entite_affectation = forms.CharField(max_length=100, label="supannEntiteAffectation")
|
||||
s_emp_corps = forms.CharField(max_length=100, label="supannEmpCorps")
|
||||
s_liste_rouge = forms.CharField(max_length=100, label="supannListeRouge")
|
||||
|
||||
|
||||
class Meta:
|
||||
widgets= {'form' : forms.HiddenInput()}
|
||||
|
|
|
@ -1,7 +1,18 @@
|
|||
from django.db import models
|
||||
#from django.contrib.auth import models as m
|
||||
|
||||
from mellon.models import UserSAMLIdentifier
|
||||
from django.conf import settings
|
||||
|
||||
|
||||
# Create your models here.
|
||||
|
||||
class Unit(models.Model):
|
||||
name = models.CharField(max_length=100)
|
||||
|
||||
#TODO enum ?
|
||||
|
||||
class SupAnnUser(UserSAMLIdentifier):
|
||||
s_entite_affectation_principale = models.CharField(max_length=100)
|
||||
REQUIRED_FIELDS = []
|
||||
USERNAME_FIELD = 'name_id'
|
||||
|
|
|
@ -6,17 +6,20 @@ import urllib
|
|||
import urllib2
|
||||
import urlparse
|
||||
|
||||
from mellon.models import UserSAMLIdentifier
|
||||
#from mellon.models import UserSAMLIdentifier
|
||||
from .models import SupAnnUser
|
||||
|
||||
base = "ou=People,dc=entrouvert,dc=lan"
|
||||
#base = "ou=People,dc=entrouvert,dc=lan"
|
||||
base = "ou=supannPeople,dc=condorcet,dc=dev,dc=entrouvert,dc=org"
|
||||
scope = ldap.SCOPE_SUBTREE
|
||||
pocform = 'traitement'
|
||||
#pocform = 'traitement'
|
||||
pocform = 'traitement_supann'
|
||||
|
||||
def ldap_init():
|
||||
# The server's hostname:
|
||||
server = "spare.entrouvert.lan"
|
||||
server = "condorcet.dev.entrouvert.org"
|
||||
# Admin DN:
|
||||
who = "cn=admin,dc=entrouvert,dc=lan"
|
||||
who = "cn=admin,dc=condorcet,dc=dev,dc=entrouvert,dc=org"
|
||||
# Credentials: XXX
|
||||
cred = "test"
|
||||
|
||||
|
@ -46,28 +49,28 @@ def ldap_is_in_directory(id):
|
|||
# Does this user already is in the LDAP directory ?
|
||||
return 1 if rdata else 0
|
||||
|
||||
def ldap_max_uidnumber():
|
||||
l = ldap_init()
|
||||
|
||||
# We need to iterate the whole user list in
|
||||
# the default base DN:
|
||||
res = l.search(base, scope, '(uid=*)', None)
|
||||
rtype, rdata = l.result(res, 0)
|
||||
|
||||
# Let's assume UIDs are strictly positive numbers:
|
||||
uidNumber = 0
|
||||
|
||||
# rdata is non-empty as long as there are still
|
||||
# some entries to iterate over:
|
||||
while rdata :
|
||||
un = int(rdata[0][1]['uidNumber'][0])
|
||||
# Let's get the highest UID:
|
||||
if un > uidNumber:
|
||||
uidNumber = un
|
||||
rtype, rdata = l.result(res, 0)
|
||||
|
||||
ldap_terminate(l)
|
||||
return uidNumber
|
||||
#def ldap_max_uidnumber():
|
||||
# l = ldap_init()
|
||||
#
|
||||
# # We need to iterate the whole user list in
|
||||
# # the default base DN:
|
||||
# res = l.search(base, scope, '(uid=*)', None)
|
||||
# rtype, rdata = l.result(res, 0)
|
||||
#
|
||||
# # Let's assume UIDs are strictly positive numbers:
|
||||
# uidNumber = 0
|
||||
#
|
||||
# # rdata is non-empty as long as there are still
|
||||
# # some entries to iterate over:
|
||||
# while rdata :
|
||||
# un = int(rdata[0][1]['uidNumber'][0])
|
||||
# # Let's get the highest UID:
|
||||
# if un > uidNumber:
|
||||
# uidNumber = un
|
||||
# rtype, rdata = l.result(res, 0)
|
||||
#
|
||||
# ldap_terminate(l)
|
||||
# return uidNumber
|
||||
|
||||
def craft_uid(id):
|
||||
return (id['prenom'][0]+id['nom']).lower()
|
||||
|
@ -76,9 +79,8 @@ def ldap_craft_uid(id):
|
|||
return craft_uid(id)
|
||||
|
||||
def ldap_add_entry(id):
|
||||
# uid and uidNumber on-the-fly production:
|
||||
uidNumber = ldap_max_uidnumber()+1
|
||||
#uid = ldap_craft_uid(id)
|
||||
# generate a uidNumber:
|
||||
#uidNumber = ldap_max_uidnumber()+1
|
||||
|
||||
# The to-be-added entry DN.
|
||||
# the "dn: " prefix musn't appear here:
|
||||
|
@ -86,13 +88,11 @@ def ldap_add_entry(id):
|
|||
|
||||
# All the entry attributes can be defind in a dictionary as below:
|
||||
addmod = {}
|
||||
addmod['objectClass'] = ['inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount', 'top']
|
||||
#addmod['objectClass'] = ['inetOrgPerson', 'organizationalPerson', 'person', 'posixAccount', 'top']
|
||||
addmod['objectClass'] = ['inetOrgPerson', 'eduPerson', 'supannPerson']
|
||||
addmod['cn'] = id['prenom']+" "+id['nom']
|
||||
addmod['uid'] = id['nameid']
|
||||
addmod['uidNumber'] = str(uidNumber)
|
||||
addmod['gidNumber'] = '1000'
|
||||
addmod['sn'] = id['nom']
|
||||
addmod['homeDirectory'] = "/home/"+id['nameid']
|
||||
|
||||
# From here we get an addModlist intelligible to python-ldap:
|
||||
ldif = modlist.addModlist(addmod)
|
||||
|
@ -111,12 +111,22 @@ def saml_collect_data():
|
|||
form = {}
|
||||
|
||||
# Build the SSO operation summary:
|
||||
form['prenom'] = str(UserSAMLIdentifier.objects.last().user.first_name)
|
||||
form['nom'] = str(UserSAMLIdentifier.objects.last().user.last_name)
|
||||
form['email'] = str(UserSAMLIdentifier.objects.last().user.email)
|
||||
#form['password'] = UserSAMLIdentifier.objects.last().user.password # dirty
|
||||
form['prenom'] = str(SupAnnUser.objects.last().user.first_name)
|
||||
form['nom'] = str(SupAnnUser.objects.last().user.last_name)
|
||||
form['email'] = str(SupAnnUser.objects.last().user.email)
|
||||
form['nameid'] = craft_uid(form) # XXX redundant information
|
||||
|
||||
#import pdb; pdb.set_trace()
|
||||
# TODO SupAnn attributes:
|
||||
form['ep_principal_name'] = str(SupAnnUser.objects.last().user.ep_principal_name)
|
||||
form['s_etablissement'] = str(SupAnnUser.objects.last().user.s_etablissement)
|
||||
form['ep_primary_affiliation'] = str(SupAnnUser.objects.last().user.ep_primary_affiliation)
|
||||
form['ep_affiliation'] = str(SupAnnUser.objects.last().user.ep_affiliation)
|
||||
form['s_entite_affectation_principale'] = str(SupAnnUser.objects.last().user.s_entite_affectation_principale)
|
||||
form['s_entite_affectation'] = str(SupAnnUser.objects.last().user.s_entite_affectation)
|
||||
form['s_emp_corps'] = str(SupAnnUser.objects.last().user.s_emp_corps)
|
||||
form['s_liste_rouge'] = str(SupAnnUser.objects.last().user.s_liste_rouge)
|
||||
|
||||
return form
|
||||
|
||||
def wcs_submit(id):
|
||||
|
@ -135,7 +145,10 @@ def wcs_submit(id):
|
|||
|
||||
data = json.dumps(form)
|
||||
|
||||
posturl = 'http://wcs.example.com/api/formdefs/'+pocform+'/submit'
|
||||
#posturl = 'http://wcs.example.com/api/formdefs/'+pocform+'/submit'
|
||||
#posturl = 'http://wcs-condorcet.dev.entrouvert.org/api/formdefs/'+pocform+'/submit'
|
||||
posturl = 'http://forms-condorcet.dev.entrouvert.org/api/formdefs/'+pocform+'/submit'
|
||||
|
||||
|
||||
req = urllib2.Request(posturl, data)
|
||||
req.add_header("Content-Type", "application/json")
|
||||
|
|
|
@ -21,7 +21,7 @@ from inspect import getmembers
|
|||
from .forms import UnitAssignmentForm
|
||||
from .models import Unit
|
||||
from .decorators import user_not_in_ldap
|
||||
from .utils import ldap_is_in_directory, ldap_add_entry, saml_collect_data, wcs_submit
|
||||
from .utils import ldap_is_in_directory, ldap_add_entry, saml_collect_data, wcs_submit, ldap_init
|
||||
|
||||
import django
|
||||
import pdb
|
||||
|
@ -30,7 +30,21 @@ import pdb
|
|||
# export global config variables in settings.py
|
||||
|
||||
# Create your views here.
|
||||
wcs_fields = ['prenom', 'nom', 'email', 'nameid', 'unit']
|
||||
#wcs_fields = ['prenom', 'nom', 'email', 'nameid', 'unit']
|
||||
|
||||
wcs_fields = ['prenom',
|
||||
'nom',
|
||||
'email',
|
||||
'nameid',
|
||||
'unit'
|
||||
'ep_principal_name',
|
||||
's_etablissement',
|
||||
'ep_primary_affiliation',
|
||||
'ep_affiliation',
|
||||
's_entite_affectation_principale',
|
||||
's_entite_affectation',
|
||||
's_emp_corps',
|
||||
's_liste_rouge']
|
||||
|
||||
|
||||
# DEPRECATED
|
||||
|
@ -87,8 +101,11 @@ class UnitFormView(FormView):
|
|||
#return HttpResponse(str(data))
|
||||
#return HttpResponse(str(request.POST.items()))
|
||||
wcs_submit(data)
|
||||
return render(request, 'unit_sent.html')
|
||||
#return render(request, 'unit_sent.html', locals())
|
||||
|
||||
#return render(request, 'unit_sent.html')
|
||||
#return HttpResponse("ok boy")
|
||||
|
||||
return render(request, 'unit_sent.html', locals())
|
||||
|
||||
## DEPRECATED
|
||||
#def saml_parse(saml_assert):
|
||||
|
|
|
@ -10,6 +10,11 @@ https://docs.djangoproject.com/en/1.7/ref/settings/
|
|||
|
||||
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
||||
import os
|
||||
|
||||
#from saml.models import SupAnnUser
|
||||
|
||||
#from .sp_sso.models import SupAnnUser
|
||||
|
||||
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
|
||||
|
||||
|
||||
|
@ -24,12 +29,12 @@ DEBUG = True
|
|||
|
||||
TEMPLATE_DEBUG = True
|
||||
|
||||
ALLOWED_HOSTS = []
|
||||
ALLOWED_HOSTS = ['localhost', 'sp-condorcet.dev.entrouvert.org']
|
||||
|
||||
MELLON_HACK = True
|
||||
|
||||
TEMPLATE_DIRS = (
|
||||
'/home/paul/Documents/paul-synchro/django/sp_sso/templates/',
|
||||
'templates',
|
||||
)
|
||||
|
||||
|
||||
|
@ -38,17 +43,29 @@ AUTHENTICATION_BACKENDS = (
|
|||
'django.contrib.auth.backends.ModelBackend',
|
||||
)
|
||||
|
||||
AUTH_USER_MODEL = 'saml.SupAnnUser'
|
||||
|
||||
|
||||
LOGIN_URL = '/saml/login/'
|
||||
#LOGIN_REDIRECT_URL = '/saml/index/'
|
||||
LOGIN_REDIRECT_URL = '/saml/unit'
|
||||
LOGIN_URL = '/saml/login/'
|
||||
LOGOUT_URL = '/saml/logout/'
|
||||
#LOGIN_URL = 'mellon_login'
|
||||
#LOGOUT_URL = 'mellon_logout'
|
||||
|
||||
MELLON_ATTRIBUTE_MAPPING = {
|
||||
'first_name': '{attributes[fname_test][0]}',
|
||||
'last_name': '{attributes[lname_test][0]}',
|
||||
'email' : '{attributes[email_test][0]}',
|
||||
'password' : '{attributes[password_test][0]}',
|
||||
'ep_principal_name' : '{attributes[ep_principal_name][0]}',
|
||||
's_etablissement' : '{attributes[s_etablissement][0]}',
|
||||
'ep_primary_affiliation' : '{attributes[ep_primary_affiliation][0]}',
|
||||
'ep_affiliation' : '{attributes[ep_affiliation][0]}',
|
||||
's_entite_affectation_principale' : '{attributes[s_entite_affectation_principale][0]}',
|
||||
's_entite_affectation' : '{attributes[s_entite_affectation][0]}',
|
||||
's_emp_corps' : '{attributes[s_emp_corps][0]}',
|
||||
's_liste_rouge' : '{attributes[s_liste_rouge][0]}',
|
||||
}
|
||||
|
||||
MELLON_SUPERUSER_MAPPING = {
|
||||
|
@ -58,7 +75,8 @@ MELLON_SUPERUSER_MAPPING = {
|
|||
MELLON_USERNAME_TEMPLATE = '{attributes[name_id_content]}'
|
||||
|
||||
MELLON_IDENTITY_PROVIDERS = [{
|
||||
'METADATA_URL': 'http://localhost:8000/idp/saml2/metadata'
|
||||
#'METADATA_URL': 'http://localhost:8000/idp/saml2/metadata'
|
||||
'METADATA_URL': 'http://idp-condorcet.dev.entrouvert.org/idp/saml2/metadata'
|
||||
}]
|
||||
|
||||
|
||||
|
@ -116,5 +134,6 @@ USE_TZ = True
|
|||
# Static files (CSS, JavaScript, Images)
|
||||
# https://docs.djangoproject.com/en/1.7/howto/static-files/
|
||||
|
||||
STATIC_URL = '/static/'
|
||||
STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
|
||||
STATIC_URL = 'static/'
|
||||
#STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
|
||||
STATIC_ROOT = 'static'
|
||||
|
|
Reference in New Issue