diff options
author | Kevin McCarthy <kmccarth@redhat.com> | 2007-10-15 13:07:39 -0700 |
---|---|---|
committer | Kevin McCarthy <kmccarth@redhat.com> | 2007-10-15 13:07:39 -0700 |
commit | 233915b780f6edf01d5850ec69428f12c06a9f08 (patch) | |
tree | bfcba3abcd9fe3663057ce2bb68fd4fbc4bffea7 | |
parent | fbbdd27b5389ccbafa3fea8608b412759093cb69 (diff) | |
download | freeipa-233915b780f6edf01d5850ec69428f12c06a9f08.tar.gz freeipa-233915b780f6edf01d5850ec69428f12c06a9f08.tar.xz freeipa-233915b780f6edf01d5850ec69428f12c06a9f08.zip |
Add basic delegation editing.
-rw-r--r-- | ipa-python/aci.py | 15 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/forms/delegate.py | 14 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py | 127 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/delegateedit.kid | 16 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/delegatelist.kid | 8 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/delegatenew.kid | 3 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid | 23 |
7 files changed, 170 insertions, 36 deletions
diff --git a/ipa-python/aci.py b/ipa-python/aci.py index 137d9ee1d..092285e2a 100644 --- a/ipa-python/aci.py +++ b/ipa-python/aci.py @@ -18,6 +18,8 @@ import re import urllib +import ipa.ipautil + class ACI: """ Holds the basic data for an ACI entry, as stored in the cn=accounts @@ -30,6 +32,7 @@ class ACI: self.source_group = '' self.dest_group = '' self.attrs = [] + self.orig_acistr = acistr if acistr is not None: self.parse_acistr(acistr) @@ -52,6 +55,16 @@ class ACI: urllib.quote(self.source_group, "/=, ")) return acistr + def to_dict(self): + result = ipa.ipautil.CIDict() + result['name'] = self.name + result['source_group'] = self.source_group + result['dest_group'] = self.dest_group + result['attrs'] = self.attrs + result['orig_acistr'] = self.orig_acistr + + return result + def _match(self, prefix, inputstr): """Returns inputstr with prefix removed, or else raises a SyntaxError.""" @@ -90,6 +103,8 @@ class ACI: def parse_acistr(self, acistr): """Parses the acistr. If the string isn't recognized, a SyntaxError is raised.""" + self.orig_acistr = acistr + acistr = self._match('(targetattr=', acistr) (attrstr, acistr) = self._match_str(acistr) self.attrs = attrstr.split(' || ') diff --git a/ipa-server/ipa-gui/ipagui/forms/delegate.py b/ipa-server/ipa-gui/ipagui/forms/delegate.py index 3b4967d6c..668249128 100644 --- a/ipa-server/ipa-gui/ipagui/forms/delegate.py +++ b/ipa-server/ipa-gui/ipagui/forms/delegate.py @@ -52,10 +52,12 @@ class DelegateFields(): dest_group_cn = widgets.HiddenField(name="dest_group_cn", label="For People in Group") + orig_acistr = widgets.HiddenField(name="orig_acistr") + attrs = widgets.CheckBoxList(name="attrs", label="Can Modify", options=aci_checkbox_attrs, validator=validators.NotEmpty) -class DelegateNewValidator(validators.Schema): +class DelegateValidator(validators.Schema): name = validators.String(not_empty=True) source_group_dn = validators.String(not_empty=True, messages = { 'empty': _("Please choose a group"), }) @@ -64,7 +66,7 @@ class DelegateNewValidator(validators.Schema): attrs = validators.NotEmpty( messages = { 'empty': _("Please select at least one value"), }) -class DelegateNewForm(widgets.Form): +class DelegateForm(widgets.Form): params = ['delegate', 'attr_list'] hidden_fields = [ @@ -72,15 +74,17 @@ class DelegateNewForm(widgets.Form): DelegateFields.dest_group_dn, DelegateFields.source_group_cn, DelegateFields.dest_group_cn, + DelegateFields.orig_acistr, ] - validator = DelegateNewValidator() + validator = DelegateValidator() def __init__(self, *args, **kw): - super(DelegateNewForm,self).__init__(*args, **kw) + super(DelegateForm,self).__init__(*args, **kw) + # TODO - rename to delegateform (self.template_c, self.template) = widgets.meta.load_kid_template( "ipagui.templates.delegatenewform") self.delegate = DelegateFields def update_params(self, params): - super(DelegateNewForm,self).update_params(params) + super(DelegateForm,self).update_params(params) diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py index 908412767..47610a751 100644 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py +++ b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py @@ -1,6 +1,7 @@ import os from pickle import dumps, loads from base64 import b64encode, b64decode +import copy import cherrypy import turbogears @@ -20,7 +21,7 @@ import ldap.dn aci_fields = ['*', 'aci'] -delegate_new_form = ipagui.forms.delegate.DelegateNewForm() +delegate_form = ipagui.forms.delegate.DelegateForm() class DelegationController(IPAController): @@ -35,20 +36,25 @@ class DelegationController(IPAController): """Display delegate page""" client = self.get_ipaclient() delegate = {} - delegate['source_group_cn'] = "Please choose" - delegate['dest_group_cn'] = "Please choose" + delegate['source_group_cn'] = "Please choose:" + delegate['dest_group_cn'] = "Please choose:" - return dict(form=delegate_new_form, delegate=delegate) + return dict(form=delegate_form, delegate=delegate) @expose() @identity.require(identity.not_anonymous()) def create(self, **kw): """Creates a new delegation""" + self.restrict_post() client = self.get_ipaclient() - tg_errors, kw = self.delegatecreatevalidate(**kw) + if kw.get('submit', '').startswith('Cancel'): + turbogears.flash("Add delegation cancelled") + raise turbogears.redirect('/delegate/list') + + tg_errors, kw = self.delegatevalidate(**kw) if tg_errors: - return dict(form=delegate_new_form, delegate=kw, + return dict(form=delegate_form, delegate=kw, tg_template='ipagui.templates.delegatenew') try: @@ -65,28 +71,90 @@ class DelegationController(IPAController): client.update_entry(aci_entry) except ipaerror.IPAError, e: turbogears.flash("Delgate add failed: " + str(e)) - return dict(form=delegate_new_form, delegate=kw, + return dict(form=delegate_form, delegate=kw, tg_template='ipagui.templates.delegatenew') turbogears.flash("delegate created") raise turbogears.redirect('/delegate/list') -# -# @expose("ipagui.templates.delegateedit") -# @identity.require(identity.not_anonymous()) -# def edit(self): -# """Display delegate page""" -# client = self.get_ipaclient() -# -# return dict(userfields=ipagui.forms.user.UserFields()) -# -# @expose() -# @identity.require(identity.not_anonymous()) -# def update(self, **kw): -# """Display delegate page""" -# client = self.get_ipaclient() -# -# turbogears.flash("delegate updated") -# raise turbogears.redirect('/delegate/list') + + @expose("ipagui.templates.delegateedit") + @identity.require(identity.not_anonymous()) + def edit(self, acistr, tg_errors=None): + """Display delegate page""" + if tg_errors: + turbogears.flash("There was a problem with the form!") + + client = self.get_ipaclient() + + try: + aci_entry = client.get_aci_entry(aci_fields) + aci = ipa.aci.ACI(acistr) + group_dn_to_cn = self.extract_group_cns([aci], client) + + delegate = aci.to_dict() + delegate['source_group_dn'] = delegate['source_group'] + delegate['source_group_cn'] = group_dn_to_cn[delegate['source_group_dn']] + delegate['dest_group_dn'] = delegate['dest_group'] + delegate['dest_group_cn'] = group_dn_to_cn[delegate['dest_group_dn']] + + return dict(form=delegate_form, delegate=delegate) + except (SyntaxError, ipaerror.IPAError), e: + turbogears.flash("Delegation edit failed: " + str(e)) + raise turbogears.redirect('/delegate/list') + + + @expose() + @identity.require(identity.not_anonymous()) + def update(self, **kw): + """Display delegate page""" + self.restrict_post() + client = self.get_ipaclient() + + if kw.get('submit', '').startswith('Cancel'): + turbogears.flash("Edit delegation cancelled") + raise turbogears.redirect('/delegate/list') + + tg_errors, kw = self.delegatevalidate(**kw) + if tg_errors: + return dict(form=delegate_form, delegate=kw, + tg_template='ipagui.templates.delegatenew') + + try: + aci_entry = client.get_aci_entry(aci_fields) + + aci_str_list = aci_entry.getValues('aci') + if aci_str_list is None: + aci_str_list = [] + + try : + old_aci_index = aci_str_list.index(kw['orig_acistr']) + except ValueError: + turbogears.flash("Delegation update failed:<br />" + + "The delegation you were attempting to update has been " + + "concurrently modified. Please cancel the edit " + + "and try editing the delegation again.") + return dict(form=delegate_form, delegate=kw, + tg_template='ipagui.templates.delegateedit') + + new_aci = ipa.aci.ACI() + new_aci.name = kw.get('name') + new_aci.source_group = kw.get('source_group_dn') + new_aci.dest_group = kw.get('dest_group_dn') + new_aci.attrs = kw.get('attrs') + new_aci_str = new_aci.export_to_string() + + new_aci_str_list = copy.copy(aci_str_list) + new_aci_str_list[old_aci_index] = new_aci_str + aci_entry.setValue('aci', new_aci_str_list) + + client.update_entry(aci_entry) + + turbogears.flash("delegate updated") + raise turbogears.redirect('/delegate/list') + except (SyntaxError, ipaerror.IPAError), e: + turbogears.flash("Delegation update failed: " + str(e)) + return dict(form=delegate_form, delegate=kw, + tg_template='ipagui.templates.delegateedit') @expose("ipagui.templates.delegatelist") @identity.require(identity.not_anonymous()) @@ -94,7 +162,12 @@ class DelegationController(IPAController): """Display delegate page""" client = self.get_ipaclient() - aci_entry = client.get_aci_entry(aci_fields) + try: + aci_entry = client.get_aci_entry(aci_fields) + except ipaerror.IPAError, e: + turbogears.flash("Delegation list failed: " + str(e)) + raise turbogears.redirect('/') + aci_str_list = aci_entry.getValues('aci') if aci_str_list is None: aci_str_list = [] @@ -135,9 +208,9 @@ class DelegationController(IPAController): which_group=kw.get('which_group'), counter=groups_counter) - @validate(form=delegate_new_form) + @validate(form=delegate_form) @identity.require(identity.not_anonymous()) - def delegatecreatevalidate(self, tg_errors=None, **kw): + def delegatevalidate(self, tg_errors=None, **kw): return tg_errors, kw def extract_group_cns(self, aci_list, client): diff --git a/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid b/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid new file mode 100644 index 000000000..a4235830c --- /dev/null +++ b/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid @@ -0,0 +1,16 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#" + py:extends="'delegatelayout.kid'"> +<head> +<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/> +<title>Edit Delegation</title> +</head> +<body> + + <h2>Edit Delegation</h2> + + ${form.display(action=tg.url("/delegate/update"), value=delegate, + actionname='Edit')} + +</body> +</html> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid b/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid index c88b6e31f..7e3374252 100644 --- a/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid +++ b/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid @@ -41,7 +41,13 @@ >${dest_cn}</a> </td> <td> - <a href="${tg.url('/delegate/edit')}">edit</a> (TODO)<br /> + <?python + # it's probably a bad idea to use a GET string here. + # orig_acistr may be quite long + # TODO - change to use a form/POST + # + ?> + <a href="${tg.url('/delegate/edit', acistr=aci.orig_acistr)}">edit</a><br /> </td> </tr> </tbody> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid b/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid index 71d9e7e2a..8b0876f25 100644 --- a/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid +++ b/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid @@ -9,7 +9,8 @@ <h2>Add Delegation</h2> - ${form.display(action=tg.url("/delegate/create"), value=delegate)} + ${form.display(action=tg.url("/delegate/create"), value=delegate, + actionname='Add')} </body> </html> diff --git a/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid b/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid index 95f93b5b4..2f31a06b3 100644 --- a/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid +++ b/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid @@ -49,9 +49,15 @@ <table class="formtable" cellpadding="2" cellspacing="0" border="0"> <tr> + <th> + <input type="submit" class="submitbutton" name="submit" + value="${actionname} Delegation"/> + <br /> + </th> <td> <input type="submit" class="submitbutton" name="submit" - value="Add Delegation"/> + value="Cancel ${actionname}"/> + <br /> </td> </tr> </table> @@ -143,12 +149,25 @@ <table class="formtable" cellpadding="2" cellspacing="0" border="0"> <tr> + <th> + <input type="submit" class="submitbutton" name="submit" + value="${actionname} Delegation"/> + </th> <td> <input type="submit" class="submitbutton" name="submit" - value="Add Delegation"/> + value="Cancel ${actionname}"/> </td> </tr> </table> + <script py:if="not value.get('source_group_dn')"> + new Effect.Appear($('source_searcharea'), {duration: 0.25}); + new Effect.Fade($('source_change_link'), {duration: 0.25}); + </script> + <script py:if="not value.get('dest_group_dn')"> + new Effect.Appear($('dest_searcharea'), {duration: 0.25}); + new Effect.Fade($('dest_change_link'), {duration: 0.25}); + </script> + </form> </div> |