From c4ab64cabca33d19b9ec4ed9dd3ab801671339d8 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Tue, 11 Sep 2007 14:51:51 -0700 Subject: Add group screen. More to come... --- ipa-server/ipa-gui/ipagui/controllers.py | 59 ++++++++++++++++++++++++++++---- 1 file changed, 53 insertions(+), 6 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index a0755525..0d848618 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -18,12 +18,15 @@ import ipa.ipaclient import ipa.user import xmlrpclib import forms.user +import forms.group from helpers import userhelper from ipa import ipaerror ipa.config.init_config() user_new_form = forms.user.UserNewForm() user_edit_form = forms.user.UserEditForm() +group_new_form = forms.group.GroupNewForm() +group_edit_form = forms.group.GroupEditForm() password_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" @@ -283,10 +286,12 @@ class Root(controllers.RootController): return "" @expose() + @identity.require(identity.not_anonymous()) def suggest_email(self, givenname, sn): if (len(givenname) == 0) or (len(sn) == 0): return "" + client.set_principal(identity.current.user_name) givenname = givenname.lower() sn = sn.lower() @@ -331,13 +336,55 @@ class Root(controllers.RootController): client.set_principal(identity.current.user_name) return dict() + @expose("ipagui.templates.groupnew") + @identity.require(identity.not_anonymous()) + def groupnew(self, tg_errors=None): + """Displays the new group form""" + if tg_errors: + turbogears.flash("There was a problem with the form!") + + client.set_principal(identity.current.user_name) - ############ - # Resource # - ############ + return dict(form=group_new_form) - @expose("ipagui.templates.resindex") + @expose() @identity.require(identity.not_anonymous()) - def resindex(self, tg_errors=None): + def groupcreate(self, **kw): + """Creates a new group""" + restrict_post() client.set_principal(identity.current.user_name) - return dict() + + if kw.get('submit') == 'Cancel': + turbogears.flash("Add group cancelled") + raise turbogears.redirect('/') + + tg_errors, kw = self.groupcreatevalidate(**kw) + if tg_errors: + return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + + try: + new_group = ipa.group.Group() + new_group.setValue('cn', kw.get('cn')) + new_group.setValue('description', kw.get('description')) + + rv = client.add_group(new_group) + turbogears.flash("%s added!" % kw.get('cn')) + # raise turbogears.redirect('/groupedit', cn=kw['cn']) + raise turbogears.redirect('/') + except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE): + turbogears.flash("Group with name '%s' already exists" % + kw.get('cn')) + return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + except ipaerror.IPAError, e: + turbogears.flash("Group add failed: " + str(e) + "
" + str(e.detail)) + return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + + @validate(form=group_new_form) + @identity.require(identity.not_anonymous()) + def groupcreatevalidate(self, tg_errors=None, **kw): + return tg_errors, kw + + @validate(form=group_edit_form) + @identity.require(identity.not_anonymous()) + def groupupdatevalidate(self, tg_errors=None, **kw): + return tg_errors, kw -- cgit From 0e355a734fa6c31c10282580599b0caca56c35a2 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 12 Sep 2007 10:40:31 -0700 Subject: Group edit page --- ipa-server/ipa-gui/ipagui/controllers.py | 92 ++++++++++++++++++++++++++++++-- 1 file changed, 88 insertions(+), 4 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 0d848618..5324578f 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -34,6 +34,8 @@ client = ipa.ipaclient.IPAClient(True) user_fields = ['*', 'nsAccountLock'] +group_fields = ['*'] + def restrict_post(): if cherrypy.request.method != "POST": turbogears.flash("This method only accepts posts") @@ -58,7 +60,7 @@ class Root(controllers.RootController): if kw.get('searchtype') == "Users": return self.userlist(uid=kw.get('searchvalue')) else: - return self.index() + return self.grouplist(criteria=kw.get('searchvalue')) @@ -160,9 +162,9 @@ class Root(controllers.RootController): if kw.get('userpassword'): new_user.setValue('userpassword', kw.get('userpassword')) if kw.get('uidnumber'): - new_user.setValue('uidnumber', kw.get('uidnumber')) + new_user.setValue('uidnumber', str(kw.get('uidnumber'))) if kw.get('gidnumber'): - new_user.setValue('gidnumber', kw.get('gidnumber')) + new_user.setValue('gidnumber', str(kw.get('gidnumber'))) # # this is a hack until we decide on the policy for names/cn/sn/givenName @@ -183,7 +185,7 @@ class Root(controllers.RootController): @expose("ipagui.templates.userlist") @identity.require(identity.not_anonymous()) def userlist(self, **kw): - """Retrieve a list of all users and display them in one huge list""" + """Searches for users and displays list of results""" client.set_principal(identity.current.user_name) users = None counter = 0 @@ -379,6 +381,88 @@ class Root(controllers.RootController): turbogears.flash("Group add failed: " + str(e) + "
" + str(e.detail)) return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + + @expose("ipagui.templates.groupedit") + @identity.require(identity.not_anonymous()) + def groupedit(self, cn, tg_errors=None): + """Displays the edit group form""" + if tg_errors: + turbogears.flash("There was a problem with the form!") + + client.set_principal(identity.current.user_name) + group = client.get_group_by_cn(cn, group_fields) + group_dict = group.toDict() + + # store a copy of the original group for the update later + group_data = b64encode(dumps(group_dict)) + group_dict['group_orig'] = group_data + return dict(form=group_edit_form, group=group_dict) + + @expose() + @identity.require(identity.not_anonymous()) + def groupupdate(self, **kw): + """Updates an existing group""" + restrict_post() + client.set_principal(identity.current.user_name) + if kw.get('submit') == 'Cancel Edit': + turbogears.flash("Edit group cancelled") + raise turbogears.redirect('/groupshow', cn=kw.get('cn')) + + tg_errors, kw = self.groupupdatevalidate(**kw) + if tg_errors: + return dict(form=group_edit_form, group=kw, + tg_template='ipagui.templates.groupedit') + + try: + orig_group_dict = loads(b64decode(kw.get('group_orig'))) + + new_group = ipa.group.Group(orig_group_dict) + new_group.setValue('description', kw.get('description')) + if kw.get('gidnumber'): + new_group.setValue('gidnumber', str(kw.get('gidnumber'))) + + rv = client.update_group(new_group) + turbogears.flash("%s updated!" % kw['cn']) + raise turbogears.redirect('/groupshow', cn=kw['cn']) + except ipaerror.IPAError, e: + turbogears.flash("User update failed: " + str(e)) + return dict(form=group_edit_form, group=kw, + tg_template='ipagui.templates.groupedit') + + @expose("ipagui.templates.grouplist") + @identity.require(identity.not_anonymous()) + def grouplist(self, **kw): + """Search for groups and display results""" + client.set_principal(identity.current.user_name) + groups = None + # counter = 0 + criteria = kw.get('criteria') + if criteria != None and len(criteria) > 0: + try: + groups = client.find_groups(criteria.encode('utf-8')) + # counter = groups[0] + # groups = groups[1:] + # if counter == -1: + # turbogears.flash("These results are truncated.
" + + # "Please refine your search and try again.") + except ipaerror.IPAError, e: + turbogears.flash("Find groups failed: " + str(e)) + raise turbogears.redirect("/grouplist") + + return dict(groups=groups, criteria=criteria, fields=forms.group.GroupFields()) + + @expose("ipagui.templates.groupshow") + @identity.require(identity.not_anonymous()) + def groupshow(self, cn): + """Retrieve a single group for display""" + client.set_principal(identity.current.user_name) + try: + group = client.get_group_by_cn(cn, group_fields) + return dict(group=group.toDict(), fields=forms.group.GroupFields()) + except ipaerror.IPAError, e: + turbogears.flash("Group show failed: " + str(e)) + raise turbogears.redirect("/") + @validate(form=group_new_form) @identity.require(identity.not_anonymous()) def groupcreatevalidate(self, tg_errors=None, **kw): -- cgit From b85668579ec3fc69c2ed709533f8bd8d00e0e7e9 Mon Sep 17 00:00:00 2001 From: "rcritten@redhat.com" Date: Fri, 14 Sep 2007 17:19:02 -0400 Subject: Use ticket forwarding with TurboGears. mod_proxy forwards the principal name and location of the keytab. In order for this keytab to be usable TurboGears and Apache will need to run as the same user. We will also need to listen only on localhost in TG. --- ipa-server/ipa-gui/ipagui/controllers.py | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index a0755525..a04da7a0 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -2,6 +2,7 @@ import random from pickle import dumps, loads from base64 import b64encode, b64decode +import os import cherrypy import turbogears from turbogears import controllers, expose, flash @@ -77,7 +78,7 @@ class Root(controllers.RootController): def usercreate(self, **kw): """Creates a new user""" restrict_post() - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) if kw.get('submit') == 'Cancel': turbogears.flash("Add user cancelled") raise turbogears.redirect('/userlist') @@ -115,7 +116,7 @@ class Root(controllers.RootController): if tg_errors: turbogears.flash("There was a problem with the form!") - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) user = client.get_user_by_uid(uid, user_fields) user_dict = user.toDict() # Edit shouldn't fill in the password field. @@ -132,7 +133,7 @@ class Root(controllers.RootController): def userupdate(self, **kw): """Updates an existing user""" restrict_post() - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) if kw.get('submit') == 'Cancel Edit': turbogears.flash("Edit user cancelled") raise turbogears.redirect('/usershow', uid=kw.get('uid')) @@ -181,7 +182,7 @@ class Root(controllers.RootController): @identity.require(identity.not_anonymous()) def userlist(self, **kw): """Retrieve a list of all users and display them in one huge list""" - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) users = None counter = 0 uid = kw.get('uid') @@ -204,7 +205,7 @@ class Root(controllers.RootController): @identity.require(identity.not_anonymous()) def usershow(self, uid): """Retrieve a single user for display""" - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) try: user = client.get_user_by_uid(uid, user_fields) return dict(user=user.toDict(), fields=forms.user.UserFields()) @@ -242,7 +243,7 @@ class Root(controllers.RootController): if (len(givenname) == 0) or (len(sn) == 0): return "" - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) givenname = givenname.lower() sn = sn.lower() @@ -328,7 +329,7 @@ class Root(controllers.RootController): @expose("ipagui.templates.groupindex") @identity.require(identity.not_anonymous()) def groupindex(self, tg_errors=None): - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) return dict() @@ -339,5 +340,5 @@ class Root(controllers.RootController): @expose("ipagui.templates.resindex") @identity.require(identity.not_anonymous()) def resindex(self, tg_errors=None): - client.set_principal(identity.current.user_name) + client.set_krbccache(os.environ["KRB5CCNAME"]) return dict() -- cgit From 65e4d27e99cb939926f4e9e972a9c27d81c3b976 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Fri, 14 Sep 2007 15:20:09 -0700 Subject: patch queue: groupmember.patch --- ipa-server/ipa-gui/ipagui/controllers.py | 178 ++++++++++++++++++++++++++----- 1 file changed, 152 insertions(+), 26 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 5324578f..1cc99862 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -120,17 +120,21 @@ class Root(controllers.RootController): if tg_errors: turbogears.flash("There was a problem with the form!") - client.set_principal(identity.current.user_name) - user = client.get_user_by_uid(uid, user_fields) - user_dict = user.toDict() - # Edit shouldn't fill in the password field. - if user_dict.has_key('userpassword'): - del(user_dict['userpassword']) - - # store a copy of the original user for the update later - user_data = b64encode(dumps(user_dict)) - user_dict['user_orig'] = user_data - return dict(form=user_edit_form, user=user_dict) + try: + client.set_principal(identity.current.user_name) + user = client.get_user_by_uid(uid, user_fields) + user_dict = user.toDict() + # Edit shouldn't fill in the password field. + if user_dict.has_key('userpassword'): + del(user_dict['userpassword']) + + # store a copy of the original user for the update later + user_data = b64encode(dumps(user_dict)) + user_dict['user_orig'] = user_data + return dict(form=user_edit_form, user=user_dict) + except ipaerror.IPAError, e: + turbogears.flash("User edit failed: " + str(e)) + raise turbogears.redirect('/usershow', uid=kw.get('uid')) @expose() @identity.require(identity.not_anonymous()) @@ -204,6 +208,24 @@ class Root(controllers.RootController): return dict(users=users, uid=uid, fields=forms.user.UserFields()) + @expose("ipagui.templates.userlistajax") + @identity.require(identity.not_anonymous()) + def userlist_ajax(self, **kw): + """Searches for users and displays list of results in a table. + This method is used for ajax calls.""" + client.set_principal(identity.current.user_name) + users = [] + uid = kw.get('uid') + if uid != None and len(uid) > 0: + try: + users = client.find_users(uid.encode('utf-8')) + counter = users[0] + users = users[1:] + except ipaerror.IPAError, e: + turbogears.flash("User list failed: " + str(e)) + + return dict(users=users, uid=uid, fields=forms.user.UserFields()) + @expose("ipagui.templates.usershow") @identity.require(identity.not_anonymous()) @@ -371,8 +393,7 @@ class Root(controllers.RootController): rv = client.add_group(new_group) turbogears.flash("%s added!" % kw.get('cn')) - # raise turbogears.redirect('/groupedit', cn=kw['cn']) - raise turbogears.redirect('/') + raise turbogears.redirect('/groupshow', cn=kw.get('cn')) except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE): turbogears.flash("Group with name '%s' already exists" % kw.get('cn')) @@ -390,13 +411,43 @@ class Root(controllers.RootController): turbogears.flash("There was a problem with the form!") client.set_principal(identity.current.user_name) - group = client.get_group_by_cn(cn, group_fields) - group_dict = group.toDict() + try: + group = client.get_group_by_cn(cn, group_fields) + + group_dict = group.toDict() - # store a copy of the original group for the update later - group_data = b64encode(dumps(group_dict)) - group_dict['group_orig'] = group_data - return dict(form=group_edit_form, group=group_dict) + # + # convert members to users, for easier manipulation on the page + # + member_dns = [] + if group_dict.has_key('uniquemember'): + member_dns = group_dict.get('uniquemember') + # remove from dict - it's not needed for update + # and we are storing the members in a different form + del group_dict['uniquemember'] + if not(isinstance(member_dns,list) or isinstance(member_dns,tuple)): + member_dns = [member_dns] + + # TODO: convert this into an efficient (single) function call + member_users = map( + lambda dn: client.get_user_by_dn(dn, ['givenname', 'sn', 'uid']), + member_dns) + + # Map users into an array of dicts, which can be serialized + # (so we don't have to do this on each round trip) + member_dicts = map(lambda user: user.toDict(), member_users) + + # store a copy of the original group for the update later + group_data = b64encode(dumps(group_dict)) + member_data = b64encode(dumps(member_dicts)) + group_dict['group_orig'] = group_data + group_dict['member_data'] = member_data + + return dict(form=group_edit_form, group=group_dict, members=member_dicts) + except ipaerror.IPAError, e: + turbogears.flash("User show failed: " + str(e)) + turbogears.flash("Group edit failed: " + str(e)) + raise turbogears.redirect('/groupshow', uid=kw.get('cn')) @expose() @identity.require(identity.not_anonymous()) @@ -408,27 +459,84 @@ class Root(controllers.RootController): turbogears.flash("Edit group cancelled") raise turbogears.redirect('/groupshow', cn=kw.get('cn')) + # Decode the member data, in case we need to round trip + member_dicts = loads(b64decode(kw.get('member_data'))) + + tg_errors, kw = self.groupupdatevalidate(**kw) if tg_errors: - return dict(form=group_edit_form, group=kw, + return dict(form=group_edit_form, group=kw, members=member_dicts, tg_template='ipagui.templates.groupedit') + group_modified = False + + # + # Update group itself + # try: orig_group_dict = loads(b64decode(kw.get('group_orig'))) new_group = ipa.group.Group(orig_group_dict) - new_group.setValue('description', kw.get('description')) + if new_group.description != kw.get('description'): + group_modified = True + new_group.setValue('description', kw.get('description')) if kw.get('gidnumber'): + group_modified = True new_group.setValue('gidnumber', str(kw.get('gidnumber'))) - rv = client.update_group(new_group) - turbogears.flash("%s updated!" % kw['cn']) - raise turbogears.redirect('/groupshow', cn=kw['cn']) + if group_modified: + rv = client.update_group(new_group) + # + # TODO - if the group update succeeds, but below operations fail, + # we needs to make sure a subsequent submit doesn't try to update + # the group again. Probably by overwriting the group_orig hidden + # field blob. + # except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) - return dict(form=group_edit_form, group=kw, + return dict(form=group_edit_form, group=kw, members=member_dicts, tg_template='ipagui.templates.groupedit') + # + # Add members + # + try: + uidadds = kw.get('uidadd') + if uidadds != None: + if not(isinstance(uidadds,list) or isinstance(uidadds,tuple)): + uidadds = [uidadds] + failed = client.add_users_to_group(uidadds, kw.get('cn')) + # + # TODO - deal with failed adds + # + except ipaerror.IPAError, e: + turbogears.flash("User update failed: " + str(e)) + return dict(form=group_edit_form, group=kw, members=member_dicts, + tg_template='ipagui.templates.groupedit') + + # + # Remove members + # + try: + uiddels = kw.get('uiddel') + if uiddels != None: + if not(isinstance(uiddels,list) or isinstance(uiddels,tuple)): + uiddels = [uiddels] + failed = client.remove_users_from_group(uiddels, kw.get('cn')) + # + # TODO - deal with failed removals + # + except ipaerror.IPAError, e: + turbogears.flash("User update failed: " + str(e)) + return dict(form=group_edit_form, group=kw, members=member_dicts, + tg_template='ipagui.templates.groupedit') + + # TODO if not group_modified + + turbogears.flash("%s updated!" % kw['cn']) + raise turbogears.redirect('/groupshow', cn=kw['cn']) + + @expose("ipagui.templates.grouplist") @identity.require(identity.not_anonymous()) def grouplist(self, **kw): @@ -458,7 +566,25 @@ class Root(controllers.RootController): client.set_principal(identity.current.user_name) try: group = client.get_group_by_cn(cn, group_fields) - return dict(group=group.toDict(), fields=forms.group.GroupFields()) + group_dict = group.toDict() + + # + # convert members to users, for display on the page + # + member_dns = [] + if group_dict.has_key('uniquemember'): + member_dns = group_dict.get('uniquemember') + if not(isinstance(member_dns,list) or isinstance(member_dns,tuple)): + member_dns = [member_dns] + + # TODO: convert this into an efficient (single) function call + member_users = map( + lambda dn: client.get_user_by_dn(dn, ['givenname', 'sn', 'uid']), + member_dns) + member_dicts = map(lambda user: user.toDict(), member_users) + + return dict(group=group_dict, fields=forms.group.GroupFields(), + members = member_dicts) except ipaerror.IPAError, e: turbogears.flash("Group show failed: " + str(e)) raise turbogears.redirect("/") -- cgit From c4998d3902ab17e73d29255db38f9c4cc33863d6 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Tue, 18 Sep 2007 10:54:53 -0700 Subject: Fixes to the edit protected checkbox. - Make checkbox sticky on round trips - Make required fields validate when checkbox is checked. --- ipa-server/ipa-gui/ipagui/controllers.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 1cc99862..fd661eeb 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -163,11 +163,10 @@ class Root(controllers.RootController): new_user.setValue('nsAccountLock', 'true') else: new_user.setValue('nsAccountLock', None) - if kw.get('userpassword'): - new_user.setValue('userpassword', kw.get('userpassword')) - if kw.get('uidnumber'): + if kw.get('editprotected') == 'true': + if kw.get('userpassword'): + new_user.setValue('userpassword', kw.get('userpassword')) new_user.setValue('uidnumber', str(kw.get('uidnumber'))) - if kw.get('gidnumber'): new_user.setValue('gidnumber', str(kw.get('gidnumber'))) # @@ -480,9 +479,11 @@ class Root(controllers.RootController): if new_group.description != kw.get('description'): group_modified = True new_group.setValue('description', kw.get('description')) - if kw.get('gidnumber'): - group_modified = True - new_group.setValue('gidnumber', str(kw.get('gidnumber'))) + if kw.get('editprotected') == 'true': + new_gid = str(kw.get('gidnumber')) + if new_group.gidnumber != new_gid: + group_modified = True + new_group.setValue('gidnumber', new_gid) if group_modified: rv = client.update_group(new_group) -- cgit From 6b3d1e85da1397324fa7e8dc25706129ff8ed6fc Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Tue, 18 Sep 2007 14:58:30 -0700 Subject: Add client-side search limit parameter for user search. Limit editgroup user ajax search. Minor UI cleanup for editgroup. --- ipa-server/ipa-gui/ipagui/controllers.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index fd661eeb..dcf65530 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -214,16 +214,18 @@ class Root(controllers.RootController): This method is used for ajax calls.""" client.set_principal(identity.current.user_name) users = [] + searchlimit = 100 uid = kw.get('uid') if uid != None and len(uid) > 0: try: - users = client.find_users(uid.encode('utf-8')) + users = client.find_users(uid.encode('utf-8'), None, searchlimit) counter = users[0] users = users[1:] except ipaerror.IPAError, e: turbogears.flash("User list failed: " + str(e)) - return dict(users=users, uid=uid, fields=forms.user.UserFields()) + return dict(users=users, uid=uid, fields=forms.user.UserFields(), + counter=counter) @expose("ipagui.templates.usershow") -- cgit From f17071533a73c5e989ead1b243de5397d36a38d3 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 19 Sep 2007 08:42:34 -0700 Subject: Implement asynchronous search for groups. Use the filter generation code to search on multiple fields. --- ipa-server/ipa-gui/ipagui/controllers.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index dcf65530..7a6d87ff 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -551,11 +551,11 @@ class Root(controllers.RootController): if criteria != None and len(criteria) > 0: try: groups = client.find_groups(criteria.encode('utf-8')) - # counter = groups[0] - # groups = groups[1:] - # if counter == -1: - # turbogears.flash("These results are truncated.
" + - # "Please refine your search and try again.") + counter = groups[0] + groups = groups[1:] + if counter == -1: + turbogears.flash("These results are truncated.
" + + "Please refine your search and try again.") except ipaerror.IPAError, e: turbogears.flash("Find groups failed: " + str(e)) raise turbogears.redirect("/grouplist") -- cgit From 036cf58042871e91bb8c86382108da53b9c3b301 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 19 Sep 2007 13:43:52 -0700 Subject: Handle add/remove failures a little bit better. Still some refinements that can be done, but at least it shows the failures now. --- ipa-server/ipa-gui/ipagui/controllers.py | 45 ++++++++++++++++++++------------ 1 file changed, 29 insertions(+), 16 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 7a6d87ff..7e1f2fc2 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -446,7 +446,6 @@ class Root(controllers.RootController): return dict(form=group_edit_form, group=group_dict, members=member_dicts) except ipaerror.IPAError, e: - turbogears.flash("User show failed: " + str(e)) turbogears.flash("Group edit failed: " + str(e)) raise turbogears.redirect('/groupshow', uid=kw.get('cn')) @@ -489,12 +488,12 @@ class Root(controllers.RootController): if group_modified: rv = client.update_group(new_group) - # - # TODO - if the group update succeeds, but below operations fail, - # we needs to make sure a subsequent submit doesn't try to update - # the group again. Probably by overwriting the group_orig hidden - # field blob. - # + # + # If the group update succeeds, but below operations fail, we + # need to make sure a subsequent submit doesn't try to update + # the group again. + # + kw['group_orig'] = b64encode(dumps(new_group.toDict())) except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=group_edit_form, group=kw, members=member_dicts, @@ -503,15 +502,14 @@ class Root(controllers.RootController): # # Add members # + failed_adds = [] try: uidadds = kw.get('uidadd') if uidadds != None: if not(isinstance(uidadds,list) or isinstance(uidadds,tuple)): uidadds = [uidadds] - failed = client.add_users_to_group(uidadds, kw.get('cn')) - # - # TODO - deal with failed adds - # + failed_adds = client.add_users_to_group(uidadds, kw.get('cn')) + kw['uidadd'] = failed_adds except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=group_edit_form, group=kw, members=member_dicts, @@ -520,21 +518,36 @@ class Root(controllers.RootController): # # Remove members # + failed_dels = [] try: uiddels = kw.get('uiddel') if uiddels != None: if not(isinstance(uiddels,list) or isinstance(uiddels,tuple)): uiddels = [uiddels] - failed = client.remove_users_from_group(uiddels, kw.get('cn')) - # - # TODO - deal with failed removals - # + failed_dels = client.remove_users_from_group(uiddels, kw.get('cn')) + kw['uiddel'] = failed_dels except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=group_edit_form, group=kw, members=member_dicts, tg_template='ipagui.templates.groupedit') - # TODO if not group_modified + # + # TODO - check failed ops to see if it's because of another update. + # handle "someone else already did it" errors better - perhaps + # not even as an error + # TODO - update the Group Members list. + # (note that we have to handle the above todo first, or else + # there will be an error message, but the add/del lists will + # be empty) + # + if (len(failed_adds) > 0) or (len(failed_dels) > 0): + message = "There was an error updating group members.
" + message += "Failures have been preserved in the add/remove lists." + if group_modified: + message = "Group Details successfully updated.
" + message + turbogears.flash(message) + return dict(form=group_edit_form, group=kw, members=member_dicts, + tg_template='ipagui.templates.groupedit') turbogears.flash("%s updated!" % kw['cn']) raise turbogears.redirect('/groupshow', cn=kw['cn']) -- cgit From 4e79c37c604f0e51dab19fc28063b3186df0c6d9 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 19 Sep 2007 15:59:01 -0700 Subject: Add password changing call to web gui. --- ipa-server/ipa-gui/ipagui/controllers.py | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 7e1f2fc2..60921122 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -151,6 +151,7 @@ class Root(controllers.RootController): return dict(form=user_edit_form, user=kw, tg_template='ipagui.templates.useredit') + password_change = False try: orig_user_dict = loads(b64decode(kw.get('user_orig'))) @@ -165,7 +166,7 @@ class Root(controllers.RootController): new_user.setValue('nsAccountLock', None) if kw.get('editprotected') == 'true': if kw.get('userpassword'): - new_user.setValue('userpassword', kw.get('userpassword')) + password_change = True new_user.setValue('uidnumber', str(kw.get('uidnumber'))) new_user.setValue('gidnumber', str(kw.get('gidnumber'))) @@ -177,13 +178,27 @@ class Root(controllers.RootController): new_user.getValue('sn'))) rv = client.update_user(new_user) - turbogears.flash("%s updated!" % kw['uid']) - raise turbogears.redirect('/usershow', uid=kw['uid']) + except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST), e: + if not password_change: + turbogears.flash("User update failed: " + str(e)) + return dict(form=user_edit_form, user=kw, + tg_template='ipagui.templates.useredit') except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=user_edit_form, user=kw, tg_template='ipagui.templates.useredit') + try: + if password_change: + rv = client.modifyPassword(kw['uid'], "", kw.get('userpassword')) + except ipaerror.IPAError, e: + turbogears.flash("User password change failed: " + str(e)) + return dict(form=user_edit_form, user=kw, + tg_template='ipagui.templates.useredit') + + turbogears.flash("%s updated!" % kw['uid']) + raise turbogears.redirect('/usershow', uid=kw['uid']) + @expose("ipagui.templates.userlist") @identity.require(identity.not_anonymous()) -- cgit