From c4ab64cabca33d19b9ec4ed9dd3ab801671339d8 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Tue, 11 Sep 2007 14:51:51 -0700 Subject: Add group screen. More to come... --- ipa-server/ipa-gui/ipagui/controllers.py | 59 ++++++++++++++++++++++++++++---- 1 file changed, 53 insertions(+), 6 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index a0755525..0d848618 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -18,12 +18,15 @@ import ipa.ipaclient import ipa.user import xmlrpclib import forms.user +import forms.group from helpers import userhelper from ipa import ipaerror ipa.config.init_config() user_new_form = forms.user.UserNewForm() user_edit_form = forms.user.UserEditForm() +group_new_form = forms.group.GroupNewForm() +group_edit_form = forms.group.GroupEditForm() password_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" @@ -283,10 +286,12 @@ class Root(controllers.RootController): return "" @expose() + @identity.require(identity.not_anonymous()) def suggest_email(self, givenname, sn): if (len(givenname) == 0) or (len(sn) == 0): return "" + client.set_principal(identity.current.user_name) givenname = givenname.lower() sn = sn.lower() @@ -331,13 +336,55 @@ class Root(controllers.RootController): client.set_principal(identity.current.user_name) return dict() + @expose("ipagui.templates.groupnew") + @identity.require(identity.not_anonymous()) + def groupnew(self, tg_errors=None): + """Displays the new group form""" + if tg_errors: + turbogears.flash("There was a problem with the form!") + + client.set_principal(identity.current.user_name) - ############ - # Resource # - ############ + return dict(form=group_new_form) - @expose("ipagui.templates.resindex") + @expose() @identity.require(identity.not_anonymous()) - def resindex(self, tg_errors=None): + def groupcreate(self, **kw): + """Creates a new group""" + restrict_post() client.set_principal(identity.current.user_name) - return dict() + + if kw.get('submit') == 'Cancel': + turbogears.flash("Add group cancelled") + raise turbogears.redirect('/') + + tg_errors, kw = self.groupcreatevalidate(**kw) + if tg_errors: + return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + + try: + new_group = ipa.group.Group() + new_group.setValue('cn', kw.get('cn')) + new_group.setValue('description', kw.get('description')) + + rv = client.add_group(new_group) + turbogears.flash("%s added!" % kw.get('cn')) + # raise turbogears.redirect('/groupedit', cn=kw['cn']) + raise turbogears.redirect('/') + except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE): + turbogears.flash("Group with name '%s' already exists" % + kw.get('cn')) + return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + except ipaerror.IPAError, e: + turbogears.flash("Group add failed: " + str(e) + "
" + str(e.detail)) + return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + + @validate(form=group_new_form) + @identity.require(identity.not_anonymous()) + def groupcreatevalidate(self, tg_errors=None, **kw): + return tg_errors, kw + + @validate(form=group_edit_form) + @identity.require(identity.not_anonymous()) + def groupupdatevalidate(self, tg_errors=None, **kw): + return tg_errors, kw -- cgit From 0e355a734fa6c31c10282580599b0caca56c35a2 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 12 Sep 2007 10:40:31 -0700 Subject: Group edit page --- ipa-server/ipa-gui/ipagui/controllers.py | 92 ++++++++++++++++++++++++++++++-- 1 file changed, 88 insertions(+), 4 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 0d848618..5324578f 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -34,6 +34,8 @@ client = ipa.ipaclient.IPAClient(True) user_fields = ['*', 'nsAccountLock'] +group_fields = ['*'] + def restrict_post(): if cherrypy.request.method != "POST": turbogears.flash("This method only accepts posts") @@ -58,7 +60,7 @@ class Root(controllers.RootController): if kw.get('searchtype') == "Users": return self.userlist(uid=kw.get('searchvalue')) else: - return self.index() + return self.grouplist(criteria=kw.get('searchvalue')) @@ -160,9 +162,9 @@ class Root(controllers.RootController): if kw.get('userpassword'): new_user.setValue('userpassword', kw.get('userpassword')) if kw.get('uidnumber'): - new_user.setValue('uidnumber', kw.get('uidnumber')) + new_user.setValue('uidnumber', str(kw.get('uidnumber'))) if kw.get('gidnumber'): - new_user.setValue('gidnumber', kw.get('gidnumber')) + new_user.setValue('gidnumber', str(kw.get('gidnumber'))) # # this is a hack until we decide on the policy for names/cn/sn/givenName @@ -183,7 +185,7 @@ class Root(controllers.RootController): @expose("ipagui.templates.userlist") @identity.require(identity.not_anonymous()) def userlist(self, **kw): - """Retrieve a list of all users and display them in one huge list""" + """Searches for users and displays list of results""" client.set_principal(identity.current.user_name) users = None counter = 0 @@ -379,6 +381,88 @@ class Root(controllers.RootController): turbogears.flash("Group add failed: " + str(e) + "
" + str(e.detail)) return dict(form=group_new_form, tg_template='ipagui.templates.groupnew') + + @expose("ipagui.templates.groupedit") + @identity.require(identity.not_anonymous()) + def groupedit(self, cn, tg_errors=None): + """Displays the edit group form""" + if tg_errors: + turbogears.flash("There was a problem with the form!") + + client.set_principal(identity.current.user_name) + group = client.get_group_by_cn(cn, group_fields) + group_dict = group.toDict() + + # store a copy of the original group for the update later + group_data = b64encode(dumps(group_dict)) + group_dict['group_orig'] = group_data + return dict(form=group_edit_form, group=group_dict) + + @expose() + @identity.require(identity.not_anonymous()) + def groupupdate(self, **kw): + """Updates an existing group""" + restrict_post() + client.set_principal(identity.current.user_name) + if kw.get('submit') == 'Cancel Edit': + turbogears.flash("Edit group cancelled") + raise turbogears.redirect('/groupshow', cn=kw.get('cn')) + + tg_errors, kw = self.groupupdatevalidate(**kw) + if tg_errors: + return dict(form=group_edit_form, group=kw, + tg_template='ipagui.templates.groupedit') + + try: + orig_group_dict = loads(b64decode(kw.get('group_orig'))) + + new_group = ipa.group.Group(orig_group_dict) + new_group.setValue('description', kw.get('description')) + if kw.get('gidnumber'): + new_group.setValue('gidnumber', str(kw.get('gidnumber'))) + + rv = client.update_group(new_group) + turbogears.flash("%s updated!" % kw['cn']) + raise turbogears.redirect('/groupshow', cn=kw['cn']) + except ipaerror.IPAError, e: + turbogears.flash("User update failed: " + str(e)) + return dict(form=group_edit_form, group=kw, + tg_template='ipagui.templates.groupedit') + + @expose("ipagui.templates.grouplist") + @identity.require(identity.not_anonymous()) + def grouplist(self, **kw): + """Search for groups and display results""" + client.set_principal(identity.current.user_name) + groups = None + # counter = 0 + criteria = kw.get('criteria') + if criteria != None and len(criteria) > 0: + try: + groups = client.find_groups(criteria.encode('utf-8')) + # counter = groups[0] + # groups = groups[1:] + # if counter == -1: + # turbogears.flash("These results are truncated.
" + + # "Please refine your search and try again.") + except ipaerror.IPAError, e: + turbogears.flash("Find groups failed: " + str(e)) + raise turbogears.redirect("/grouplist") + + return dict(groups=groups, criteria=criteria, fields=forms.group.GroupFields()) + + @expose("ipagui.templates.groupshow") + @identity.require(identity.not_anonymous()) + def groupshow(self, cn): + """Retrieve a single group for display""" + client.set_principal(identity.current.user_name) + try: + group = client.get_group_by_cn(cn, group_fields) + return dict(group=group.toDict(), fields=forms.group.GroupFields()) + except ipaerror.IPAError, e: + turbogears.flash("Group show failed: " + str(e)) + raise turbogears.redirect("/") + @validate(form=group_new_form) @identity.require(identity.not_anonymous()) def groupcreatevalidate(self, tg_errors=None, **kw): -- cgit From 65e4d27e99cb939926f4e9e972a9c27d81c3b976 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Fri, 14 Sep 2007 15:20:09 -0700 Subject: patch queue: groupmember.patch --- ipa-server/ipa-gui/ipagui/controllers.py | 178 ++++++++++++++++++++++++++----- 1 file changed, 152 insertions(+), 26 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 5324578f..1cc99862 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -120,17 +120,21 @@ class Root(controllers.RootController): if tg_errors: turbogears.flash("There was a problem with the form!") - client.set_principal(identity.current.user_name) - user = client.get_user_by_uid(uid, user_fields) - user_dict = user.toDict() - # Edit shouldn't fill in the password field. - if user_dict.has_key('userpassword'): - del(user_dict['userpassword']) - - # store a copy of the original user for the update later - user_data = b64encode(dumps(user_dict)) - user_dict['user_orig'] = user_data - return dict(form=user_edit_form, user=user_dict) + try: + client.set_principal(identity.current.user_name) + user = client.get_user_by_uid(uid, user_fields) + user_dict = user.toDict() + # Edit shouldn't fill in the password field. + if user_dict.has_key('userpassword'): + del(user_dict['userpassword']) + + # store a copy of the original user for the update later + user_data = b64encode(dumps(user_dict)) + user_dict['user_orig'] = user_data + return dict(form=user_edit_form, user=user_dict) + except ipaerror.IPAError, e: + turbogears.flash("User edit failed: " + str(e)) + raise turbogears.redirect('/usershow', uid=kw.get('uid')) @expose() @identity.require(identity.not_anonymous()) @@ -204,6 +208,24 @@ class Root(controllers.RootController): return dict(users=users, uid=uid, fields=forms.user.UserFields()) + @expose("ipagui.templates.userlistajax") + @identity.require(identity.not_anonymous()) + def userlist_ajax(self, **kw): + """Searches for users and displays list of results in a table. + This method is used for ajax calls.""" + client.set_principal(identity.current.user_name) + users = [] + uid = kw.get('uid') + if uid != None and len(uid) > 0: + try: + users = client.find_users(uid.encode('utf-8')) + counter = users[0] + users = users[1:] + except ipaerror.IPAError, e: + turbogears.flash("User list failed: " + str(e)) + + return dict(users=users, uid=uid, fields=forms.user.UserFields()) + @expose("ipagui.templates.usershow") @identity.require(identity.not_anonymous()) @@ -371,8 +393,7 @@ class Root(controllers.RootController): rv = client.add_group(new_group) turbogears.flash("%s added!" % kw.get('cn')) - # raise turbogears.redirect('/groupedit', cn=kw['cn']) - raise turbogears.redirect('/') + raise turbogears.redirect('/groupshow', cn=kw.get('cn')) except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE): turbogears.flash("Group with name '%s' already exists" % kw.get('cn')) @@ -390,13 +411,43 @@ class Root(controllers.RootController): turbogears.flash("There was a problem with the form!") client.set_principal(identity.current.user_name) - group = client.get_group_by_cn(cn, group_fields) - group_dict = group.toDict() + try: + group = client.get_group_by_cn(cn, group_fields) + + group_dict = group.toDict() - # store a copy of the original group for the update later - group_data = b64encode(dumps(group_dict)) - group_dict['group_orig'] = group_data - return dict(form=group_edit_form, group=group_dict) + # + # convert members to users, for easier manipulation on the page + # + member_dns = [] + if group_dict.has_key('uniquemember'): + member_dns = group_dict.get('uniquemember') + # remove from dict - it's not needed for update + # and we are storing the members in a different form + del group_dict['uniquemember'] + if not(isinstance(member_dns,list) or isinstance(member_dns,tuple)): + member_dns = [member_dns] + + # TODO: convert this into an efficient (single) function call + member_users = map( + lambda dn: client.get_user_by_dn(dn, ['givenname', 'sn', 'uid']), + member_dns) + + # Map users into an array of dicts, which can be serialized + # (so we don't have to do this on each round trip) + member_dicts = map(lambda user: user.toDict(), member_users) + + # store a copy of the original group for the update later + group_data = b64encode(dumps(group_dict)) + member_data = b64encode(dumps(member_dicts)) + group_dict['group_orig'] = group_data + group_dict['member_data'] = member_data + + return dict(form=group_edit_form, group=group_dict, members=member_dicts) + except ipaerror.IPAError, e: + turbogears.flash("User show failed: " + str(e)) + turbogears.flash("Group edit failed: " + str(e)) + raise turbogears.redirect('/groupshow', uid=kw.get('cn')) @expose() @identity.require(identity.not_anonymous()) @@ -408,27 +459,84 @@ class Root(controllers.RootController): turbogears.flash("Edit group cancelled") raise turbogears.redirect('/groupshow', cn=kw.get('cn')) + # Decode the member data, in case we need to round trip + member_dicts = loads(b64decode(kw.get('member_data'))) + + tg_errors, kw = self.groupupdatevalidate(**kw) if tg_errors: - return dict(form=group_edit_form, group=kw, + return dict(form=group_edit_form, group=kw, members=member_dicts, tg_template='ipagui.templates.groupedit') + group_modified = False + + # + # Update group itself + # try: orig_group_dict = loads(b64decode(kw.get('group_orig'))) new_group = ipa.group.Group(orig_group_dict) - new_group.setValue('description', kw.get('description')) + if new_group.description != kw.get('description'): + group_modified = True + new_group.setValue('description', kw.get('description')) if kw.get('gidnumber'): + group_modified = True new_group.setValue('gidnumber', str(kw.get('gidnumber'))) - rv = client.update_group(new_group) - turbogears.flash("%s updated!" % kw['cn']) - raise turbogears.redirect('/groupshow', cn=kw['cn']) + if group_modified: + rv = client.update_group(new_group) + # + # TODO - if the group update succeeds, but below operations fail, + # we needs to make sure a subsequent submit doesn't try to update + # the group again. Probably by overwriting the group_orig hidden + # field blob. + # except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) - return dict(form=group_edit_form, group=kw, + return dict(form=group_edit_form, group=kw, members=member_dicts, tg_template='ipagui.templates.groupedit') + # + # Add members + # + try: + uidadds = kw.get('uidadd') + if uidadds != None: + if not(isinstance(uidadds,list) or isinstance(uidadds,tuple)): + uidadds = [uidadds] + failed = client.add_users_to_group(uidadds, kw.get('cn')) + # + # TODO - deal with failed adds + # + except ipaerror.IPAError, e: + turbogears.flash("User update failed: " + str(e)) + return dict(form=group_edit_form, group=kw, members=member_dicts, + tg_template='ipagui.templates.groupedit') + + # + # Remove members + # + try: + uiddels = kw.get('uiddel') + if uiddels != None: + if not(isinstance(uiddels,list) or isinstance(uiddels,tuple)): + uiddels = [uiddels] + failed = client.remove_users_from_group(uiddels, kw.get('cn')) + # + # TODO - deal with failed removals + # + except ipaerror.IPAError, e: + turbogears.flash("User update failed: " + str(e)) + return dict(form=group_edit_form, group=kw, members=member_dicts, + tg_template='ipagui.templates.groupedit') + + # TODO if not group_modified + + turbogears.flash("%s updated!" % kw['cn']) + raise turbogears.redirect('/groupshow', cn=kw['cn']) + + @expose("ipagui.templates.grouplist") @identity.require(identity.not_anonymous()) def grouplist(self, **kw): @@ -458,7 +566,25 @@ class Root(controllers.RootController): client.set_principal(identity.current.user_name) try: group = client.get_group_by_cn(cn, group_fields) - return dict(group=group.toDict(), fields=forms.group.GroupFields()) + group_dict = group.toDict() + + # + # convert members to users, for display on the page + # + member_dns = [] + if group_dict.has_key('uniquemember'): + member_dns = group_dict.get('uniquemember') + if not(isinstance(member_dns,list) or isinstance(member_dns,tuple)): + member_dns = [member_dns] + + # TODO: convert this into an efficient (single) function call + member_users = map( + lambda dn: client.get_user_by_dn(dn, ['givenname', 'sn', 'uid']), + member_dns) + member_dicts = map(lambda user: user.toDict(), member_users) + + return dict(group=group_dict, fields=forms.group.GroupFields(), + members = member_dicts) except ipaerror.IPAError, e: turbogears.flash("Group show failed: " + str(e)) raise turbogears.redirect("/") -- cgit From c4998d3902ab17e73d29255db38f9c4cc33863d6 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Tue, 18 Sep 2007 10:54:53 -0700 Subject: Fixes to the edit protected checkbox. - Make checkbox sticky on round trips - Make required fields validate when checkbox is checked. --- ipa-server/ipa-gui/ipagui/controllers.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 1cc99862..fd661eeb 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -163,11 +163,10 @@ class Root(controllers.RootController): new_user.setValue('nsAccountLock', 'true') else: new_user.setValue('nsAccountLock', None) - if kw.get('userpassword'): - new_user.setValue('userpassword', kw.get('userpassword')) - if kw.get('uidnumber'): + if kw.get('editprotected') == 'true': + if kw.get('userpassword'): + new_user.setValue('userpassword', kw.get('userpassword')) new_user.setValue('uidnumber', str(kw.get('uidnumber'))) - if kw.get('gidnumber'): new_user.setValue('gidnumber', str(kw.get('gidnumber'))) # @@ -480,9 +479,11 @@ class Root(controllers.RootController): if new_group.description != kw.get('description'): group_modified = True new_group.setValue('description', kw.get('description')) - if kw.get('gidnumber'): - group_modified = True - new_group.setValue('gidnumber', str(kw.get('gidnumber'))) + if kw.get('editprotected') == 'true': + new_gid = str(kw.get('gidnumber')) + if new_group.gidnumber != new_gid: + group_modified = True + new_group.setValue('gidnumber', new_gid) if group_modified: rv = client.update_group(new_group) -- cgit From 6b3d1e85da1397324fa7e8dc25706129ff8ed6fc Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Tue, 18 Sep 2007 14:58:30 -0700 Subject: Add client-side search limit parameter for user search. Limit editgroup user ajax search. Minor UI cleanup for editgroup. --- ipa-server/ipa-gui/ipagui/controllers.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index fd661eeb..dcf65530 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -214,16 +214,18 @@ class Root(controllers.RootController): This method is used for ajax calls.""" client.set_principal(identity.current.user_name) users = [] + searchlimit = 100 uid = kw.get('uid') if uid != None and len(uid) > 0: try: - users = client.find_users(uid.encode('utf-8')) + users = client.find_users(uid.encode('utf-8'), None, searchlimit) counter = users[0] users = users[1:] except ipaerror.IPAError, e: turbogears.flash("User list failed: " + str(e)) - return dict(users=users, uid=uid, fields=forms.user.UserFields()) + return dict(users=users, uid=uid, fields=forms.user.UserFields(), + counter=counter) @expose("ipagui.templates.usershow") -- cgit From f17071533a73c5e989ead1b243de5397d36a38d3 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 19 Sep 2007 08:42:34 -0700 Subject: Implement asynchronous search for groups. Use the filter generation code to search on multiple fields. --- ipa-server/ipa-gui/ipagui/controllers.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index dcf65530..7a6d87ff 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -551,11 +551,11 @@ class Root(controllers.RootController): if criteria != None and len(criteria) > 0: try: groups = client.find_groups(criteria.encode('utf-8')) - # counter = groups[0] - # groups = groups[1:] - # if counter == -1: - # turbogears.flash("These results are truncated.
" + - # "Please refine your search and try again.") + counter = groups[0] + groups = groups[1:] + if counter == -1: + turbogears.flash("These results are truncated.
" + + "Please refine your search and try again.") except ipaerror.IPAError, e: turbogears.flash("Find groups failed: " + str(e)) raise turbogears.redirect("/grouplist") -- cgit From 036cf58042871e91bb8c86382108da53b9c3b301 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 19 Sep 2007 13:43:52 -0700 Subject: Handle add/remove failures a little bit better. Still some refinements that can be done, but at least it shows the failures now. --- ipa-server/ipa-gui/ipagui/controllers.py | 45 ++++++++++++++++++++------------ 1 file changed, 29 insertions(+), 16 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 7a6d87ff..7e1f2fc2 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -446,7 +446,6 @@ class Root(controllers.RootController): return dict(form=group_edit_form, group=group_dict, members=member_dicts) except ipaerror.IPAError, e: - turbogears.flash("User show failed: " + str(e)) turbogears.flash("Group edit failed: " + str(e)) raise turbogears.redirect('/groupshow', uid=kw.get('cn')) @@ -489,12 +488,12 @@ class Root(controllers.RootController): if group_modified: rv = client.update_group(new_group) - # - # TODO - if the group update succeeds, but below operations fail, - # we needs to make sure a subsequent submit doesn't try to update - # the group again. Probably by overwriting the group_orig hidden - # field blob. - # + # + # If the group update succeeds, but below operations fail, we + # need to make sure a subsequent submit doesn't try to update + # the group again. + # + kw['group_orig'] = b64encode(dumps(new_group.toDict())) except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=group_edit_form, group=kw, members=member_dicts, @@ -503,15 +502,14 @@ class Root(controllers.RootController): # # Add members # + failed_adds = [] try: uidadds = kw.get('uidadd') if uidadds != None: if not(isinstance(uidadds,list) or isinstance(uidadds,tuple)): uidadds = [uidadds] - failed = client.add_users_to_group(uidadds, kw.get('cn')) - # - # TODO - deal with failed adds - # + failed_adds = client.add_users_to_group(uidadds, kw.get('cn')) + kw['uidadd'] = failed_adds except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=group_edit_form, group=kw, members=member_dicts, @@ -520,21 +518,36 @@ class Root(controllers.RootController): # # Remove members # + failed_dels = [] try: uiddels = kw.get('uiddel') if uiddels != None: if not(isinstance(uiddels,list) or isinstance(uiddels,tuple)): uiddels = [uiddels] - failed = client.remove_users_from_group(uiddels, kw.get('cn')) - # - # TODO - deal with failed removals - # + failed_dels = client.remove_users_from_group(uiddels, kw.get('cn')) + kw['uiddel'] = failed_dels except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=group_edit_form, group=kw, members=member_dicts, tg_template='ipagui.templates.groupedit') - # TODO if not group_modified + # + # TODO - check failed ops to see if it's because of another update. + # handle "someone else already did it" errors better - perhaps + # not even as an error + # TODO - update the Group Members list. + # (note that we have to handle the above todo first, or else + # there will be an error message, but the add/del lists will + # be empty) + # + if (len(failed_adds) > 0) or (len(failed_dels) > 0): + message = "There was an error updating group members.
" + message += "Failures have been preserved in the add/remove lists." + if group_modified: + message = "Group Details successfully updated.
" + message + turbogears.flash(message) + return dict(form=group_edit_form, group=kw, members=member_dicts, + tg_template='ipagui.templates.groupedit') turbogears.flash("%s updated!" % kw['cn']) raise turbogears.redirect('/groupshow', cn=kw['cn']) -- cgit From 4e79c37c604f0e51dab19fc28063b3186df0c6d9 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Wed, 19 Sep 2007 15:59:01 -0700 Subject: Add password changing call to web gui. --- ipa-server/ipa-gui/ipagui/controllers.py | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'ipa-server/ipa-gui/ipagui/controllers.py') diff --git a/ipa-server/ipa-gui/ipagui/controllers.py b/ipa-server/ipa-gui/ipagui/controllers.py index 7e1f2fc2..60921122 100644 --- a/ipa-server/ipa-gui/ipagui/controllers.py +++ b/ipa-server/ipa-gui/ipagui/controllers.py @@ -151,6 +151,7 @@ class Root(controllers.RootController): return dict(form=user_edit_form, user=kw, tg_template='ipagui.templates.useredit') + password_change = False try: orig_user_dict = loads(b64decode(kw.get('user_orig'))) @@ -165,7 +166,7 @@ class Root(controllers.RootController): new_user.setValue('nsAccountLock', None) if kw.get('editprotected') == 'true': if kw.get('userpassword'): - new_user.setValue('userpassword', kw.get('userpassword')) + password_change = True new_user.setValue('uidnumber', str(kw.get('uidnumber'))) new_user.setValue('gidnumber', str(kw.get('gidnumber'))) @@ -177,13 +178,27 @@ class Root(controllers.RootController): new_user.getValue('sn'))) rv = client.update_user(new_user) - turbogears.flash("%s updated!" % kw['uid']) - raise turbogears.redirect('/usershow', uid=kw['uid']) + except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST), e: + if not password_change: + turbogears.flash("User update failed: " + str(e)) + return dict(form=user_edit_form, user=kw, + tg_template='ipagui.templates.useredit') except ipaerror.IPAError, e: turbogears.flash("User update failed: " + str(e)) return dict(form=user_edit_form, user=kw, tg_template='ipagui.templates.useredit') + try: + if password_change: + rv = client.modifyPassword(kw['uid'], "", kw.get('userpassword')) + except ipaerror.IPAError, e: + turbogears.flash("User password change failed: " + str(e)) + return dict(form=user_edit_form, user=kw, + tg_template='ipagui.templates.useredit') + + turbogears.flash("%s updated!" % kw['uid']) + raise turbogears.redirect('/usershow', uid=kw['uid']) + @expose("ipagui.templates.userlist") @identity.require(identity.not_anonymous()) -- cgit