haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-20 10:58:33 +00:00
Code Issues Releases Wiki Activity

[user-admin] add ldap imported

Browse Source
This commit is contained in:
lian
2015-06-26 14:05:39 +08:00
parent f33d756308
commit 85f142b0a1
10 changed files with 201 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
seahub/base/accounts.py
View File

@@ -151,7 +151,14 @@ class User(object):
if emailuser:
if not hasattr(self, 'password'):
self.set_unusable_password()
ccnet_threaded_rpc.update_emailuser(emailuser.id,
if emailuser.source == "DB":
source = "DB"
else:
source = "LDAP"
ccnet_threaded_rpc.update_emailuser(source,
emailuser.id,
self.password,
int(self.is_staff),
int(self.is_active))

2
seahub/share/views.py
View File

@@ -1587,7 +1587,7 @@ def ajax_private_share_dir(request):
if share_to_group(request, shared_repo, group, perm):
shared_success.append(group.group_name)
else:
shared_failed.append(email)
shared_failed.append(group.group_name)
if len(shared_success) > 0:
return HttpResponse(json.dumps({

88
seahub/templates/sysadmin/sys_user_admin_ldap_imported.html Normal file
View File

@@ -0,0 +1,88 @@
{% extends "sysadmin/base.html" %}
{% load seahub_tags i18n %}
{% block cur_users %}tab-cur{% endblock %}
{% block extra_style %}
{% endblock %}
{% block left_panel %}{{block.super}}
<form action="{% url 'user_search' %}" method="get" class="side-search-form">
<input type="text" name="email" class="input" value="" placeholder="{% trans "Search users..." %}" />
</form>
{% endblock %}
{% block right_panel %}
<div class="tabnav ovhd">
<ul class="tabnav-tabs fleft">
<li class="tabnav-tab"><a href="{% url 'sys_useradmin' %}">{% trans "Database" %}</a></li>
{% if have_ldap %}
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_ldap' %}">{% trans "LDAP" %}</a></li>
{% endif %}
<li class="tabnav-tab tabnav-tab-cur"><a href="{% url 'sys_useradmin_ldap_imported' %}">{% trans "LDAP(imported)" %}</a></li>
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_admins' %}">{% trans "Admins" %}</a></li>
</ul>
</div>
{% if users %}
<table>
<tr>
<th width="36%">{% trans "Email" %}</th>
<th width="12%">{% trans "Status" %}</th>
<th width="16%">{% trans "Space Used" %}</th>
<th width="18%">{% trans "Last Login" %}</th>
<th width="18%">{% trans "Operations" %}</th>
</tr>
{% for user in users %}
<tr data-userid="{{user.email}}">
<td><a href="{% url 'user_info' user.email %}">{{ user.email }}</a>
</td>
<td>
<div class="user-status">
{% if user.is_active %}
<span class="user-status-cur-value">{% trans "Active" %}</span>
{% else %}
<span class="user-status-cur-value">{% trans "Inactive" %}</span>
{% endif %}
<img src="{{MEDIA_URL}}img/edit_12.png" alt="{% trans "Edit"%}" title="{% trans "Edit"%}" class="user-status-edit-icon cspt vh" />
</div>
<select name="permission" class="user-status-select hide">
<option value="1" {%if user.is_active %}selected="selected"{% endif %}>{% trans "Active" %}</option>
<option value="0" {%if not user.is_active %}selected="selected"{% endif %}>{% trans "Inactive"%}</option>
</select>
</td>
<td style="font-size:11px;">
<p> {{ user.space_usage|filesizeformat }} {% if user.space_quota > 0 %} / {{ user.space_quota|filesizeformat }} {% endif %} </p>
{% if not user.org %}
{% if CALC_SHARE_USAGE %}
<p> {{ user.share_usage|filesizeformat }} {% if user.share_quota > 0 %} / {{ user.share_quota|filesizeformat }} {% endif %} </p>
{% endif %}
{% endif %}
</td>
<td>
{% if user.last_login %}{{user.last_login|translate_seahub_time}} {% else %} -- {% endif %}
</td>
<td>
{% if not user.is_self %}
<a href="#" class="remove-user-btn op vh" data-url="{% url 'user_remove' user.email %}" data-target="{{ user.props.email }}">{% trans "Delete" %}</a>
{% endif %}
</td>
</tr>
{% endfor %}
</table>
{% include "snippets/admin_paginator.html" %}
{% else %}
<div class="empty-tips">
<h2 class="alc">{% trans "No LDAP users have been imported" %}</h2>
</div>
{% endif %}
<div id="activate-msg" class="hide">
<p>{% trans "Activating..., please wait" %}</p>
</div>
{% endblock %}
{% block extra_script %}
<script type="text/javascript">
{% include "sysadmin/useradmin_js.html" %}
</script>
{% endblock %}

5
seahub/templates/sysadmin/sys_useradmin.html
View File

@@ -23,6 +23,7 @@
{% if have_ldap %}
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_ldap' %}">{% trans "LDAP" %}</a></li>
{% endif %}
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_ldap_imported' %}">{% trans "LDAP(imported)" %}</a></li>
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_admins' %}">{% trans "Admins" %}</a></li>
</ul>
<div class="fright">
@@ -58,7 +59,9 @@
<button type="submit" class="submit">{% trans "Submit" %}</button>
</form>
{% include "sysadmin/useradmin_table.html"%}
{% with is_admin_page=False%}
{% include "sysadmin/useradmin_table.html" %}
{% endwith %}
{% include "snippets/admin_paginator.html" %}
<div id="activate-msg" class="hide">

91
seahub/templates/sysadmin/sys_useradmin_admins.html
View File

@@ -15,6 +15,7 @@
{% if have_ldap %}
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_ldap' %}">{% trans "LDAP" %}</a></li>
{% endif %}
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_ldap_imported' %}">{% trans "LDAP(imported)" %}</a></li>
<li class="tabnav-tab tabnav-tab-cur"><a href="{% url 'sys_useradmin_admins' %}">{% trans "Admins" %}</a></li>
</ul>
<button id="add-admin-btn" class="fright"><img src="{{ MEDIA_URL }}img/add.png" alt="" class="add vam" /><span class="vam">{% trans "Add admin" %}</span></button>
@@ -37,93 +38,9 @@
</div>
</form>
<table>
<tr>
{% if is_pro %}
<th width="24%">{% trans "Email" %}</th>
<th width="12%">{% trans "Status" %}</th>
<th width="12%">{% trans "Role" %}</th>
{% else %}
<th width="36%">{% trans "Email" %}</th>
<th width="12%">{% trans "Status" %}</th>
{% endif %}
<th width="16%">{% trans "Space Used" %}</th>
<th width="22%">{% trans "Create At / Last Login" %}</th>
<th width="14%">{% trans "Operations" %}</th>
</tr>
{% for user in admin_users %}
<tr data-userid="{{user.email}}">
<td data="{{user.id}}"><a href="{{ SITE_ROOT }}useradmin/info/{{ user.props.email }}/">{{ user.email }}</a></td>
<td>
{% if user.source != 'LDAP' %}
<div class="user-status">
{% if user.is_active %}
<span class="user-status-cur-value">{% trans "Active" %}</span>
{% else %}
<span class="user-status-cur-value">{% trans "Inactive" %}</span>
{% endif %}
<img src="{{MEDIA_URL}}img/edit_12.png" alt="{% trans "Edit"%}" title="{% trans "Edit"%}" class="user-status-edit-icon cspt vh" />
</div>
<select name="permission" class="user-status-select hide">
<option value="1" {%if user.is_active %}selected="selected"{% endif %}>{% trans "Active" %}</option>
<option value="0" {%if not user.is_active %}selected="selected"{% endif %}>{% trans "Inactive"%}</option>
</select>
{% endif %}
</td>
{% if is_pro %}
<td>
{% if user.source != 'LDAP' %}
<div class="user-role">
{% if user.is_guest %}
<span class="user-role-cur-value">{% trans "Guest" %}</span>
{% else %}
<span class="user-role-cur-value">{% trans "Default" %}</span>
{% endif %}
{% if is_pro %}
<img src="{{MEDIA_URL}}img/edit_12.png" alt="{% trans "Edit"%}" title="{% trans "Edit"%}" class="user-role-edit-icon cspt vh" />
{% endif %}
</div>
{% if id_pro %}
<select name="role" class="user-role-select hide">
<option value={{default_user}} {%if not user.is_guest %}selected="selected"{% endif %}>{% trans "Default" %}</option>
<option value={{guest_user}} {%if user.is_guest %}selected="selected"{% endif %}>{% trans "Guest"%}</option>
</select>
{% endif %}
{% endif %}
</td>
{% endif %}
<td style="font-size:11px;">
<p> {{ user.space_usage|filesizeformat }} {% if user.space_quota > 0 %} / {{ user.space_quota|filesizeformat }} {% endif %} </p>
{% if not user.org %}
{% if CALC_SHARE_USAGE %}
<p> {{ user.share_usage|filesizeformat }} {% if user.share_quota > 0 %} / {{ user.share_quota|filesizeformat }} {% endif %} </p>
{% endif %}
{% endif %}
</td>
<td>
{% if user.source != 'LDAP' %}
{{ user.ctime|tsstr_sec }} /<br />
{% if user.last_login %}{{user.last_login|translate_seahub_time}} {% else %} -- {% endif %}
{% endif %}
</td>
<td>
{% if not user.is_self %}
<a href="#" class="remove-user-btn op vh" data-url="{{ SITE_ROOT }}useradmin/remove/{{ user.props.id }}/" data-target="{{ user.props.email }}">{% trans "Delete" %}</a>
<a href="#" class="reset-user-btn op vh" data-url="{% url 'user_reset' user.id %}" data-target="{{ user.props.email }}">{% trans "ResetPwd" %}</a>
{% if user.is_staff %}
<a href="#" data-url="{% url 'user_remove_admin' user.id %}" data-target="{{ user.props.email }}" class="revoke-admin-btn op vh">{% trans "Revoke Admin" %}</a>
{% else %}
<a href="#" data-url="{% url 'user_make_admin' user.id %}" data-target="{{ user.props.email }}" class="set-admin-btn op vh">{% trans "Set Admin" %}</a>
{% endif %}
{% endif %}
</td>
</tr>
{% endfor %}
</table>
{% with is_admin_page=True%}
{% include "sysadmin/useradmin_table.html" %}
{% endwith %}
<div id="activate-msg" class="hide">
<p>{% trans "Activating..., please wait" %}</p>

1
seahub/templates/sysadmin/sys_useradmin_ldap.html
View File

@@ -14,6 +14,7 @@
<ul class="tabnav-tabs">
<li class="tabnav-tab"><a href="{% url 'sys_useradmin' %}">{% trans "Database" %}</a></li>
<li class="tabnav-tab tabnav-tab-cur"><a href="{% url 'sys_useradmin_ldap' %}">{% trans "LDAP" %}</a></li>
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_ldap_imported' %}">{% trans "LDAP(imported)" %}</a></li>
<li class="tabnav-tab"><a href="{% url 'sys_useradmin_admins' %}">{% trans "Admins" %}</a></li>
</ul>
</div>

4
seahub/templates/sysadmin/useradmin_js.html
View File

@@ -11,10 +11,6 @@ addConfirmTo($('.revoke-admin-btn'), {
'title':"{% trans "Revoke Admin" %}",
'con':"{% trans "Are you sure you want to revoke the admin permission of %s ?" %}"
});
addConfirmTo($('.set-admin-btn'), {
'title':"{% trans "Set Admin" %}",
'con':"{% trans "Are you sure you want to set %s as admin?" %}"
});
addConfirmTo($('.unset-trial'), {
'title':"{% trans "Remove Trial" %}",
'con':"{% trans "Are you sure you want to remove trial for %s ?" %}"

27
seahub/templates/sysadmin/useradmin_table.html
View File

@@ -16,16 +16,17 @@
{% for user in users %}
<tr data-userid="{{user.email}}">
<td><a href="{{ SITE_ROOT }}useradmin/info/{{ user.props.email }}/">{{ user.email }}</a>
<td><a href="{% url 'user_info' user.email %}">{{ user.email }}</a>
{% if not is_admin_page %}
{% if user.org %}
<p style="font-size:11px;"><a href="{% url 'sys_org_info_user' user.org.org_id %}">({{user.org.org_name}})</a></p>
{% endif %}
{% if user.trial_info %}
<p style="font-size:11px;">(Trial &nbsp;<a href="#" class="unset-trial" data-target="{{ user.email }}" data-url="{% url 'remove_trial' user.email %}">X</a>)</p>
{% endif %}
{% endif %}
</td>
<td>
{% if user.source != 'LDAP' %}
<div class="user-status">
{% if user.is_active %}
<span class="user-status-cur-value">{% trans "Active" %}</span>
@@ -38,11 +39,10 @@
<option value="1" {%if user.is_active %}selected="selected"{% endif %}>{% trans "Active" %}</option>
<option value="0" {%if not user.is_active %}selected="selected"{% endif %}>{% trans "Inactive"%}</option>
</select>
{% endif %}
</td>
{% if is_pro %}
<td>
{% if user.source != 'LDAP' %}
{% if user.source == "DB" %}
<div class="user-role">
{% if user.is_guest %}
<span class="user-role-cur-value">{% trans "Guest" %}</span>
@@ -55,7 +55,9 @@
<option value={{default_user}} {%if not user.is_guest %}selected="selected"{% endif %}>{% trans "Default" %}</option>
<option value={{guest_user}} {%if user.is_guest %}selected="selected"{% endif %}>{% trans "Guest"%}</option>
</select>
{% endif %}
{% else %}
--
{% endif %}
</td>
{% endif %}
@@ -68,16 +70,21 @@
{% endif %}
</td>
<td>
{% if user.source != 'LDAP' %}
{% if user.source == "DB" %}
{{ user.ctime|tsstr_sec }} /<br />
{% if user.last_login %}{{user.last_login|translate_seahub_time}} {% else %} -- {% endif %}
{% else %}
-- /
{% endif %}
{% if user.last_login %}{{user.last_login|translate_seahub_time}} {% else %} -- {% endif %}
</td>
<td>
{% if user.source != 'LDAP' %}
{% if not user.is_self %}
<a href="#" class="remove-user-btn op vh" data-url="{{ SITE_ROOT }}useradmin/remove/{{ user.props.id }}/" data-target="{{ user.props.email }}">{% trans "Delete" %}</a>
<a href="#" class="reset-user-btn op vh" data-url="{% url 'user_reset' user.id %}" data-target="{{ user.props.email }}">{% trans "ResetPwd" %}</a>
<a href="#" class="remove-user-btn op vh" data-url="{% url 'user_remove' user.email %}" data-target="{{ user.props.email }}">{% trans "Delete" %}</a>
{% if user.source == "DB" %}
<a href="#" class="reset-user-btn op vh" data-url="{% url 'user_reset' user.email %}" data-target="{{ user.props.email }}">{% trans "ResetPwd" %}</a>
{% endif %}
{% if is_admin_page %}
<a href="#" data-url="{% url 'user_remove_admin' user.email %}" data-target="{{ user.props.email }}" class="revoke-admin-btn op vh">{% trans "Revoke Admin" %}</a>
{% endif %}
{% endif %}
</td>

7
seahub/urls.py
View File

@@ -215,6 +215,7 @@ urlpatterns = patterns('',
url(r'^sys/seafadmin/transfer/$', sys_repo_transfer, name='sys_repo_transfer'),
url(r'^sys/useradmin/$', sys_user_admin, name='sys_useradmin'),
url(r'^sys/useradmin/ldap/$', sys_user_admin_ldap, name='sys_useradmin_ldap'),
url(r'^sys/useradmin/ldap/imported$', sys_user_admin_ldap_imported, name='sys_useradmin_ldap_imported'),
url(r'^sys/useradmin/admins/$', sys_user_admin_admins, name='sys_useradmin_admins'),
url(r'^sys/groupadmin/$', sys_group_admin, name='sys_group_admin'),
url(r'^sys/groupadmin/(?P<group_id>\d+)/$', sys_admin_group_info, name='sys_admin_group_info'),
@@ -230,11 +231,11 @@ urlpatterns = patterns('',
url(r'^sys/notificationadmin/', notification_list, name='notification_list'),
url(r'^sys/sudo/', sys_sudo_mode, name='sys_sudo_mode'),
url(r'^useradmin/add/$', user_add, name="user_add"),
url(r'^useradmin/remove/(?P<user_id>[^/]+)/$', user_remove, name="user_remove"),
url(r'^useradmin/remove/(?P<email>[^/]+)/$', user_remove, name="user_remove"),
url(r'^useradmin/removetrial/(?P<user_or_org>[^/]+)/$', remove_trial, name="remove_trial"),
url(r'^useradmin/search/$', user_search, name="user_search"),
url(r'^useradmin/makeadmin/(?P<user_id>[^/]+)/$', user_make_admin, name='user_make_admin'),
url(r'^useradmin/removeadmin/(?P<user_id>[^/]+)/$', user_remove_admin, name='user_remove_admin'),
url(r'^useradmin/removeadmin/(?P<email>[^/]+)/$', user_remove_admin, name='user_remove_admin'),
url(r'^useradmin/info/(?P<email>[^/]+)/$', user_info, name='user_info'),
url(r'^useradmin/activate/(?P<user_id>[^/]+)/$', user_activate, name='user_activate'),
url(r'^useradmin/deactivate/(?P<user_id>[^/]+)/$', user_deactivate, name='user_deactivate'),
@@ -242,7 +243,7 @@ urlpatterns = patterns('',
url(r'^useradmin/toggle_role/(?P<email>[^/]+)/$', user_toggle_role, name='user_toggle_role'),
url(r'^useradmin/(?P<email>[^/]+)/set_quota/$', user_set_quota, name='user_set_quota'),
url(r'^useradmin/password/reset/(?P<user_id>[^/]+)/$', user_reset, name='user_reset'),
url(r'^useradmin/password/reset/(?P<email>[^/]+)/$', user_reset, name='user_reset'),
url(r'^useradmin/batchmakeadmin/$', batch_user_make_admin, name='batch_user_make_admin'),
url(r'^useradmin/batchadduser/$', batch_add_user, name='batch_add_user'),

100
seahub/views/sysadmin.py
View File

@@ -350,7 +350,7 @@ def sys_user_admin(request):
else:
trial_users = []
for user in users:
if user.props.id == request.user.id:
if user.email == request.user.email:
user.is_self = True
_populate_user_quota_usage(user)
@@ -396,6 +396,53 @@ def sys_user_admin(request):
'pro_server': pro_server,
}, context_instance=RequestContext(request))
@login_required
@sys_staff_required
def sys_user_admin_ldap_imported(request):
"""List all users from LDAP imported.
"""
# Make sure page request is an int. If not, deliver first page.
try:
current_page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '25'))
except ValueError:
current_page = 1
per_page = 25
users_plus_one = get_emailusers('LDAPImport', per_page * (current_page - 1), per_page + 1)
if len(users_plus_one) == per_page + 1:
page_next = True
else:
page_next = False
users = users_plus_one[:per_page]
last_logins = UserLastLogin.objects.filter(username__in=[x.email for x in users])
for user in users:
if user.email == request.user.email:
user.is_self = True
_populate_user_quota_usage(user)
# populate user last login time
user.last_login = None
for last_login in last_logins:
if last_login.username == user.email:
user.last_login = last_login.last_login
have_ldap = True if len(get_emailusers('LDAP', 0, 1)) > 0 else False
return render_to_response(
'sysadmin/sys_user_admin_ldap_imported.html', {
'users': users,
'current_page': current_page,
'prev_page': current_page-1,
'next_page': current_page+1,
'per_page': per_page,
'page_next': page_next,
'CALC_SHARE_USAGE': CALC_SHARE_USAGE,
'have_ldap': have_ldap,
'is_pro': is_pro_version(),
}, context_instance=RequestContext(request))
@login_required
@sys_staff_required
def sys_user_admin_ldap(request):
@@ -417,7 +464,7 @@ def sys_user_admin_ldap(request):
users = users_plus_one[:per_page]
last_logins = UserLastLogin.objects.filter(username__in=[x.email for x in users])
for user in users:
if user.props.id == request.user.id:
if user.email == request.user.email:
user.is_self = True
_populate_user_quota_usage(user)
@@ -444,13 +491,15 @@ def sys_user_admin_ldap(request):
@login_required
@sys_staff_required
def sys_user_admin_admins(request):
"""List all admins from database.
"""List all admins from database and ldap imported
"""
users = get_emailusers('DB', -1, -1)
db_users = get_emailusers('DB', -1, -1)
ldpa_imported_users = get_emailusers('LDAPImport', -1, -1)
admin_users = []
not_admin_users = []
for user in users:
for user in db_users + ldpa_imported_users:
if user.is_staff is True:
admin_users.append(user)
else:
@@ -459,16 +508,18 @@ def sys_user_admin_admins(request):
last_logins = UserLastLogin.objects.filter(username__in=[x.email for x in admin_users])
for user in admin_users:
if user.props.id == request.user.id:
if user.email == request.user.email:
user.is_self = True
_populate_user_quota_usage(user)
# check user's role
if user.role == GUEST_USER:
user.is_guest = True
else:
user.is_guest = False
# check db user's role
if user.source == "DB":
if user.role == GUEST_USER:
user.is_guest = True
else:
user.is_guest = False
# populate user last login time
user.last_login = None
for last_login in last_logins:
@@ -479,7 +530,7 @@ def sys_user_admin_admins(request):
return render_to_response(
'sysadmin/sys_useradmin_admins.html', {
'admin_users': admin_users,
'users': admin_users,
'not_admin_users': not_admin_users,
'CALC_SHARE_USAGE': CALC_SHARE_USAGE,
'have_ldap': have_ldap,
@@ -670,13 +721,13 @@ def sys_org_set_quota(request, org_id):
@login_required
@sys_staff_required
def user_remove(request, user_id):
def user_remove(request, email):
"""Remove user"""
referer = request.META.get('HTTP_REFERER', None)
next = reverse('sys_useradmin') if referer is None else referer
try:
user = User.objects.get(id=int(user_id))
user = User.objects.get(email=email)
org = ccnet_threaded_rpc.get_orgs_by_user(user.email)
if org:
if org[0].creator == user.email:
@@ -734,10 +785,10 @@ def user_make_admin(request, user_id):
@login_required
@sys_staff_required
def user_remove_admin(request, user_id):
def user_remove_admin(request, email):
"""Unset user admin."""
try:
user = User.objects.get(id=int(user_id))
user = User.objects.get(email=email)
user.is_staff = False
user.save()
messages.success(request, _(u'Successfully revoke the admin permission of %s') % user.username)
@@ -872,10 +923,10 @@ def send_user_reset_email(request, email, password):
@login_required
@sys_staff_required
def user_reset(request, user_id):
def user_reset(request, email):
"""Reset password for user."""
try:
user = User.objects.get(id=int(user_id))
user = User.objects.get(email=email)
if isinstance(INIT_PASSWD, FunctionType):
new_password = INIT_PASSWD()
else:
@@ -1163,7 +1214,7 @@ def sys_org_info_user(request, org_id):
users = org_basic_info["users"]
last_logins = UserLastLogin.objects.filter(username__in=[x.email for x in users])
for user in users:
if user.id == request.user.id:
if user.email == request.user.email:
user.is_self = True
try:
user.self_usage =seafserv_threaded_rpc. \
@@ -1419,15 +1470,8 @@ def batch_user_make_admin(request):
failed.append(email)
continue
if user.source == 'DB':
# check if is DB user first
user.is_staff = True
user.save()
else:
# if is LDAP user, add this 'email' as a DB user first
# then set admin
ccnet_threaded_rpc.add_emailuser(email, '!', 1, 1)
user.is_staff = True
user.save()
success.append(email)
for item in success: