ldap_settings.py
150 lines
| 5.3 KiB
| text/x-python
|
PythonLexer
| r769 | # -*- coding: utf-8 -*- | |||
| """ | ||||
| r861 | rhodecode.controllers.admin.ldap_settings | |||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||||
| r769 | ||||
| ldap controller for RhodeCode | ||||
| r1203 | ||||
| r769 | :created_on: Nov 26, 2010 | |||
| :author: marcink | ||||
| r1824 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |||
| r769 | :license: GPLv3, see COPYING for more details. | |||
| """ | ||||
| r1206 | # This program is free software: you can redistribute it and/or modify | |||
| # it under the terms of the GNU General Public License as published by | ||||
| # the Free Software Foundation, either version 3 of the License, or | ||||
| # (at your option) any later version. | ||||
| r1203 | # | |||
| r769 | # This program is distributed in the hope that it will be useful, | |||
| # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
| # GNU General Public License for more details. | ||||
| r1203 | # | |||
| r769 | # You should have received a copy of the GNU General Public License | |||
| r1206 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
| r769 | import logging | |||
| import formencode | ||||
| import traceback | ||||
| from formencode import htmlfill | ||||
| from pylons import request, response, session, tmpl_context as c, url | ||||
| from pylons.controllers.util import abort, redirect | ||||
| from pylons.i18n.translation import _ | ||||
| r1292 | from sqlalchemy.exc import DatabaseError | |||
| r769 | from rhodecode.lib.base import BaseController, render | |||
| from rhodecode.lib import helpers as h | ||||
| from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator | ||||
| r1292 | from rhodecode.lib.exceptions import LdapImportError | |||
| r769 | from rhodecode.model.forms import LdapSettingsForm | |||
| r1633 | from rhodecode.model.db import RhodeCodeSetting | |||
| r2662 | from rhodecode.model.meta import Session | |||
| r769 | ||||
| log = logging.getLogger(__name__) | ||||
| class LdapSettingsController(BaseController): | ||||
| r1245 | search_scope_choices = [('BASE', _('BASE'),), | |||
Thayne Harbaugh
|
r991 | ('ONELEVEL', _('ONELEVEL'),), | ||
| r1245 | ('SUBTREE', _('SUBTREE'),), | |||
|
Thayne Harbaugh
|
r991 | ] | ||
| search_scope_default = 'SUBTREE' | ||||
| r1245 | tls_reqcert_choices = [('NEVER', _('NEVER'),), | |||
| ('ALLOW', _('ALLOW'),), | ||||
| ('TRY', _('TRY'),), | ||||
|
Thayne Harbaugh
|
r991 | ('DEMAND', _('DEMAND'),), | ||
| r1245 | ('HARD', _('HARD'),), | |||
|
Thayne Harbaugh
|
r991 | ] | ||
| tls_reqcert_default = 'DEMAND' | ||||
"Lorenzo M. Catucci"
|
r1290 | tls_kind_choices = [('PLAIN', _('No encryption'),), | ||
| ('LDAPS', _('LDAPS connection'),), | ||||
| ('START_TLS', _('START_TLS on LDAP connection'),) | ||||
| ] | ||||
| tls_kind_default = 'PLAIN' | ||||
| r769 | @LoginRequired() | |||
| @HasPermissionAllDecorator('hg.admin') | ||||
| def __before__(self): | ||||
| c.admin_user = session.get('admin_user') | ||||
| c.admin_username = session.get('admin_username') | ||||
|
Thayne Harbaugh
|
r991 | c.search_scope_choices = self.search_scope_choices | ||
| r1245 | c.tls_reqcert_choices = self.tls_reqcert_choices | |||
|
"Lorenzo M. Catucci"
|
r1290 | c.tls_kind_choices = self.tls_kind_choices | ||
| r1292 | ||||
| c.search_scope_cur = self.search_scope_default | ||||
| c.tls_reqcert_cur = self.tls_reqcert_default | ||||
| c.tls_kind_cur = self.tls_kind_default | ||||
| r769 | super(LdapSettingsController, self).__before__() | |||
| def index(self): | ||||
| r1633 | defaults = RhodeCodeSetting.get_ldap_settings() | |||
|
Thayne Harbaugh
|
r991 | c.search_scope_cur = defaults.get('ldap_search_scope') | ||
| r1245 | c.tls_reqcert_cur = defaults.get('ldap_tls_reqcert') | |||
|
"Lorenzo M. Catucci"
|
r1290 | c.tls_kind_cur = defaults.get('ldap_tls_kind') | ||
| r769 | ||||
| return htmlfill.render( | ||||
| render('admin/ldap/ldap.html'), | ||||
| defaults=defaults, | ||||
| encoding="UTF-8", | ||||
| force_defaults=True,) | ||||
| def ldap_settings(self): | ||||
| r860 | """POST ldap create and store ldap settings""" | |||
| r769 | ||||
|
Thayne Harbaugh
|
r991 | _form = LdapSettingsForm([x[0] for x in self.tls_reqcert_choices], | ||
|
"Lorenzo M. Catucci"
|
r1290 | [x[0] for x in self.search_scope_choices], | ||
| [x[0] for x in self.tls_kind_choices])() | ||||
| r2193 | # check the ldap lib | |||
| ldap_active = False | ||||
| try: | ||||
| import ldap | ||||
| ldap_active = True | ||||
| except ImportError: | ||||
| pass | ||||
| r769 | ||||
| try: | ||||
| form_result = _form.to_python(dict(request.POST)) | ||||
| r2193 | ||||
| r769 | try: | |||
| for k, v in form_result.items(): | ||||
| if k.startswith('ldap_'): | ||||
| r2193 | if k == 'ldap_active': | |||
| v = ldap_active | ||||
| r1633 | setting = RhodeCodeSetting.get_by_name(k) | |||
| r769 | setting.app_settings_value = v | |||
| r2662 | Session().add(setting) | |||
| r769 | ||||
| r2662 | Session().commit() | |||
| r769 | h.flash(_('Ldap settings updated successfully'), | |||
| r2193 | category='success') | |||
| if not ldap_active: | ||||
| #if ldap is missing send an info to user | ||||
| h.flash(_('Unable to activate ldap. The "python-ldap" library ' | ||||
| 'is missing.'), category='warning') | ||||
| r769 | except (DatabaseError,): | |||
| raise | ||||
| except formencode.Invalid, errors: | ||||
| r1292 | e = errors.error_dict or {} | |||
| r769 | ||||
| return htmlfill.render( | ||||
| render('admin/ldap/ldap.html'), | ||||
| defaults=errors.value, | ||||
| r1292 | errors=e, | |||
| r769 | prefix_error=False, | |||
| encoding="UTF-8") | ||||
| except Exception: | ||||
| log.error(traceback.format_exc()) | ||||
| r860 | h.flash(_('error occurred during update of ldap settings'), | |||
| r769 | category='error') | |||
| return redirect(url('ldap_home')) | ||||
