ldap_settings.py
149 lines
| 5.3 KiB
| text/x-python
|
PythonLexer
r769 | # -*- coding: utf-8 -*- | |||
""" | ||||
r861 | rhodecode.controllers.admin.ldap_settings | |||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||||
r769 | ||||
ldap controller for RhodeCode | ||||
r1203 | ||||
r769 | :created_on: Nov 26, 2010 | |||
:author: marcink | ||||
r1824 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |||
r769 | :license: GPLv3, see COPYING for more details. | |||
""" | ||||
r1206 | # This program is free software: you can redistribute it and/or modify | |||
# it under the terms of the GNU General Public License as published by | ||||
# the Free Software Foundation, either version 3 of the License, or | ||||
# (at your option) any later version. | ||||
r1203 | # | |||
r769 | # This program is distributed in the hope that it will be useful, | |||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
# GNU General Public License for more details. | ||||
r1203 | # | |||
r769 | # You should have received a copy of the GNU General Public License | |||
r1206 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
r769 | import logging | |||
import formencode | ||||
import traceback | ||||
from formencode import htmlfill | ||||
from pylons import request, response, session, tmpl_context as c, url | ||||
from pylons.controllers.util import abort, redirect | ||||
from pylons.i18n.translation import _ | ||||
r1292 | from sqlalchemy.exc import DatabaseError | |||
r769 | from rhodecode.lib.base import BaseController, render | |||
from rhodecode.lib import helpers as h | ||||
from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator | ||||
r1292 | from rhodecode.lib.exceptions import LdapImportError | |||
r769 | from rhodecode.model.forms import LdapSettingsForm | |||
r1633 | from rhodecode.model.db import RhodeCodeSetting | |||
r769 | ||||
log = logging.getLogger(__name__) | ||||
class LdapSettingsController(BaseController): | ||||
r1245 | search_scope_choices = [('BASE', _('BASE'),), | |||
Thayne Harbaugh
|
r991 | ('ONELEVEL', _('ONELEVEL'),), | ||
r1245 | ('SUBTREE', _('SUBTREE'),), | |||
Thayne Harbaugh
|
r991 | ] | ||
search_scope_default = 'SUBTREE' | ||||
r1245 | tls_reqcert_choices = [('NEVER', _('NEVER'),), | |||
('ALLOW', _('ALLOW'),), | ||||
('TRY', _('TRY'),), | ||||
Thayne Harbaugh
|
r991 | ('DEMAND', _('DEMAND'),), | ||
r1245 | ('HARD', _('HARD'),), | |||
Thayne Harbaugh
|
r991 | ] | ||
tls_reqcert_default = 'DEMAND' | ||||
"Lorenzo M. Catucci"
|
r1290 | tls_kind_choices = [('PLAIN', _('No encryption'),), | ||
('LDAPS', _('LDAPS connection'),), | ||||
('START_TLS', _('START_TLS on LDAP connection'),) | ||||
] | ||||
tls_kind_default = 'PLAIN' | ||||
r769 | @LoginRequired() | |||
@HasPermissionAllDecorator('hg.admin') | ||||
def __before__(self): | ||||
c.admin_user = session.get('admin_user') | ||||
c.admin_username = session.get('admin_username') | ||||
Thayne Harbaugh
|
r991 | c.search_scope_choices = self.search_scope_choices | ||
r1245 | c.tls_reqcert_choices = self.tls_reqcert_choices | |||
"Lorenzo M. Catucci"
|
r1290 | c.tls_kind_choices = self.tls_kind_choices | ||
r1292 | ||||
c.search_scope_cur = self.search_scope_default | ||||
c.tls_reqcert_cur = self.tls_reqcert_default | ||||
c.tls_kind_cur = self.tls_kind_default | ||||
r769 | super(LdapSettingsController, self).__before__() | |||
def index(self): | ||||
r1633 | defaults = RhodeCodeSetting.get_ldap_settings() | |||
Thayne Harbaugh
|
r991 | c.search_scope_cur = defaults.get('ldap_search_scope') | ||
r1245 | c.tls_reqcert_cur = defaults.get('ldap_tls_reqcert') | |||
"Lorenzo M. Catucci"
|
r1290 | c.tls_kind_cur = defaults.get('ldap_tls_kind') | ||
r769 | ||||
return htmlfill.render( | ||||
render('admin/ldap/ldap.html'), | ||||
defaults=defaults, | ||||
encoding="UTF-8", | ||||
force_defaults=True,) | ||||
def ldap_settings(self): | ||||
r860 | """POST ldap create and store ldap settings""" | |||
r769 | ||||
Thayne Harbaugh
|
r991 | _form = LdapSettingsForm([x[0] for x in self.tls_reqcert_choices], | ||
"Lorenzo M. Catucci"
|
r1290 | [x[0] for x in self.search_scope_choices], | ||
[x[0] for x in self.tls_kind_choices])() | ||||
r2193 | # check the ldap lib | |||
ldap_active = False | ||||
try: | ||||
import ldap | ||||
ldap_active = True | ||||
except ImportError: | ||||
pass | ||||
r769 | ||||
try: | ||||
form_result = _form.to_python(dict(request.POST)) | ||||
r2193 | ||||
r769 | try: | |||
for k, v in form_result.items(): | ||||
if k.startswith('ldap_'): | ||||
r2193 | if k == 'ldap_active': | |||
v = ldap_active | ||||
r1633 | setting = RhodeCodeSetting.get_by_name(k) | |||
r769 | setting.app_settings_value = v | |||
self.sa.add(setting) | ||||
self.sa.commit() | ||||
h.flash(_('Ldap settings updated successfully'), | ||||
r2193 | category='success') | |||
if not ldap_active: | ||||
#if ldap is missing send an info to user | ||||
h.flash(_('Unable to activate ldap. The "python-ldap" library ' | ||||
'is missing.'), category='warning') | ||||
r769 | except (DatabaseError,): | |||
raise | ||||
except formencode.Invalid, errors: | ||||
r1292 | e = errors.error_dict or {} | |||
r769 | ||||
return htmlfill.render( | ||||
render('admin/ldap/ldap.html'), | ||||
defaults=errors.value, | ||||
r1292 | errors=e, | |||
r769 | prefix_error=False, | |||
encoding="UTF-8") | ||||
except Exception: | ||||
log.error(traceback.format_exc()) | ||||
r860 | h.flash(_('error occurred during update of ldap settings'), | |||
r769 | category='error') | |||
return redirect(url('ldap_home')) | ||||