--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pyams_ldap/zmi/plugin.py Sat Feb 28 15:20:14 2015 +0100
@@ -0,0 +1,370 @@
+#
+# Copyright (c) 2008-2015 Thierry Florac <tflorac AT ulthar.net>
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+from pyramid.view import view_config
+from z3c.form.interfaces import DISPLAY_MODE
+from z3c.table.column import GetAttrColumn
+from z3c.table.interfaces import IColumn
+from zope.component.interfaces import ISite
+from pyams_form.form import AJAXAddForm, AJAXEditForm, InnerEditForm, InnerAddForm
+from pyams_form.interfaces.form import IInnerTabForm, IWidgetsSuffixViewletsManager
+from pyams_form.search import SearchView, SearchResultsView
+from pyams_ldap.interfaces import ILDAPPlugin
+from pyams_ldap.plugin import LDAPPlugin
+from pyams_ldap.query import LDAPQuery
+from pyams_pagelet.pagelet import pagelet_config
+from pyams_security.interfaces import ISecurityManager, IPlugin
+from pyams_security.zmi.interfaces import ISecurityManagerToolbarAddingMenu
+from pyams_security.zmi.utility import SecurityManagerPluginsTable
+from pyams_skin.interfaces import IPageHeader
+from pyams_skin.layer import IPyAMSLayer
+from pyams_skin.skin import apply_skin
+from pyams_skin.table import I18nColumn
+from pyams_skin.viewlet.toolbar import ToolbarMenuItem
+from pyams_template.template import template_config
+from pyams_utils.adapter import adapter_config, ContextRequestViewAdapter
+from pyams_utils.registry import query_utility
+from pyams_utils.url import absolute_url
+from pyams_viewlet.viewlet import viewlet_config, Viewlet
+from pyams_zmi.form import AdminDialogAddForm, AdminDialogEditForm, AdminDialogDisplayForm
+from pyams_zmi.interfaces import IAdminView
+from pyams_zmi.layer import IAdminLayer
+from pyams_zmi.view import AdminView
+
+__docformat__ = 'restructuredtext'
+
+
+# import standard library
+import base64
+import ldap3
+
+# import interfaces
+
+# import packages
+from z3c.form import field
+from zope.interface import implementer, Interface
+
+from pyams_ldap import _
+
+
+#
+# LDAP users folder views
+#
+
+@viewlet_config(name='add-ldap-folder.menu', context=ISite, layer=IAdminLayer,
+ view=SecurityManagerPluginsTable, manager=ISecurityManagerToolbarAddingMenu,
+ permission='system.manage', weight=60)
+class LDAPPluginAddMenu(ToolbarMenuItem):
+ """LDAP users folder add menu"""
+
+ label = _("Add LDAP users folder...")
+ label_css_class = 'fa fa-fw fa-sitemap'
+ url = 'add-ldap-folder.html'
+ modal_target = True
+
+
+class ILDAPForm(Interface):
+ """LDAP form"""
+
+
+@pagelet_config(name='add-ldap-folder.html', context=ISite, layer=IPyAMSLayer,
+ permission='system.manage')
+@implementer(ILDAPForm)
+class LDAPPluginAddForm(AdminDialogAddForm):
+ """LDAP users folder plug-in add form"""
+
+ title = _("System security manager")
+ legend = _("Add LDAP users folder plug-in")
+ icon_css_class = 'fa fa-fw fa-sitemap'
+
+ fields = field.Fields(IPlugin).omit('__name__', '__parent__')
+ ajax_handler = 'add-ldap-folder.json'
+ edit_permission = 'system.manage'
+
+ def create(self, data):
+ return LDAPPlugin()
+
+ def add(self, plugin):
+ context = query_utility(ISecurityManager)
+ context[plugin.prefix] = plugin
+
+ def nextURL(self):
+ return absolute_url(self.context, self.request, 'security-manager.html')
+
+
+@view_config(name='add-ldap-folder.json', context=ISite, request_type=IPyAMSLayer,
+ permission='system.manage', renderer='json', xhr=True)
+class LDAPPluginAJAXAddForm(AJAXAddForm, LDAPPluginAddForm):
+ """LDAP users folder plug-in add form, AJAX handler"""
+
+
+#
+# LDAP add form tabs
+#
+
+@adapter_config(name='connection', context=(ISite, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginConnectionAddForm(InnerAddForm):
+ """LDAP plug-in add form connection"""
+
+ id = 'ldap_connection_form'
+ tabLabel = _("Connection")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('server_uri', 'bind_dn', 'bind_password', 'use_tls',
+ 'use_pool', 'pool_size', 'pool_lifetime')
+ weight = 1
+
+
+@adapter_config(name='users', context=(ISite, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginUsersAddForm(InnerAddForm):
+ """LDAP plug-in add form users schema"""
+
+ id = 'ldap_users_form'
+ tabLabel = _("Users schema")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('base_dn', 'search_scope', 'login_attribute', 'login_query',
+ 'uid_attribute', 'uid_query', 'title_format')
+ weight = 2
+
+
+@adapter_config(name='groups', context=(ISite, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginGroupsAddForm(InnerAddForm):
+ """LDAP plug-in add form groups schema"""
+
+ id = 'ldap_groups_form'
+ tabLabel = _("Groups schema")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('groups_base_dn', 'groups_search_scope', 'groups_query',
+ 'group_prefix', 'group_uid_attribute', 'group_title_format')
+ weight = 3
+
+
+@adapter_config(name='search', context=(ISite, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginSearchAddForm(InnerAddForm):
+ """LDAP plug-in add form search settings"""
+
+ id = 'ldap_search_form'
+ tabLabel = _("Search settings")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('users_select_query', 'users_search_query',
+ 'groups_select_query', 'groups_search_query')
+ weight = 4
+
+
+@pagelet_config(name='properties.html', context=ILDAPPlugin, layer=IPyAMSLayer,
+ permission='system.view')
+@implementer(ILDAPForm)
+class LDAPPluginEditForm(AdminDialogEditForm):
+ """LDAP users folder plug-in edit form"""
+
+ @property
+ def title(self):
+ return self.context.title
+
+ legend = _("Edit LDAP users folder plug-in properties")
+ icon_css_class = 'fa fa-fw fa-sitemap'
+
+ fields = field.Fields(IPlugin).omit('__parent__', '__name__')
+
+ ajax_handler = 'properties.json'
+ edit_permission = 'system.manage'
+
+ def updateWidgets(self, prefix=None):
+ super(LDAPPluginEditForm, self).updateWidgets()
+ self.widgets['prefix'].mode = DISPLAY_MODE
+
+ def update_content(self, content, data):
+ changes = super(LDAPPluginEditForm, self).update_content(content, data)
+ if changes:
+ self.context.clear()
+ return changes
+
+
+@view_config(name='properties.json', context=ILDAPPlugin, request_type=IPyAMSLayer,
+ permission='system.manage', renderer='json', xhr=True)
+@implementer(IAdminView)
+class LDAPPluginAJAXEditForm(AJAXEditForm, LDAPPluginEditForm):
+ """LDAP users folder plug-in edit form, AJAX handler"""
+
+
+#
+# LDAP edit form tabs
+#
+
+@adapter_config(name='connection', context=(ILDAPPlugin, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginConnectionEditForm(InnerEditForm):
+ """LDAP plug-in connection edit form"""
+
+ id = 'ldap_connection_form'
+ tabLabel = _("Connection")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('server_uri', 'bind_dn', 'bind_password', 'use_tls',
+ 'use_pool', 'pool_size', 'pool_lifetime')
+ weight = 1
+
+
+@adapter_config(name='users', context=(ILDAPPlugin, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginUsersEditForm(InnerEditForm):
+ """LDAP plug-in users schema edit form"""
+
+ id = 'ldap_users_form'
+ tabLabel = _("Users schema")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('base_dn', 'search_scope', 'login_attribute', 'login_query',
+ 'uid_attribute', 'uid_query', 'title_format')
+ weight = 2
+
+
+@adapter_config(name='groups', context=(ILDAPPlugin, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginGroupsEditForm(InnerEditForm):
+ """LDAP plug-in groups schema edit form"""
+
+ id = 'ldap_groups_form'
+ tabLabel = _("Groups schema")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('groups_base_dn', 'groups_search_scope', 'groups_query',
+ 'group_prefix', 'group_uid_attribute', 'group_title_format')
+ weight = 3
+
+
+@adapter_config(name='search', context=(ILDAPPlugin, IAdminLayer, ILDAPForm), provides=IInnerTabForm)
+class LDAPPluginSearchEditForm(InnerEditForm):
+ """LDAP plug-in search settings"""
+
+ id = 'ldap_search_form'
+ tabLabel = _("Search settings")
+ legend = None
+ fields = field.Fields(ILDAPPlugin).select('users_select_query', 'users_search_query',
+ 'groups_select_query', 'groups_search_query')
+
+ label_css_class = 'control-label col-md-4'
+ input_css_class = 'col-md-8'
+ weight = 4
+
+
+#
+# Users folder search views
+#
+
+@pagelet_config(name='search.html', context=ILDAPPlugin, layer=IPyAMSLayer, permission='system.view')
+class LDAPPluginSearchView(AdminView, SearchView):
+ """LDAP users folder search view"""
+
+ def __init__(self, context, request):
+ super(LDAPPluginSearchView, self).__init__(context, request)
+
+
+@adapter_config(context=(ILDAPPlugin, IAdminLayer, LDAPPluginSearchView), provides=IPageHeader)
+class LDAPPluginSearchViewHeaderAdapter(ContextRequestViewAdapter):
+ """LDAP users folder search view header adapter"""
+
+ back_url = '#security-manager.html'
+ icon_class = 'fa fa-fw fa-sitemap'
+
+ @property
+ def title(self):
+ return self.context.title
+
+ subtitle = _("Search users and groups")
+
+
+@view_config(name='search-results.html', context=ILDAPPlugin, request_type=IPyAMSLayer,
+ permission='system.view')
+class LDAPPluginSearchResultsView(AdminView, SearchResultsView):
+ """LDAP users folder search results view table"""
+
+ id = 'ldap_folder_search_table'
+ title = _("Search results")
+ cssClasses = {'table': 'table table-bordered table-striped table-hover table-tight datatable'}
+
+ @property
+ def data_attributes(self):
+ return {'tr': {'data-ams-element-name': lambda x: x[0],
+ 'data-ams-url': lambda x: '{url}?dn={dn}'.format(url=absolute_url(self.context, self.request,
+ 'user-properties.html'),
+ dn=x[0]),
+ 'data-toggle': 'modal'}}
+
+ def __init__(self, context, request):
+ super(LDAPPluginSearchResultsView, self).__init__(context, request)
+ apply_skin(self.request, 'PyAMS admin skin')
+
+
+class LDAPColumn(I18nColumn, GetAttrColumn):
+ """Base LDAP column"""
+
+ def getValue(self, obj):
+ return ', '.join(obj[1].get(self.attrName, ()))
+
+
+@adapter_config(name='name', context=(ILDAPPlugin, IAdminLayer, LDAPPluginSearchResultsView),
+ provides=IColumn)
+class LDAPCnColumn(LDAPColumn):
+ """CN column"""
+
+ _header = _("Common name")
+ attrName = 'cn'
+ weight = 5
+
+
+@adapter_config(name='mail', context=(ILDAPPlugin, IAdminLayer, LDAPPluginSearchResultsView),
+ provides=IColumn)
+class LDAPMailColumn(LDAPColumn):
+ """Mail column"""
+
+ _header = _("E-mail")
+ attrName = 'mail'
+ weight = 20
+
+
+#
+# LDAP principal display form
+#
+
+@pagelet_config(name='user-properties.html', context=ILDAPPlugin, layer=IPyAMSLayer)
+class LDAPPrincipalDisplayForm(AdminDialogDisplayForm):
+ """LDAP principal display form"""
+
+ @property
+ def title(self):
+ return self.context.title
+
+ @property
+ def legend(self):
+ return self.request.localizer.translate(_("Display LDAP entry: {dn}")).format(dn=self.request.params['dn'])
+
+ icon_class = 'fa fa-fw fa-sitemap'
+
+ fields = field.Fields(Interface)
+
+
+@viewlet_config(name='ldap-attributes', layer=IAdminLayer, manager=IWidgetsSuffixViewletsManager,
+ view=LDAPPrincipalDisplayForm)
+@template_config(template='templates/ldap-attributes.pt')
+class LDAPPrincipalAttributesViewlet(Viewlet):
+ """LDAP principal attributes"""
+
+ br = '<br />'
+
+ @property
+ def attributes(self):
+ plugin = self.context
+ conn = plugin.get_connection()
+ dn = self.request.params.get('dn')
+ query = LDAPQuery(dn, '(objectclass=*)', ldap3.SEARCH_SCOPE_BASE_OBJECT, ldap3.ALL_ATTRIBUTES)
+ result = query.execute(conn)
+ if not result or len(result) > 1:
+ return ()
+ dn, attributes = result[0]
+ if 'jpegPhoto' in attributes:
+ attributes['jpegPhoto'] = ['<img src="data:image/jpeg;base64,{0}" />'.
+ format(base64.encodebytes(attributes['jpegPhoto'][0]).decode()), ]
+ result = sorted(attributes.items(), key=lambda x: x[0])
+ return result