[Freeipa-devel] [PATCH] new user group management

Mon Oct 1 18:24:49 UTC 2007

This patch adds the group management code to the new user screen.

-Kevin

-------------- next part --------------
# HG changeset patch
# User Kevin McCarthy <kmccarth at redhat.com>
# Date 1191263182 25200
# Node ID 23d9775392a14cb7dc860675deaec6889431b28d
# Parent  0a3bb27f723b0d70253613460b0d266aa1acb36a
Allow group selection on the create user page.

diff -r 0a3bb27f723b -r 23d9775392a1 ipa-server/ipa-gui/ipagui/controllers.py

--- a/ipa-server/ipa-gui/ipagui/controllers.py	Fri Sep 28 16:01:42 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/controllers.py	Mon Oct 01 11:26:22 2007 -0700
@@ -116,7 +116,7 @@ class Root(controllers.RootController):
         if tg_errors:
             turbogears.flash("There was a problem with the form!")
 
-        return dict(form=user_new_form)
+        return dict(form=user_new_form, user={})
 
     @expose()
     @identity.require(identity.not_anonymous())
@@ -130,8 +130,12 @@ class Root(controllers.RootController):
 
         tg_errors, kw = self.usercreatevalidate(**kw)
         if tg_errors:
-            return dict(form=user_new_form, tg_template='ipagui.templates.usernew')
-
+            return dict(form=user_new_form, user=kw,
+                    tg_template='ipagui.templates.usernew')
+
+        #
+        # Update the user itself
+        #
         try:
             new_user = ipa.user.User()
             new_user.setValue('uid', kw.get('uid'))
@@ -143,15 +147,67 @@ class Root(controllers.RootController):
                 new_user.setValue('nsAccountLock', 'true')
 
             rv = client.add_user(new_user)
-            turbogears.flash("%s added!" % kw['uid'])
-            raise turbogears.redirect('/usershow', uid=kw['uid'])
         except ipaerror.exception_for(ipaerror.LDAP_DUPLICATE):
             turbogears.flash("Person with login '%s' already exists" %
                     kw.get('uid'))
-            return dict(form=user_new_form, tg_template='ipagui.templates.usernew')
+            return dict(form=user_new_form, user=kw,
+                    tg_template='ipagui.templates.usernew')
         except ipaerror.IPAError, e:
             turbogears.flash("User add failed: " + str(e))
-            return dict(form=user_new_form, tg_template='ipagui.templates.usernew')
+            return dict(form=user_new_form, user=kw,
+                    tg_template='ipagui.templates.usernew')
+
+        #
+        # NOTE: from here on, the user account now exists.
+        #       on any error, we redirect to the _edit_ user page.
+        #       this code does data setup, similar to useredit()
+        #
+        user = client.get_user_by_uid(kw['uid'], user_fields)
+        user_dict = user.toDict()
+
+        user_groups_dicts = []
+        user_groups_data = b64encode(dumps(user_groups_dicts))
+
+        # store a copy of the original user for the update later
+        user_data = b64encode(dumps(user_dict))
+        user_dict['user_orig'] = user_data
+        user_dict['user_groups_data'] = user_groups_data
+
+        # preserve group add info in case of errors
+        user_dict['dnadd'] = kw.get('dnadd')
+        user_dict['dn_to_info_json'] = kw.get('dn_to_info_json')
+
+        #
+        # Password change
+        # TODO
+        #
+
+        #
+        # Add groups
+        #
+        failed_adds = []
+        try:
+            dnadds = kw.get('dnadd')
+            if dnadds != None:
+                if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)):
+                    dnadds = [dnadds]
+                failed_adds = client.add_groups_to_user(
+                        utf8_encode_values(dnadds), user.dn)
+                kw['dnadd'] = failed_adds
+        except ipaerror.IPAError, e:
+            failed_adds = dnadds
+
+        if len(failed_adds) > 0:
+            message = "Person successfully updated.<br />"
+            message += "There was an error adding groups.<br />"
+            message += "Failures have been preserved in the add/remove lists."
+            turbogears.flash(message)
+            return dict(form=user_edit_form, user=user_dict,
+                        user_groups=user_groups_dicts,
+                        tg_template='ipagui.templates.useredit')
+
+        turbogears.flash("%s added!" % kw['uid'])
+        raise turbogears.redirect('/usershow', uid=kw['uid'])
 
     @expose("ipagui.templates.dynamiceditsearch")
     @identity.require(identity.not_anonymous())
@@ -227,6 +283,7 @@ class Root(controllers.RootController):
                         tg_template='ipagui.templates.useredit')
 
         password_change = False
+        user_modified = False
 
         #
         # Update the user itself
@@ -262,6 +319,7 @@ class Root(controllers.RootController):
             # need to make sure a subsequent submit doesn't try to update
             # the user again.
             #
+            user_modified = True
             kw['user_orig'] = b64encode(dumps(new_user.toDict()))
         except ipaerror.exception_for(ipaerror.LDAP_EMPTY_MODLIST), e:
             # could be a password change
@@ -299,10 +357,7 @@ class Root(controllers.RootController):
                         utf8_encode_values(dnadds), new_user.dn)
                 kw['dnadd'] = failed_adds
         except ipaerror.IPAError, e:
-            turbogears.flash("Group update failed: " + str(e))
-            return dict(form=user_edit_form, user=kw,
-                        user_groups=user_groups_dicts,
-                        tg_template='ipagui.templates.useredit')
+            failed_adds = dnadds
 
         #
         # Remove groups
@@ -317,14 +372,15 @@ class Root(controllers.RootController):
                         utf8_encode_values(dndels), new_user.dn)
                 kw['dndel'] = failed_dels
         except ipaerror.IPAError, e:
-            turbogears.flash("Group update failed: " + str(e))
-            return dict(form=user_edit_form, user=kw,
-                        user_groups=user_groups_dicts,
-                        tg_template='ipagui.templates.useredit')
+            failed_dels = dndels
 
         if (len(failed_adds) > 0) or (len(failed_dels) > 0):
             message = "There was an error updating groups.<br />"
             message += "Failures have been preserved in the add/remove lists."
+            if user_modified:
+                message = "User Details successfully updated.<br />" + message
+            if password_change:
+                message = "User password successfully updated.<br />" + message
             turbogears.flash(message)
             return dict(form=user_edit_form, user=kw,
                         user_groups=user_groups_dicts,
diff -r 0a3bb27f723b -r 23d9775392a1 ipa-server/ipa-gui/ipagui/forms/user.py
--- a/ipa-server/ipa-gui/ipagui/forms/user.py	Fri Sep 28 16:01:42 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/forms/user.py	Mon Oct 01 11:26:22 2007 -0700
@@ -46,7 +46,9 @@ class UserNewForm(widgets.Form):
     params = ['user']
 
     fields = [UserFields.uid, UserFields.givenname,
-              UserFields.sn, UserFields.mail]
+              UserFields.sn, UserFields.mail,
+              UserFields.dn_to_info_json,
+             ]
 
     validator = UserNewValidator()
 
diff -r 0a3bb27f723b -r 23d9775392a1 ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js
--- a/ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js	Fri Sep 28 16:01:42 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js	Mon Oct 01 11:26:22 2007 -0700
@@ -169,3 +169,18 @@ function preSubmit() {
   $('form_dn_to_info_json').value = json;
   return true;
 }
+
+function enterDoSearch(e) {
+  var keyPressed;
+  if (window.event) {
+    keyPressed = window.event.keyCode;
+  } else {
+    keyPressed = e.which; 
+  }
+
+  if (keyPressed == 13) {
+    return doSearch();
+  } else {
+    return true;
+  }
+}
diff -r 0a3bb27f723b -r 23d9775392a1 ipa-server/ipa-gui/ipagui/templates/groupeditform.kid
--- a/ipa-server/ipa-gui/ipagui/templates/groupeditform.kid	Fri Sep 28 16:01:42 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/groupeditform.kid	Mon Oct 01 11:26:22 2007 -0700
@@ -21,21 +21,6 @@ from ipagui.helpers import ipahelper
       } else {
         gidnumberField.disabled = true;
         $('form_editprotected').value = '';
-      }
-    }
-
-    function enterDoSearch(e) {
-      var keyPressed;
-      if (window.event) {
-        keyPressed = window.event.keyCode;
-      } else {
-        keyPressed = e.which; 
-      }
-
-      if (keyPressed == 13) {
-        return doSearch();
-      } else {
-        return true;
       }
     }
 
diff -r 0a3bb27f723b -r 23d9775392a1 ipa-server/ipa-gui/ipagui/templates/usereditform.kid
--- a/ipa-server/ipa-gui/ipagui/templates/usereditform.kid	Fri Sep 28 16:01:42 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/usereditform.kid	Mon Oct 01 11:26:22 2007 -0700
@@ -33,21 +33,6 @@ from ipagui.helpers import ipahelper
       }
     }
 
-    function enterDoSearch(e) {
-      var keyPressed;
-      if (window.event) {
-        keyPressed = window.event.keyCode;
-      } else {
-        keyPressed = e.which; 
-      }
-
-      if (keyPressed == 13) {
-        return doSearch();
-      } else {
-        return true;
-      }
-    }
-
     function doSearch() {
       $('searchresults').update("Searching...");
       new Ajax.Updater('searchresults',
diff -r 0a3bb27f723b -r 23d9775392a1 ipa-server/ipa-gui/ipagui/templates/usernew.kid
--- a/ipa-server/ipa-gui/ipagui/templates/usernew.kid	Fri Sep 28 16:01:42 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/usernew.kid	Mon Oct 01 11:26:22 2007 -0700
@@ -8,6 +8,6 @@
 <body>
     <h2>Add Person</h2>
 
-    ${form.display(action="usercreate")}
+    ${form.display(action="usercreate", value=user)}
 </body>
 </html>
diff -r 0a3bb27f723b -r 23d9775392a1 ipa-server/ipa-gui/ipagui/templates/usernewform.kid
--- a/ipa-server/ipa-gui/ipagui/templates/usernewform.kid	Fri Sep 28 16:01:42 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/usernewform.kid	Mon Oct 01 11:26:22 2007 -0700
@@ -1,6 +1,41 @@
 <div xmlns:py="http://purl.org/kid/ns#"
   class="simpleroster">
-  <form action="${action}" name="${name}" method="${method}" class="tableform">
+  <form action="${action}" name="${name}" method="${method}" class="tableform"
+    onsubmit="preSubmit()">
+
+<?python
+from ipagui.helpers import ipahelper
+?>
+
+  <script type="text/javascript" charset="utf-8"
+    src="${tg.url('/static/javascript/dynamicedit.js')}"></script>
+
+  <?python searchurl = tg.url('/useredit_search') ?>
+
+  <script type="text/javascript">
+    function doSearch() {
+      $('searchresults').update("Searching...");
+      new Ajax.Updater('searchresults',
+          '${searchurl}',
+          {  asynchronous:true,
+             parameters: { criteria: $('criteria').value },
+             evalScripts: true });
+      return false;
+    }
+
+    // override dynamicedit.js version
+    // we don't need to show [group] nor italize groups
+    function renderMemberInfo(newdiv, info) {
+      if (info.type == "group") {
+        newdiv.appendChild(document.createTextNode(
+          info.name.escapeHTML() + " "));
+      }
+    }
+  </script>
+
+  <div py:for="field in hidden_fields"
+    py:replace="field.display(value_for(field), **params_for(field))" 
+    />
 
     <div class="formsection">Identity Details</div>
     <table class="formtable" cellpadding="2" cellspacing="0" border="0">
@@ -181,6 +216,28 @@
       </tr>
     </table>
 
+    <div style="clear:both">
+      <div class="formsection">Add Groups</div>
+
+      <div class="floatlist">
+        <div class="floatheader">To Add:</div>
+        <div id="newmembers">
+        </div>
+      </div>
+
+      <div>
+        <div id="search">
+          <input id="criteria" type="text" name="criteria"
+            onkeypress="return enterDoSearch(event);" />
+          <input type="button" value="Find"
+            onclick="return doSearch();"
+          />
+        </div>
+        <div id="searchresults">
+        </div>
+      </div>
+    </div>
+
     <table class="formtable" cellpadding="2" cellspacing="0" border="0">
       <tr>
         <th></th>
@@ -192,4 +249,33 @@
     </table>
 
   </form>
+
+  <script type="text/javascript">
+    /*
+     * This section restores the contents of the add and remove lists
+     * dynamically if we have to refresh the page
+     */
+    if ($('form_dn_to_info_json').value != "") {
+      dn_to_info_hash = new Hash($('form_dn_to_info_json').value.evalJSON());
+    }
+  </script>
+
+  <?python
+  dnadds = value.get('dnadd', [])
+  if not(isinstance(dnadds,list) or isinstance(dnadds,tuple)):
+      dnadds = [dnadds]
+  ?>
+
+  <script py:for="dnadd in dnadds">
+    <?python
+    dnadd_esc = ipahelper.javascript_string_escape(dnadd)
+    ?>
+    var dn = "${dnadd_esc}";
+    var info = dn_to_info_hash[dn];
+    var newdiv = addmember(dn, info);
+    if (newdiv != null) {
+      newdiv.style.display = 'block';
+    }
+  </script>
+
 </div>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4054 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071001/c42cc1ad/attachment.bin>
