[Freeipa-devel] [PATCH] add delegation editing
Kevin McCarthy
kmccarth at redhat.com
Mon Oct 15 20:09:53 UTC 2007
This patch adds editing to the delegation UI.
-Kevin
-------------- next part --------------
# HG changeset patch
# User Kevin McCarthy <kmccarth at redhat.com>
# Date 1192478859 25200
# Node ID af0b0ac1b3064cfd55b5d3fb927b01855ebf74eb
# Parent 9a29344f0870d0963529d97c3893f68d947675df
Add basic delegation editing.
diff -r 9a29344f0870 -r af0b0ac1b306 ipa-python/aci.py
--- a/ipa-python/aci.py Mon Oct 15 09:04:13 2007 -0700
+++ b/ipa-python/aci.py Mon Oct 15 13:07:39 2007 -0700
@@ -18,6 +18,8 @@ import re
import re
import urllib
+import ipa.ipautil
+
class ACI:
"""
Holds the basic data for an ACI entry, as stored in the cn=accounts
@@ -30,6 +32,7 @@ class ACI:
self.source_group = ''
self.dest_group = ''
self.attrs = []
+ self.orig_acistr = acistr
if acistr is not None:
self.parse_acistr(acistr)
@@ -51,6 +54,16 @@ class ACI:
self.name,
urllib.quote(self.source_group, "/=, "))
return acistr
+
+ def to_dict(self):
+ result = ipa.ipautil.CIDict()
+ result['name'] = self.name
+ result['source_group'] = self.source_group
+ result['dest_group'] = self.dest_group
+ result['attrs'] = self.attrs
+ result['orig_acistr'] = self.orig_acistr
+
+ return result
def _match(self, prefix, inputstr):
"""Returns inputstr with prefix removed, or else raises a
@@ -90,6 +103,8 @@ class ACI:
def parse_acistr(self, acistr):
"""Parses the acistr. If the string isn't recognized, a SyntaxError
is raised."""
+ self.orig_acistr = acistr
+
acistr = self._match('(targetattr=', acistr)
(attrstr, acistr) = self._match_str(acistr)
self.attrs = attrstr.split(' || ')
diff -r 9a29344f0870 -r af0b0ac1b306 ipa-server/ipa-gui/ipagui/forms/delegate.py
--- a/ipa-server/ipa-gui/ipagui/forms/delegate.py Mon Oct 15 09:04:13 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/forms/delegate.py Mon Oct 15 13:07:39 2007 -0700
@@ -52,10 +52,12 @@ class DelegateFields():
dest_group_cn = widgets.HiddenField(name="dest_group_cn",
label="For People in Group")
+ orig_acistr = widgets.HiddenField(name="orig_acistr")
+
attrs = widgets.CheckBoxList(name="attrs", label="Can Modify",
options=aci_checkbox_attrs, validator=validators.NotEmpty)
-class DelegateNewValidator(validators.Schema):
+class DelegateValidator(validators.Schema):
name = validators.String(not_empty=True)
source_group_dn = validators.String(not_empty=True,
messages = { 'empty': _("Please choose a group"), })
@@ -64,7 +66,7 @@ class DelegateNewValidator(validators.Sc
attrs = validators.NotEmpty(
messages = { 'empty': _("Please select at least one value"), })
-class DelegateNewForm(widgets.Form):
+class DelegateForm(widgets.Form):
params = ['delegate', 'attr_list']
hidden_fields = [
@@ -72,15 +74,17 @@ class DelegateNewForm(widgets.Form):
DelegateFields.dest_group_dn,
DelegateFields.source_group_cn,
DelegateFields.dest_group_cn,
+ DelegateFields.orig_acistr,
]
- validator = DelegateNewValidator()
+ validator = DelegateValidator()
def __init__(self, *args, **kw):
- super(DelegateNewForm,self).__init__(*args, **kw)
+ super(DelegateForm,self).__init__(*args, **kw)
+ # TODO - rename to delegateform
(self.template_c, self.template) = widgets.meta.load_kid_template(
"ipagui.templates.delegatenewform")
self.delegate = DelegateFields
def update_params(self, params):
- super(DelegateNewForm,self).update_params(params)
+ super(DelegateForm,self).update_params(params)
diff -r 9a29344f0870 -r af0b0ac1b306 ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py Mon Oct 15 09:04:13 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py Mon Oct 15 13:07:39 2007 -0700
@@ -1,6 +1,7 @@ import os
import os
from pickle import dumps, loads
from base64 import b64encode, b64decode
+import copy
import cherrypy
import turbogears
@@ -20,7 +21,7 @@ import ldap.dn
aci_fields = ['*', 'aci']
-delegate_new_form = ipagui.forms.delegate.DelegateNewForm()
+delegate_form = ipagui.forms.delegate.DelegateForm()
class DelegationController(IPAController):
@@ -35,20 +36,25 @@ class DelegationController(IPAController
"""Display delegate page"""
client = self.get_ipaclient()
delegate = {}
- delegate['source_group_cn'] = "Please choose"
- delegate['dest_group_cn'] = "Please choose"
-
- return dict(form=delegate_new_form, delegate=delegate)
+ delegate['source_group_cn'] = "Please choose:"
+ delegate['dest_group_cn'] = "Please choose:"
+
+ return dict(form=delegate_form, delegate=delegate)
@expose()
@identity.require(identity.not_anonymous())
def create(self, **kw):
"""Creates a new delegation"""
- client = self.get_ipaclient()
-
- tg_errors, kw = self.delegatecreatevalidate(**kw)
- if tg_errors:
- return dict(form=delegate_new_form, delegate=kw,
+ self.restrict_post()
+ client = self.get_ipaclient()
+
+ if kw.get('submit', '').startswith('Cancel'):
+ turbogears.flash("Add delegation cancelled")
+ raise turbogears.redirect('/delegate/list')
+
+ tg_errors, kw = self.delegatevalidate(**kw)
+ if tg_errors:
+ return dict(form=delegate_form, delegate=kw,
tg_template='ipagui.templates.delegatenew')
try:
@@ -65,28 +71,90 @@ class DelegationController(IPAController
client.update_entry(aci_entry)
except ipaerror.IPAError, e:
turbogears.flash("Delgate add failed: " + str(e))
- return dict(form=delegate_new_form, delegate=kw,
+ return dict(form=delegate_form, delegate=kw,
tg_template='ipagui.templates.delegatenew')
turbogears.flash("delegate created")
raise turbogears.redirect('/delegate/list')
-#
-# @expose("ipagui.templates.delegateedit")
-# @identity.require(identity.not_anonymous())
-# def edit(self):
-# """Display delegate page"""
-# client = self.get_ipaclient()
-#
-# return dict(userfields=ipagui.forms.user.UserFields())
-#
-# @expose()
-# @identity.require(identity.not_anonymous())
-# def update(self, **kw):
-# """Display delegate page"""
-# client = self.get_ipaclient()
-#
-# turbogears.flash("delegate updated")
-# raise turbogears.redirect('/delegate/list')
+
+ @expose("ipagui.templates.delegateedit")
+ @identity.require(identity.not_anonymous())
+ def edit(self, acistr, tg_errors=None):
+ """Display delegate page"""
+ if tg_errors:
+ turbogears.flash("There was a problem with the form!")
+
+ client = self.get_ipaclient()
+
+ try:
+ aci_entry = client.get_aci_entry(aci_fields)
+ aci = ipa.aci.ACI(acistr)
+ group_dn_to_cn = self.extract_group_cns([aci], client)
+
+ delegate = aci.to_dict()
+ delegate['source_group_dn'] = delegate['source_group']
+ delegate['source_group_cn'] = group_dn_to_cn[delegate['source_group_dn']]
+ delegate['dest_group_dn'] = delegate['dest_group']
+ delegate['dest_group_cn'] = group_dn_to_cn[delegate['dest_group_dn']]
+
+ return dict(form=delegate_form, delegate=delegate)
+ except (SyntaxError, ipaerror.IPAError), e:
+ turbogears.flash("Delegation edit failed: " + str(e))
+ raise turbogears.redirect('/delegate/list')
+
+
+ @expose()
+ @identity.require(identity.not_anonymous())
+ def update(self, **kw):
+ """Display delegate page"""
+ self.restrict_post()
+ client = self.get_ipaclient()
+
+ if kw.get('submit', '').startswith('Cancel'):
+ turbogears.flash("Edit delegation cancelled")
+ raise turbogears.redirect('/delegate/list')
+
+ tg_errors, kw = self.delegatevalidate(**kw)
+ if tg_errors:
+ return dict(form=delegate_form, delegate=kw,
+ tg_template='ipagui.templates.delegatenew')
+
+ try:
+ aci_entry = client.get_aci_entry(aci_fields)
+
+ aci_str_list = aci_entry.getValues('aci')
+ if aci_str_list is None:
+ aci_str_list = []
+
+ try :
+ old_aci_index = aci_str_list.index(kw['orig_acistr'])
+ except ValueError:
+ turbogears.flash("Delegation update failed:<br />" +
+ "The delegation you were attempting to update has been " +
+ "concurrently modified. Please cancel the edit " +
+ "and try editing the delegation again.")
+ return dict(form=delegate_form, delegate=kw,
+ tg_template='ipagui.templates.delegateedit')
+
+ new_aci = ipa.aci.ACI()
+ new_aci.name = kw.get('name')
+ new_aci.source_group = kw.get('source_group_dn')
+ new_aci.dest_group = kw.get('dest_group_dn')
+ new_aci.attrs = kw.get('attrs')
+ new_aci_str = new_aci.export_to_string()
+
+ new_aci_str_list = copy.copy(aci_str_list)
+ new_aci_str_list[old_aci_index] = new_aci_str
+ aci_entry.setValue('aci', new_aci_str_list)
+
+ client.update_entry(aci_entry)
+
+ turbogears.flash("delegate updated")
+ raise turbogears.redirect('/delegate/list')
+ except (SyntaxError, ipaerror.IPAError), e:
+ turbogears.flash("Delegation update failed: " + str(e))
+ return dict(form=delegate_form, delegate=kw,
+ tg_template='ipagui.templates.delegateedit')
@expose("ipagui.templates.delegatelist")
@identity.require(identity.not_anonymous())
@@ -94,7 +162,12 @@ class DelegationController(IPAController
"""Display delegate page"""
client = self.get_ipaclient()
- aci_entry = client.get_aci_entry(aci_fields)
+ try:
+ aci_entry = client.get_aci_entry(aci_fields)
+ except ipaerror.IPAError, e:
+ turbogears.flash("Delegation list failed: " + str(e))
+ raise turbogears.redirect('/')
+
aci_str_list = aci_entry.getValues('aci')
if aci_str_list is None:
aci_str_list = []
@@ -135,9 +208,9 @@ class DelegationController(IPAController
which_group=kw.get('which_group'),
counter=groups_counter)
- @validate(form=delegate_new_form)
- @identity.require(identity.not_anonymous())
- def delegatecreatevalidate(self, tg_errors=None, **kw):
+ @validate(form=delegate_form)
+ @identity.require(identity.not_anonymous())
+ def delegatevalidate(self, tg_errors=None, **kw):
return tg_errors, kw
def extract_group_cns(self, aci_list, client):
diff -r 9a29344f0870 -r af0b0ac1b306 ipa-server/ipa-gui/ipagui/templates/delegateedit.kid
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/ipa-server/ipa-gui/ipagui/templates/delegateedit.kid Mon Oct 15 13:07:39 2007 -0700
@@ -0,0 +1,16 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"
+ py:extends="'delegatelayout.kid'">
+<head>
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type" py:replace="''"/>
+<title>Edit Delegation</title>
+</head>
+<body>
+
+ <h2>Edit Delegation</h2>
+
+ ${form.display(action=tg.url("/delegate/update"), value=delegate,
+ actionname='Edit')}
+
+</body>
+</html>
diff -r 9a29344f0870 -r af0b0ac1b306 ipa-server/ipa-gui/ipagui/templates/delegatelist.kid
--- a/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid Mon Oct 15 09:04:13 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/delegatelist.kid Mon Oct 15 13:07:39 2007 -0700
@@ -41,7 +41,13 @@
>${dest_cn}</a>
</td>
<td>
- <a href="${tg.url('/delegate/edit')}">edit</a> (TODO)<br />
+ <?python
+ # it's probably a bad idea to use a GET string here.
+ # orig_acistr may be quite long
+ # TODO - change to use a form/POST
+ #
+ ?>
+ <a href="${tg.url('/delegate/edit', acistr=aci.orig_acistr)}">edit</a><br />
</td>
</tr>
</tbody>
diff -r 9a29344f0870 -r af0b0ac1b306 ipa-server/ipa-gui/ipagui/templates/delegatenew.kid
--- a/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid Mon Oct 15 09:04:13 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/delegatenew.kid Mon Oct 15 13:07:39 2007 -0700
@@ -9,7 +9,8 @@
<h2>Add Delegation</h2>
- ${form.display(action=tg.url("/delegate/create"), value=delegate)}
+ ${form.display(action=tg.url("/delegate/create"), value=delegate,
+ actionname='Add')}
</body>
</html>
diff -r 9a29344f0870 -r af0b0ac1b306 ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid
--- a/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid Mon Oct 15 09:04:13 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/templates/delegatenewform.kid Mon Oct 15 13:07:39 2007 -0700
@@ -49,9 +49,15 @@
<table class="formtable" cellpadding="2" cellspacing="0" border="0">
<tr>
+ <th>
+ <input type="submit" class="submitbutton" name="submit"
+ value="${actionname} Delegation"/>
+ <br />
+ </th>
<td>
<input type="submit" class="submitbutton" name="submit"
- value="Add Delegation"/>
+ value="Cancel ${actionname}"/>
+ <br />
</td>
</tr>
</table>
@@ -143,12 +149,25 @@
<table class="formtable" cellpadding="2" cellspacing="0" border="0">
<tr>
+ <th>
+ <input type="submit" class="submitbutton" name="submit"
+ value="${actionname} Delegation"/>
+ </th>
<td>
<input type="submit" class="submitbutton" name="submit"
- value="Add Delegation"/>
+ value="Cancel ${actionname}"/>
</td>
</tr>
</table>
+ <script py:if="not value.get('source_group_dn')">
+ new Effect.Appear($('source_searcharea'), {duration: 0.25});
+ new Effect.Fade($('source_change_link'), {duration: 0.25});
+ </script>
+ <script py:if="not value.get('dest_group_dn')">
+ new Effect.Appear($('dest_searcharea'), {duration: 0.25});
+ new Effect.Fade($('dest_change_link'), {duration: 0.25});
+ </script>
+
</form>
</div>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4054 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071015/b7e9b052/attachment.bin>
More information about the Freeipa-devel
mailing list