From cb018009bb2bec2cd5ab61fe6b51e5ebe20ca5af Mon Sep 17 00:00:00 2001 From: Valentin Deniaud Date: Wed, 7 Jul 2021 16:11:27 +0200 Subject: [PATCH] ldap: record users ldap accounts (#51211) --- src/authentic2/backends/__init__.py | 6 ++--- src/authentic2/backends/apps.py | 26 +++++++++++++++++++ .../backends/manager_user_sidebar.html | 8 ++++++ src/authentic2/settings.py | 1 + tests/test_ldap.py | 24 +++++++++++++++++ 5 files changed, 61 insertions(+), 4 deletions(-) create mode 100644 src/authentic2/backends/apps.py create mode 100644 src/authentic2/backends/templates/authentic2/backends/manager_user_sidebar.html diff --git a/src/authentic2/backends/__init__.py b/src/authentic2/backends/__init__.py index cd1840c7..06f50d6e 100644 --- a/src/authentic2/backends/__init__.py +++ b/src/authentic2/backends/__init__.py @@ -18,6 +18,8 @@ from django.contrib.auth import get_user_model from authentic2 import app_settings +default_app_config = 'authentic2.backends.apps.AppConfig' + def get_user_queryset(): User = get_user_model() @@ -42,7 +44,3 @@ def is_user_authenticable(user): if not app_settings.A2_USER_FILTER and not app_settings.A2_USER_EXCLUDE: return True return get_user_queryset().filter(pk=user.pk).exists() - - -from .ldap_backend import LDAPBackend # noqa: F401 -from .models_backend import ModelBackend # noqa: F401 diff --git a/src/authentic2/backends/apps.py b/src/authentic2/backends/apps.py new file mode 100644 index 00000000..0d56434d --- /dev/null +++ b/src/authentic2/backends/apps.py @@ -0,0 +1,26 @@ +# authentic2 - versatile identity manager +# Copyright (C) 2010-2021 Entr'ouvert +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU Affero General Public License as published +# by the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +import django.apps +from django import template + + +class AppConfig(django.apps.AppConfig): + name = 'authentic2.backends' + + def a2_hook_manager_user_data(self, view, user): + context = {'user': user} + return [template.loader.get_template('authentic2/backends/manager_user_sidebar.html').render(context)] diff --git a/src/authentic2/backends/templates/authentic2/backends/manager_user_sidebar.html b/src/authentic2/backends/templates/authentic2/backends/manager_user_sidebar.html new file mode 100644 index 00000000..95f10304 --- /dev/null +++ b/src/authentic2/backends/templates/authentic2/backends/manager_user_sidebar.html @@ -0,0 +1,8 @@ +{% load i18n %} +{% for external_id in user.userexternalid_set.all %} +

+{% blocktrans trimmed with source=external_id.source created=external_id.created uid=external_id.external_id %} +Linked with LDAP server "{{ source }}" created on {{ created }} (external_id {{ uid }}). +{% endblocktrans %} +

+{% endfor %} diff --git a/src/authentic2/settings.py b/src/authentic2/settings.py index 732a7238..fbdb95ee 100644 --- a/src/authentic2/settings.py +++ b/src/authentic2/settings.py @@ -145,6 +145,7 @@ INSTALLED_APPS = ( 'authentic2.disco_service', 'authentic2.manager', 'authentic2.apps.journal', + 'authentic2.backends', 'authentic2', 'django_rbac', 'authentic2.a2_rbac', diff --git a/tests/test_ldap.py b/tests/test_ldap.py index b0cd812a..3d5116cc 100644 --- a/tests/test_ldap.py +++ b/tests/test_ldap.py @@ -1809,3 +1809,27 @@ def test_build_external_id(slapd, settings, client, db): assert backend.build_external_id(['uid'], {'uid': 'john.doe'}) == 'john.doe' assert backend.build_external_id(['uid'], {}) is None + + +def test_manager_user_sidebar(slapd, settings, client, db, app, superuser): + settings.LDAP_AUTH_SETTINGS = [ + { + 'url': [slapd.ldap_url], + 'basedn': 'o=ôrga', + 'use_tls': False, + } + ] + + # create users as a side effect + list(ldap_backend.LDAPBackend.get_users()) + user = User.objects.get(username='etienne.michu@ldap') + + utils.login(app, superuser, '/manage/') + resp = app.get('/manage/users/%s/' % user.pk) + assert 'LDAP' in resp.text + assert 'server "ldap"' in resp.text + assert 'external_id etienne.michu' in resp.text + + user.userexternalid_set.all().delete() + resp = app.get('/manage/users/%s/' % user.pk) + assert 'LDAP' not in resp.text -- 2.20.1