From 53630f980fcd414cbd70550d2db93c87cbc113c2 Mon Sep 17 00:00:00 2001 From: Andrew Williams Date: Thu, 25 Feb 2010 15:49:56 +0000 Subject: [PATCH] Various changes to several aspects of the model base. * Added SSOUser extension profile for auth * Now checks for Corp membership and executes required commands * Various small fixups --- settings.py | 4 +- sso/admin.py | 5 ++- sso/models.py | 68 ++++++++++++++++++++++++------ sso/services/__init__.py | 6 +-- sso/services/jabber/__init__.py | 8 ++-- sso/services/jabber/ejabberdctl.py | 9 ++-- sso/urls.py | 5 +++ sso/views.py | 16 +++++++ test.py | 2 +- urls.py | 3 +- 10 files changed, 95 insertions(+), 31 deletions(-) create mode 100644 sso/urls.py diff --git a/settings.py b/settings.py index d67feea..45a6095 100644 --- a/settings.py +++ b/settings.py @@ -78,12 +78,10 @@ INSTALLED_APPS = ( 'django.contrib.sessions', 'django.contrib.sites', 'registration', - 'eve_proxy', - 'eve_api', 'sso', ) -AUTH_PROFILE_MODULE = 'sso.UserProfile' +AUTH_PROFILE_MODULE = 'sso.SSOUser' ### Jabber Service Settings diff --git a/sso/admin.py b/sso/admin.py index bd62fe5..7d73fb5 100644 --- a/sso/admin.py +++ b/sso/admin.py @@ -2,6 +2,7 @@ Admin interface models. Automatically detected by admin.autodiscover(). """ from django.contrib import admin -from sso.models import * +from sso.models import Service, ServiceAccount -admin.site.register(sso.models.Service) +admin.site.register(Service) +admin.site.register(ServiceAccount) diff --git a/sso/models.py b/sso/models.py index a29e66c..b028025 100644 --- a/sso/models.py +++ b/sso/models.py @@ -1,40 +1,80 @@ from django.db import models from django.db.models import signals -from django.contrib.auth.models import User +from django.contrib.auth.models import User, UserManager -from sso.service import get_api +from services import get_api + +## Exceptions + +class CorporateOnlyService(Exception): + pass + +## Models + +class SSOUser(User): + """ Extended SSO User Profile options """ + + user = models.ForeignKey(User, unique=True, related_name='profile') + + default_service_passwd = models.CharField(max_length=200) + default_service_username = models.CharField(max_length=200) + + website = models.CharField(max_length=200) + aim = models.CharField(max_length=64) + msn = models.CharField(max_length=200) + icq = models.CharField(max_length=15) + xmpp = models.CharField(max_length=200) + + def __str__(self): + return self.user + + @staticmethod + def create_user_profile(sender, instance, created, **kwargs): + if created: + profile, created = SSOUser.objects.get_or_create(user=instance) + +signals.post_save.connect(SSOUser.create_user_profile, sender=User) class Service(models.Model): + name = models.CharField(max_length=200) url = models.CharField(max_length=200) active = models.BooleanField() api = models.CharField(max_length=200) + def __str__(self): + return "%s: %s" % (self.name, self.api) + class ServiceAccount(models.Model): - user = models.ForeignKey(User,blank=False) - service = models.ForeignKey(Service,blank=False) - username = models.CharField(max_length=200,blank=False) + user = models.ForeignKey(User, blank=False) + service = models.ForeignKey(Service, blank=False) + username = models.CharField(max_length=200, blank=False) + password = models.CharField(max_length=200, blank=False) active = models.BooleanField() + def __str__(self): + return "%s: %s (%s)" % (self.service.name, self.user.username, self.username) + def save(self): """ Override default save to setup accounts as needed """ - if not self.service: - raise DoesNotExist('No Service set on this account!') - - if not self.user: - raise DoesNotExist('No User set on this account!') - if not self.username: - self.username = self.user.name + self.username = self.user.username api = get_api(self.service.api) + if api.corp_only: + if not self.user.get_profile().corp_user: + raise CorporateOnlyService() + if self.active: if not api.check_user(self.username): api.add_user(self.username, self.password) else: if api.check_user(self.username): - api.del_user(self.username) + api.delete_user(self.username) + + if self.user.get_profile().corp_user: + api.set_corp(self.username) # All went OK, save to the DB return models.Model.save(self) @@ -43,6 +83,6 @@ class ServiceAccount(models.Model): def pre_delete_listener( **kwargs ): api = get_api(kwargs['instance'].service.api) if api.check_user(kwargs['instance'].username): - api.del_user(kwargs['instance'].username) + api.delete_user(kwargs['instance'].username) signals.pre_delete.connect(ServiceAccount.pre_delete_listener, sender=ServiceAccount) diff --git a/sso/services/__init__.py b/sso/services/__init__.py index d7c4fe7..0b3114f 100644 --- a/sso/services/__init__.py +++ b/sso/services/__init__.py @@ -1,11 +1,11 @@ def get_api(api): try: - mod = __import__(self.service.api) + mod = __import__(api) except ImportError: raise DoesNotExist('Error creating service') - for i in self.service.api.spit(".")[1:]: + for i in api.split(".")[1:]: mod = getattr(mod, i) return getattr(mod, mod.ServiceClass)() @@ -33,7 +33,7 @@ class BaseService(): """ Disable a user """ pass - def enable_user(self, username): + def enable_user(self, username, password): """ Enable a user """ pass diff --git a/sso/services/jabber/__init__.py b/sso/services/jabber/__init__.py index 8e6f421..b9c48d7 100644 --- a/sso/services/jabber/__init__.py +++ b/sso/services/jabber/__init__.py @@ -3,17 +3,19 @@ from sso.services.jabber.ejabberdctl import eJabberdCtl import settings class JabberService(BaseService): + + corp_only = True def __init__(self): self.ejctl = eJabberdCtl(sudo=settings.JABBER_SUDO) - def add_user(username, password): + def add_user(self, username, password): """ Add user to service """ return self.ejctl.register(username, settings.JABBER_SERVER, password) def set_corp(self, username): """ User is in corp, enable extra privs """ - return self.ejctl.srg_user_add(username, settings.JABBER_SERVER, settings.JABBER_GROUP) + pass def delete_user(self, username): """ Delete a user """ @@ -25,7 +27,7 @@ class JabberService(BaseService): def enable_user(self, username): """ Enable a user """ - + return self.ejctl.enable_user(settings.JABBER_SERVER, username, password) def check_user(self, username): """ Check if the username exists """ diff --git a/sso/services/jabber/ejabberdctl.py b/sso/services/jabber/ejabberdctl.py index f4f5469..e252f80 100644 --- a/sso/services/jabber/ejabberdctl.py +++ b/sso/services/jabber/ejabberdctl.py @@ -23,9 +23,12 @@ class eJabberdCtl(): args = [] args.extend(self.ejctl) - args.extend(shlex.split(commandline)) + args.extend(shlex.split(commandline.encode('ascii'))) - print args + # Convert all arguments to ascii first + #args = map(lambda x: x.encode('ascii'), args) + + print 'Executing: %s' % " ".join(args) try: proc = subprocess.Popen(args, stdout=subprocess.PIPE) @@ -61,7 +64,7 @@ class eJabberdCtl(): def register(self, user, server, password): """ Adds a user to a vhost """ - cmd = "register %s %s %s" % (user, server, password) + cmd = 'register %s %s %s' % (user, server, password) try: self._execute(cmd) diff --git a/sso/urls.py b/sso/urls.py new file mode 100644 index 0000000..024d13e --- /dev/null +++ b/sso/urls.py @@ -0,0 +1,5 @@ +from django.conf.urls.defaults import * + +urlpatterns = patterns('', + (r'^profile/' 'views.profile'), +) diff --git a/sso/views.py b/sso/views.py index 60f00ef..db5a0aa 100644 --- a/sso/views.py +++ b/sso/views.py @@ -1 +1,17 @@ # Create your views here. + + +def index(request): + pass + +def profile(request): + pass + +def service_add(request): + pass + +def service_del(request): + pass + + + diff --git a/test.py b/test.py index 19ede48..149338d 100644 --- a/test.py +++ b/test.py @@ -1,7 +1,7 @@ import os - os.environ['DJANGO_SETTINGS_MODULE'] = 'settings' +from sso.models import Service from sso.services.jabber import JabberService b = JabberService() diff --git a/urls.py b/urls.py index 059dff2..3468f76 100644 --- a/urls.py +++ b/urls.py @@ -5,7 +5,6 @@ from django.contrib import admin admin.autodiscover() urlpatterns = patterns('', - #(r'^login/', include('django.contrib.auth.views.login')), - (r'^admin/', include(admin.site.urls)), + (r'^sso/', include('sso.urls')), )