allow to select the primary group for a new user

2020-09-11 10:58:10 +02:00 · 2020-09-11 10:58:10 +02:00 · 404fc51fd6
parent 70af9f56dd
commit 404fc51fd6
3 changed files with 18 additions and 5 deletions
--- a/config.cfg.example
+++ b/config.cfg.example
@ -19,10 +19,10 @@ USER_ATTRS = {
 	'sn' : '{sn}',
 	'uid' : '{user}',
 	'uidNumber' : '{uid}',
-	'gidNumber' : '1000'
+	'gidNumber' : '{gid}'
 }
-GROUP_DN = 'cn=user,ou=groups,dc=example,dc=com'
+GROUP_FILTER = "(objectClass=posixGroup)"
 REDIS_HOST = "127.0.0.1"
 REDIS_PASSWD = "foobared"
--- a/dss.py
+++ b/dss.py
@ -9,7 +9,7 @@ from flask import Flask, render_template, redirect, url_for, session
 from flask_wtf import FlaskForm
 from passlib.hash import ldap_salted_sha1
 from redis import Redis
-from wtforms.fields import IntegerField, PasswordField, StringField, SubmitField
+from wtforms.fields import IntegerField, PasswordField, StringField, SelectField, SubmitField
 from wtforms.validators import EqualTo, DataRequired
 app = Flask(__name__)
@ -32,6 +32,7 @@ class CreateForm(FlaskForm):
    sn = StringField('Family Name', validators=[DataRequired()])
    pwd1 = PasswordField('Password', validators=[DataRequired()])
    pwd2 = PasswordField('Password (repeat)', validators=[DataRequired(), EqualTo('pwd1', "Passwords must match")])
    group_pri = SelectField('Primary group', validators=[DataRequired()])
    submit = SubmitField('Submit')
@ -73,6 +74,14 @@ def build_nav():
    return nav
 def get_groups():
    ldap_connection = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1'))
    ldap_connection.simple_bind_s(rdb.hget(session['uuid'], 'user'), rdb.hget(session['uuid'], 'pswd'))
    sr = ldap_connection.search_s(app.config.get('LDAP_BASE'), ldap.SCOPE_SUBTREE, app.config.get('GROUP_FILTER'), ['cn', 'gidNumber'])
    groups = {attr['cn'][0].decode(errors='ignore'): {'gidNumber': attr['gidNumber'][0].decode(errors='ignore'), 'dn': dn} for dn, attr in sr}
    return groups
@app.route('/')
 def index():
    return render_template('index.html', nav=build_nav())
@ -88,6 +97,8 @@ def create():
                               nav=build_nav())
    form = CreateForm()
    groups = get_groups()
    form.group_pri.choices = [(group, group) for group in groups.keys()]
    if form.validate_on_submit():
        ldap_connection = ldap.initialize(app.config.get('LDAP_URI', 'ldaps://127.0.0.1'))
@ -98,7 +109,8 @@ def create():
                'uid': form.uid.data,
                'gn': form.gn.data,
                'sn': form.sn.data,
-                'pass': make_secret(form.pwd1.data)
+                'pass': make_secret(form.pwd1.data),
                'gid': groups[form.group_pri.data]['gidNumber']
            }
            # add user
@ -114,7 +126,7 @@ def create():
            ldap_connection.add_s(user_dn, ldap.modlist.addModlist(attrs))
            # add user to group
-            group_dn = app.config.get('GROUP_DN').format(**user_data)
+            group_dn = groups[form.group_pri.data]['dn']
            ldap_connection.modify_s(group_dn, [(ldap.MOD_ADD, 'memberUid', str(form.user.data).encode())])
        except ldap.LDAPError as err:
--- a/templates/create.html
+++ b/templates/create.html
@ -12,6 +12,7 @@
        {{ render_field(form.gn) }}
        {{ render_field(form.pwd1) }}
        {{ render_field(form.pwd2) }}
        {{ render_field(form.group_pri) }}
        {{ render_button(form.submit) }}
      </form>
 {% endblock %}