Commit 609a23fa authored by Valentin Samir's avatar Valentin Samir

[login, cas_login] Factorisation du code des fonction refresh_fields et refresh_droits

parent 4b741d88
......@@ -27,6 +27,7 @@ from django.utils.importlib import import_module
from django_cas.backends import CASBackend, _verify
from django_cas.models import User
import login
conn_pool = import_module('conn_pool', 'intranet')
class CransCASBackend(CASBackend):
......@@ -62,8 +63,8 @@ class CransCASBackend(CASBackend):
except ldap.INVALID_CREDENTIALS:
return None
self.refresh_droits(user, ldap_user)
self.refresh_fields(user, ldap_user)
login.refresh_droits(user, ldap_user)
login.refresh_fields(user, ldap_user)
return user
def refresh_droits(self, user, cl_user):
......
......@@ -33,6 +33,45 @@ import lc_ldap.shortcuts
conn_pool = import_module('conn_pool', 'intranet')
def refresh_droits(user, cl_user):
"""Rafraîchit les droits de l'utilisateur django `user' depuis
l'utilisateur LDAP `cl_user'"""
cl_droits = [x.value for x in cl_user.get('droits', [])]
if u"Nounou" in cl_droits:
user.is_staff = True
user.is_superuser = True
else:
user.is_staff = False
user.is_superuser = False
groups = []
for cl_droit in cl_droits:
group, created = Group.objects.get_or_create(name="crans_%s" % cl_droit.lower())
group.save()
groups.append(group)
if cl_user.paiement_ok():
group, created = Group.objects.get_or_create(name="crans_paiement_ok")
group.save()
groups.append(group)
user.groups = [ group for group in user.groups.all() if not group.name.startswith('crans_') ]
user.groups.add(*groups)
user.save()
def refresh_fields(user, cl_user):
"""Rafraîchit les champs correspondants à l'utilisateur (nom,
prénom, email)"""
user.first_name = unicode(cl_user['prenom'][0])
user.last_name = unicode(cl_user['nom'][0])
mail = unicode(cl_user['mail'][0])
if '@' not in mail: # Ne devrait pas arriver (pour migration)
mail += u'@crans.org'
user.email = mail
user.save()
class LDAPUserBackend(ModelBackend):
"""Authentifie un utilisateur à l'aide de la base LDAP"""
......@@ -62,44 +101,10 @@ class LDAPUserBackend(ModelBackend):
user = User(username=django_username, password="LDAP Backend User!")
user.save()
conn_pool.CONNS[django_username] = conn
self.refresh_droits(user, ldap_user)
self.refresh_fields(user, ldap_user)
refresh_droits(user, ldap_user)
refresh_fields(user, ldap_user)
return user
def refresh_droits(self, user, cl_user):
"""Rafraîchit les droits de l'utilisateur django `user' depuis
l'utilisateur LDAP `cl_user'"""
cl_droits = [x.value for x in cl_user['droits']]
if u"Nounou" in cl_droits:
user.is_staff = True
user.is_superuser = True
else:
user.is_staff = False
user.is_superuser = False
groups = []
for cl_droit in cl_droits:
group, created = Group.objects.get_or_create(name="crans_%s" % cl_droit.lower())
group.save()
groups.append(group)
user.groups.add(*groups)
user.save()
def refresh_fields(self, user, cl_user):
"""Rafraîchit les champs correspondants à l'utilisateur (nom,
prénom, email)"""
user.first_name = unicode(cl_user['prenom'][0])
user.last_name = unicode(cl_user['nom'][0])
mail = unicode(cl_user['mail'][0])
if '@' not in mail: # Ne devrait pas arriver (pour migration)
mail += u'@crans.org'
user.email = mail
user.save()
def get_user(self, uid):
"""Récupère l'objet django correspondant à l'uid"""
try:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment