diff --git a/ldapcherry/__init__.py b/ldapcherry/__init__.py index 035ed78..4cbae86 100644 --- a/ldapcherry/__init__.py +++ b/ldapcherry/__init__.py @@ -10,6 +10,7 @@ import sys import re import traceback +import json import logging import logging.handlers from operator import itemgetter @@ -463,14 +464,26 @@ @cherrypy.expose def delete(self, **params): """ remove user page """ - self._check_auth(must_admin=True, is_admin=is_admin) + self._check_auth(must_admin=True) is_admin = self._check_admin() pass @cherrypy.expose + def graph(self, **params): + """ remove user page """ + self._check_auth(must_admin=True) + is_admin = self._check_admin() + graph={} + for r in self.roles.graph: + s = list(self.roles.graph[r]['sub_roles']) + p = list(self.roles.graph[r]['parent_roles']) + graph[r] = { 'sub_roles': s, 'parent_roles': p} + return json.dumps(graph, separators=(',',':')) + + @cherrypy.expose def modify(self, **params): """ modify user page """ - self._check_auth(must_admin=True, is_admin=is_admin) + self._check_auth(must_admin=True) is_admin = self._check_admin() pass diff --git a/tests/cfg/nested.yml b/tests/cfg/nested.yml index c3af93f..1fdde7a 100644 --- a/tests/cfg/nested.yml +++ b/tests/cfg/nested.yml @@ -3,6 +3,7 @@ ad: [Domain Users] ldap: ['cn=users,ou=group,dc=example,dc=com'] display_name: Simple Users + description: description subroles: admin-lv2: LC_admins: true @@ -10,6 +11,7 @@ ad: [Domain Users] ldap: ['cn=nagios admins,ou=group,dc=example,dc=com'] display_name: Administrators Level 2 + description: description subroles: admin-lv3: backends_groups: @@ -17,10 +19,12 @@ ldap: ['cn=dns admins,ou=group,dc=example,dc=com', 'cn=nagios admins,ou=group,dc=example,dc=com', 'cn=puppet admins,ou=group,dc=example,dc=com',] display_name: Administrators Level 3 + description: description subroles: {} developpers: backends_groups: ad: [Domain Users] ldap: ['cn=developpers,ou=group,dc=example,dc=com'] display_name: Developpers + description: description subroles: {} diff --git a/tests/cfg/roles.yml b/tests/cfg/roles.yml index c3bafe4..72bc47c 100644 --- a/tests/cfg/roles.yml +++ b/tests/cfg/roles.yml @@ -1,5 +1,6 @@ admin-lv3: display_name: Administrators Level 3 + description: description backends_groups: ldap: - cn=dns admins,ou=group,dc=example,dc=com @@ -13,6 +14,7 @@ admin-lv2: display_name: Administrators Level 2 + description: description LC_admins: True backends_groups: ldap: @@ -23,6 +25,7 @@ developpers: display_name: Developpers + description: description backends_groups: ldap: - cn=developpers,ou=group,dc=example,dc=com @@ -32,6 +35,7 @@ users: display_name: Simple Users + description: description backends_groups: ldap: - cn=users,ou=group,dc=example,dc=com diff --git a/tests/cfg/roles_content_dup.yml b/tests/cfg/roles_content_dup.yml index 1b802de..73c422d 100644 --- a/tests/cfg/roles_content_dup.yml +++ b/tests/cfg/roles_content_dup.yml @@ -1,6 +1,7 @@ admin -lv3: display_name: Administrators Level 3 LC_admins: True + description: description backends_groups: ldap: - cn=dns admins,ou=group,dc=example,dc=com @@ -14,6 +15,7 @@ admin -lv2: display_name: Administrators Level 2 + description: description backends_groups: ldap: - cn=nagios admins,ou=group,dc=example,dc=com @@ -23,6 +25,7 @@ developpers: display_name: Developpers + description: description backends_groups: ldap: - cn=developpers,ou=group,dc=example,dc=com @@ -32,6 +35,7 @@ users: display_name: Simple Users + description: description backends_groups: ldap: - cn=users,ou=group,dc=example,dc=com @@ -40,6 +44,7 @@ users2: display_name: Simple Users 2 + description: description backends_groups: ldap: - cn=users,ou=group,dc=example,dc=com diff --git a/tests/cfg/roles_key_dup.yml b/tests/cfg/roles_key_dup.yml index b40e865..b3aaec1 100644 --- a/tests/cfg/roles_key_dup.yml +++ b/tests/cfg/roles_key_dup.yml @@ -1,5 +1,6 @@ admin -lv3: display_name: Administrators Level 3 + description: description LC_admins: True backends_groups: ldap: @@ -14,6 +15,7 @@ admin -lv3: display_name: Administrators Level 2 + description: description backends_groups: ldap: - cn=nagios admins,ou=group,dc=example,dc=com @@ -23,6 +25,7 @@ developpers: display_name: Developpers + description: description backends_groups: ldap: - cn=developpers,ou=group,dc=example,dc=com @@ -32,6 +35,7 @@ users: display_name: Simple Users + description: description backends_groups: ldap: - cn=users,ou=group,dc=example,dc=com diff --git a/tests/cfg/roles_missing_backends.yml b/tests/cfg/roles_missing_backends.yml index d5d593c..c13f5b0 100644 --- a/tests/cfg/roles_missing_backends.yml +++ b/tests/cfg/roles_missing_backends.yml @@ -1,5 +1,6 @@ admin-lv3: display_name: Administrators Level 3 + description: description LC_admins: True backends_groups: ldap: @@ -14,9 +15,11 @@ admin-lv2: display_name: Administrators Level 2 + description: description developpers: display_name: Developpers + description: description backends_groups: ldap: - cn=developpers,ou=group,dc=example,dc=com @@ -26,6 +29,7 @@ users: display_name: Simple Users + description: description backends_groups: ldap: - cn=users,ou=group,dc=example,dc=com diff --git a/tests/cfg/roles_missing_diplay_name.yml b/tests/cfg/roles_missing_diplay_name.yml index 27392a1..435fd7f 100644 --- a/tests/cfg/roles_missing_diplay_name.yml +++ b/tests/cfg/roles_missing_diplay_name.yml @@ -1,6 +1,7 @@ admin-lv3: display_name: Administrators Level 3 LC_admins: True + description: description backends_groups: ldap: - cn=dns admins,ou=group,dc=example,dc=com @@ -13,6 +14,7 @@ - Domain Controllers admin-lv2: + description: description backends_groups: ldap: - cn=nagios admins,ou=group,dc=example,dc=com @@ -22,6 +24,7 @@ developpers: display_name: Developpers + description: description backends_groups: ldap: - cn=developpers,ou=group,dc=example,dc=com @@ -31,6 +34,7 @@ users: display_name: Simple Users + description: description backends_groups: ldap: - cn=users,ou=group,dc=example,dc=com diff --git a/tests/test_Roles.py b/tests/test_Roles.py index 89a5240..043551b 100644 --- a/tests/test_Roles.py +++ b/tests/test_Roles.py @@ -78,7 +78,7 @@ def testNested(self): inv = Roles('./tests/cfg/nested.yml') - expected = {'developpers': {'backends_groups': {'ad': ['Domain Users'], 'ldap': ['cn=developpers,ou=group,dc=example,dc=com', 'cn=users,ou=group,dc=example,dc=com']}, 'display_name': 'Developpers'}, 'admin-lv3': {'backends_groups': {'ad': ['Domain Users', 'Administrators', 'Domain Controllers'], 'ldap': ['cn=nagios admins,ou=group,dc=example,dc=com', 'cn=users,ou=group,dc=example,dc=com', 'cn=puppet admins,ou=group,dc=example,dc=com', 'cn=dns admins,ou=group,dc=example,dc=com']}, 'display_name': 'Administrators Level 3'}, 'admin-lv2': {'backends_groups': {'ad': ['Domain Users'], 'ldap': ['cn=nagios admins,ou=group,dc=example,dc=com', 'cn=users,ou=group,dc=example,dc=com']}, 'display_name': 'Administrators Level 2', 'LC_admins': True}, 'users': {'backends_groups': {'ad': ['Domain Users'], 'ldap': ['cn=users,ou=group,dc=example,dc=com']}, 'display_name': 'Simple Users'}} + expected = {'developpers': {'backends_groups': {'ad': ['Domain Users'], 'ldap': ['cn=developpers,ou=group,dc=example,dc=com', 'cn=users,ou=group,dc=example,dc=com']}, 'display_name': 'Developpers', 'description': 'description'}, 'admin-lv3': {'backends_groups': {'ad': ['Domain Users', 'Administrators', 'Domain Controllers'], 'ldap': ['cn=nagios admins,ou=group,dc=example,dc=com', 'cn=users,ou=group,dc=example,dc=com', 'cn=puppet admins,ou=group,dc=example,dc=com', 'cn=dns admins,ou=group,dc=example,dc=com']}, 'display_name': 'Administrators Level 3', 'description': 'description'}, 'admin-lv2': {'backends_groups': {'ad': ['Domain Users'], 'ldap': ['cn=nagios admins,ou=group,dc=example,dc=com', 'cn=users,ou=group,dc=example,dc=com']}, 'display_name': 'Administrators Level 2', 'description': 'description', 'LC_admins': True}, 'users': {'backends_groups': {'ad': ['Domain Users'], 'ldap': ['cn=users,ou=group,dc=example,dc=com']}, 'display_name': 'Simple Users', 'description': 'description'}} assert expected == inv.flatten def testGetGroupMissingRole(self):