summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJens Vagelpohl <jens@netz.ooo>2002-07-19 11:59:32 +0000
committerJens Vagelpohl <jens@netz.ooo>2002-07-19 11:59:32 +0000
commit3c90ef9964b435386d9129bad9205e1199aed0bf (patch)
treec6d8ed41b39a2d1a8d3febbf576e6ef70ee4b03b
parentacc66377ddd9ac574db80c0cc8b715dd5759810f (diff)
downloadLDAPRoleExtender-3c90ef9964b435386d9129bad9205e1199aed0bf.zip
LDAPRoleExtender-3c90ef9964b435386d9129bad9205e1199aed0bf.tar.gz
- bugfixes
- if roles for a user are being edited and the passed-in role does not exists, create a group record instead of failing.
-rw-r--r--CHANGES.txt4
-rw-r--r--LDAPRoleExtender.py29
2 files changed, 29 insertions, 4 deletions
diff --git a/CHANGES.txt b/CHANGES.txt
index 48a5369..3fac49d 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -2,6 +2,10 @@ CHANGES.txt for the LDAPRoleExtender
This file contains change information for the LDAPRoleExtender product.
+ 0.5
+
+ First public release
+
0.1
diff --git a/LDAPRoleExtender.py b/LDAPRoleExtender.py
index d3da78d..3e5a734 100644
--- a/LDAPRoleExtender.py
+++ b/LDAPRoleExtender.py
@@ -18,7 +18,7 @@ from AccessControl.Permissions import view_management_screens, manage_users
from AccessControl.SpecialUsers import emergency_user
from OFS.SimpleItem import SimpleItem
from Products.LDAPUserFolder.LDAPUser import LDAPUser
-from Products.LDAPUserFolder.utils import GROUP_MEMBER_MAP
+from Products.LDAPUserFolder.utils import GROUP_MEMBER_MAP, _formatException
_marker = []
@@ -345,8 +345,12 @@ class LDAPRoleExtender( SimpleItem ):
""" Make a user object from a DN """
luf = self.getLUF()
raw_user = luf.getUserByDN( user_dn )
- extended_user = self._extendRoles( raw_user )
- self._cacheUser( extended_user.getUserName(), extended_user )
+
+ if raw_user is not None:
+ extended_user = self._extendRoles( raw_user )
+ self._cacheUser( extended_user.getUserName(), extended_user )
+ else:
+ extended_user = None
return extended_user
@@ -463,6 +467,23 @@ class LDAPRoleExtender( SimpleItem ):
operations = []
luf = self.getLUF()
+ user = self.getUserByDN(user_dn)
+ if user is None:
+ return
+
+ for role_dn in role_dns:
+ if role_dn not in all_groups:
+ newgroup_type = 'groupOfUniqueNames'
+ newgroup_member = GROUP_MEMBER_MAP.get(newgroup_type)
+ newgroup_name = ldap.explode_dn(role_dn, 1)[0]
+ connection = luf._connect()
+ attr_list = [ ('objectClass', ['top', newgroup_type])
+ , ('cn', newgroup_name)
+ , (newgroup_member, [user_dn, luf._binduid])
+ ]
+ connection.add_s(role_dn, attr_list)
+
+
for group in all_groups:
if group in cur_groups and group not in role_dns:
operations.append({ 'op' : ldap.MOD_DELETE
@@ -486,7 +507,7 @@ class LDAPRoleExtender( SimpleItem ):
try:
connection.modify_s( to_do['target'], mod_list )
except Exception, e:
- msg = luf._formatException( self, e )
+ msg = _formatException( self, e )
msg = 'Roles changed for %s' % ( user_dn )
else: