Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
ssoauth
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Deploy
Releases
Container registry
Model registry
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
django
ssoauth
Commits
ad614958
Commit
ad614958
authored
7 years ago
by
Art
Browse files
Options
Downloads
Patches
Plain Diff
Move setup_groups to its own management command, rename GROUPS to PREDEFINED_GROUPS
parent
8ec9f3fd
No related branches found
No related tags found
No related merge requests found
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
ssoauth/app_settings/defaults.py
+10
-8
10 additions, 8 deletions
ssoauth/app_settings/defaults.py
ssoauth/apps.py
+3
-4
3 additions, 4 deletions
ssoauth/apps.py
ssoauth/management/commands/create_custsom_groups.py
+17
-3
17 additions, 3 deletions
ssoauth/management/commands/create_custsom_groups.py
with
30 additions
and
15 deletions
ssoauth/app_settings/defaults.py
+
10
−
8
View file @
ad614958
...
...
@@ -34,21 +34,23 @@ SP_SLS_X_FRAME_OPTIONS = None # in case you encounter problems with SLS view no
GROUPS_SAML_ATTRIBUTE
=
"
IDMGroups
"
# this SAML attribute is expected to contain list of groups for a user
GROUP_RESOLVER
=
"
ssoauth.auth_utils.groups_from_saml2_dn_list
"
# in case you want to override how groups are resolved for users
GROUPS
=
getattr
(
django_settings
,
"
LOCAL
_GROUPS
"
,
{
PREDEFINED
_GROUPS
=
{
# Predefined groups and the corresponding permissions are here.
# Both groups and permissions are created/updated automatically after applying migrations.
# First, permissions are created:
# - django.contrib.auth is responsible for handling vanilla permissions (mostly model permissions).
# - All other explicitly assigned to groups permissions are automatically created.
# Second, groups are created and/or updated
# Second, groups are created and/or updated
.
#
# !IMPORTANT! Group naming:
# - Check the current conventions and/or ask somebody who knows better.
# - At the moment of rewriting this functionality:
# - Give your local groups the same name as the AuthGroup they will be mapped to, e.g. your local group
# for students will be named IDM_Studierende
# - While there is no naming convention for unmapped groups, be kind and keep it sane
})
# Give your local groups the same name as the AuthGroup they will be mapped to
# (e.g. your local group for students will be named IDM_Studierende)
#
# Example:
# {"IDM_Studierende": ["perm_codename", "another_perm_codename"]}
}
"""
Settings you might want to change on development (don
'
t change them for production):
"""
...
...
This diff is collapsed.
Click to expand it.
ssoauth/apps.py
+
3
−
4
View file @
ad614958
...
...
@@ -2,11 +2,9 @@ from django.apps import AppConfig
from
django.contrib.auth.management
import
create_permissions
from
django.core
import
management
from
django.db.models.signals
import
post_migrate
from
.
import
app_settings
from
.
import
logger
from
.
import
sso_utils
from
.setup_groups
import
setup_groups
class
SSOAuthConfig
(
AppConfig
):
...
...
@@ -28,7 +26,8 @@ class SSOAuthConfig(AppConfig):
@staticmethod
def
post_migrate_callback
(
*
args
,
**
kwargs
):
# compatibility groups and permissions
management
.
call_command
(
"
create_compat_groups
"
)
# predefined groups and permissions
create_permissions
(
*
args
,
**
kwargs
)
# calling create_permissions() before using the permissions
logger
.
debug
(
"
Setting up custom permissions and groups.
"
)
setup_groups
()
management
.
call_command
(
"
create_custom_groups
"
)
This diff is collapsed.
Click to expand it.
ssoauth/
setup
_groups.py
→
ssoauth/
management/commands/create_custsom
_groups.py
+
17
−
3
View file @
ad614958
from
django.core.management.base
import
BaseCommand
,
CommandError
from
django.apps
import
apps
from
django.contrib.auth
import
get_user_model
from
.
import
app_settings
from
.
import
logger
from
.
..
import
app_settings
from
.
..
import
logger
def
setup_groups
():
...
...
@@ -15,7 +16,7 @@ def setup_groups():
ContentType
=
apps
.
get_model
(
"
contenttypes
"
,
"
ContentType
"
)
Permission
=
apps
.
get_model
(
"
auth
"
,
"
Permission
"
)
for
group_name
,
permission_names
in
app_settings
.
GROUPS
.
items
():
for
group_name
,
permission_names
in
app_settings
.
PREDEFINED_
GROUPS
.
items
():
group
,
created
=
Group
.
objects
.
get_or_create
(
name
=
group_name
)
if
created
:
logger
.
info
(
"
Created group
\"
{}
\"
"
.
format
(
group_name
))
...
...
@@ -30,3 +31,16 @@ def setup_groups():
if
perm
not
in
group
.
permissions
.
all
():
group
.
permissions
.
add
(
perm
)
logger
.
info
(
"
Added permission
\"
{}
\"
to group
\"
{}
\"
"
.
format
(
perm_name
,
group_name
))
class
Command
(
BaseCommand
):
help
=
"
Creates groups and permissions, predefined by user in project settings.
"
requires_migrations_checks
=
True
requires_system_checks
=
True
def
handle
(
self
,
*
args
,
**
options
):
try
:
setup_groups
()
except
Exception
as
e
:
raise
CommandError
(
"
Could not ensure that compatibility groups and permissions exist. {0}
"
.
format
(
str
(
e
)))
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment