Logo Search packages:      
Sourcecode: zope-ldapuserfolder version File versions

def LDAPUserFolder::LDAPUserSatellite::LDAPUserSatellite::manage_editUserRoles (   self,
  user_dn,
  role_dns = [],
  REQUEST = None 
)

Edit the roles (groups) of a user 

Definition at line 375 of file LDAPUserSatellite.py.

00375                                                                       :
        """ Edit the roles (groups) of a user """
        all_groups = self.getGroups(attr='dn')
        cur_groups = self.getGroups(dn=user_dn, attr='dn')
        operations = []
        luf = self.getLUF()

        user = self.getUserByDN(user_dn)
        if user is None:
            return

        for role_dn in role_dns:
            if role_dn not in all_groups:
                newgroup_type = 'groupOfUniqueNames'
                newgroup_member = GROUP_MEMBER_MAP.get(newgroup_type)
                newgroup_name = explode_dn(role_dn, 1)[0]
                connection = luf._connect()
                attr_list = [ ('objectClass', ['top', newgroup_type])
                            , ('cn', newgroup_name)
                            , (newgroup_member, [user_dn, luf._binduid])
                            ]
                connection.add_s(role_dn, attr_list)


        for group in all_groups:
            if group in cur_groups and group not in role_dns:
                operations.append({ 'op'     : DELETE
                                  , 'target' : group
                                  , 'type'   : luf.getGroupType(group)
                                  } )
            elif group in role_dns and group not in cur_groups:
                operations.append({ 'op'     : ADD
                                  , 'target' : group
                                  , 'type'   : luf.getGroupType(group)
                                  } )

        if operations:
            connection = luf._connect()

            for to_do in operations:
                mod_list = ( ( to_do['op']
                             , GROUP_MEMBER_MAP.get(to_do['type'])
                             , user_dn
                             ), )
                try:
                    connection.modify_s(to_do['target'], mod_list)
                except Exception, e:
                    msg = str(e)

            msg = 'Roles changed for %s' % (user_dn)
        else:
            msg = 'No roles changed for %s' % (user_dn)

        user_obj = self.getUserByDN(user_dn)
        if user_obj is not None:
            self._expireUser(user_obj)

        if REQUEST:
            return self.manage_userrecords( manage_tabs_message=msg
                                          , user_dn=user_dn
                                          )


    security.declareProtected(manage_users, '_expireUser')
    def _expireUser(self, user_obj):


Generated by  Doxygen 1.6.0   Back to index