diff --git a/passbook/ldap/forms.py b/passbook/ldap/forms.py
index b16658886..c663a1c00 100644
--- a/passbook/ldap/forms.py
+++ b/passbook/ldap/forms.py
@@ -5,7 +5,8 @@ from django.contrib.admin.widgets import FilteredSelectMultiple
from django.utils.translation import gettext_lazy as _
from passbook.admin.forms.source import SOURCE_FORM_FIELDS
-from passbook.ldap.models import LDAPSource
+from passbook.core.forms.policies import GENERAL_FIELDS
+from passbook.ldap.models import LDAPGroupMembershipPolicy, LDAPSource
class LDAPSourceForm(forms.ModelForm):
@@ -32,58 +33,18 @@ class LDAPSourceForm(forms.ModelForm):
'base_dn': _('Base DN'),
}
-# class GeneralSettingsForm(SettingsForm):
-# """general settings form"""
-# MODE_AUTHENTICATION_BACKEND = 'auth_backend'
-# MODE_CREATE_USERS = 'create_users'
-# MODE_CHOICES = (
-# (MODE_AUTHENTICATION_BACKEND, _('Authentication Backend')),
-# (MODE_CREATE_USERS, _('Create Users'))
-# )
-# namespace = 'passbook.ldap'
-# settings = ['enabled', 'mode']
+class LDAPGroupMembershipPolicyForm(forms.ModelForm):
+ """LDAPGroupMembershipPolicy Form"""
-# widgets = {
-# 'enabled': forms.BooleanField(required=False),
-# 'mode': forms.ChoiceField(widget=forms.RadioSelect, choices=MODE_CHOICES),
-# }
+ class Meta:
-
-# class ConnectionSettings(SettingsForm):
-# """Connection settings form"""
-
-# namespace = 'passbook.ldap'
-# settings = ['server', 'server:tls', 'bind:user', 'bind:password', 'domain']
-
-# attrs_map = {
-# 'server': {'placeholder': 'dc1.corp.exmaple.com'},
-# 'bind:user': {'placeholder': 'Administrator'},
-# 'domain': {'placeholder': 'corp.example.com'},
-# }
-
-# widgets = {
-# 'server:tls': forms.BooleanField(required=False, label=_('Server TLS')),
-# }
-
-
-# class AuthenticationBackendSettings(SettingsForm):
-# """Authentication backend settings"""
-
-# namespace = 'passbook.ldap'
-# settings = ['base']
-
-# attrs_map = {
-# 'base': {'placeholder': 'DN in which to search for users'},
-# }
-
-
-# class CreateUsersSettings(SettingsForm):
-# """Create users settings"""
-
-# namespace = 'passbook.ldap'
-# settings = ['create_base']
-
-# attrs_map = {
-# 'create_base': {'placeholder': 'DN in which to create users'},
-# }
+ model = LDAPGroupMembershipPolicy
+ fields = GENERAL_FIELDS + ['dn', ]
+ widgets = {
+ 'name': forms.TextInput(),
+ 'dn': forms.TextInput(),
+ }
+ labels = {
+ 'dn': _('DN')
+ }
diff --git a/passbook/ldap/migrations/0002_ldapgroupmembershippolicy.py b/passbook/ldap/migrations/0002_ldapgroupmembershippolicy.py
new file mode 100644
index 000000000..a7f2bed7e
--- /dev/null
+++ b/passbook/ldap/migrations/0002_ldapgroupmembershippolicy.py
@@ -0,0 +1,28 @@
+# Generated by Django 2.1.7 on 2019-03-10 18:38
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('passbook_core', '0020_groupmembershippolicy'),
+ ('passbook_ldap', '0001_initial'),
+ ]
+
+ operations = [
+ migrations.CreateModel(
+ name='LDAPGroupMembershipPolicy',
+ fields=[
+ ('policy_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Policy')),
+ ('dn', models.TextField()),
+ ('source', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='passbook_ldap.LDAPSource')),
+ ],
+ options={
+ 'verbose_name': 'LDAP Group Membership Policy',
+ 'verbose_name_plural': 'LDAP Group Membership Policys',
+ },
+ bases=('passbook_core.policy',),
+ ),
+ ]
diff --git a/passbook/ldap/models.py b/passbook/ldap/models.py
index 6d112cfc7..190da2ebe 100644
--- a/passbook/ldap/models.py
+++ b/passbook/ldap/models.py
@@ -3,7 +3,7 @@
from django.db import models
from django.utils.translation import gettext as _
-from passbook.core.models import Source
+from passbook.core.models import Policy, Source, User
class LDAPSource(Source):
@@ -37,30 +37,19 @@ class LDAPSource(Source):
verbose_name = _('LDAP Source')
verbose_name_plural = _('LDAP Sources')
+class LDAPGroupMembershipPolicy(Policy):
+ """Policy to check if a user is in a certain LDAP Group"""
-# class LDAPModification(UUIDModel, CreatedUpdatedModel):
-# """Store LDAP Data in DB if LDAP Server is unavailable"""
-# ACTION_ADD = 'ADD'
-# ACTION_MODIFY = 'MODIFY'
+ dn = models.TextField()
+ source = models.ForeignKey('LDAPSource', on_delete=models.CASCADE)
-# ACTIONS = (
-# (ACTION_ADD, 'ADD'),
-# (ACTION_MODIFY, 'MODIFY'),
-# )
+ form = 'passbook.ldap.forms.LDAPGroupMembershipPolicyForm'
-# dn = models.CharField(max_length=255)
-# action = models.CharField(max_length=17, choices=ACTIONS, default=ACTION_MODIFY)
-# data = JSONField()
+ def passes(self, user: User):
+ """Check if user instance passes this policy"""
+ raise NotImplementedError()
-# def __str__(self):
-# return "LDAPModification %d from %s" % (self.pk, self.created)
+ class Meta:
-
-# class LDAPGroupMapping(UUIDModel, CreatedUpdatedModel):
-# """Model to map an LDAP Group to a passbook group"""
-
-# ldap_dn = models.TextField()
-# group = models.ForeignKey(Group, on_delete=models.CASCADE)
-
-# def __str__(self):
-# return "LDAPGroupMapping %s -> %s" % (self.ldap_dn, self.group.name)
+ verbose_name = _('LDAP Group Membership Policy')
+ verbose_name_plural = _('LDAP Group Membership Policys')