LDAP with sync rake task

2012-03-06 16:41:06 +08:00 · 2012-03-06 16:41:06 +08:00 · d5a2de5476
parent 7f05f21930
commit d5a2de5476
23 changed files with 109 additions and 40 deletions
--- a/app/controllers/admin/module_apps_controller.rb
+++ b/app/controllers/admin/module_apps_controller.rb
@ -10,8 +10,16 @@ class Admin::ModuleAppsController < ApplicationController


  def reload_frontend_pages
+    @categories =[]
    @module_app = ModuleApp.find(params[:id])
-    @categories = @module_app.key.eql?('announcement') ? BulletinCategory.all : nil 
+    unless (@module_app.category.nil? rescue true)
+      @module_app.category.each do |category|
+        @categories << eval(category).all.entries
+      end
+      @categories.flatten!
+    else
+      @categories = nil
+    end
    respond_to do |format|
      format.js  {}
    end
--- a/app/controllers/admin/page_parts_controller.rb
+++ b/app/controllers/admin/page_parts_controller.rb
@ -63,13 +63,16 @@ class Admin::PagePartsController < ApplicationController
  end
  
  def reload_widgets
+    @categories =[]
    @module_app = ModuleApp.find(params[:id])
-    case @module_app.key
-      when 'announcement'
-        @categories =  BulletinCategory.all
-      when 'web_resource'
-        @categories =  WebLinkCategory.all
+
+    unless (@module_app.category.nil? rescue true)
+      @module_app.category.each do |category|
+        @categories << eval(category).all.entries
+      end
+      @categories.flatten!
    end
+
    respond_to do |format|
      format.js  {}
    end
--- a/app/controllers/orbit_widget_controller.rb
+++ b/app/controllers/orbit_widget_controller.rb
@ -1,3 +1,3 @@
-class ObitWidgetController< OrbitFrontendComponentController
+class OrbitWidgetController< OrbitFrontendComponentController

 end
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -5,14 +5,16 @@ class SessionsController < Devise::SessionsController

  # POST /resource/sign_in
  def create 
+    # login_password = params[:user][:password]
+    # login_uid = params[:user][:nccu_ldap_uid]
    login_password = params[:user][:password]
    login_uid = params[:user][:nccu_ldap_uid]
    result = false
    ldap = Net::LDAP.new
-    # ldap.port = '8001'
-    # ldap.host = '127.0.0.1'
-    ldap.port = '389' 
-    ldap.host = '140.119.166.23' 
+    ldap.port = '8001'
+    ldap.host = '127.0.0.1'
+    # ldap.port = '389' 
+    # ldap.host = '140.119.166.23' 
    ldap_filter = "(uid=#{login_uid})"
    ldap_base = 'ou=People,dc=nccu,dc=edu,dc=tw'
    ldap.authenticate("cn=uccn,ou=profile,dc=nccu,dc=edu,dc=tw","nccu2ucc") 
@ -24,9 +26,14 @@ class SessionsController < Devise::SessionsController
           # resource = env['warden'].authenticate!(:check_nccu_ldap)
           # resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
           set_flash_message(:notice, :signed_in) if is_navigational_format?
-           resource_name = resource._type.downcase
-          sign_in(resource_name, resource)
-          respond_with resource, :location => redirect_location(resource_name, resource)
+           unless resource_name.nil?
+             resource_name = resource._type.downcase
+             sign_in(resource_name, resource)
+             respond_with resource, :location => redirect_location(resource_name, resource)
+           else
+             flash[:notice] = t('devise.failure.ldap_pass_but_account_not_in_orbit')
+             render :action => "new"
+           end
        else
          flash[:notice] = t('devise.failure.ldap_invalid')
          render :action => "new" 
--- a/app/views/admin/module_apps/_app_selector.html.erb
+++ b/app/views/admin/module_apps/_app_selector.html.erb
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@ -10,8 +10,8 @@
 			<p class="alert hide">You need to sign in or sign up before continuing.</p>
 			<div class="main">
 				<div class="control-group clear">
-					<%= f.label :email %>
-					<%= f.email_field :email, :placeholder => t(:email), :style => "width: 330px;" %>
+					<%= f.label :nccu_ldap_uid %>
+					<%= f.text_field :nccu_ldap_uid, :placeholder => t("nccu"), :style => "width: 330px;" %>
 					<span class="help-inline">Please correct the error</span>
 				</div>
 				<div class="control-group clear">
--- a/app/views/layouts/_orbit_bar.html.erb
+++ b/app/views/layouts/_orbit_bar.html.erb
@ -67,7 +67,7 @@
 									<li>
 										<div class="input-prepend">
 											<span class="add-on"><i class="icon-user"></i></span>
-											<%= f.text_field :email, :class => 'span2', :placeholder => t(:email), :size => 16 %>
+											<%= f.text_field :nccu_ldap_uid, :class => 'span2', :placeholder => t('nccu_c.nccu_ldap_uid'), :size => 16 %>
 										</div>
 									</li>
 									<li>
--- a/config/initializers/middle_site_connection.rb
+++ b/config/initializers/middle_site_connection.rb
@ -4,8 +4,8 @@ require 'mysql2'


 mid_host = { 
-  :host => 'mruling.nccu.edu.tw',  #mruling.nccu.edu.tw or 127.0.0.1
-  :port => 3006, #3306 or 8005
+  :host => '127.0.0.1',  #mruling.nccu.edu.tw or 127.0.0.1
+  :port => 8005, #3306 or 8005
  :username => "root",
  :password => "a3G6yWd9",
  :database => "RSS23_NCCU_MIDDLE",
--- a/config/locales/devise.en.yml
+++ b/config/locales/devise.en.yml
@ -11,6 +11,7 @@ en:
      unconfirmed: 'You have to confirm your account before continuing.'
      ldap_invalid: 'Your LDAP account is invalid'
      ldap_connection_failed: 'LDAP connection failed'
+      ldap_pass_but_account_not_in_orbit: 'LDAP account is not supported to sign up this site.'
      locked: 'Your account is locked.'
      invalid: 'Invalid email or password.'
      invalid_token: 'Invalid authentication token.'
--- a/config/locales/devise.zh_tw.yml
+++ b/config/locales/devise.zh_tw.yml
@ -11,6 +11,7 @@ zh_tw:
      unconfirmed: '您的帳號需需要經過確認後，才能繼續。'
      ldap_invalid: '您的LDAP帳號錯誤'
      ldap_connection_failed: '與LDAP之間連線異常'
+      ldap_pass_but_account_not_in_orbit: '很抱歉，您的LDAP帳號並不支援在此網站登入'
      locked: '您的帳號已被鎖定。'
      invalid: 'Email 或密碼是無效的。'
      invalid_token: '無效的認證代碼。'
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -117,6 +117,8 @@ en:
    no_layout: You don't have a layout
    name: Name
    nccu: NCCU Custom
+    nccu_c:
+      nccu_ldap_uid: NCCU LDAP Account
    new_asset: New asset
    new_component: New component
    new_design: New design
--- a/config/locales/zh_tw.yml
+++ b/config/locales/zh_tw.yml
@ -77,6 +77,7 @@ zh_tw:
    description: 描述
    design:  網站版型
    disable_language: 禁用語言
+    edit: 編輯
    editing_home: 編輯首頁
    editing_layout: 編輯樣板
    editing_link: 編輯連結
@ -95,7 +96,7 @@ zh_tw:
    intro: 簡介
    is_published: 被出版
    item: 網站架構
-    key: 關鍵
+    key: 鍵值
    language: 語言
    layout: 佈局
    layout_name: 佈局名字
@ -117,6 +118,8 @@ zh_tw:
    no_layout: 您沒有佈局
    name: 名稱
    nccu: 政大客制
+    nccu_c:
+      nccu_ldap_uid: NCCU LDAP 帳號
    new_asset: 新增資產
    new_component: 新增元件
    new_design: 新設計
--- a/lib/tasks/mid_site_sync.rake
+++ b/lib/tasks/mid_site_sync.rake
@ -1,32 +1,73 @@
 # encoding: utf-8 
+# require 'ruby-debug'

 namespace :mid_site do
-  attr_from_mid = %w{nccu_id psn_nam ut_chi_m eml_adr off_tel_ext sta_num}
+  attr_from_mid = %w{nccu_id psn_nam ut_cod up_ut_cod eml_adr off_tel_ext sta_num}
  officer_posgrp_code = %w{02 06 10 05} #from RSS2 
  admin_role = nil
  sub_role = nil
  
  task :sync => :environment do
-    users_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')})")    
+    info_profile = Info.first(conditions: {:key => 'profile'})
+    
+    def find_or_create_sub_role(role,ut_query=[],key='')
+      sub_role = role.sub_roles.get_sub_role_from_key(key)
+      if sub_role.nil?
+        ut_data = ut_query.find{|ut_data| ut_data["ut_cod"] == key }
+        # debugger
+        i18n_for_new_sub_role = I18nVariable.create!( :document_class => 'SubRole', :key => key, :en => (ut_data["ut_eng_m"] rescue ''), :zh_tw => (ut_data["ut_chi_m"] rescue ''), :parent_id => role.i18n_variable.id )
+        sub_role = role.sub_roles.create!(:key => key)
+        sub_role.i18n_variable = i18n_for_new_sub_role
+        sub_role.save!
+        p "Created SubRole(key: #{key}): EN: #{sub_role.i18n_variable.en}, CH: #{sub_role.i18n_variable.zh_tw} ParentRole(#{role.i18n_variable.key}): #{role.i18n_variable.en}"
+      end
+      sub_role
+    end
+    
+    users_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')})") 
+    ut_data_from_mid = MID_CLIENT.query("SELECT ut_odr, ut_cod, up_ut_cod, ut_chi_m, ut_eng_m FROM rss_paunit WHERE ut_tpe =  '1' AND ut_grp !=  '3' AND up_ut_cod !=  'F00' ORDER BY ut_odr, ut_cod")   
    remote_list = users_from_mid.collect{|t| t["nccu_id"]}
    
    #remove delete user sho has been deleted at remote first
    local_need_remove = User.all.collect{|t| t.nccu_id rescue nil}.uniq.delete_if {|x| x == nil} - remote_list
+    desc "Going to delete User with IDs: #{local_need_remove.inspect}"
    local_need_remove.each{|user_id| (User.find user_id).destroy}
+    desc "Deletion completed! \n"
    
    #starting update user
-    users_from_mid.each do |mid_user|
-      local_user = User.find_or_initialize_by(:nccu_id => mid_user["nccu_id"])
-      local_user.update_attributes(mid_user)
+    desc "Updating and Newing Users"
+    users_from_mid.each do |mid_user|      
+      ut_item = ut_data_from_mid.find{|ut_data| ut_data["ut_cod"] ==  mid_user["ut_cod"]}
+      up_ut_item = ut_data_from_mid.find{|ut_data| ut_data["ut_cod"] == mid_user["up_ut_cod"] }
+      local_user = User.find_or_initialize_by(:nccu_ldap_uid => mid_user["nccu_id"])
+      AttributeValue.find_or_create_by( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[0].id, :key => 'first_name', :en => '', :zh_tw => (mid_user["psn_nam"].size <= 3? mid_user["psn_nam"][1..2]:mid_user["psn_nam"][2..-1]) )
+      AttributeValue.find_or_create_by( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[1].id, :key => 'last_name', :en => '', :zh_tw => (mid_user["psn_nam"].size <= 3? mid_user["psn_nam"][0]:mid_user["psn_nam"][0..1]) )
+      
+      user_model_mapper = Hash[:ut_cod => mid_user["ut_cod"] ,:up_ut_cod => mid_user["up_ut_cod"],:email => mid_user["eml_adr"],:off_tel_ext => mid_user["off_tel_ext"],:sta_num => mid_user["sta_num"]]
+      user_model_mapper[:admin] = false
+      local_user.update_attributes(user_model_mapper)
+      
+      i18n_department_admin = I18nVariable.find_or_create_by( :document_class => 'Role', :key => 'department_admin', :en => 'Department Admin', :zh_tw => '系所使用者' )      
+      local_user.role = Role.find_or_create_by( :key => "department_admin",:build_in => true)
+      local_user.role.i18n_variable = i18n_department_admin
+      
+      
+      unless local_user.ut_cod == local_user.up_ut_cod  #if the ut_cod has additions info for up ut
+        local_user.sub_roles << find_or_create_sub_role(local_user.role,ut_data_from_mid,local_user.up_ut_cod)
+      end
+      
+      local_user.sub_roles << find_or_create_sub_role(local_user.role,ut_data_from_mid,local_user.ut_cod)
+      
      local_user.save!
    end   
  end
  
  task :install_admin => :before_instll_admin do
    admins_nccu_id = '2772'
+    info_profile = Info.first(conditions: {:key => 'profile'})
+    
    # admin_role = Role.find_or_create_by( key: 'administrator')
    # sub_role = admin_role.sub_roles.find_or_create_by(:key => 'computer_center')
-    info_profile = Info.first(conditions: {:key => 'profile'})
    
    user_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')}) AND nccu_id = '#{admins_nccu_id}' limit 1")    
    admin_at_mid =  user_from_mid.first
@ -58,7 +99,7 @@ namespace :mid_site do
    local_user = User.find_or_initialize_by(:nccu_id => admin_at_mid["nccu_id"])
    local_user.update_attributes(:email => admin_at_mid["eml_adr"], :admin => true, :role_id => admin_role.id, :sub_role_ids => [sub_role.id])

-    AttributeValue.create( :user => local_user, :attribute_field => info_profile.attribute_fields[0], :key => 'first_name', :en => user_first_name, :zh_tw => user_first_name )
+    AttributeValue.create( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[0].id, :key => 'first_name', :en => user_first_name, :zh_tw => user_first_name )
    AttributeValue.create( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[1].id, :key => 'last_name', :en => user_last_name, :zh_tw => user_last_name )
    
  end
@ -95,6 +136,10 @@ namespace :mid_site do
    i18ns.each  { |var|  var.destroy }
  end
  
+  task :clean_ldap_users => :environment do
+    User.where(:nccu_ldap_id.ne => nil ).each {|t| t.destroy}
+  end
+  
  task :clean_admin_role_and_sub_role => :environment do
    data = Role.any_in( key: ['administrator','computer_center'])
    data.each  { |var|  var.destroy }
--- a/vendor/built_in_modules/announcement/announcement.json
+++ b/vendor/built_in_modules/announcement/announcement.json
@ -8,5 +8,6 @@
  "create_date": "11-11-2011",
 	"app_pages":  ["bulletins"],
 	"widgets": ["bulletins", "bulletins_and_web_links"],
+	"category": ["BulletinCategory"],
 	"enable_frontend": true
 }
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletin_categorys_controller.rb
@ -1,5 +1,4 @@
-class Panel::Announcement::BackEnd::BulletinCategorysController < ApplicationController
-  
+class Panel::Announcement::BackEnd::BulletinCategorysController < OrbitBackendController
  layout 'new_admin'
  
  def index
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/back_end/bulletins_controller.rb
@ -1,5 +1,5 @@
-class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
-  
+class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
+  include AdminHelper
  layout 'new_admin'
  
  before_filter :authenticate_user!
@ -151,7 +151,6 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
    elsif is_sub_manager?
      @bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
    end
-<<<<<<< HEAD
  end

  def get_sorted_bulletins
@ -196,8 +195,7 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
        a.flatten!
        a.uniq
     end
-=======
->>>>>>> 26cd6951dba43b1f6eaf5056160309c5c77a8716
+
  end
  
  
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/front_end/bulletins_controller.rb
@ -1,4 +1,4 @@
-class Panel::Announcement::FrontEnd::BulletinsController < ObitWidgetController
+class Panel::Announcement::FrontEnd::BulletinsController < OrbitWidgetController
  
  def initialize
    super
--- a/vendor/built_in_modules/announcement/app/controllers/panel/announcement/widget/bulletins_controller.rb
+++ b/vendor/built_in_modules/announcement/app/controllers/panel/announcement/widget/bulletins_controller.rb
@ -1,4 +1,4 @@
-class Panel::Announcement::Widget::BulletinsController < ObitWidgetController
+class Panel::Announcement::Widget::BulletinsController < OrbitWidgetController

  def initialize
    super
--- a/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/widget/posts_controller.rb
+++ b/vendor/built_in_modules/new_blog/app/controllers/panel/new_blog/widget/posts_controller.rb
@ -1,4 +1,4 @@
-class Panel::NewBlog::Widget::PostsController < ObitWidgetController
+class Panel::NewBlog::Widget::PostsController < \"
  # GET /posts
  # GET /posts.xml
  def index
--- a/vendor/built_in_modules/page_content/app/controllers/panel/page_content/front_end/page_contexts_controller.rb
+++ b/vendor/built_in_modules/page_content/app/controllers/panel/page_content/front_end/page_contexts_controller.rb
@ -1,4 +1,4 @@
-class Panel::PageContent::FrontEnd::PageContextsController < ObitWidgetController
+class Panel::PageContent::FrontEnd::PageContextsController < \"
  
  def initialize
    super
--- a/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/front_end/web_links_controller.rb
+++ b/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/front_end/web_links_controller.rb
@ -1,4 +1,4 @@
-class Panel::WebResource::FrontEnd::WebLinksController < ObitWidgetController
+class Panel::WebResource::FrontEnd::WebLinksController < \"
  
  def initialize
    super
--- a/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/widget/web_links_controller.rb
+++ b/vendor/built_in_modules/web_resource/app/controllers/panel/web_resource/widget/web_links_controller.rb
@ -1,4 +1,4 @@
-class Panel::WebResource::Widget::WebLinksController < ObitWidgetController
+class Panel::WebResource::Widget::WebLinksController < \"

  def initialize
    super
--- a/vendor/built_in_modules/web_resource/web_resource.json
+++ b/vendor/built_in_modules/web_resource/web_resource.json
@ -8,5 +8,6 @@
  "create_date": "11-11-2011",
 	"app_pages":  ["web_links"],
 	"widgets": ["web_links"],
+	"category": ["WebLinkCategory"],
 	"enable_frontend": true
 }