LDAP with sync rake task

This commit is contained in:
Matt Fu 2012-03-06 16:41:06 +08:00
parent 7f05f21930
commit d5a2de5476
23 changed files with 109 additions and 40 deletions

View File

@ -10,8 +10,16 @@ class Admin::ModuleAppsController < ApplicationController
def reload_frontend_pages
@categories =[]
@module_app = ModuleApp.find(params[:id])
@categories = @module_app.key.eql?('announcement') ? BulletinCategory.all : nil
unless (@module_app.category.nil? rescue true)
@module_app.category.each do |category|
@categories << eval(category).all.entries
end
@categories.flatten!
else
@categories = nil
end
respond_to do |format|
format.js {}
end

View File

@ -63,13 +63,16 @@ class Admin::PagePartsController < ApplicationController
end
def reload_widgets
@categories =[]
@module_app = ModuleApp.find(params[:id])
case @module_app.key
when 'announcement'
@categories = BulletinCategory.all
when 'web_resource'
@categories = WebLinkCategory.all
unless (@module_app.category.nil? rescue true)
@module_app.category.each do |category|
@categories << eval(category).all.entries
end
@categories.flatten!
end
respond_to do |format|
format.js {}
end

View File

@ -1,3 +1,3 @@
class ObitWidgetController< OrbitFrontendComponentController
class OrbitWidgetController< OrbitFrontendComponentController
end

View File

@ -5,14 +5,16 @@ class SessionsController < Devise::SessionsController
# POST /resource/sign_in
def create
# login_password = params[:user][:password]
# login_uid = params[:user][:nccu_ldap_uid]
login_password = params[:user][:password]
login_uid = params[:user][:nccu_ldap_uid]
result = false
ldap = Net::LDAP.new
# ldap.port = '8001'
# ldap.host = '127.0.0.1'
ldap.port = '389'
ldap.host = '140.119.166.23'
ldap.port = '8001'
ldap.host = '127.0.0.1'
# ldap.port = '389'
# ldap.host = '140.119.166.23'
ldap_filter = "(uid=#{login_uid})"
ldap_base = 'ou=People,dc=nccu,dc=edu,dc=tw'
ldap.authenticate("cn=uccn,ou=profile,dc=nccu,dc=edu,dc=tw","nccu2ucc")
@ -24,9 +26,14 @@ class SessionsController < Devise::SessionsController
# resource = env['warden'].authenticate!(:check_nccu_ldap)
# resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
set_flash_message(:notice, :signed_in) if is_navigational_format?
unless resource_name.nil?
resource_name = resource._type.downcase
sign_in(resource_name, resource)
respond_with resource, :location => redirect_location(resource_name, resource)
else
flash[:notice] = t('devise.failure.ldap_pass_but_account_not_in_orbit')
render :action => "new"
end
else
flash[:notice] = t('devise.failure.ldap_invalid')
render :action => "new"

View File

@ -10,8 +10,8 @@
<p class="alert hide">You need to sign in or sign up before continuing.</p>
<div class="main">
<div class="control-group clear">
<%= f.label :email %>
<%= f.email_field :email, :placeholder => t(:email), :style => "width: 330px;" %>
<%= f.label :nccu_ldap_uid %>
<%= f.text_field :nccu_ldap_uid, :placeholder => t("nccu"), :style => "width: 330px;" %>
<span class="help-inline">Please correct the error</span>
</div>
<div class="control-group clear">

View File

@ -67,7 +67,7 @@
<li>
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<%= f.text_field :email, :class => 'span2', :placeholder => t(:email), :size => 16 %>
<%= f.text_field :nccu_ldap_uid, :class => 'span2', :placeholder => t('nccu_c.nccu_ldap_uid'), :size => 16 %>
</div>
</li>
<li>

View File

@ -4,8 +4,8 @@ require 'mysql2'
mid_host = {
:host => 'mruling.nccu.edu.tw', #mruling.nccu.edu.tw or 127.0.0.1
:port => 3006, #3306 or 8005
:host => '127.0.0.1', #mruling.nccu.edu.tw or 127.0.0.1
:port => 8005, #3306 or 8005
:username => "root",
:password => "a3G6yWd9",
:database => "RSS23_NCCU_MIDDLE",

View File

@ -11,6 +11,7 @@ en:
unconfirmed: 'You have to confirm your account before continuing.'
ldap_invalid: 'Your LDAP account is invalid'
ldap_connection_failed: 'LDAP connection failed'
ldap_pass_but_account_not_in_orbit: 'LDAP account is not supported to sign up this site.'
locked: 'Your account is locked.'
invalid: 'Invalid email or password.'
invalid_token: 'Invalid authentication token.'

View File

@ -11,6 +11,7 @@ zh_tw:
unconfirmed: '您的帳號需需要經過確認後,才能繼續。'
ldap_invalid: '您的LDAP帳號錯誤'
ldap_connection_failed: '與LDAP之間連線異常'
ldap_pass_but_account_not_in_orbit: '很抱歉您的LDAP帳號並不支援在此網站登入'
locked: '您的帳號已被鎖定。'
invalid: 'Email 或密碼是無效的。'
invalid_token: '無效的認證代碼。'

View File

@ -117,6 +117,8 @@ en:
no_layout: You don't have a layout
name: Name
nccu: NCCU Custom
nccu_c:
nccu_ldap_uid: NCCU LDAP Account
new_asset: New asset
new_component: New component
new_design: New design

View File

@ -77,6 +77,7 @@ zh_tw:
description: 描述
design: 網站版型
disable_language: 禁用語言
edit: 編輯
editing_home: 編輯首頁
editing_layout: 編輯樣板
editing_link: 編輯連結
@ -95,7 +96,7 @@ zh_tw:
intro: 簡介
is_published: 被出版
item: 網站架構
key:
key:
language: 語言
layout: 佈局
layout_name: 佈局名字
@ -117,6 +118,8 @@ zh_tw:
no_layout: 您沒有佈局
name: 名稱
nccu: 政大客制
nccu_c:
nccu_ldap_uid: NCCU LDAP 帳號
new_asset: 新增資產
new_component: 新增元件
new_design: 新設計

View File

@ -1,32 +1,73 @@
# encoding: utf-8
# require 'ruby-debug'
namespace :mid_site do
attr_from_mid = %w{nccu_id psn_nam ut_chi_m eml_adr off_tel_ext sta_num}
attr_from_mid = %w{nccu_id psn_nam ut_cod up_ut_cod eml_adr off_tel_ext sta_num}
officer_posgrp_code = %w{02 06 10 05} #from RSS2
admin_role = nil
sub_role = nil
task :sync => :environment do
info_profile = Info.first(conditions: {:key => 'profile'})
def find_or_create_sub_role(role,ut_query=[],key='')
sub_role = role.sub_roles.get_sub_role_from_key(key)
if sub_role.nil?
ut_data = ut_query.find{|ut_data| ut_data["ut_cod"] == key }
# debugger
i18n_for_new_sub_role = I18nVariable.create!( :document_class => 'SubRole', :key => key, :en => (ut_data["ut_eng_m"] rescue ''), :zh_tw => (ut_data["ut_chi_m"] rescue ''), :parent_id => role.i18n_variable.id )
sub_role = role.sub_roles.create!(:key => key)
sub_role.i18n_variable = i18n_for_new_sub_role
sub_role.save!
p "Created SubRole(key: #{key}): EN: #{sub_role.i18n_variable.en}, CH: #{sub_role.i18n_variable.zh_tw} ParentRole(#{role.i18n_variable.key}): #{role.i18n_variable.en}"
end
sub_role
end
users_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')})")
ut_data_from_mid = MID_CLIENT.query("SELECT ut_odr, ut_cod, up_ut_cod, ut_chi_m, ut_eng_m FROM rss_paunit WHERE ut_tpe = '1' AND ut_grp != '3' AND up_ut_cod != 'F00' ORDER BY ut_odr, ut_cod")
remote_list = users_from_mid.collect{|t| t["nccu_id"]}
#remove delete user sho has been deleted at remote first
local_need_remove = User.all.collect{|t| t.nccu_id rescue nil}.uniq.delete_if {|x| x == nil} - remote_list
desc "Going to delete User with IDs: #{local_need_remove.inspect}"
local_need_remove.each{|user_id| (User.find user_id).destroy}
desc "Deletion completed! \n"
#starting update user
desc "Updating and Newing Users"
users_from_mid.each do |mid_user|
local_user = User.find_or_initialize_by(:nccu_id => mid_user["nccu_id"])
local_user.update_attributes(mid_user)
ut_item = ut_data_from_mid.find{|ut_data| ut_data["ut_cod"] == mid_user["ut_cod"]}
up_ut_item = ut_data_from_mid.find{|ut_data| ut_data["ut_cod"] == mid_user["up_ut_cod"] }
local_user = User.find_or_initialize_by(:nccu_ldap_uid => mid_user["nccu_id"])
AttributeValue.find_or_create_by( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[0].id, :key => 'first_name', :en => '', :zh_tw => (mid_user["psn_nam"].size <= 3? mid_user["psn_nam"][1..2]:mid_user["psn_nam"][2..-1]) )
AttributeValue.find_or_create_by( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[1].id, :key => 'last_name', :en => '', :zh_tw => (mid_user["psn_nam"].size <= 3? mid_user["psn_nam"][0]:mid_user["psn_nam"][0..1]) )
user_model_mapper = Hash[:ut_cod => mid_user["ut_cod"] ,:up_ut_cod => mid_user["up_ut_cod"],:email => mid_user["eml_adr"],:off_tel_ext => mid_user["off_tel_ext"],:sta_num => mid_user["sta_num"]]
user_model_mapper[:admin] = false
local_user.update_attributes(user_model_mapper)
i18n_department_admin = I18nVariable.find_or_create_by( :document_class => 'Role', :key => 'department_admin', :en => 'Department Admin', :zh_tw => '系所使用者' )
local_user.role = Role.find_or_create_by( :key => "department_admin",:build_in => true)
local_user.role.i18n_variable = i18n_department_admin
unless local_user.ut_cod == local_user.up_ut_cod #if the ut_cod has additions info for up ut
local_user.sub_roles << find_or_create_sub_role(local_user.role,ut_data_from_mid,local_user.up_ut_cod)
end
local_user.sub_roles << find_or_create_sub_role(local_user.role,ut_data_from_mid,local_user.ut_cod)
local_user.save!
end
end
task :install_admin => :before_instll_admin do
admins_nccu_id = '2772'
info_profile = Info.first(conditions: {:key => 'profile'})
# admin_role = Role.find_or_create_by( key: 'administrator')
# sub_role = admin_role.sub_roles.find_or_create_by(:key => 'computer_center')
info_profile = Info.first(conditions: {:key => 'profile'})
user_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')}) AND nccu_id = '#{admins_nccu_id}' limit 1")
admin_at_mid = user_from_mid.first
@ -58,7 +99,7 @@ namespace :mid_site do
local_user = User.find_or_initialize_by(:nccu_id => admin_at_mid["nccu_id"])
local_user.update_attributes(:email => admin_at_mid["eml_adr"], :admin => true, :role_id => admin_role.id, :sub_role_ids => [sub_role.id])
AttributeValue.create( :user => local_user, :attribute_field => info_profile.attribute_fields[0], :key => 'first_name', :en => user_first_name, :zh_tw => user_first_name )
AttributeValue.create( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[0].id, :key => 'first_name', :en => user_first_name, :zh_tw => user_first_name )
AttributeValue.create( :user_id => local_user.id, :attribute_field_id => info_profile.attribute_fields[1].id, :key => 'last_name', :en => user_last_name, :zh_tw => user_last_name )
end
@ -95,6 +136,10 @@ namespace :mid_site do
i18ns.each { |var| var.destroy }
end
task :clean_ldap_users => :environment do
User.where(:nccu_ldap_id.ne => nil ).each {|t| t.destroy}
end
task :clean_admin_role_and_sub_role => :environment do
data = Role.any_in( key: ['administrator','computer_center'])
data.each { |var| var.destroy }

View File

@ -8,5 +8,6 @@
"create_date": "11-11-2011",
"app_pages": ["bulletins"],
"widgets": ["bulletins", "bulletins_and_web_links"],
"category": ["BulletinCategory"],
"enable_frontend": true
}

View File

@ -1,5 +1,4 @@
class Panel::Announcement::BackEnd::BulletinCategorysController < ApplicationController
class Panel::Announcement::BackEnd::BulletinCategorysController < OrbitBackendController
layout 'new_admin'
def index

View File

@ -1,5 +1,5 @@
class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
class Panel::Announcement::BackEnd::BulletinsController < OrbitBackendController
include AdminHelper
layout 'new_admin'
before_filter :authenticate_user!
@ -151,7 +151,6 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
elsif is_sub_manager?
@bulletin_categorys = BulletinCategory.authed_for_user(current_user,'submit_new')
end
<<<<<<< HEAD
end
def get_sorted_bulletins
@ -196,8 +195,7 @@ class Panel::Announcement::BackEnd::BulletinsController < ApplicationController
a.flatten!
a.uniq
end
=======
>>>>>>> 26cd6951dba43b1f6eaf5056160309c5c77a8716
end

View File

@ -1,4 +1,4 @@
class Panel::Announcement::FrontEnd::BulletinsController < ObitWidgetController
class Panel::Announcement::FrontEnd::BulletinsController < OrbitWidgetController
def initialize
super

View File

@ -1,4 +1,4 @@
class Panel::Announcement::Widget::BulletinsController < ObitWidgetController
class Panel::Announcement::Widget::BulletinsController < OrbitWidgetController
def initialize
super

View File

@ -1,4 +1,4 @@
class Panel::NewBlog::Widget::PostsController < ObitWidgetController
class Panel::NewBlog::Widget::PostsController < \"
# GET /posts
# GET /posts.xml
def index

View File

@ -1,4 +1,4 @@
class Panel::PageContent::FrontEnd::PageContextsController < ObitWidgetController
class Panel::PageContent::FrontEnd::PageContextsController < \"
def initialize
super

View File

@ -1,4 +1,4 @@
class Panel::WebResource::FrontEnd::WebLinksController < ObitWidgetController
class Panel::WebResource::FrontEnd::WebLinksController < \"
def initialize
super

View File

@ -1,4 +1,4 @@
class Panel::WebResource::Widget::WebLinksController < ObitWidgetController
class Panel::WebResource::Widget::WebLinksController < \"
def initialize
super

View File

@ -8,5 +8,6 @@
"create_date": "11-11-2011",
"app_pages": ["web_links"],
"widgets": ["web_links"],
"category": ["WebLinkCategory"],
"enable_frontend": true
}