Solved merge
darta
commit
e2be29348c
|
|
@ -93,13 +93,17 @@ class Admin():
|
||||||
### User admin in group admin
|
### User admin in group admin
|
||||||
try:
|
try:
|
||||||
log.warning('KEYCLOAK: Adding group admin and user admin to this group')
|
log.warning('KEYCLOAK: Adding group admin and user admin to this group')
|
||||||
self.keycloak.add_group('admin')
|
admin_guid=self.keycloak.add_group('admin')
|
||||||
## Add default admin user to group admin (for nextcloud, just in case we go there)
|
except:
|
||||||
admin_uid=self.keycloak_admin.get_user_id('admin')
|
pass
|
||||||
self.keycloak_admin.group_user_add(admin_uid,gid)
|
admin_guid=self.keycloak.get_group_by_path(path='/admin')['id']
|
||||||
|
try:
|
||||||
|
## Add default admin user to group admin
|
||||||
|
admin_uid=self.keycloak.get_user_id('admin')
|
||||||
|
self.keycloak.group_user_add(admin_uid,admin_guid)
|
||||||
log.warning('KEYCLOAK: OK')
|
log.warning('KEYCLOAK: OK')
|
||||||
except:
|
except:
|
||||||
# print(traceback.format_exc())
|
print(traceback.format_exc())
|
||||||
log.warning('KEYCLOAK: Seems to be there already')
|
log.warning('KEYCLOAK: Seems to be there already')
|
||||||
|
|
||||||
#### Add default groups
|
#### Add default groups
|
||||||
|
|
@ -812,4 +816,4 @@ class Admin():
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def get_user(self,userid):
|
def get_user(self,userid):
|
||||||
return [u for u in self.internal['users'] if u['id']==userid][0]
|
return [u for u in self.internal['users'] if u['id']==userid][0]
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,10 @@ class Nextcloud():
|
||||||
def _request(self,method,url,data={},headers={'OCS-APIRequest':'true'},auth=False):
|
def _request(self,method,url,data={},headers={'OCS-APIRequest':'true'},auth=False):
|
||||||
if auth == False: auth=self.auth
|
if auth == False: auth=self.auth
|
||||||
try:
|
try:
|
||||||
return requests.request(method, url, data=data, auth=auth, verify=self.verify_cert, headers=headers).text
|
response = requests.request(method, url, data=data, auth=auth, verify=self.verify_cert, headers=headers)
|
||||||
|
if 'meta' in response.text:
|
||||||
|
if '<statuscode>997</statuscode>' in response.text: raise ProviderUnauthorized
|
||||||
|
return response.text
|
||||||
|
|
||||||
## At least the ProviderSslError is not being catched or not raised correctly
|
## At least the ProviderSslError is not being catched or not raised correctly
|
||||||
except requests.exceptions.HTTPError as errh:
|
except requests.exceptions.HTTPError as errh:
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,8 @@
|
||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# coding=utf-8
|
# coding=utf-8
|
||||||
|
class ProviderUnauthorized(Exception):
|
||||||
|
pass
|
||||||
|
|
||||||
class ProviderConnError(Exception):
|
class ProviderConnError(Exception):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -28,11 +28,7 @@ def internal_users_search():
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
data=request.get_json(force=True)
|
data=request.get_json(force=True)
|
||||||
users = app.admin.get_mix_users()
|
users = app.admin.get_mix_users()
|
||||||
result = [user_parser(user) for user in users
|
result = [user_parser(user) for user in filter_users(users, data['text'])]
|
||||||
if data['text'] in user['username'] or
|
|
||||||
data['text'] in user['first'] or
|
|
||||||
data['text'] in user['last'] or
|
|
||||||
data['text'] in user['email']]
|
|
||||||
sorted_result = sorted(result, key=lambda k: k['id'])
|
sorted_result = sorted(result, key=lambda k: k['id'])
|
||||||
return json.dumps(sorted_result), 200, {'Content-Type': 'application/json'}
|
return json.dumps(sorted_result), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
|
|
@ -43,6 +39,7 @@ def internal_groups():
|
||||||
sorted_groups = sorted(app.admin.get_mix_groups(), key=lambda k: k['name'])
|
sorted_groups = sorted(app.admin.get_mix_groups(), key=lambda k: k['name'])
|
||||||
groups=[]
|
groups=[]
|
||||||
for group in sorted_groups:
|
for group in sorted_groups:
|
||||||
|
if not group['path'].startswith('/'): continue
|
||||||
groups.append({'id':group['path'],
|
groups.append({'id':group['path'],
|
||||||
'name':group['name'],
|
'name':group['name'],
|
||||||
'description':group.get('description','')})
|
'description':group.get('description','')})
|
||||||
|
|
@ -58,8 +55,41 @@ def internal_group_users():
|
||||||
users=[]
|
users=[]
|
||||||
for user in sorted_users:
|
for user in sorted_users:
|
||||||
if data['path'] not in user['keycloak_groups'] or not user['enabled']: continue
|
if data['path'] not in user['keycloak_groups'] or not user['enabled']: continue
|
||||||
users.append(user_parser(user))
|
users.append(user)
|
||||||
return json.dumps(users), 200, {'Content-Type': 'application/json'}
|
if data.get('text',False) and data['text'] != '':
|
||||||
|
result = [user_parser(user) for user in filter_users(users, data['text'])]
|
||||||
|
else:
|
||||||
|
result = [user_parser(user) for user in users]
|
||||||
|
return json.dumps(result), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
|
@app.route('/api/internal/roles', methods=['GET'])
|
||||||
|
@is_internal
|
||||||
|
def internal_roles():
|
||||||
|
if request.method == 'GET':
|
||||||
|
roles=[]
|
||||||
|
for role in sorted(app.admin.get_roles(), key=lambda k: k['name']):
|
||||||
|
if role['name'] == 'admin': continue
|
||||||
|
roles.append({'id':role['id'],
|
||||||
|
'name':role['name'],
|
||||||
|
'description':role.get('description','')})
|
||||||
|
return json.dumps(roles), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
|
@app.route('/api/internal/role/users', methods=['POST'])
|
||||||
|
@is_internal
|
||||||
|
def internal_role_users():
|
||||||
|
if request.method == 'POST':
|
||||||
|
data=request.get_json(force=True)
|
||||||
|
sorted_users = sorted(app.admin.get_mix_users(), key=lambda k: k['username'])
|
||||||
|
# group_users = [user for user in sorted_users if data['path'] in user['keycloak_groups']]
|
||||||
|
users=[]
|
||||||
|
for user in sorted_users:
|
||||||
|
if data['role'] not in user['roles'] or not user['enabled']: continue
|
||||||
|
users.append(user)
|
||||||
|
if data.get('text',False) and data['text'] != '':
|
||||||
|
result = [user_parser(user) for user in filter_users(users, data['text'])]
|
||||||
|
else:
|
||||||
|
result = [user_parser(user) for user in users]
|
||||||
|
return json.dumps(result), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
def user_parser(user):
|
def user_parser(user):
|
||||||
return {'id':user['username'],
|
return {'id':user['username'],
|
||||||
|
|
@ -68,3 +98,10 @@ def user_parser(user):
|
||||||
'role':user['roles'][0] if len(user['roles']) else None,
|
'role':user['roles'][0] if len(user['roles']) else None,
|
||||||
'email':user['email'],
|
'email':user['email'],
|
||||||
'groups':user['keycloak_groups']}
|
'groups':user['keycloak_groups']}
|
||||||
|
|
||||||
|
def filter_users(users, text):
|
||||||
|
return [user for user in users
|
||||||
|
if text in user['username'] or
|
||||||
|
text in user['first'] or
|
||||||
|
text in user['last'] or
|
||||||
|
text in user['email']]
|
||||||
|
|
|
||||||
|
|
@ -168,8 +168,8 @@ backend be_wp
|
||||||
http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
|
http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
|
||||||
|
|
||||||
http-request set-header X-SSL %[ssl_fc]
|
http-request set-header X-SSL %[ssl_fc]
|
||||||
reqadd X-Forwarded-Proto:\ https
|
#reqadd X-Forwarded-Proto:\ https
|
||||||
#http-request set-header X-Forwarded-Proto https
|
http-request set-header X-Forwarded-Proto https
|
||||||
server wp isard-apps-wordpress:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none
|
server wp isard-apps-wordpress:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue