diff options
author | Christian Franke <nobody@nowhere.ws> | 2012-01-05 01:32:41 +0100 |
---|---|---|
committer | Christian Franke <nobody@nowhere.ws> | 2012-01-05 01:32:41 +0100 |
commit | af48fab1b031b3474f24b78e5bf59b14c8346ea8 (patch) | |
tree | 03e314165b8c660ec9de0094e0d24df64620f261 /sublab_project/accounts/models.py | |
parent | 7e960881ae6cbcd709538dcd73e4fd89e33507d3 (diff) |
make ldap authentication work
authorization is still missing -> people can login but can't really
do anything. It seems like we should add a group for members to ldap
and authorize the matching django group to be allowed to edit news,
projects, and so on.
Maybe there is a better solution, which I did not see?
Also, there is probably a better code for the populate_user handler
I placed in accounts/models.py
Diffstat (limited to 'sublab_project/accounts/models.py')
-rw-r--r-- | sublab_project/accounts/models.py | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/sublab_project/accounts/models.py b/sublab_project/accounts/models.py new file mode 100644 index 0000000..821bed3 --- /dev/null +++ b/sublab_project/accounts/models.py @@ -0,0 +1,21 @@ +from django.contrib.auth.models import User +from django.db import models + +from django.db.models.signals import post_save +from django_auth_ldap.backend import populate_user + +class UserProfile(models.Model): + """A (dummy) user profile, needed for LDAP + """ + user = models.OneToOneField(User) + + +def create_user_profile(sender, instance, created, **kwargs): + if created: + UserProfile.objects.create(user=instance) +post_save.connect(create_user_profile, sender=User) + + +def set_user_as_staff(sender, user, ldap_user, **kwargs): + user.is_staff = True # Every LDAP user should be able to use admin +populate_user.connect(set_user_as_staff) |