1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
|
<h1 tal:replace="structure here/manage_page_header">Header</h1>
<h2 tal:define="manage_tabs_message options/manage_tabs_message | nothing"
tal:replace="structure here/manage_tabs">Tabs</h2>
<h4>Users sources</h4>
<ol>
<table cellspacing="10" width="90%" tal:define="groups here/getGroups">
<tr tal:repeat="source here/listUserSourceFolders">
<th class="list-header">Users source #<span tal:replace="repeat/source/number">1</span></th>
<td bgcolor="#EEEEEE" tal:condition="source/isValid">
<img src="" tal:attributes="src source/acl_users/icon">
<a href="" tal:attributes="href string:${source/acl_users/absolute_url}/manage_workspace" tal:content="source/acl_users/meta_type">Type</a>
</td>
<td bgcolor="#EEEEEE" tal:condition="not:source/isValid">
<font color="red"><strong><i>(invalid or broken)</i></strong></font>
</td>
</tr>
</table>
</ol>
<h4>Users management</h4>
<form action="" method="POST" tal:attributes="action request/URL1">
<ol>
<tal:block tal:condition="python: not request.get('FORCE_ALL')">
<tal:block tal:define="global users here/getPureUsers">
</tal:block>
</tal:block>
<tal:block tal:condition="python: request.get('FORCE_ALL')">
<tal:block tal:define="global users python:map(lambda x:here.getUser(x), here.getPureUserNames())">
</tal:block>
</tal:block>
<table cellspacing="10" width="90%">
<tr>
<!-- Users selection -->
<td valign="top">
<table bgcolor="#EEEEEE" width="100%">
<tr class="list-header" tal:condition="users">
<th> </th>
<th>User</th>
<th class="list-header">Member <br>of groups</th>
<th class="list-header">Implicitly <br>member of*</th>
<th class="list-header">Has roles</th>
<th class="list-header">Implicitly <br>has roles**</th>
</tr>
<tr
tal:repeat="user users"
class=""
tal:attributes="class python:test(path('repeat/user/odd'), 'row-hilite', 'row-normal')"
>
<div tal:define="
label_groups python:user.getGroups();
label_groups_no_recurse python:user.getGroups(no_recurse = 1);
label_groups_recurse python:filter(lambda x: x not in label_groups_no_recurse, label_groups);
groups_no_recurse python:map(lambda x: here.getUser(x), label_groups_no_recurse);
groups_recurse python:map(lambda x: here.getUser(x), label_groups_recurse);
roles python:filter(lambda x: x not in ('Authenticated', 'Shared'), user.getRoles());
roles_no_recurse python:filter(lambda x: x not in ('Authenticated', 'Shared'), user.getUserRoles());
roles_recurse python:filter(lambda x: x not in roles_no_recurse, roles);"
tal:omit-tag="">
<td><div class="list-item"><input type="checkbox" name="users:list" value="" tal:attributes="value user"></td>
<td>
<div class="list-item">
<img src="img_user" />
<strong tal:content="structure user/asHTML">
</strong>
</td>
<td class="list-item">
<span tal:repeat="group groups_no_recurse" >
<span tal:replace="structure group/asHTML"></span><span tal:condition="not:repeat/group/end">, </span>
</span>
</td>
<td class="list-item">
<span tal:repeat="group groups_recurse" >
<span tal:replace="structure python:group.asHTML(implicit=1)"></span><span tal:condition="not:repeat/group/end">, </span>
</span>
</td>
<td class="list-item">
<div class="list-item">
<span tal:repeat="role roles_no_recurse" >
<font color=""
tal:attributes="color here/role_color">
<span tal:replace="role"></span><span tal:condition="not:repeat/role/end">, </span>
</font>
</span>
</div>
</td>
<td class="list-item">
<div class="list-item">
<span tal:repeat="role roles_recurse" >
<font color=""
tal:attributes="color here/role_color">
<i><span tal:replace="role"></span></i><span tal:condition="not:repeat/role/end">, </span>
</font>
</span>
</div>
</td>
</div>
</tr>
<tr>
<td colspan="8" tal:condition="python: not request.get('FORCE_ALL')">
<div class="list-item" tal:condition="not: users">
No user available. This happens either if you have no users defined or if
the underlying UserFolder cannot retreive the entire users list (for example, LDAPUserFolder
is limited in results size).
</div>
<div class="list-item" tal:condition="python: len(users) != ucount" tal:define="ucount python:len(here.getPureUserNames())">
It is reported that <b><span tal:content="ucount"></span> users</b> stand in the various user sources.<br />
It might be very long to retreive the whole list but you can force it by <a href="?FORCE_ALL=1">Clicking here</a>.
</div>
</td>
</tr>
<!-- New user -->
<tr>
<td><div class="list-item"> </div></td>
<td>
<div class="list-item">Create users:</div>
</td>
</tr>
<tr>
<td><div class="list-item"> </div></td>
<td>
<div class="list-item">
<textarea name="new_users:lines" cols="20" rows="3"></textarea>
</div>
</td>
<td colspan="4">
<div class="list-item" valign="top">
Newly created users will be affected groups and roles according to the table below.
</div>
</td>
</tr>
<tr>
<td><div class="list-item"> </div></td>
<td>
<div class="list-item">Default password:</div>
</td>
</tr>
<tr>
<td><div class="list-item"> </div></td>
<td>
<div class="list-item">
<input name="default_password:string" size="20" />
</div>
</td>
<td colspan="4">
<div class="list-item">
Fill in this field to specify a default password for new users,
or leave it empty to let GRUF generate random ones.
</div>
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="changeOrCreateUsers:method" value="Create" />
<input type="submit" name="deleteUsers:method" value="Delete" />
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td align="center">
<div class="list-item">
Select one or more users in the upper table, select one or more groups / roles in the table below
and click "Change" to affect groups / roles to these users.
</div>
</td>
</tr>
<tr>
<td valign="top" align="center" colspan="6">
<table bgcolor="#EEEEEE">
<tr>
<td valign="top">
<!-- Groups selection -->
<table width="100%">
<tr class="list-header">
<th colspan="2">Affect groups</th>
</tr>
<tr tal:repeat="group here/getGroups">
<td>
<input type="checkbox" name="groups:list" value="" tal:attributes="value group">
</td>
<td>
<div class="list-item" tal:content="structure group/asHTML"></div>
</td>
</tr>
<!-- "(None)" item -->
<tr>
<td><div class="list-item"><input type="checkbox" name="nested_groups:list" value="__None__"></div></td>
<td><div class="list-item"><i>(None)</i></div></td>
</tr>
</table>
</td>
<td valign="top">
<!-- Roles selection -->
<table width="100%">
<tr class="list-header">
<th colspan="2">Affect roles</th>
</tr>
<tr tal:repeat="role here/valid_roles">
<td tal:condition="python:role not in ('Authenticated', 'Anonymous', 'Shared')">
<input type="checkbox" name="roles:list" value="" tal:attributes="value role">
</td>
<td tal:condition="python:role not in ('Authenticated', 'Anonymous', 'Shared')">
<div class="list-item"><font color="" tal:attributes="color here/role_color" tal:content="role">Role</font></div>
</td>
</tr>
<!-- "(None)" item -->
<tr>
<td><div class="list-item"><input type="checkbox" name="roles:list" value="__None__"></div></td>
<td><div class="list-item"><i>(None)</i></div></td>
</tr>
</table>
</td>
</tr>
<tr>
<td colspan="2" align="middle"><input type="submit" name="changeOrCreateUsers:method" value="Change" /></td>
</table>
</td>
</tr>
</table>
<p class="form-help">
If you do not select any role, roles won't be reseted for the selected users.<br />
If you do not select any group, groups won't be reseted for the selected users.<br />
To explicitly reset groups or roles, just click the "(None)" entry (and no other entry).
</p>
<p class="form-help">
* According to the groups inheritance, this group is also recursively member of these groups. <br />This is what we call nested groups.
</p>
<p class="form-help">
** Accorded to the groups inheritance, this group also has these roles - even if they are not defined explicitly on it.
</p>
</ol>
</form>
<h4>Instructions</h4>
<ol>
<p class="form-help">
To change roles for one or several users, select them in the left form,
select the roles you want to give them and the groups they belong to in the forms on the right and click "Change".<br />
You can also create one or several users by filling the text area (one user per line).
The "Change" button will create them with the roles and group affectation you've selected.
A random password will be generated for them, and it will be shown in a page so that you can click/paste them somewhere.<br />
If you want to kill some users, you can delete them by selecting them and clicking the "Delete" button.
</p>
</ol>
<h4>Important notice / disclaimer</h4>
<ol>
<p class="form-help">
This form uses the regular Zope Security API from the underlying user folders. However, you may experience problems with some
of them, especially if they are not tuned to allow user adding. For example, an LDAPUserFolder can be configured to disable
users management. In case this form doesn't work, you'll have to do things by hand within the 'Users' and 'Groups' GRUF folders.
</p>
<p class="form-help">
This is not a GRUF limitation ! :-)
</p>
</ol>
<h1 tal:replace="structure here/manage_page_footer">Footer</h1>
|
