| 1 |
Quick summary: |
| 2 |
|
| 3 |
I'm writing a CMS for the Gentoo website, that will offer an LDAP web |
| 4 |
interface, plus it will replace Gorg and provide Beacon as WYSIWYG editor to |
| 5 |
edit the XML files. |
| 6 |
|
| 7 |
This is going to be small but really important. Robin set up for me an LDAP |
| 8 |
instance in vulture for me, plus reviewed my cfengine patches for OpenLDAP, |
| 9 |
Django and the various depedencies, thanks a lot for this! I'm in the process |
| 10 |
of deploying the web application to the server, and will move development |
| 11 |
fully there. I plan to open it for a few people for more beta testing in the |
| 12 |
following week. There has also been some internal Infra discussion on whether |
| 13 |
to use multiple OUs (OU=users, OU=developers etc), without an agreement yet, |
| 14 |
but my code works either way. Also I need to expand our LDAP configs and add a |
| 15 |
few more groups there, like a user.group, and some other privileged groups |
| 16 |
like devrel, pr (currently we have only infra, recruiters and devrel I think). |
| 17 |
|
| 18 |
As for the development of the app itself, the past days I've been doing |
| 19 |
various bugfixing in the LDAP frontend and playing around with the UI mostly. |
| 20 |
It is very configurable, the admin can choose which LDAP values to print, and |
| 21 |
in which form (eg human readable: username / first name / last name OR keep the |
| 22 |
LDAP names: uid / givenName / sn). The user can view his own attributes or |
| 23 |
someone else's public attributes. A privileged user can see more attributes |
| 24 |
from other users, plus add/remove another user from some groups. There has |
| 25 |
been some ACL duplication here, but unfortunately there isn't a better way to |
| 26 |
do it at the moment. Robin proposed another long term solution: if we move our |
| 27 |
LDAP configs to the new cn=Config style, the app then could parse that config and |
| 28 |
generate the ACL accordingly to Django settings. It can't be done now though, |
| 29 |
since Infra needs to migrate LDAP to that style first, which I know it's going |
| 30 |
to be painful (I've done it already for a uni server about a year ago). I'm |
| 31 |
working on the UI of the edit view now, which is a generated form by the user |
| 32 |
profile model. Although it works (user can edit his data successfully, admins |
| 33 |
(eg infra/recruiters in Gentoo case) can edit other users' data as well), |
| 34 |
there has been some pain in printin nice the multivalued attributes of LDAP. |
| 35 |
Currently, the multivalued attrs are transfered to a TextField in the DB, and |
| 36 |
the values are separated with :: for easy split-desplit. With the help of Matt |
| 37 |
I wrote a form widget, but it still needs to look prettier when the user wants |
| 38 |
to add or delete a new value. |
| 39 |
|
| 40 |
Apart from the above, I've also started working in general on the UI, and the |
| 41 |
front page. Matt gave me some some CSS to plug in to my templates, but my |
| 42 |
overall goal would be to create an easy way to create new themes to the app, |
| 43 |
instead of having to touch the templates (should be easy in Django). The UI |
| 44 |
and the front page is what I'm going to do for the next few days, and then |
| 45 |
start working on the Beacon and XSLT/XML parts. Last but not least, I wrote an |
| 46 |
addressbook as a replacement to userinfo.xml. |
| 47 |
-- |
| 48 |
Theo Chatzimichos | blog.tampakrap.gr |
| 49 |
Gentoo KDE/Qt, Planet, Overlays |
Archives