1 |
Quick summary: |
2 |
|
3 |
I'm writing a CMS for the Gentoo website, that will offer an LDAP web |
4 |
interface, plus it will replace Gorg and provide Beacon as WYSIWYG editor to |
5 |
edit the XML files. |
6 |
|
7 |
This is going to be small but really important. Robin set up for me an LDAP |
8 |
instance in vulture for me, plus reviewed my cfengine patches for OpenLDAP, |
9 |
Django and the various depedencies, thanks a lot for this! I'm in the process |
10 |
of deploying the web application to the server, and will move development |
11 |
fully there. I plan to open it for a few people for more beta testing in the |
12 |
following week. There has also been some internal Infra discussion on whether |
13 |
to use multiple OUs (OU=users, OU=developers etc), without an agreement yet, |
14 |
but my code works either way. Also I need to expand our LDAP configs and add a |
15 |
few more groups there, like a user.group, and some other privileged groups |
16 |
like devrel, pr (currently we have only infra, recruiters and devrel I think). |
17 |
|
18 |
As for the development of the app itself, the past days I've been doing |
19 |
various bugfixing in the LDAP frontend and playing around with the UI mostly. |
20 |
It is very configurable, the admin can choose which LDAP values to print, and |
21 |
in which form (eg human readable: username / first name / last name OR keep the |
22 |
LDAP names: uid / givenName / sn). The user can view his own attributes or |
23 |
someone else's public attributes. A privileged user can see more attributes |
24 |
from other users, plus add/remove another user from some groups. There has |
25 |
been some ACL duplication here, but unfortunately there isn't a better way to |
26 |
do it at the moment. Robin proposed another long term solution: if we move our |
27 |
LDAP configs to the new cn=Config style, the app then could parse that config and |
28 |
generate the ACL accordingly to Django settings. It can't be done now though, |
29 |
since Infra needs to migrate LDAP to that style first, which I know it's going |
30 |
to be painful (I've done it already for a uni server about a year ago). I'm |
31 |
working on the UI of the edit view now, which is a generated form by the user |
32 |
profile model. Although it works (user can edit his data successfully, admins |
33 |
(eg infra/recruiters in Gentoo case) can edit other users' data as well), |
34 |
there has been some pain in printin nice the multivalued attributes of LDAP. |
35 |
Currently, the multivalued attrs are transfered to a TextField in the DB, and |
36 |
the values are separated with :: for easy split-desplit. With the help of Matt |
37 |
I wrote a form widget, but it still needs to look prettier when the user wants |
38 |
to add or delete a new value. |
39 |
|
40 |
Apart from the above, I've also started working in general on the UI, and the |
41 |
front page. Matt gave me some some CSS to plug in to my templates, but my |
42 |
overall goal would be to create an easy way to create new themes to the app, |
43 |
instead of having to touch the templates (should be easy in Django). The UI |
44 |
and the front page is what I'm going to do for the next few days, and then |
45 |
start working on the Beacon and XSLT/XML parts. Last but not least, I wrote an |
46 |
addressbook as a replacement to userinfo.xml. |
47 |
-- |
48 |
Theo Chatzimichos | blog.tampakrap.gr |
49 |
Gentoo KDE/Qt, Planet, Overlays |