1 |
Quick summary: |
2 |
|
3 |
I'm writing a CMS for the Gentoo website, that will offer an LDAP web |
4 |
interface, plus it will replace Gorg and provide Beacon as WYSIWYG editor to |
5 |
edit the XML file |
6 |
|
7 |
There were some serious bugs in the edit account page. The ACL is very complex |
8 |
there, since there are public attributes (accessed by everyone), semi-private |
9 |
attributes (accessed by the user only and the admins (eg. birthday)), and |
10 |
private ones (accessed only by admins). Keep in mind that everything is |
11 |
configurable, but there is some duplication between the Django and LDAP ACL, |
12 |
since there is no easy way to parse the LDAP slapd.conf yet, we need to |
13 |
migrate our infra to cn=config first, which is a not easy long term task. The |
14 |
bug was not in the LDAP part, remember that the user changes his/others' (in |
15 |
case he has the right privs) attributes with his own account, not by using a |
16 |
global admin account. The bug was in the Django part, where the system |
17 |
expected to be able to change some data, and weird error messages/exceptions |
18 |
were thrown out. Unfortunately this is not complete yet, it needs more |
19 |
investigation in order to ensure we are not opening any security holes here. |
20 |
The good news is that I tested with our current official configuration, and |
21 |
various tweaks on it, and seems to perform fine. Plus, it seems ready for the |
22 |
improvements I intend to do (for adding regular users in LDAP etc). |
23 |
|
24 |
I was also able to plug in some CSS/JS written by my mentor. It is just some |
25 |
preliminary work, nothing complete yet, we'll need more help on this, |
26 |
especially from people with some experience in web design stuff. |
27 |
|
28 |
Beacon didn't work out as expected. It became too complex, consisting of lots |
29 |
of JS and XSLT, for reading the XML files and printing them. It even stores |
30 |
accounts in its own DB to keep track of the documents that users edit. This |
31 |
was way out of our needs, we just need the WYSIWYG part only and plug it in in |
32 |
a separate web app. Obviously in its current state it is not a workable |
33 |
solution without significant additional effort. What we could do for now is to |
34 |
split some parts of its code, like the python scripts for converting XML to |
35 |
HTML and the opposite, which is also not an easy task. |
36 |
|
37 |
I must admit that I am really happy that the GSoC is coming to its end, and |
38 |
the real fun begins :) |
39 |
-- |
40 |
Theo Chatzimichos | blog.tampakrap.gr |
41 |
Gentoo KDE/Qt, Planet, Overlays |