AC-156. Expose user_ldap_fields via API config to indicate which fields should not be editableon LDAP users. Add ldap_dn attribute to user record, prevent changing any LDAP-managed fields on LDAP users.

2026-03-06 11:11:07 -03:30 · 2013-09-10 03:28:52 -04:00
parent 106023e530
commit c0ea2527ec
7 changed files with 499 additions and 2 deletions
--- a/awx/main/fields.py
+++ b/awx/main/fields.py
@@ -0,0 +1,39 @@
+# Copyright (c) 2013 AnsibleWorks, Inc.
+# All Rights Reserved.
+
+# Django
+from django.db import models
+from django.db.models.fields.related import SingleRelatedObjectDescriptor
+
+# South
+from south.modelsinspector import add_introspection_rules
+
+__all__ = ['AutoOneToOneField']
+
+# Based on AutoOneToOneField from django-annoying:
+# https://bitbucket.org/offline/django-annoying/src/a0de8b294db3/annoying/fields.py
+
+class AutoSingleRelatedObjectDescriptor(SingleRelatedObjectDescriptor):
+    """Descriptor for access to the object from its related class."""
+
+    def __get__(self, instance, instance_type=None):
+        try:
+            return super(AutoSingleRelatedObjectDescriptor,
+                         self).__get__(instance, instance_type)
+        except self.related.model.DoesNotExist:
+            obj = self.related.model(**{self.related.field.name: instance})
+            if self.related.field.rel.parent_link:
+                for f in instance._meta.local_fields:
+                    setattr(obj, f.name, getattr(instance, f.name))
+            obj.save()
+            return obj
+
+class AutoOneToOneField(models.OneToOneField):
+    """OneToOneField that creates related object if it doesn't exist."""
+
+    def contribute_to_related_class(self, cls, related):
+        setattr(cls, related.get_accessor_name(),
+                AutoSingleRelatedObjectDescriptor(related))
+
+add_introspection_rules([([AutoOneToOneField], [], {})],
+                        [r'^awx\.main\.fields\.AutoOneToOneField'])