diff --git a/src/lac/idm/forms.py b/src/lac/idm/forms.py index c878e15..816efe6 100644 --- a/src/lac/idm/forms.py +++ b/src/lac/idm/forms.py @@ -37,7 +37,9 @@ class GroupCreateForm(forms.Form): cn = forms.CharField(label="Gruppenname", max_length=100) description = forms.CharField(label="Beschreibung", max_length=100, required=False) defaultGroup = forms.BooleanField(label="Standardgruppe (Von nun an werden neu erstellte Nutzer dieser Gruppe hinzugefügt)", required=False, widget=forms.CheckboxInput) + nextcloud_groupfolder = forms.BooleanField(label="Nextcloud-Gruppenordner", required=False, widget=forms.CheckboxInput) class GroupEditForm(forms.Form): description = forms.CharField(label="Beschreibung", max_length=100, required=False) defaultGroup = forms.BooleanField(label="Standardgruppe (Von nun an werden neu erstellte Nutzer dieser Gruppe hinzugefügt)", required=False, widget=forms.CheckboxInput) + nextcloud_groupfolder = forms.BooleanField(label="Nextcloud-Gruppenordner", required=False, widget=forms.CheckboxInput) diff --git a/src/lac/idm/views.py b/src/lac/idm/views.py index 3924191..6cc6aed 100644 --- a/src/lac/idm/views.py +++ b/src/lac/idm/views.py @@ -12,6 +12,7 @@ from django.contrib.admin.views.decorators import staff_member_required from django.conf import settings import idm.challenges +import unix.unix_scripts.unix as unix def signal_handler(context, user, request, exception, **kwargs): @@ -200,6 +201,8 @@ def create_group(request): if form.is_valid(): group_information = form.cleaned_data message = ldap_create_group(group_information) + if form.cleaned_data.get("nextcloud_groupfolder", False): + message = unix.create_nextcloud_groupfolder(group_information["cn"]) if message == None: cn = group_information.get("cn", "") message = f"Gruppe '{cn}' erfolgreich erstellt!" @@ -224,6 +227,10 @@ def edit_group(request, cn): if form.is_valid(): group_information = form.cleaned_data message = ldap_update_group(cn, group_information) + if form.cleaned_data.get("nextcloud_groupfolder", False) and not unix.nextcloud_groupfolder_exists(cn): + message = unix.create_nextcloud_groupfolder(cn) + if form.cleaned_data.get("nextcloud_groupfolder", False) == False and unix.nextcloud_groupfolder_exists(cn): + message = "Nextcloud-Gruppenordner wird nicht gelöscht (evtl. wichtige Daten enthalten), bitte manuell im Nextcloud-Admin-Interface löschen." if message == None: message = f"Änderungen erfolgreich gespeichert!" else: @@ -231,6 +238,7 @@ def edit_group(request, cn): form_data = form.cleaned_data form = GroupEditForm() if form_data != {}: + form_data["nextcloud_groupfolder"] = unix.nextcloud_groupfolder_exists(cn) form = GroupEditForm(form_data) return render(request, "idm/admin/edit_group.html", {"form": form, "message": message, "cn": cn}) diff --git a/src/lac/unix/unix_scripts/unix.py b/src/lac/unix/unix_scripts/unix.py index 7e4a8ff..13a4c17 100644 --- a/src/lac/unix/unix_scripts/unix.py +++ b/src/lac/unix/unix_scripts/unix.py @@ -1000,4 +1000,43 @@ def is_libre_workspace_update_available(): else: cached_libre_workspace_update_available = None cached_libre_workspace_update_available_time = time.time() - return cached_libre_workspace_update_available \ No newline at end of file + return cached_libre_workspace_update_available + + +# We implement no automatic delete function for the groupfolders, +# because in them could be important data of the users. +# The admin has to remove the groupfolders manually in the nextcloud web interface. +def create_nextcloud_groupfolder(group): + # If we are not running as root, return + if os.getuid() != 0: + return "Error: You should run this function as root. In development mode this is okay for now." + # If nextcloud is not available, return + if not is_nextcloud_available(): + return "Error: Nextcloud is not available. Please install Nextcloud first." + + # Example for groupname test: + # sudo -u www-data php /var/www/nextcloud/occ groupfolder:create test -> returns 1 as groupfolder_id + # sudo -u www-data php /var/www/nextcloud/occ groupfolder:group 1 test read + # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test write + # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test create + # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test share + # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test delte + groupfolder_id = subprocess.getoutput(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolder:create {group}").strip() + # if groupfolder_id is not numeric, then the groupfolder was not created + if not groupfolder_id.isnumeric(): + return groupfolder_id + os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolder:group {groupfolder_id} {group} read") + os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} write") + os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} create") + os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} share") + os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} delete") + + +def nextcloud_groupfolder_exists(group): + # Check if the groupfolder exists + if not is_nextcloud_available(): + return False + # If we are not running as root, return + if os.getuid() != 0: + return False + return os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolder:list | grep -q {group}") == 0 \ No newline at end of file