compat zope-2.12
[GroupUserFolder.git] / dtml / GRUF_users.zpt
1 <h1 tal:replace="structure here/manage_page_header">Header</h1>
2 <h2 tal:define="manage_tabs_message options/manage_tabs_message | nothing"
3 tal:replace="structure here/manage_tabs">Tabs</h2>
4
5 <h4>Users sources</h4>
6 <ol>
7 <table cellspacing="10" width="90%" tal:define="groups here/getGroups">
8 <tr tal:repeat="source here/listUserSourceFolders">
9 <th class="list-header">Users source #<span tal:replace="repeat/source/number">1</span></th>
10 <td bgcolor="#EEEEEE" tal:condition="source/isValid"
11 tal:define="meta_type source/acl_users/meta_type|nothing;
12 title_or_id source/acl_users/title|meta_type;">
13 <img src=""
14 tal:attributes="src source/acl_users/icon;
15 title meta_type">
16 &nbsp;
17 <a href=""
18 tal:attributes="
19 href string:${source/acl_users/absolute_url}/manage_workspace;
20 title meta_type"
21 tal:content="title_or_id">Title</a>
22 <tal:block condition="not:source/isEnabled">
23 <font color="red"><i>(disabled)</i></font>
24 </tal:block>
25 </td>
26 <td bgcolor="#EEEEEE" tal:condition="not:source/isValid">
27 <font color="red"><strong><i>(invalid or broken)</i></strong></font>
28 </td>
29 </tr>
30 </table>
31 </ol>
32
33 <tal:block
34 tal:condition="not: search_userid"
35 tal:define="global search_userid request/search_userid|nothing"
36 >
37 <tal:block tal:define="global users here/getPureUsers">
38 </tal:block>
39 </tal:block>
40 <tal:block tal:condition="search_userid">
41 <tal:block
42 tal:define="
43 uid search_userid;
44 global users python:[ here.getUser(uid) for uid in here.searchUsersById(uid) if uid ];
45 ">
46 </tal:block>
47 </tal:block>
48
49 <h4>Search</h4>
50 <ol>
51 <div
52 tal:define="have_users python: len(users);">
53 <div class="list-item" tal:condition="python: not have_users and not search_userid">
54 No user available. This happens either if you have no users defined or if
55 the underlying UserFolder cannot retreive the entire users list (for example, LDAPUserFolder
56 is limited in results size).
57 </div>
58 <div class="list-item">
59 Some more users may be available but do not show up there.. This happens if
60 the underlying UserFolder cannot retreive the entire users list (for example,
61 LDAPUserFolder is limited in results size and will return only cached users).
62 </div>
63 <div class="list-item">
64 You can search users giving part of their id with this form.
65 </div>
66 <div>
67 <form action="" tal:attributes="action template/absolute_url">
68 <b>User name:</b>
69 <input name="search_userid" type="text" tal:attributes="value search_userid" />
70 <input type="submit" value="Search" />
71 </form>
72 </div>
73 </div>
74 </ol>
75
76 <h4 tal:condition="not: search_userid">Users management</h4>
77 <h4 tal:condition="search_userid">Search results</h4>
78 <form action="" method="POST" tal:attributes="action request/URL1">
79 <ol>
80 <div tal:condition="python: not users and search_userid">
81 No user found.
82 </div>
83 <table cellspacing="10" width="90%">
84 <tr>
85 <!-- Users selection -->
86 <td valign="top">
87 <table bgcolor="#EEEEEE" width="100%">
88 <tr class="list-header" tal:condition="users">
89 <th>&nbsp;</th>
90 <th>User</th>
91 <th class="list-header">Member <br>of groups</th>
92 <th class="list-header">Implicitly <br>member of*</th>
93 <th class="list-header">Has roles</th>
94 <th class="list-header">Implicitly <br>has roles**</th>
95 </tr>
96
97 <tr
98 tal:repeat="user users"
99 class=""
100 tal:attributes="class python:test(path('repeat/user/odd'), 'row-hilite', 'row-normal')"
101 >
102 <div tal:condition="user"
103 tal:omit-tag=""
104 x:comment="We ignore empty/invalid users"
105 >
106 <div tal:define="
107 label_groups python:user.getGroups();
108 label_groups_no_recurse python:user.getGroups(no_recurse = 1);
109 label_groups_recurse python:filter(lambda x: x not in label_groups_no_recurse, label_groups);
110 groups_no_recurse python:map(lambda x: here.getUser(x), label_groups_no_recurse);
111 groups_recurse python:map(lambda x: here.getUser(x), label_groups_recurse);
112 roles python:filter(lambda x: x not in ('Authenticated', 'Shared'), user.getRoles());
113 roles_no_recurse python:filter(lambda x: x not in ('Authenticated', 'Shared'), user.getUserRoles());
114 roles_recurse python:filter(lambda x: x not in roles_no_recurse, roles);"
115 tal:omit-tag="">
116 <td><div class="list-item"><input type="checkbox" name="users:list" value="" tal:attributes="value user"></td>
117 <td>
118 <div class="list-item">
119 <img src="img_user" />
120 <strong tal:content="structure user/asHTML">
121 </strong>
122 </td>
123 <td class="list-item">
124 <span tal:repeat="group groups_no_recurse" >
125 <span tal:replace="structure group/asHTML"></span><span tal:condition="not:repeat/group/end">, </span>
126 </span>
127 </td>
128 <td class="list-item">
129 <span tal:repeat="group groups_recurse" >
130 <span tal:replace="structure python:group.asHTML(implicit=1)"></span><span tal:condition="not:repeat/group/end">, </span>
131 </span>
132 </td>
133 <td class="list-item">
134 <div class="list-item">
135 <span tal:repeat="role roles_no_recurse" >
136 <font color=""
137 tal:attributes="color here/role_color">
138 <span tal:replace="role"></span><span tal:condition="not:repeat/role/end">, </span>
139 </font>
140 </span>
141 </div>
142 </td>
143 <td class="list-item">
144 <div class="list-item">
145 <span tal:repeat="role roles_recurse" >
146 <font color=""
147 tal:attributes="color here/role_color">
148 <i><span tal:replace="role"></span></i><span tal:condition="not:repeat/role/end">, </span>
149 </font>
150 </span>
151 </div>
152 </td>
153 </div>
154 </div>
155 </tr>
156 <tr>
157 <td colspan="5">
158 <input type="submit" name="deleteUsers:method" value="Delete" /><br />
159 You can also change group / roles with the form below.
160 </td>
161 </tr>
162 </table>
163
164
165 <div tal:condition="python: not search_userid"
166 tal:define="have_users python: len(users);">
167 <div class="list-item" tal:condition="not: have_users">
168 No user available. This happens either if you have no users defined or if
169 the underlying UserFolder cannot retreive the entire users list (for example, LDAPUserFolder
170 is limited in results size).<br />
171 Use the above search form to search for specific users.
172 </div>
173 </div>
174 </ol>
175
176 <!-- New user -->
177 <h4>User creation</h4>
178 <ol>
179 <table>
180 <tr>
181 <td><div class="list-item">&nbsp;</div></td>
182 <td>
183 <div class="list-item">Batch user creation list:</div>
184 </td>
185 </tr>
186 <tr>
187 <td><div class="list-item">&nbsp;</div></td>
188 <td>
189 <div class="list-item">
190 <textarea name="new_users:lines" cols="20" rows="3"></textarea>
191 </div>
192 </td>
193 <td colspan="4">
194 <div class="list-item" valign="top">
195 Newly created users will be affected groups and roles according to the table below.
196 </div>
197 </td>
198 </tr>
199 <tr>
200 <td><div class="list-item">&nbsp;</div></td>
201 <td>
202 <div class="list-item">Default password:</div>
203 </td>
204 </tr>
205 <tr>
206 <td><div class="list-item">&nbsp;</div></td>
207 <td>
208 <div class="list-item">
209 <input name="default_password:string" size="20" />
210 </div>
211 </td>
212 <td colspan="4">
213 <div class="list-item">
214 Fill in this field to specify a default password for new users,
215 or leave it empty to let GRUF generate random ones.
216 </div>
217 </td>
218 </tr>
219 <tr>
220 <td colspan="2" align="center">
221 <input type="submit" name="changeOrCreateUsers:method" value="Create" />
222 </td>
223 </tr>
224 </table>
225 </ol>
226
227
228 <h4>Roles / groups management</h4>
229 <ol>
230 <table>
231 <tr>
232 <td align="center">
233 <div class="list-item">
234 Select one or more users in the upper table, select one or more groups / roles in the table below
235 and click "Change" to affect groups / roles to these users.
236 </div>
237 </td>
238 </tr>
239 <tr>
240 <td valign="top" align="center" colspan="6">
241 <table bgcolor="#EEEEEE">
242 <tr>
243 <td valign="top">
244 <!-- Groups selection -->
245 <table width="100%">
246 <tr class="list-header">
247 <th colspan="2">Affect groups</th>
248 </tr>
249
250 <tr tal:repeat="group here/getGroups">
251 <td>
252 <input type="checkbox" name="groups:list" value="" tal:attributes="value group">
253 </td>
254 <td>
255 <div class="list-item" tal:content="structure group/asHTML"></div>
256 </td>
257 </tr>
258
259 <!-- "(None)" item -->
260 <tr>
261 <td><div class="list-item"><input type="checkbox" name="nested_groups:list" value="__None__"></div></td>
262 <td><div class="list-item"><i>(None)</i></div></td>
263 </tr>
264 </table>
265 </td>
266 <td valign="top">
267 <!-- Roles selection -->
268 <table width="100%">
269 <tr class="list-header">
270 <th colspan="2">Affect roles</th>
271 </tr>
272
273 <tr tal:repeat="role here/valid_roles">
274 <td tal:condition="python:role not in ('Authenticated', 'Anonymous', 'Shared')">
275 <input type="checkbox" name="roles:list" value="" tal:attributes="value role">
276 </td>
277 <td tal:condition="python:role not in ('Authenticated', 'Anonymous', 'Shared')">
278 <div class="list-item"><font color="" tal:attributes="color here/role_color" tal:content="role">Role</font></div>
279 </td>
280 </tr>
281
282 <!-- "(None)" item -->
283 <tr>
284 <td><div class="list-item"><input type="checkbox" name="roles:list" value="__None__"></div></td>
285 <td><div class="list-item"><i>(None)</i></div></td>
286 </tr>
287 </table>
288 </td>
289 </tr>
290 <tr>
291 <td colspan="2" align="middle"><input type="submit" name="changeOrCreateUsers:method" value="Change" /></td>
292 </table>
293 </td>
294 </tr>
295 </table>
296
297 <p class="form-help">
298 If you do not select a role, roles won't be reset for the selected users.<br />
299 If you do not select a group, groups won't be reset for the selected users.<br />
300 To explicitly reset groups or roles, just click the "(None)" entry (and no other entry).
301 </p>
302
303 <p class="form-help">
304 * According to the groups inheritance, this group is also recursively member of these groups. <br />This is what we call nested groups.
305 </p>
306 <p class="form-help">
307 ** Accorded to the groups inheritance, this group also has these roles - even if they are not defined explicitly on it.
308 </p>
309
310 </ol>
311 </form>
312
313
314 <h4>Instructions</h4>
315 <ol>
316 <p class="form-help">
317 To change roles for one or several users, select them in the left form,
318 select the roles you want to give them and the groups they belong to in the forms on the right and click "Change".<br />
319 You can also create one or several users by filling the text area (one user per line).
320 The "Change" button will create them with the roles and group affectation you've selected.
321 A random password will be generated for them, and it will be shown in a page so that you can click/paste them somewhere.<br />
322 If you want to kill some users, you can delete them by selecting them and clicking the "Delete" button.
323 </p>
324 </ol>
325
326 <h4>Important notice / disclaimer</h4>
327
328 <ol>
329 <p class="form-help">
330 This form uses the regular Zope Security API from the underlying user folders. However, you may experience problems with some
331 of them, especially if they are not tuned to allow user adding. For example, an LDAPUserFolder can be configured to disable
332 users management. In case this form doesn't work, you'll have to do things by hand within the 'Users' and 'Groups' GRUF folders.
333 </p>
334
335 <p class="form-help">
336 This is not a GRUF limitation ! :-)
337 </p>
338 </ol>
339
340 <h1 tal:replace="structure here/manage_page_footer">Footer</h1>