[gentoo-soc] Okupy - Report #4

[gentoo-soc] Okupy - Report #4

[Theo Chatzimichos]

[-- Attachment #1: Type: text/plain, Size: 3149 bytes --]

Quick summary:

I'm writing a CMS for the Gentoo website, that will offer an LDAP web 
interface, plus it will replace Gorg and provide Beacon as WYSIWYG editor to 
edit the XML files.

This is going to be small but really important. Robin set up for me an LDAP 
instance in vulture for me, plus reviewed my cfengine patches for OpenLDAP, 
Django and the various depedencies, thanks a lot for this! I'm in the process 
of deploying the web application to the server, and will move development 
fully there. I plan to open it for a few people for more beta testing in the 
following week. There has also been some internal Infra discussion on whether 
to use multiple OUs (OU=users, OU=developers etc), without an agreement yet, 
but my code works either way. Also I need to expand our LDAP configs and add a 
few more groups there, like a user.group, and some other privileged groups 
like devrel, pr (currently we have only infra, recruiters and devrel I think).

As for the development of the app itself, the past days I've been doing 
various bugfixing in the LDAP frontend and playing around with the UI mostly. 
It is very configurable, the admin can choose which LDAP values to print, and 
in which form (eg human readable: username / first name / last name OR keep the 
LDAP names: uid / givenName / sn). The user can view his own attributes or 
someone else's public attributes. A privileged user can see more attributes 
from other users, plus add/remove another user from some groups. There has 
been some ACL duplication here, but unfortunately there isn't a better way to 
do it at the moment. Robin proposed another long term solution: if we move our 
LDAP configs to the new cn=Config style, the app then could parse that config and 
generate the ACL accordingly to Django settings. It can't be done now though, 
since Infra needs to migrate LDAP to that style first, which I know it's going 
to be painful (I've done it already for a uni server about a year ago). I'm 
working on the UI of the edit view now, which is a generated form by the user 
profile model. Although it works (user can edit his data successfully, admins 
(eg infra/recruiters in Gentoo case) can edit other users' data as well), 
there has been some pain in printin nice the multivalued attributes of LDAP. 
Currently, the multivalued attrs are transfered to a TextField in the DB, and 
the values are separated with :: for easy split-desplit. With the help of Matt 
I wrote a form widget, but it still needs to look prettier when the user wants 
to add or delete a new value.

Apart from the above, I've also started working in general on the UI, and the 
front page. Matt gave me some some CSS to plug in to my templates, but my 
overall goal would be to create an easy way to create new themes to the app, 
instead of having to touch the templates (should be easy in Django). The UI 
and the front page is what I'm going to do for the next few days, and then 
start working on the Beacon and XSLT/XML parts. Last but not least, I wrote an 
addressbook as a replacement to userinfo.xml.
-- 
Theo Chatzimichos | blog.tampakrap.gr
Gentoo KDE/Qt, Planet, Overlays

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]