diff --git a/setup/users_ldap_groups/odoo/addons/users_ldap_groups b/setup/users_ldap_groups/odoo/addons/users_ldap_groups new file mode 120000 index 0000000000..7b0b323ed2 --- /dev/null +++ b/setup/users_ldap_groups/odoo/addons/users_ldap_groups @@ -0,0 +1 @@ +../../../../users_ldap_groups \ No newline at end of file diff --git a/setup/users_ldap_groups/setup.py b/setup/users_ldap_groups/setup.py new file mode 100644 index 0000000000..28c57bb640 --- /dev/null +++ b/setup/users_ldap_groups/setup.py @@ -0,0 +1,6 @@ +import setuptools + +setuptools.setup( + setup_requires=['setuptools-odoo'], + odoo_addon=True, +) diff --git a/users_ldap_groups/README.rst b/users_ldap_groups/README.rst new file mode 100644 index 0000000000..dfb344485f --- /dev/null +++ b/users_ldap_groups/README.rst @@ -0,0 +1,108 @@ +====================== +LDAP groups assignment +====================== + +.. + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! This file is generated by oca-gen-addon-readme !! + !! changes will be overwritten. !! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! source digest: sha256:078a6ff3b7932f9af4da1b3af63e6b503dfbdb5026b3bbdcfee95372995c3ae2 + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png + :target: https://odoo-community.org/page/development-status + :alt: Beta +.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png + :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html + :alt: License: AGPL-3 +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github + :target: https://github.com/OCA/server-auth/tree/15.0/users_ldap_groups + :alt: OCA/server-auth +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png + :target: https://translation.odoo-community.org/projects/server-auth-15-0/server-auth-15-0-users_ldap_groups + :alt: Translate me on Weblate +.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png + :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=15.0 + :alt: Try me on Runboat + +|badge1| |badge2| |badge3| |badge4| |badge5| + +.. image:: https://img.shields.io/badge/license-AGPL--3-blue.png + :target: https://www.gnu.org/licenses/agpl + :alt: License: AGPL-3 + +Adds user accounts to groups based on rules defined by the administrator. + +**Table of contents** + +.. contents:: + :local: + +Usage +===== + +Define mappings in Settings / General Settings / Integrations / LDAP Authentication / LDAP Server + +Decide whether you want only groups mapped from LDAP (`Only LDAP groups` checked) or a mix of manually set groups and LDAP groups (`Only LDAP groups` unchecked). +Setting this to "no" will result in users never losing privileges when you remove them from a LDAP group, so that's a potential security issue. +It is still the default to prevent losing group information by accident. +If set to "Yes", you need to make sure each user has at least on of the "User types" groups + +For active directory, use LDAP attribute 'memberOf' and operator 'contains'. Fill in the DN of the windows group as value and choose an Odoo group users with this windows group are to be assigned to. + +For posix accounts, use operator 'query' and a value like:: + + (&(cn=bzr)(objectClass=posixGroup)(memberUid=$uid)) + +The operator query matches if the filter in value returns something, and value +can contain ``$attribute`` which will be replaced by the first value of the +user's LDAP record's attribute named `attribute`. + +Bug Tracker +=========== + +Bugs are tracked on `GitHub Issues `_. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us to smash it by providing a detailed and welcomed +`feedback `_. + +Do not contact contributors directly about support or help with technical issues. + +Credits +======= + +Authors +~~~~~~~ + +* Therp BV + +Contributors +~~~~~~~~~~~~ + +* Holger Brunn +* Giacomo Spettoli +* `CorporateHub `__ + + * Alexey Pelykh +* Tecnativa + + * João Marques +* Dhara Solanki + +Maintainers +~~~~~~~~~~~ + +This module is maintained by the OCA. + +.. image:: https://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: https://odoo-community.org + +OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use. + +This module is part of the `OCA/server-auth `_ project on GitHub. + +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. diff --git a/users_ldap_groups/__init__.py b/users_ldap_groups/__init__.py new file mode 100644 index 0000000000..4f6ad737fc --- /dev/null +++ b/users_ldap_groups/__init__.py @@ -0,0 +1,3 @@ +# Copyright 2012-2018 Therp BV +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from . import models diff --git a/users_ldap_groups/__manifest__.py b/users_ldap_groups/__manifest__.py new file mode 100644 index 0000000000..70388530eb --- /dev/null +++ b/users_ldap_groups/__manifest__.py @@ -0,0 +1,18 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# Copyright 2021 Tecnativa - João Marques +# Copyright 2023 Tecnativa - Carolina Fernandez +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +{ + "name": "LDAP groups assignment", + "version": "16.0.1.0.0", + "depends": ["auth_ldap"], + "author": "Therp BV, " "Odoo Community Association (OCA)", + "website": "https://github.com/OCA/server-auth", + "license": "AGPL-3", + "summary": "Adds user accounts to groups based on rules defined " + "by the administrator.", + "category": "Authentication", + "data": ["views/res_company_ldap_views.xml", "security/ir.model.access.csv"], + "external_dependencies": {"python": ["python-ldap"]}, +} diff --git a/users_ldap_groups/i18n/de.po b/users_ldap_groups/i18n/de.po new file mode 100644 index 0000000000..7f693fe40a --- /dev/null +++ b/users_ldap_groups/i18n/de.po @@ -0,0 +1,162 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2015-09-18 13:56+0000\n" +"Last-Translator: <>\n" +"Language-Team: German (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/de/)\n" +"Language: de\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Erstellt von" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Erstellt am:" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#, fuzzy +msgid "Last Modified on" +msgstr "Zuletzt aktualisiert am" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Zuletzt aktualisiert von" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Zuletzt aktualisiert am" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "" + +#. module: users_ldap_groups +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "" diff --git a/users_ldap_groups/i18n/es.po b/users_ldap_groups/i18n/es.po new file mode 100644 index 0000000000..f898aebacd --- /dev/null +++ b/users_ldap_groups/i18n/es.po @@ -0,0 +1,157 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2015-09-18 13:56+0000\n" +"Last-Translator: <>\n" +"Language-Team: Spanish (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/es/)\n" +"Language: es\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Creado por" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Creado en" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__display_name +msgid "Display Name" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator____last_update +#, fuzzy +msgid "Last Modified on" +msgstr "Última actualización en" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Última actualización de" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Última actualización en" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "" diff --git a/users_ldap_groups/i18n/fr.po b/users_ldap_groups/i18n/fr.po new file mode 100644 index 0000000000..19ae6fc047 --- /dev/null +++ b/users_ldap_groups/i18n/fr.po @@ -0,0 +1,172 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2018-12-12 19:58+0000\n" +"Last-Translator: Alexandre Fayolle \n" +"Language-Team: French (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/fr/)\n" +"Language: fr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n > 1;\n" +"X-Generator: Weblate 3.3\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Créé par" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Créé le" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Définir comment les groupes Odoo sont attribués aux utilisateurs LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Définition des opérations LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__display_name +msgid "Display Name" +msgstr "Nom affiché" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Tableau de conversion des groupes" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Si activé, les configuration manuelles de groupes sont annulées à chaque " +"connexion (et donc les groupes Odoo sont toujours synchrones avec les " +"groupes LDAP). Sinon, les affectations manuelles de groupes sont préservées." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "Attributs LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "Serveur LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator____last_update +msgid "Last Modified on" +msgstr "Dernière mise à jour le" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Dernière mise à jour par" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Dernière mise à jour le" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Conversions de groupes utilisateurs" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Groupe Odoo" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Uniquement les groupes LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Opérateur" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"L'attribut LDAP à vérifier.\n" +"Pour Active Directory, utiliser memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Groupe Odoo à assigner" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"L'opérateur à utiliser pour vérifier la valeur de l'attribut.\n" +"Pour Active Directory, utilisez 'contains'." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"La valeur à comparer à l'attribut.\n" +"Pour Active Directory, utilisez le dn du groupe souhaité." + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "Utilisateurs" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Valeur" + +#~ msgid "res.company.ldap" +#~ msgstr "res.company.ldap" + +#~ msgid "res.company.ldap.group_mapping" +#~ msgstr "res.company.ldap.group_mapping" diff --git a/users_ldap_groups/i18n/hr.po b/users_ldap_groups/i18n/hr.po new file mode 100644 index 0000000000..c247a647be --- /dev/null +++ b/users_ldap_groups/i18n/hr.po @@ -0,0 +1,156 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 10.0\n" +"Report-Msgid-Bugs-To: \n" +"PO-Revision-Date: 2019-11-13 17:34+0000\n" +"Last-Translator: Bole \n" +"Language-Team: none\n" +"Language: hr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" +"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n" +"X-Generator: Weblate 3.8\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Kreirao" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Kreirano" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Definiraj kako su Odoo grupe dodijeljene LDAP korisnicima" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definicija LDAP operacija" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__display_name +msgid "Display Name" +msgstr "Naziv" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mapiranje grupa" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__id +#, fuzzy +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "LDAP atribut" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "LDAP server" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator____last_update +msgid "Last Modified on" +msgstr "Zadnje modificirano" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Zadnje ažurirano" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "" diff --git a/users_ldap_groups/i18n/it.po b/users_ldap_groups/i18n/it.po new file mode 100644 index 0000000000..5adb3344d8 --- /dev/null +++ b/users_ldap_groups/i18n/it.po @@ -0,0 +1,179 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 14.0\n" +"Report-Msgid-Bugs-To: \n" +"PO-Revision-Date: 2023-01-18 13:45+0000\n" +"Last-Translator: Francesco Foresti \n" +"Language-Team: none\n" +"Language: it\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" +"X-Generator: Weblate 4.14.1\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "Configurazione LDAP azienda" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Creato da" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Creato il" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Indica come assegnare i gruppi Odoo agli utenti LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definizione delle operazioni LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_users__display_name +msgid "Display Name" +msgstr "Nome visualizzato" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mappature gruppi" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_users__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Se selezionata, le modifiche manuali di appartenenza a un gruppo vengono " +"annullate ad ogni accesso (in questo modo i gruppi Odoo restano sempre " +"sincronizzati con quelli LDAP). In caso contrario, vengono confermate." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "Attributo LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "Mappatura gruppi LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "Server LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_users____last_update +msgid "Last Modified on" +msgstr "Ultima modifica il" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Ultimo aggiornamento di" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Ultimo aggiornamento il" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Mappa gruppi utente" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Gruppo Odoo" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Solo gruppi LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Operatore" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"Attributo LDAP da controllare.\n" +"Per Active Directory utilizzare memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Il gruppo Odoo da assegnare" + +#. module: users_ldap_groups +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" +"Per l'utente creato è necessario indicare uno dei gruppi \"Tipologie utente/" +"\" (e solo uno)." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"Operatore di confronto tra attributo e valore\n" +"Per Active Directory utilizzare \"contiene\"" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"Valore di confronto per l'attributo.\n" +"Per Active Directory utilizzare il dn del gruppo desiderato" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "Utenti" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Valore" diff --git a/users_ldap_groups/i18n/pt_BR.po b/users_ldap_groups/i18n/pt_BR.po new file mode 100644 index 0000000000..01afef49b8 --- /dev/null +++ b/users_ldap_groups/i18n/pt_BR.po @@ -0,0 +1,176 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +# Armando Vulcano Junior , 2015 +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2022-02-01 20:33+0000\n" +"Last-Translator: Rodrigo Macedo \n" +"Language-Team: Portuguese (Brazil) (http://www.transifex.com/oca/" +"OCA-server-tools-8-0/language/pt_BR/)\n" +"Language: pt_BR\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n > 1;\n" +"X-Generator: Weblate 4.3.2\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "Configuração LDAP da empresa" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Criado por" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Criado em" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Define como grupos Odoo são atribuídos aos usuários LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definição de operações LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__display_name +msgid "Display Name" +msgstr "Exibir Nome" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mapeamento de Grupos" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__id +msgid "ID" +msgstr "Identificação" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Se esta opção for marcada, as alterações manuais para participação no grupo " +"são desfeitas em cada login (grupos para Odoo estão sempre em sincronia com " +"grupos LDAP). Se não, grupos adicionados manualmente serão preservados." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "Atributo LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "Mapeamento de grupo LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "Servidor LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator____last_update +msgid "Last Modified on" +msgstr "Última Modificação em" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Última atualização por" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Última atualização em" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Mapear Grupos de Usuários" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Grupo Odoo" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Apenas grupos ldap" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Operador" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"O atributo LDAP para checar\n" +"Para active directory, use memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Grupo Odoo para atribuir" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"O operador para verificar o atributo contra o valor\n" +"Para active directory, use 'contains'" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"O valor para verificar contra o atributo\n" +"Para active directory, use de dn do grupo desejado" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "Usuários" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Valor" + +#~ msgid "res.company.ldap" +#~ msgstr "res.company.ldap" + +#~ msgid "res.company.ldap.group_mapping" +#~ msgstr "res.company.ldap.group_mapping" + +#~ msgid "OpenERP group" +#~ msgstr "Grupo OpenERP" diff --git a/users_ldap_groups/i18n/sl.po b/users_ldap_groups/i18n/sl.po new file mode 100644 index 0000000000..95ee926de2 --- /dev/null +++ b/users_ldap_groups/i18n/sl.po @@ -0,0 +1,177 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +# Matjaž Mozetič , 2015 +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2020-04-13 16:19+0000\n" +"Last-Translator: Matjaz Mozetic \n" +"Language-Team: Slovenian (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/sl/)\n" +"Language: sl\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=4; plural=n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n" +"%100==4 ? 2 : 3;\n" +"X-Generator: Weblate 3.10\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Ustvaril" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Ustvarjeno" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Določi način dodeljevanja Odoo skupin LDAP uporabnikom" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definicija LDAP operacij" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__display_name +msgid "Display Name" +msgstr "Prikazani naziv" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mapiranja skupin" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Če označeno, so vse ročne spremembe članov skupin prezrte ob vsaki prijavi " +"(tako so Odoo skupine vedno sinhrone z LDAP skupinami). Če ni, se ročno " +"dodane skupine ohranijo." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "LDAP atribut" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "LDAP strežnik" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_operator____last_update +msgid "Last Modified on" +msgstr "Zadnjič spremenjeno" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Zadnji posodobil" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Zadnjič posodobljeno" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Mapiraj uporabniške skupine" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Odoo skupina" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Samo LDAP skupine" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Operater" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"LDAP atribut za preverjanje.\n" +"Za aktivni imenik uporabite memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Odoo skupina za dodelitev" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"Operater za primerjavo atributa z vrednostjo\n" +"za aktivni imenik, uporabite 'contains'" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"Vrednost za primerjavo atributa.\n" +"Za aktivni imenik uporabite dn željene skupine" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "Uporabniki" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Vrednost" + +#~ msgid "res.company.ldap" +#~ msgstr "res.company.ldap" + +#~ msgid "res.company.ldap.group_mapping" +#~ msgstr "res.company.ldap.group_mapping" + +#~ msgid "OpenERP group" +#~ msgstr "OpenERP skupine" diff --git a/users_ldap_groups/i18n/users_ldap_groups.pot b/users_ldap_groups/i18n/users_ldap_groups.pot new file mode 100644 index 0000000000..2825e27a33 --- /dev/null +++ b/users_ldap_groups/i18n/users_ldap_groups.pot @@ -0,0 +1,156 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 15.0\n" +"Report-Msgid-Bugs-To: \n" +"Last-Translator: \n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: \n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "" + +#. module: users_ldap_groups +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "Users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "" diff --git a/users_ldap_groups/models/__init__.py b/users_ldap_groups/models/__init__.py new file mode 100644 index 0000000000..0faa1aebc6 --- /dev/null +++ b/users_ldap_groups/models/__init__.py @@ -0,0 +1,5 @@ +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from . import res_company_ldap +from . import res_company_ldap_operator +from . import res_company_ldap_group_mapping +from . import res_users diff --git a/users_ldap_groups/models/res_company_ldap.py b/users_ldap_groups/models/res_company_ldap.py new file mode 100644 index 0000000000..0125181309 --- /dev/null +++ b/users_ldap_groups/models/res_company_ldap.py @@ -0,0 +1,72 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# Copyright 2021 Tecnativa - João Marques +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from logging import getLogger + +from odoo import _, api, fields, models +from odoo.exceptions import UserError + +_logger = getLogger(__name__) + + +class ResCompanyLdap(models.Model): + _inherit = "res.company.ldap" + + group_mapping_ids = fields.One2many( + "res.company.ldap.group_mapping", + "ldap_id", + "Group mappings", + help="Define how Odoo groups are assigned to LDAP users", + ) + only_ldap_groups = fields.Boolean( + "Only LDAP groups", + default=False, + help=( + "If this is checked, manual changes to group membership are " + "undone on every login (so Odoo groups are always synchronous " + "with LDAP groups). If not, manually added groups are preserved." + ), + ) + + @api.model + def _get_or_create_user(self, conf, login, ldap_entry): + op_obj = self.env["res.company.ldap.operator"] + user_id = super()._get_or_create_user(conf, login, ldap_entry) + if not user_id: + return user_id + this = self.browse(conf["id"]) + SudoUser = self.env["res.users"].sudo().with_context(no_reset_password=True) + user = SudoUser.browse(user_id) + essential_groups = [ + self.env.ref("base.group_user").id, + self.env.ref("base.group_portal").id, + self.env.ref("base.group_public").id, + ] + groups = [] + if this.only_ldap_groups: + _logger.debug("deleting all groups from user %d", user_id) + groups.append((5, False, False)) + for mapping in this.group_mapping_ids: + operator = getattr(op_obj, mapping.operator) + _logger.debug("checking mapping %s", mapping) + if operator(ldap_entry, mapping): + _logger.debug( + "adding user %d to group %s", + user, + mapping.group_id.name, + ) + groups.append((4, mapping.group_id.id, False)) + if ( + this.only_ldap_groups + and len([g[1] for g in groups if g[0] == 4 and g[1] in essential_groups]) + != 1 + ): + raise UserError( + _( + "The created user needs to have one (and only one) of the" + " 'User types /' groups defined." + ) + ) + user.write({"groups_id": groups}) + return user_id diff --git a/users_ldap_groups/models/res_company_ldap_group_mapping.py b/users_ldap_groups/models/res_company_ldap_group_mapping.py new file mode 100644 index 0000000000..f598aa2f81 --- /dev/null +++ b/users_ldap_groups/models/res_company_ldap_group_mapping.py @@ -0,0 +1,42 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from odoo import fields, models + + +class ResCompanyLdapGroupMapping(models.Model): + _name = "res.company.ldap.group_mapping" + _description = "LDAP group mapping" + _rec_name = "ldap_attribute" + _order = "ldap_attribute" + + ldap_id = fields.Many2one( + "res.company.ldap", + "LDAP server", + required=True, + ondelete="cascade", + ) + ldap_attribute = fields.Char( + "LDAP attribute", + help=("The LDAP attribute to check.\nFor active directory, use memberOf."), + ) + operator = fields.Selection( + lambda self: [ + (o, o) for o in self.env["res.company.ldap.operator"].operators() + ], + help=( + "The operator to check the attribute against the value\n" + "For active directory, use 'contains'" + ), + required=True, + ) + value = fields.Char( + help=( + "The value to check the attribute against.\n" + "For active directory, use the dn of the desired group" + ), + required=True, + ) + group_id = fields.Many2one( + "res.groups", "Odoo group", help="The Odoo group to assign", required=True + ) diff --git a/users_ldap_groups/models/res_company_ldap_operator.py b/users_ldap_groups/models/res_company_ldap_operator.py new file mode 100644 index 0000000000..2436754a0c --- /dev/null +++ b/users_ldap_groups/models/res_company_ldap_operator.py @@ -0,0 +1,41 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from logging import getLogger +from string import Template + +from odoo import api, models + +_logger = getLogger(__name__) + + +class ResCompanyLdapOperator(models.AbstractModel): + """Define operators for group mappings""" + + _name = "res.company.ldap.operator" + _description = "Definition op LDAP operations" + + @api.model + def operators(self): + """Return names of function to call on this model as operator""" + return ("contains", "equals", "query") + + def contains(self, ldap_entry, mapping): + return mapping.ldap_attribute in ldap_entry[1] and mapping.value in map( + lambda x: x.decode(), ldap_entry[1][mapping.ldap_attribute] + ) + + def equals(self, ldap_entry, mapping): + return mapping.ldap_attribute in ldap_entry[1] and mapping.value == str( + list(map(lambda x: x.decode(), ldap_entry[1][mapping.ldap_attribute])) + ) + + def query(self, ldap_entry, mapping): + query_string = Template(mapping.value).safe_substitute( + {attr: ldap_entry[1][attr][0].decode() for attr in ldap_entry[1]} + ) + + results = mapping.ldap_id._query(mapping.ldap_id.read()[0], query_string) + _logger.debug('Performed LDAP query "%s" results: %s', query_string, results) + + return bool(results) diff --git a/users_ldap_groups/models/res_users.py b/users_ldap_groups/models/res_users.py new file mode 100644 index 0000000000..9853cd5b7e --- /dev/null +++ b/users_ldap_groups/models/res_users.py @@ -0,0 +1,27 @@ +# Copyright 2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from odoo import SUPERUSER_ID, api, models, registry + + +class ResUsers(models.Model): + _inherit = "res.users" + + @classmethod + def _login(cls, db, login, password, user_agent_env): + user_id = super()._login(db, login, password, user_agent_env) + if not user_id: + return user_id + with registry(db).cursor() as cr: + env = api.Environment(cr, SUPERUSER_ID, {}) + user = env["res.users"].browse(user_id) + # check if this user came from ldap, rerun get_or_create_user in + # this case to apply ldap groups if necessary + ldaps = user.company_id.ldaps + if user.active and any(ldaps.mapped("only_ldap_groups")): + for conf in ldaps._get_ldap_dicts(): + entry = ldaps._authenticate(conf, login, password) + if entry: + ldaps._get_or_create_user(conf, login, entry) + break + return user_id diff --git a/users_ldap_groups/readme/CONTRIBUTORS.rst b/users_ldap_groups/readme/CONTRIBUTORS.rst new file mode 100644 index 0000000000..0e9fe1f10d --- /dev/null +++ b/users_ldap_groups/readme/CONTRIBUTORS.rst @@ -0,0 +1,10 @@ +* Holger Brunn +* Giacomo Spettoli +* `CorporateHub `__ + + * Alexey Pelykh +* Tecnativa + + * João Marques + * Carolina Fernandez +* Dhara Solanki diff --git a/users_ldap_groups/readme/DESCRIPTION.rst b/users_ldap_groups/readme/DESCRIPTION.rst new file mode 100644 index 0000000000..9ba486422d --- /dev/null +++ b/users_ldap_groups/readme/DESCRIPTION.rst @@ -0,0 +1,5 @@ +.. image:: https://img.shields.io/badge/license-AGPL--3-blue.png + :target: https://www.gnu.org/licenses/agpl + :alt: License: AGPL-3 + +Adds user accounts to groups based on rules defined by the administrator. diff --git a/users_ldap_groups/readme/USAGE.rst b/users_ldap_groups/readme/USAGE.rst new file mode 100644 index 0000000000..7929de595a --- /dev/null +++ b/users_ldap_groups/readme/USAGE.rst @@ -0,0 +1,16 @@ +Define mappings in Settings / General Settings / Integrations / LDAP Authentication / LDAP Server + +Decide whether you want only groups mapped from LDAP (`Only LDAP groups` checked) or a mix of manually set groups and LDAP groups (`Only LDAP groups` unchecked). +Setting this to "no" will result in users never losing privileges when you remove them from a LDAP group, so that's a potential security issue. +It is still the default to prevent losing group information by accident. +If set to "Yes", you need to make sure each user has at least on of the "User types" groups + +For active directory, use LDAP attribute 'memberOf' and operator 'contains'. Fill in the DN of the windows group as value and choose an Odoo group users with this windows group are to be assigned to. + +For posix accounts, use operator 'query' and a value like:: + + (&(cn=bzr)(objectClass=posixGroup)(memberUid=$uid)) + +The operator query matches if the filter in value returns something, and value +can contain ``$attribute`` which will be replaced by the first value of the +user's LDAP record's attribute named `attribute`. diff --git a/users_ldap_groups/security/ir.model.access.csv b/users_ldap_groups/security/ir.model.access.csv new file mode 100644 index 0000000000..796730224c --- /dev/null +++ b/users_ldap_groups/security/ir.model.access.csv @@ -0,0 +1,2 @@ +id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink +access_res_company_ldap_groups,res_company_ldap_groups,model_res_company_ldap_group_mapping,base.group_system,1,1,1,1 diff --git a/users_ldap_groups/static/description/icon.png b/users_ldap_groups/static/description/icon.png new file mode 100644 index 0000000000..3a0328b516 Binary files /dev/null and b/users_ldap_groups/static/description/icon.png differ diff --git a/users_ldap_groups/static/description/index.html b/users_ldap_groups/static/description/index.html new file mode 100644 index 0000000000..bb543fca1f --- /dev/null +++ b/users_ldap_groups/static/description/index.html @@ -0,0 +1,450 @@ + + + + + + +LDAP groups assignment + + + +
+

LDAP groups assignment

+ + +

Beta License: AGPL-3 OCA/server-auth Translate me on Weblate Try me on Runboat

+License: AGPL-3 +

Adds user accounts to groups based on rules defined by the administrator.

+

Table of contents

+ +
+

Usage

+

Define mappings in Settings / General Settings / Integrations / LDAP Authentication / LDAP Server

+

Decide whether you want only groups mapped from LDAP (Only LDAP groups checked) or a mix of manually set groups and LDAP groups (Only LDAP groups unchecked). +Setting this to “no” will result in users never losing privileges when you remove them from a LDAP group, so that’s a potential security issue. +It is still the default to prevent losing group information by accident. +If set to “Yes”, you need to make sure each user has at least on of the “User types” groups

+

For active directory, use LDAP attribute ‘memberOf’ and operator ‘contains’. Fill in the DN of the windows group as value and choose an Odoo group users with this windows group are to be assigned to.

+

For posix accounts, use operator ‘query’ and a value like:

+
+(&(cn=bzr)(objectClass=posixGroup)(memberUid=$uid))
+
+

The operator query matches if the filter in value returns something, and value +can contain $attribute which will be replaced by the first value of the +user’s LDAP record’s attribute named attribute.

+
+
+

Bug Tracker

+

Bugs are tracked on GitHub Issues. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us to smash it by providing a detailed and welcomed +feedback.

+

Do not contact contributors directly about support or help with technical issues.

+
+
+

Credits

+
+

Authors

+
    +
  • Therp BV
    • +
+
+
+

Contributors

+ +
+
+

Maintainers

+

This module is maintained by the OCA.

+Odoo Community Association +

OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use.

+

This module is part of the OCA/server-auth project on GitHub.

+

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

+
+
+
+ + diff --git a/users_ldap_groups/tests/__init__.py b/users_ldap_groups/tests/__init__.py new file mode 100644 index 0000000000..4aae447e0e --- /dev/null +++ b/users_ldap_groups/tests/__init__.py @@ -0,0 +1,2 @@ +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from . import test_users_ldap_groups diff --git a/users_ldap_groups/tests/test_users_ldap_groups.py b/users_ldap_groups/tests/test_users_ldap_groups.py new file mode 100644 index 0000000000..9d505ecfa6 --- /dev/null +++ b/users_ldap_groups/tests/test_users_ldap_groups.py @@ -0,0 +1,227 @@ +# Copyright 2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from contextlib import contextmanager +from unittest import mock + +from odoo.exceptions import UserError +from odoo.tests.common import TransactionCase + +_auth_ldap_ns = "odoo.addons.auth_ldap" +_company_ldap_class = _auth_ldap_ns + ".models.res_company_ldap.CompanyLDAP" + + +@contextmanager +def mock_cursor(cr): + with mock.patch("odoo.sql_db.Connection.cursor") as mocked_cursor_call: + org_close = cr.close + org_autocommit = cr.autocommit + try: + cr.close = mock.Mock() + cr.autocommit = mock.Mock() + cr.commit = mock.Mock() + mocked_cursor_call.return_value = cr + yield + finally: + cr.close = org_close + cr.autocommit = org_autocommit + + +class FakeLdapConnection(object): + def __init__(self, entries): + self.entries = entries + + def simple_bind_s(self, dn, passwd): + pass + + def search_st(self, dn, scope, ldap_filter, attributes, timeout): + if dn in self.entries: + return [(dn, dict(self.entries[dn]))] + return [] + + def unbind(self): + pass + + def unbind_s(self): + pass + + def __getattr__(self, name): + def wrapper(): + raise Exception("'%s' is not mocked" % name) + + return wrapper + + +class TestUsersLdapGroups(TransactionCase): + def setUp(self): + super().setUp() + self.group_system = self.env.ref("base.group_system") + self.group_user = self.env.ref("base.group_user") + self.group_contains = self.env["res.groups"].create({"name": "contains"}) + self.group_equals = self.env["res.groups"].create({"name": "equals"}) + self.group_query = self.env["res.groups"].create({"name": "query"}) + + def _create_ldap_config(self, groups, only_ldap_groups=False, cr=None): + vals = { + "company": self.env.ref("base.main_company").id, + "ldap_base": "dc=users_ldap_groups,dc=example,dc=com", + "ldap_filter": "(uid=%s)", + "ldap_binddn": "cn=bind,dc=example,dc=com", + "create_user": True, + "only_ldap_groups": only_ldap_groups, + "group_mapping_ids": [(0, 0, group) for group in groups], + } + return self.env["res.company.ldap"].create(vals) + + def test_users_ldap_groups_only_true(self): + self._create_ldap_config( + groups=[ + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello3", + "group_id": self.group_system.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello", + "group_id": self.group_user.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello2", + "group_id": self.group_contains.id, + }, + { + "ldap_attribute": "name", + "operator": "equals", + "value": "hello", + "group_id": self.group_equals.id, + }, + { + "ldap_attribute": "", + "operator": "query", + "value": "is not run because of patching", + "group_id": self.group_query.id, + }, + ], + only_ldap_groups=True, + ) + # _login does its work in a new cursor, so we need to mock it + with mock.patch( + _company_ldap_class + "._connect", + return_value=FakeLdapConnection( + { + "dc=users_ldap_groups,dc=example,dc=com": { + "cn": [b"User Name"], + "name": [b"hello", b"hello2"], + } + } + ), + ), mock_cursor(self.cr): + user_id = ( + self.env["res.users"] + .sudo() + .authenticate( + self.env.cr.dbname, "users_ldap_groups-username", "password", {} + ) + ) + # this asserts group mappings from demo data + user = self.env["res.users"].sudo().browse(user_id) + groups = user.groups_id + self.assertIn(self.group_contains, groups) + self.assertIn(self.group_user, groups) + self.assertNotIn(self.group_equals, groups) + self.assertIn(self.group_query, groups) + self.assertNotIn(self.group_system, groups) + + def test_users_ldap_groups_only_false(self): + self._create_ldap_config( + groups=[ + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello2", + "group_id": self.group_contains.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello", + "group_id": self.group_equals.id, + }, + ], + only_ldap_groups=False, + ) + with mock.patch( + _company_ldap_class + "._connect", + return_value=FakeLdapConnection( + { + "dc=users_ldap_groups,dc=example,dc=com": { + "cn": [b"User Name"], + "name": [b"hello", b"hello2"], + } + } + ), + ), mock_cursor(self.cr): + user_id = ( + self.env["res.users"] + .sudo() + .authenticate( + self.env.cr.dbname, "users_ldap_groups-username", "password", {} + ) + ) + # this asserts group mappings from demo data + user = self.env["res.users"].sudo().browse(user_id) + groups = user.groups_id + self.assertIn(self.group_contains, groups) + self.assertIn(self.group_equals, groups) + self.assertGreater(len(groups), 2) # user should keep default groups + + def _test_users_ldap_groups_not_user_type(self): + self._create_ldap_config( + groups=[ + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello3", + "group_id": self.group_system.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello2", + "group_id": self.group_contains.id, + }, + { + "ldap_attribute": "name", + "operator": "equals", + "value": "hello", + "group_id": self.group_equals.id, + }, + { + "ldap_attribute": "", + "operator": "query", + "value": "is not run because of patching", + "group_id": self.group_query.id, + }, + ], + only_ldap_groups=True, + ) + with mock.patch( + _company_ldap_class + "._connect", + return_value=FakeLdapConnection( + { + "dc=users_ldap_groups,dc=example,dc=com": { + "cn": [b"User Name"], + "name": [b"hello", b"hello2"], + } + } + ), + ), mock_cursor(self.cr): + with self.assertRaises(UserError): + self.env["res.users"].sudo().authenticate( + self.env.cr.dbname, "users_ldap_groups-username", "password", {} + ) diff --git a/users_ldap_groups/views/res_company_ldap_views.xml b/users_ldap_groups/views/res_company_ldap_views.xml new file mode 100644 index 0000000000..579ba7f19e --- /dev/null +++ b/users_ldap_groups/views/res_company_ldap_views.xml @@ -0,0 +1,32 @@ + + + + + res.company.ldap.form + res.company.ldap + + + + + + + + + +