From 4f63b72274f5207d754c265831619fb3fa444dcc Mon Sep 17 00:00:00 2001
From: Guillaume GILL <guillaume.gill@smile.fr>
Date: Sun, 26 Nov 2017 23:14:46 +0100
Subject: [PATCH] Add plugin configuration and inprove README

---
 README.md                                     | 67 +++++++------------
 octoprint_auth_ldap/__init__.py               | 60 +++++++++++++++--
 octoprint_auth_ldap/templates/settings.jinja2 | 23 +++++++
 3 files changed, 103 insertions(+), 47 deletions(-)
 create mode 100644 octoprint_auth_ldap/templates/settings.jinja2

diff --git a/README.md b/README.md
index efd1b6e..4e7b336 100644
--- a/README.md
+++ b/README.md
@@ -1,57 +1,40 @@
-OctoPrint Plugin Skeleton
+OctoPrint LDAP auth Plugin
 =========================
 
-This is a basic plugin skeleton that you can use as a basis for your own OctoPrint plugin.
+This plugin allow users to be connected using an LDAP server.
+This system works 
 
-You can copy the files to a folder of your choice, or just clone this repository, renaming it in the process. Then 
-modify ``setup.py`` to fit your plugin, rename ``octoprint_skeleton`` accordingly and finally implement your plugin 
-under ``octoprint_<plugin identifier>``.
+#### Details
 
-Example Usage
--------------
+When you try to login, OctoPrint search for user in this local database (users.yaml)
+- If it found a user, check if this user exists also on LDAP
+- If user exists on LDAP, use LDAP bind() to check login / password
+- If user not exists on LDAP, use native password system to check it
 
-Clone your repository into a new development directory and rename ``octoprint_skeleton``:
+======================================
 
-    git clone https://github.com/OctoPrint/OctoPrint-PluginSkeleton OctoPrint-MyNewPlugin
-    cd OctoPrint-MyNewPlugin
-    mv octoprint_skeleton octoprint_mynewplugin
+- If it not found a user in local database, try to connect directly on LDAP
+- If login on LDAP il OK, a new local user is added with role "user" and a random password (password should never be used)
+- User is connected
 
-Modify `setup.py`'s `plugin_<xyz>` settings so that they match your plugin, e.g.:
+======================================
 
-``` python
-plugin_identifier = "mynewplugin"
-plugin_name = "OctoPrint-MyNewPlugin"
-plugin_version = "1.0"
-plugin_description = "Awesome plugin that does something"
-plugin_author = "You"
-plugin_author_email = "you@somewhere.net"
-plugin_url = "https://github.com/you/OctoPrint-MyNewPlugin"
-```
-
-Then implement your plugin under ``octoprint_mynewplugin`` (don't forget to adjust ``__init__.py``!), e.g.:
+- An admin (default user for exemple), could change a user permissions or account state.
+- Password of LDAP users can't be changed
 
-``` python
-# coding=utf-8
-from __future__ import absolute_import
+#### Configuration
 
-import octoprint.plugin
+You could configure LDAP server in plugin config, or manually in config.yaml
 
-class HelloWorldPlugin(octoprint.plugin.StartupPlugin):
-    def on_after_startup(self):
-        self._logger.info("Hello World!")
-        
-__plugin_name__ = "Hello World"
-__plugin_implementation__ = HelloWorldPlugin()
+```
+accessControl:
+  ldap_uri: ldaps://ldap.server.com/
+  ldap_tls_reqcert: demand
+  ldap_search_base: dc=server,dc=com
 ```
 
-Test it (e.g. via ``python setup.py develop``). If everything works, write a nice ``README.md``, replacing the existing one.
-Commit your code, then push it to your plugin's repository (this assumes you already created it on Github as
-``you/OctoPrint-MyNewPlugin``), e.g.:
+#### Installation
 
-    git commit -a -m "Initial commit of MyNewPlugin"
-    git remote set-url origin git@github.com:you/OctoPrint-MyNewPlugin.git
-    git push -u origin master
+You can install it using ```pip install https://github.com/malnvenshorn/OctoPrint-FilamentManager/archive/master.zip```
 
-Congratulations, you are now the proud maintainer of a new OctoPrint plugin! :) Don't forget to add an entry to the
-[wiki](https://github.com/foosel/OctoPrint/wiki#plugins) once it's suitable for general consumption, so that others
-may find it!
+Or with plugin manager into OctoPrint
diff --git a/octoprint_auth_ldap/__init__.py b/octoprint_auth_ldap/__init__.py
index e8f13de..8fa8da3 100644
--- a/octoprint_auth_ldap/__init__.py
+++ b/octoprint_auth_ldap/__init__.py
@@ -1,13 +1,17 @@
 # coding=utf-8
 from __future__ import absolute_import
 
+import octoprint.plugin
 from octoprint.users import FilebasedUserManager, User
 from octoprint.settings import settings
 import ldap
 import uuid
 
 
-class LDAPUserManager(FilebasedUserManager):
+class LDAPUserManager(FilebasedUserManager,
+                      octoprint.plugin.SettingsPlugin,
+                      octoprint.plugin.TemplatePlugin):
+
     #Login phase :
     #  - findUser called, if it return a user
     #    - chaeckPassword called, if it return True
@@ -114,14 +118,60 @@ class LDAPUserManager(FilebasedUserManager):
 
         return connection
 
-def ldap_user_factory(components, settings, *args, **kwargs):
-    return LDAPUserManager();
+    # Softwareupdate hook
+
+    def get_update_information(self):
+        return dict(
+            filamentmanager=dict(
+                displayName="Auth LDAP",
+                displayVersion=self._plugin_version,
+
+                # version check: github repository
+                type="github_release",
+                user="gillg",
+                repo="OctoPrint-LDAP",
+                current=self._plugin_version,
+
+                # update method: pip
+                pip="https://github.com/gillg/OctoPrint-LDAP/archive/{target_version}.zip"
+            )
+        )
+
+    # UserManager hook
+
+    def ldap_user_factory(components, settings, *args, **kwargs):
+        return LDAPUserManager()
+
+    # SettingsPlugin
+
+    def get_settings_defaults(self):
+        return dict(
+            accessControl=dict(
+                ldap_uri=None,
+                ldap_tls_reqcert='demand',
+                ldap_search_base=None
+            )
+        )
+
+    # TemplatePlugin
+
+    def get_template_configs(self):
+        return [
+            dict(type="settings", template="settings.jinja2")
+        ]
+
 
 __plugin_name__ = "Auth LDAP"
-__plugin_version__ = "1.0.0"
 
 def __plugin_load__():
+    global __plugin_implementation__
+    __plugin_implementation__ = LDAPUserManager()
+
     global __plugin_hooks__
     __plugin_hooks__ = {
-        "octoprint.users.factory": ldap_user_factory
+        "octoprint.users.factory": __plugin_implementation__.ldap_user_factory,
+        "octoprint.plugin.softwareupdate.check_config": __plugin_implementation__.get_update_information,
     }
+
+
+#@TODO Command clean LDAP users deleted
diff --git a/octoprint_auth_ldap/templates/settings.jinja2 b/octoprint_auth_ldap/templates/settings.jinja2
new file mode 100644
index 0000000..05aa8b1
--- /dev/null
+++ b/octoprint_auth_ldap/templates/settings.jinja2
@@ -0,0 +1,23 @@
+<div class="pull-right">
+    <button class="btn btn-small" title="{{ _('Plugin Configuration') }}" data-bind="click: function() { showSettingsDialog(); }"><span class="icon-wrench"></span></button>
+</div>
+
+<h3>{{ _("LDAP configuration") }}</h3>
+
+<form class="form-horizontal">
+    <label for="plugin_ldap_uri" class="control-label">{{ _('LDAP URI') }}</label>
+    <div class="controls">
+        <input id="plugin_ldap_uri" type="text" class="input-block-level" data-bind="value: settings.accessControl.ldap_uri"
+               placeholder="ldaps://ldap.server.com" />
+    </div>
+
+    <label for="plugin_ldap_tls_reqcert" class="control-label">{{ _('TLS check cert') }}</label>
+    <div class="controls">
+        <input id="plugin_ldap_tls_reqcert" type="text" class="input-block-level" data-bind="value: settings.accessControl.ldap_tls_reqcert"/>
+    </div>
+
+    <label for="plugin_ldap_search_base" class="control-label">{{ _('Search base pattern') }}</label>
+    <div class="controls">
+        <input id="plugin_ldap_search_base" type="text" class="input-block-level" data-bind="value: settings.accessControl.ldap_search_base"/>
+    </div>
+</form>