diff --git a/pandoc-3.3-1-amd64.deb b/pandoc-3.3-1-amd64.deb new file mode 100644 index 0000000000..65e9c2d900 Binary files /dev/null and b/pandoc-3.3-1-amd64.deb differ diff --git a/requirements.txt b/requirements.txt index 302ba0e988..72eb0562e8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,3 +3,4 @@ email_validator lxml pysaml2 python-jose +python-ldap diff --git a/users_ldap_groups/README.rst b/users_ldap_groups/README.rst new file mode 100644 index 0000000000..a28ea3ac34 --- /dev/null +++ b/users_ldap_groups/README.rst @@ -0,0 +1,121 @@ +====================== +LDAP groups assignment +====================== + +.. + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! This file is generated by oca-gen-addon-readme !! + !! changes will be overwritten. !! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! source digest: sha256:d741e51e8d17d7122fd4374a69489e4db2820a4d90fb574b69929717946658ba + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png + :target: https://odoo-community.org/page/development-status + :alt: Beta +.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png + :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html + :alt: License: AGPL-3 +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github + :target: https://github.com/OCA/server-auth/tree/17.0/users_ldap_groups + :alt: OCA/server-auth +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png + :target: https://translation.odoo-community.org/projects/server-auth-17-0/server-auth-17-0-users_ldap_groups + :alt: Translate me on Weblate +.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png + :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=17.0 + :alt: Try me on Runboat + +|badge1| |badge2| |badge3| |badge4| |badge5| + +|License: AGPL-3| + +Adds user accounts to groups based on rules defined by the +administrator. + +.. |License: AGPL-3| image:: https://img.shields.io/badge/license-AGPL--3-blue.png + :target: https://www.gnu.org/licenses/agpl + +**Table of contents** + +.. contents:: + :local: + +Usage +===== + +Define mappings in Settings / General Settings / Integrations / LDAP +Authentication / LDAP Server + +Decide whether you want only groups mapped from LDAP (Only LDAP groups +checked) or a mix of manually set groups and LDAP groups (Only LDAP +groups unchecked). Setting this to "no" will result in users never +losing privileges when you remove them from a LDAP group, so that's a +potential security issue. It is still the default to prevent losing +group information by accident. If set to "Yes", you need to make sure +each user has at least on of the "User types" groups + +For active directory, use LDAP attribute 'memberOf' and operator +'contains'. Fill in the DN of the windows group as value and choose an +Odoo group users with this windows group are to be assigned to. + +For posix accounts, use operator 'query' and a value like: + +:: + + (&(cn=bzr)(objectClass=posixGroup)(memberUid=$uid)) + +The operator query matches if the filter in value returns something, and +value can contain ``$attribute`` which will be replaced by the first +value of the user's LDAP record's attribute named attribute. + +Bug Tracker +=========== + +Bugs are tracked on `GitHub Issues `_. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us to smash it by providing a detailed and welcomed +`feedback `_. + +Do not contact contributors directly about support or help with technical issues. + +Credits +======= + +Authors +------- + +* Therp BV + +Contributors +------------ + +- Holger Brunn +- Giacomo Spettoli +- `CorporateHub `__ + + - Alexey Pelykh + +- Tecnativa + + - João Marques + - Carolina Fernandez + +- Dhara Solanki + +Maintainers +----------- + +This module is maintained by the OCA. + +.. image:: https://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: https://odoo-community.org + +OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use. + +This module is part of the `OCA/server-auth `_ project on GitHub. + +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. diff --git a/users_ldap_groups/__init__.py b/users_ldap_groups/__init__.py new file mode 100644 index 0000000000..4f6ad737fc --- /dev/null +++ b/users_ldap_groups/__init__.py @@ -0,0 +1,3 @@ +# Copyright 2012-2018 Therp BV +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from . import models diff --git a/users_ldap_groups/__manifest__.py b/users_ldap_groups/__manifest__.py new file mode 100644 index 0000000000..f201856e4f --- /dev/null +++ b/users_ldap_groups/__manifest__.py @@ -0,0 +1,19 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# Copyright 2021 Tecnativa - João Marques +# Copyright 2023 Tecnativa - Carolina Fernandez +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). + +{ + "name": "LDAP groups assignment", + "version": "17.0.1.0.0", + "depends": ["auth_ldap"], + "author": "Therp BV, " "Odoo Community Association (OCA)", + "website": "https://github.com/OCA/server-auth", + "license": "AGPL-3", + "summary": "Adds user accounts to groups based on rules defined " + "by the administrator.", + "category": "Authentication", + "data": ["views/res_company_ldap_views.xml", "security/ir.model.access.csv"], + "external_dependencies": {"python": ["python-ldap"]}, +} diff --git a/users_ldap_groups/i18n/de.po b/users_ldap_groups/i18n/de.po new file mode 100644 index 0000000000..a34ba89029 --- /dev/null +++ b/users_ldap_groups/i18n/de.po @@ -0,0 +1,163 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2015-09-18 13:56+0000\n" +"Last-Translator: <>\n" +"Language-Team: German (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/de/)\n" +"Language: de\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Erstellt von" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Erstellt am:" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +#, fuzzy +msgid "Last Modified on" +msgstr "Zuletzt aktualisiert am" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Zuletzt aktualisiert von" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Zuletzt aktualisiert am" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "" diff --git a/users_ldap_groups/i18n/es.po b/users_ldap_groups/i18n/es.po new file mode 100644 index 0000000000..f7e73cb1d9 --- /dev/null +++ b/users_ldap_groups/i18n/es.po @@ -0,0 +1,175 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2023-10-15 19:36+0000\n" +"Last-Translator: Ivorra78 \n" +"Language-Team: Spanish (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/es/)\n" +"Language: es\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" +"X-Generator: Weblate 4.17\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "Configuración LDAP de la Compañía" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Creado por" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Creado en" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Definir cómo se asignan los grupos de Odoo a los usuarios LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definición de las operaciones LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "Mostrar Nombre" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Asignaciones de grupos" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Si esta marcada, los cambios manuales en la pertenencia a un grupo se " +"deshacen en cada inicio de sesión (por lo que los grupos de Odoo están " +"siempre sincronizados con los grupos LDAP). Si no, los grupos añadidos " +"manualmente se conservan." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "Atributo LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "Asignación de grupos LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "Servidor LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "Última Modificación el" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Última actualización de" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Última actualización en" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Mapa de grupos de usuarios" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Grupo Odoo" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Sólo grupos LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Operador" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"El atributo LDAP a comprobar.\n" +"En ActiveDirectory, use \"memberOf\"." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "El grupo Odoo a asignar" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" +"El usuario creado necesita tener definido uno (y sólo uno) de los grupos " +"'Tipos de usuario /'." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"El operador para cotejar el atributo con el valor\n" +"Para active directory, utilice 'contains" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"El valor con el que se comprobará el atributo.\n" +"Para active directory, utilice el dn del grupo deseado" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "Usuario" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Valor" diff --git a/users_ldap_groups/i18n/fr.po b/users_ldap_groups/i18n/fr.po new file mode 100644 index 0000000000..722b7ec78c --- /dev/null +++ b/users_ldap_groups/i18n/fr.po @@ -0,0 +1,181 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2018-12-12 19:58+0000\n" +"Last-Translator: Alexandre Fayolle \n" +"Language-Team: French (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/fr/)\n" +"Language: fr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n > 1;\n" +"X-Generator: Weblate 3.3\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Créé par" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Créé le" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Définir comment les groupes Odoo sont attribués aux utilisateurs LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Définition des opérations LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "Nom affiché" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Tableau de conversion des groupes" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Si activé, les configuration manuelles de groupes sont annulées à chaque " +"connexion (et donc les groupes Odoo sont toujours synchrones avec les " +"groupes LDAP). Sinon, les affectations manuelles de groupes sont préservées." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "Attributs LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "Serveur LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "Dernière mise à jour le" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Dernière mise à jour par" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Dernière mise à jour le" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Conversions de groupes utilisateurs" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Groupe Odoo" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Uniquement les groupes LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Opérateur" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"L'attribut LDAP à vérifier.\n" +"Pour Active Directory, utiliser memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Groupe Odoo à assigner" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"L'opérateur à utiliser pour vérifier la valeur de l'attribut.\n" +"Pour Active Directory, utilisez 'contains'." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"La valeur à comparer à l'attribut.\n" +"Pour Active Directory, utilisez le dn du groupe souhaité." + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Valeur" + +#~ msgid "Users" +#~ msgstr "Utilisateurs" + +#~ msgid "res.company.ldap" +#~ msgstr "res.company.ldap" + +#~ msgid "res.company.ldap.group_mapping" +#~ msgstr "res.company.ldap.group_mapping" diff --git a/users_ldap_groups/i18n/hr.po b/users_ldap_groups/i18n/hr.po new file mode 100644 index 0000000000..721c9c610f --- /dev/null +++ b/users_ldap_groups/i18n/hr.po @@ -0,0 +1,162 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 10.0\n" +"Report-Msgid-Bugs-To: \n" +"PO-Revision-Date: 2019-11-13 17:34+0000\n" +"Last-Translator: Bole \n" +"Language-Team: none\n" +"Language: hr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" +"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n" +"X-Generator: Weblate 3.8\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Kreirao" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Kreirano" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Definiraj kako su Odoo grupe dodijeljene LDAP korisnicima" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definicija LDAP operacija" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "Naziv" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mapiranje grupa" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +#, fuzzy +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "LDAP atribut" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "LDAP server" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "Zadnje modificirano" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Zadnje ažurirano" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "" diff --git a/users_ldap_groups/i18n/it.po b/users_ldap_groups/i18n/it.po new file mode 100644 index 0000000000..897502b939 --- /dev/null +++ b/users_ldap_groups/i18n/it.po @@ -0,0 +1,174 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 14.0\n" +"Report-Msgid-Bugs-To: \n" +"PO-Revision-Date: 2024-01-03 14:33+0000\n" +"Last-Translator: mymage \n" +"Language-Team: none\n" +"Language: it\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" +"X-Generator: Weblate 4.17\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "Configurazione LDAP azienda" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Creato da" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Creato il" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Indica come assegnare i gruppi Odoo agli utenti LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definizione delle operazioni LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "Nome visualizzato" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mappature gruppi" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Se selezionata, le modifiche manuali di appartenenza a un gruppo vengono " +"annullate ad ogni accesso (in questo modo i gruppi Odoo restano sempre " +"sincronizzati con quelli LDAP). In caso contrario, vengono confermate." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "Attributo LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "Mappatura gruppi LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "Server LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "Ultima modifica il" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Ultimo aggiornamento di" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Ultimo aggiornamento il" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Mappa gruppi utente" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Gruppo Odoo" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Solo gruppi LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Operatore" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"Attributo LDAP da controllare.\n" +"Per Active Directory utilizzare memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Il gruppo Odoo da assegnare" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" +"Per l'utente creato è necessario indicare uno dei gruppi \"Tipologie utente/" +"\" (e solo uno)." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"Operatore di confronto tra attributo e valore\n" +"Per Active Directory utilizzare \"contiene\"" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"Valore di confronto per l'attributo.\n" +"Per Active Directory utilizzare il dn del gruppo desiderato" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "Utente" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Valore" + +#~ msgid "Users" +#~ msgstr "Utenti" diff --git a/users_ldap_groups/i18n/pt_BR.po b/users_ldap_groups/i18n/pt_BR.po new file mode 100644 index 0000000000..b387f3a8bf --- /dev/null +++ b/users_ldap_groups/i18n/pt_BR.po @@ -0,0 +1,188 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +# Armando Vulcano Junior , 2015 +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2024-05-22 02:02+0000\n" +"Last-Translator: Rodrigo Macedo \n" +"Language-Team: Portuguese (Brazil) (http://www.transifex.com/oca/" +"OCA-server-tools-8-0/language/pt_BR/)\n" +"Language: pt_BR\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n > 1;\n" +"X-Generator: Weblate 4.17\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "Configuração LDAP da empresa" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Criado por" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Criado em" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Define como grupos Odoo são atribuídos aos usuários LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definição de operações LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "Exibir Nome" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mapeamento de Grupos" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "Identificação" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Se esta opção for marcada, as alterações manuais para participação no grupo " +"são desfeitas em cada login (grupos para Odoo estão sempre em sincronia com " +"grupos LDAP). Se não, grupos adicionados manualmente serão preservados." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "Atributo LDAP" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "Mapeamento de grupo LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "Servidor LDAP" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "Última Modificação em" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Última atualização por" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Última atualização em" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Mapear Grupos de Usuários" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Grupo Odoo" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Apenas grupos ldap" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Operador" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"O atributo LDAP para checar\n" +"Para active directory, use memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Grupo Odoo para atribuir" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" +"O usuário criado precisa ter um (e apenas um) dos grupos 'Tipos de usuário/' " +"definidos." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"O operador para verificar o atributo contra o valor\n" +"Para active directory, use 'contains'" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"O valor para verificar contra o atributo\n" +"Para active directory, use de dn do grupo desejado" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "Usuário" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Valor" + +#~ msgid "Users" +#~ msgstr "Usuários" + +#~ msgid "res.company.ldap" +#~ msgstr "res.company.ldap" + +#~ msgid "res.company.ldap.group_mapping" +#~ msgstr "res.company.ldap.group_mapping" + +#~ msgid "OpenERP group" +#~ msgstr "Grupo OpenERP" diff --git a/users_ldap_groups/i18n/sl.po b/users_ldap_groups/i18n/sl.po new file mode 100644 index 0000000000..53a28d9f69 --- /dev/null +++ b/users_ldap_groups/i18n/sl.po @@ -0,0 +1,186 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +# Translators: +# Matjaž Mozetič , 2015 +msgid "" +msgstr "" +"Project-Id-Version: server-tools (8.0)\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2015-09-29 11:14+0000\n" +"PO-Revision-Date: 2020-04-13 16:19+0000\n" +"Last-Translator: Matjaz Mozetic \n" +"Language-Team: Slovenian (http://www.transifex.com/oca/OCA-server-tools-8-0/" +"language/sl/)\n" +"Language: sl\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=4; plural=n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n" +"%100==4 ? 2 : 3;\n" +"X-Generator: Weblate 3.10\n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "Ustvaril" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "Ustvarjeno" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "Določi način dodeljevanja Odoo skupin LDAP uporabnikom" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "Definicija LDAP operacij" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "Prikazani naziv" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "Mapiranja skupin" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "ID" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" +"Če označeno, so vse ročne spremembe članov skupin prezrte ob vsaki prijavi " +"(tako so Odoo skupine vedno sinhrone z LDAP skupinami). Če ni, se ročno " +"dodane skupine ohranijo." + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "LDAP atribut" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "LDAP strežnik" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "Zadnjič spremenjeno" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "Zadnji posodobil" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "Zadnjič posodobljeno" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "Mapiraj uporabniške skupine" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "Odoo skupina" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "Samo LDAP skupine" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "Operater" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" +"LDAP atribut za preverjanje.\n" +"Za aktivni imenik uporabite memberOf." + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "Odoo skupina za dodelitev" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" +"Operater za primerjavo atributa z vrednostjo\n" +"za aktivni imenik, uporabite 'contains'" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" +"Vrednost za primerjavo atributa.\n" +"Za aktivni imenik uporabite dn željene skupine" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "Vrednost" + +#~ msgid "Users" +#~ msgstr "Uporabniki" + +#~ msgid "res.company.ldap" +#~ msgstr "res.company.ldap" + +#~ msgid "res.company.ldap.group_mapping" +#~ msgstr "res.company.ldap.group_mapping" + +#~ msgid "OpenERP group" +#~ msgstr "OpenERP skupine" diff --git a/users_ldap_groups/i18n/users_ldap_groups.pot b/users_ldap_groups/i18n/users_ldap_groups.pot new file mode 100644 index 0000000000..92ba196581 --- /dev/null +++ b/users_ldap_groups/i18n/users_ldap_groups.pot @@ -0,0 +1,157 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * users_ldap_groups +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 16.0\n" +"Report-Msgid-Bugs-To: \n" +"Last-Translator: \n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: \n" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap +msgid "Company LDAP configuration" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_uid +msgid "Created by" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__create_date +msgid "Created on" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Define how Odoo groups are assigned to LDAP users" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_operator +msgid "Definition op LDAP operations" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__display_name +msgid "Display Name" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__group_mapping_ids +msgid "Group mappings" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__id +msgid "ID" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "" +"If this is checked, manual changes to group membership are undone on every " +"login (so Odoo groups are always synchronous with LDAP groups). If not, " +"manually added groups are preserved." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "LDAP attribute" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_company_ldap_group_mapping +msgid "LDAP group mapping" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_id +msgid "LDAP server" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping____last_update +msgid "Last Modified on" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_uid +msgid "Last Updated by" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__write_date +msgid "Last Updated on" +msgstr "" + +#. module: users_ldap_groups +#: model_terms:ir.ui.view,arch_db:users_ldap_groups.view_ldap_installer_form +msgid "Map User Groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "Odoo group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap__only_ldap_groups +msgid "Only LDAP groups" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "Operator" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__ldap_attribute +msgid "" +"The LDAP attribute to check.\n" +"For active directory, use memberOf." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__group_id +msgid "The Odoo group to assign" +msgstr "" + +#. module: users_ldap_groups +#. odoo-python +#: code:addons/users_ldap_groups/models/res_company_ldap.py:0 +#, python-format +msgid "" +"The created user needs to have one (and only one) of the 'User types /' " +"groups defined." +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__operator +msgid "" +"The operator to check the attribute against the value\n" +"For active directory, use 'contains'" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,help:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "" +"The value to check the attribute against.\n" +"For active directory, use the dn of the desired group" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model,name:users_ldap_groups.model_res_users +msgid "User" +msgstr "" + +#. module: users_ldap_groups +#: model:ir.model.fields,field_description:users_ldap_groups.field_res_company_ldap_group_mapping__value +msgid "Value" +msgstr "" diff --git a/users_ldap_groups/models/__init__.py b/users_ldap_groups/models/__init__.py new file mode 100644 index 0000000000..0faa1aebc6 --- /dev/null +++ b/users_ldap_groups/models/__init__.py @@ -0,0 +1,5 @@ +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from . import res_company_ldap +from . import res_company_ldap_operator +from . import res_company_ldap_group_mapping +from . import res_users diff --git a/users_ldap_groups/models/res_company_ldap.py b/users_ldap_groups/models/res_company_ldap.py new file mode 100644 index 0000000000..6fcf160aa7 --- /dev/null +++ b/users_ldap_groups/models/res_company_ldap.py @@ -0,0 +1,72 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# Copyright 2021 Tecnativa - João Marques +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from logging import getLogger + +from odoo import _, api, fields, models +from odoo.exceptions import UserError + +_logger = getLogger(__name__) + + +class ResCompanyLdap(models.Model): + _inherit = "res.company.ldap" + + group_mapping_ids = fields.One2many( + "res.company.ldap.group_mapping", + "ldap_id", + "Group mappings", + help="Define how Odoo groups are assigned to LDAP users", + ) + only_ldap_groups = fields.Boolean( + "Only LDAP groups", + default=False, + help=( + "If this is checked, manual changes to group membership are " + "undone on every login (so Odoo groups are always synchronous " + "with LDAP groups). If not, manually added groups are preserved." + ), + ) + + @api.model + def _get_or_create_user(self, conf, login, ldap_entry): + op_obj = self.env["res.company.ldap.operator"] + user_id = super()._get_or_create_user(conf, login, ldap_entry) + if not user_id: + return user_id + this = self.browse(conf["id"]) + SudoUser = self.env["res.users"].sudo().with_context(no_reset_password=True) + user = SudoUser.browse(user_id) + essential_groups = [ + self.env.ref("base.group_user").id, + self.env.ref("base.group_portal").id, + self.env.ref("base.group_public").id, + ] + groups = [] + if this.only_ldap_groups: + _logger.debug("deleting all groups from user %d", user_id) + groups.append((5, False, False)) + for mapping in this.group_mapping_ids: + operator = getattr(op_obj, f"_{mapping.operator}") + _logger.debug("checking mapping %s", mapping) + if operator(ldap_entry, mapping): + _logger.debug( + "adding user %d to group %s", + user, + mapping.group_id.name, + ) + groups.append((4, mapping.group_id.id, False)) + if ( + this.only_ldap_groups + and len([g[1] for g in groups if g[0] == 4 and g[1] in essential_groups]) + != 1 + ): + raise UserError( + _( + "The created user needs to have one (and only one) of the" + " 'User types /' groups defined." + ) + ) + user.write({"groups_id": groups}) + return user_id diff --git a/users_ldap_groups/models/res_company_ldap_group_mapping.py b/users_ldap_groups/models/res_company_ldap_group_mapping.py new file mode 100644 index 0000000000..f598aa2f81 --- /dev/null +++ b/users_ldap_groups/models/res_company_ldap_group_mapping.py @@ -0,0 +1,42 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from odoo import fields, models + + +class ResCompanyLdapGroupMapping(models.Model): + _name = "res.company.ldap.group_mapping" + _description = "LDAP group mapping" + _rec_name = "ldap_attribute" + _order = "ldap_attribute" + + ldap_id = fields.Many2one( + "res.company.ldap", + "LDAP server", + required=True, + ondelete="cascade", + ) + ldap_attribute = fields.Char( + "LDAP attribute", + help=("The LDAP attribute to check.\nFor active directory, use memberOf."), + ) + operator = fields.Selection( + lambda self: [ + (o, o) for o in self.env["res.company.ldap.operator"].operators() + ], + help=( + "The operator to check the attribute against the value\n" + "For active directory, use 'contains'" + ), + required=True, + ) + value = fields.Char( + help=( + "The value to check the attribute against.\n" + "For active directory, use the dn of the desired group" + ), + required=True, + ) + group_id = fields.Many2one( + "res.groups", "Odoo group", help="The Odoo group to assign", required=True + ) diff --git a/users_ldap_groups/models/res_company_ldap_operator.py b/users_ldap_groups/models/res_company_ldap_operator.py new file mode 100644 index 0000000000..b801ec1dab --- /dev/null +++ b/users_ldap_groups/models/res_company_ldap_operator.py @@ -0,0 +1,59 @@ +# Copyright 2012-2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +import base64 +from logging import getLogger +from string import Template + +from odoo import api, models + +_logger = getLogger(__name__) + + +class ResCompanyLdapOperator(models.AbstractModel): + """Define operators for group mappings""" + + _name = "res.company.ldap.operator" + _description = "Definition op LDAP operations" + + @api.model + def operators(self): + """Return names (without '_') of function to call on this model as operator""" + return ("contains", "equals", "query") + + def _contains(self, ldap_entry, mapping): + return mapping.ldap_attribute in ldap_entry[1] and mapping.value in map( + lambda x: x.decode(), ldap_entry[1][mapping.ldap_attribute] + ) + + def _equals(self, ldap_entry, mapping): + return mapping.ldap_attribute in ldap_entry[1] and mapping.value == str( + list(map(lambda x: x.decode(), ldap_entry[1][mapping.ldap_attribute])) + ) + + def _query(self, ldap_entry, mapping): + query_string = Template(mapping.value).safe_substitute( + { + attr: self.safe_ldap_decode(ldap_entry[1][attr][0]) + for attr in ldap_entry[1] + } + ) + + results = mapping.ldap_id._query(mapping.ldap_id.read()[0], query_string) + _logger.debug('Performed LDAP query "%s" results: %s', query_string, results) + + return bool(results) + + def safe_ldap_decode(self, attr): + """Safe LDAP decode; Base64 encode attributes containing binary data. + Binary data can be stored in Active Directory, e.g., thumbnailPhoto is + stored as binary. As Str.decoce() cannot handle binary, this method + Base64 encodes the data in the attribute, instead, if decode fails. + Using Base64 should be a suitable fallback, because the use cases of + users_ldap_groups do not really require comparing binary attributes. + """ + + try: + return attr.decode() + except UnicodeDecodeError: + return base64.b64encode(attr) diff --git a/users_ldap_groups/models/res_users.py b/users_ldap_groups/models/res_users.py new file mode 100644 index 0000000000..9853cd5b7e --- /dev/null +++ b/users_ldap_groups/models/res_users.py @@ -0,0 +1,27 @@ +# Copyright 2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from odoo import SUPERUSER_ID, api, models, registry + + +class ResUsers(models.Model): + _inherit = "res.users" + + @classmethod + def _login(cls, db, login, password, user_agent_env): + user_id = super()._login(db, login, password, user_agent_env) + if not user_id: + return user_id + with registry(db).cursor() as cr: + env = api.Environment(cr, SUPERUSER_ID, {}) + user = env["res.users"].browse(user_id) + # check if this user came from ldap, rerun get_or_create_user in + # this case to apply ldap groups if necessary + ldaps = user.company_id.ldaps + if user.active and any(ldaps.mapped("only_ldap_groups")): + for conf in ldaps._get_ldap_dicts(): + entry = ldaps._authenticate(conf, login, password) + if entry: + ldaps._get_or_create_user(conf, login, entry) + break + return user_id diff --git a/users_ldap_groups/pyproject.toml b/users_ldap_groups/pyproject.toml new file mode 100644 index 0000000000..4231d0cccb --- /dev/null +++ b/users_ldap_groups/pyproject.toml @@ -0,0 +1,3 @@ +[build-system] +requires = ["whool"] +build-backend = "whool.buildapi" diff --git a/users_ldap_groups/readme/CONTRIBUTORS.md b/users_ldap_groups/readme/CONTRIBUTORS.md new file mode 100644 index 0000000000..e83dcf68db --- /dev/null +++ b/users_ldap_groups/readme/CONTRIBUTORS.md @@ -0,0 +1,8 @@ +- Holger Brunn \<\> +- Giacomo Spettoli \<\> +- [CorporateHub](https://corporatehub.eu/) + - Alexey Pelykh \<\> +- Tecnativa \<\> + - João Marques + - Carolina Fernandez +- Dhara Solanki \<\> diff --git a/users_ldap_groups/readme/DESCRIPTION.md b/users_ldap_groups/readme/DESCRIPTION.md new file mode 100644 index 0000000000..a0571b9478 --- /dev/null +++ b/users_ldap_groups/readme/DESCRIPTION.md @@ -0,0 +1,4 @@ +[![License: AGPL-3](https://img.shields.io/badge/license-AGPL--3-blue.png)](https://www.gnu.org/licenses/agpl) + +Adds user accounts to groups based on rules defined by the +administrator. diff --git a/users_ldap_groups/readme/USAGE.md b/users_ldap_groups/readme/USAGE.md new file mode 100644 index 0000000000..6365c798ef --- /dev/null +++ b/users_ldap_groups/readme/USAGE.md @@ -0,0 +1,22 @@ +Define mappings in Settings / General Settings / Integrations / LDAP +Authentication / LDAP Server + +Decide whether you want only groups mapped from LDAP (Only LDAP groups +checked) or a mix of manually set groups and LDAP groups (Only LDAP +groups unchecked). Setting this to "no" will result in users never +losing privileges when you remove them from a LDAP group, so that's a +potential security issue. It is still the default to prevent losing +group information by accident. If set to "Yes", you need to make sure +each user has at least on of the "User types" groups + +For active directory, use LDAP attribute 'memberOf' and operator +'contains'. Fill in the DN of the windows group as value and choose an +Odoo group users with this windows group are to be assigned to. + +For posix accounts, use operator 'query' and a value like: + + (&(cn=bzr)(objectClass=posixGroup)(memberUid=$uid)) + +The operator query matches if the filter in value returns something, and +value can contain `$attribute` which will be replaced by the first value +of the user's LDAP record's attribute named attribute. diff --git a/users_ldap_groups/security/ir.model.access.csv b/users_ldap_groups/security/ir.model.access.csv new file mode 100644 index 0000000000..796730224c --- /dev/null +++ b/users_ldap_groups/security/ir.model.access.csv @@ -0,0 +1,2 @@ +id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink +access_res_company_ldap_groups,res_company_ldap_groups,model_res_company_ldap_group_mapping,base.group_system,1,1,1,1 diff --git a/users_ldap_groups/static/description/icon.png b/users_ldap_groups/static/description/icon.png new file mode 100644 index 0000000000..3a0328b516 Binary files /dev/null and b/users_ldap_groups/static/description/icon.png differ diff --git a/users_ldap_groups/static/description/index.html b/users_ldap_groups/static/description/index.html new file mode 100644 index 0000000000..0b24570ef0 --- /dev/null +++ b/users_ldap_groups/static/description/index.html @@ -0,0 +1,459 @@ + + + + + +LDAP groups assignment + + + +
+

LDAP groups assignment

+ + +

Beta License: AGPL-3 OCA/server-auth Translate me on Weblate Try me on Runboat

+

License: AGPL-3

+

Adds user accounts to groups based on rules defined by the +administrator.

+

Table of contents

+ +
+

Usage

+

Define mappings in Settings / General Settings / Integrations / LDAP +Authentication / LDAP Server

+

Decide whether you want only groups mapped from LDAP (Only LDAP groups +checked) or a mix of manually set groups and LDAP groups (Only LDAP +groups unchecked). Setting this to “no” will result in users never +losing privileges when you remove them from a LDAP group, so that’s a +potential security issue. It is still the default to prevent losing +group information by accident. If set to “Yes”, you need to make sure +each user has at least on of the “User types” groups

+

For active directory, use LDAP attribute ‘memberOf’ and operator +‘contains’. Fill in the DN of the windows group as value and choose an +Odoo group users with this windows group are to be assigned to.

+

For posix accounts, use operator ‘query’ and a value like:

+
+(&(cn=bzr)(objectClass=posixGroup)(memberUid=$uid))
+
+

The operator query matches if the filter in value returns something, and +value can contain $attribute which will be replaced by the first +value of the user’s LDAP record’s attribute named attribute.

+
+
+

Bug Tracker

+

Bugs are tracked on GitHub Issues. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us to smash it by providing a detailed and welcomed +feedback.

+

Do not contact contributors directly about support or help with technical issues.

+
+
+

Credits

+
+

Authors

+
    +
  • Therp BV
    • +
+
+
+

Contributors

+ +
+
+

Maintainers

+

This module is maintained by the OCA.

+ +Odoo Community Association + +

OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use.

+

This module is part of the OCA/server-auth project on GitHub.

+

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

+
+
+
+ + diff --git a/users_ldap_groups/tests/__init__.py b/users_ldap_groups/tests/__init__.py new file mode 100644 index 0000000000..4aae447e0e --- /dev/null +++ b/users_ldap_groups/tests/__init__.py @@ -0,0 +1,2 @@ +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from . import test_users_ldap_groups diff --git a/users_ldap_groups/tests/test_users_ldap_groups.py b/users_ldap_groups/tests/test_users_ldap_groups.py new file mode 100644 index 0000000000..5d7f50f7d6 --- /dev/null +++ b/users_ldap_groups/tests/test_users_ldap_groups.py @@ -0,0 +1,294 @@ +# Copyright 2018 Therp BV +# Copyright 2018 Brainbean Apps +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html). +from contextlib import contextmanager +from unittest import mock + +from odoo.exceptions import UserError +from odoo.tests.common import TransactionCase + +_auth_ldap_ns = "odoo.addons.auth_ldap" +_company_ldap_class = _auth_ldap_ns + ".models.res_company_ldap.CompanyLDAP" + + +@contextmanager +def mock_cursor(cr): + with mock.patch("odoo.sql_db.Connection.cursor") as mocked_cursor_call: + org_close = cr.close + org_autocommit = cr.connection.set_isolation_level + try: + cr.close = mock.Mock() + cr.connection.set_isolation_level = mock.Mock() + cr.commit = mock.Mock() + mocked_cursor_call.return_value = cr + yield + finally: + cr.close = org_close + cr.connection.set_isolation_level = org_autocommit + + +class FakeLdapConnection: + def __init__(self, entries): + self.entries = entries + + def simple_bind_s(self, dn, passwd): + pass + + def search_st(self, dn, scope, ldap_filter, attributes, timeout): + if dn in self.entries: + return [(dn, dict(self.entries[dn]))] + return [] + + def unbind(self): + pass + + def unbind_s(self): + pass + + def __getattr__(self, name): + def wrapper(): + raise Exception("'%s' is not mocked" % name) + + return wrapper + + +class TestUsersLdapGroups(TransactionCase): + def setUp(self): + super().setUp() + self.group_system = self.env.ref("base.group_system") + self.group_user = self.env.ref("base.group_user") + self.group_contains = self.env["res.groups"].create({"name": "contains"}) + self.group_equals = self.env["res.groups"].create({"name": "equals"}) + self.group_query = self.env["res.groups"].create({"name": "query"}) + + def _create_ldap_config(self, groups, only_ldap_groups=False, cr=None): + vals = { + "company": self.env.ref("base.main_company").id, + "ldap_base": "dc=users_ldap_groups,dc=example,dc=com", + "ldap_filter": "(uid=%s)", + "ldap_binddn": "cn=bind,dc=example,dc=com", + "create_user": True, + "only_ldap_groups": only_ldap_groups, + "group_mapping_ids": [(0, 0, group) for group in groups], + } + return self.env["res.company.ldap"].create(vals) + + def test_users_ldap_groups_only_true(self): + self._create_ldap_config( + groups=[ + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello3", + "group_id": self.group_system.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello", + "group_id": self.group_user.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello2", + "group_id": self.group_contains.id, + }, + { + "ldap_attribute": "name", + "operator": "equals", + "value": "hello", + "group_id": self.group_equals.id, + }, + { + "ldap_attribute": "", + "operator": "query", + "value": "is not run because of patching", + "group_id": self.group_query.id, + }, + ], + only_ldap_groups=True, + ) + # _login does its work in a new cursor, so we need to mock it + with mock.patch( + _company_ldap_class + "._connect", + return_value=FakeLdapConnection( + { + "dc=users_ldap_groups,dc=example,dc=com": { + "cn": [b"User Name"], + "name": [b"hello", b"hello2"], + } + } + ), + ), mock_cursor(self.cr): + user_id = ( + self.env["res.users"] + .sudo() + .authenticate( + self.env.cr.dbname, "users_ldap_groups-username", "password", {} + ) + ) + # this asserts group mappings from demo data + user = self.env["res.users"].sudo().browse(user_id) + groups = user.groups_id + self.assertIn(self.group_contains, groups) + self.assertIn(self.group_user, groups) + self.assertNotIn(self.group_equals, groups) + self.assertIn(self.group_query, groups) + self.assertNotIn(self.group_system, groups) + + def test_users_ldap_groups_only_false(self): + self._create_ldap_config( + groups=[ + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello2", + "group_id": self.group_contains.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello", + "group_id": self.group_equals.id, + }, + ], + only_ldap_groups=False, + ) + with mock.patch( + _company_ldap_class + "._connect", + return_value=FakeLdapConnection( + { + "dc=users_ldap_groups,dc=example,dc=com": { + "cn": [b"User Name"], + "name": [b"hello", b"hello2"], + } + } + ), + ), mock_cursor(self.cr): + user_id = ( + self.env["res.users"] + .sudo() + .authenticate( + self.env.cr.dbname, "users_ldap_groups-username", "password", {} + ) + ) + # this asserts group mappings from demo data + user = self.env["res.users"].sudo().browse(user_id) + groups = user.groups_id + self.assertIn(self.group_contains, groups) + self.assertIn(self.group_equals, groups) + self.assertGreater(len(groups), 2) # user should keep default groups + + def _test_users_ldap_groups_not_user_type(self): + self._create_ldap_config( + groups=[ + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello3", + "group_id": self.group_system.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello2", + "group_id": self.group_contains.id, + }, + { + "ldap_attribute": "name", + "operator": "equals", + "value": "hello", + "group_id": self.group_equals.id, + }, + { + "ldap_attribute": "", + "operator": "query", + "value": "is not run because of patching", + "group_id": self.group_query.id, + }, + ], + only_ldap_groups=True, + ) + with mock.patch( + _company_ldap_class + "._connect", + return_value=FakeLdapConnection( + { + "dc=users_ldap_groups,dc=example,dc=com": { + "cn": [b"User Name"], + "name": [b"hello", b"hello2"], + } + } + ), + ), mock_cursor(self.cr): + with self.assertRaises(UserError): + self.env["res.users"].sudo().authenticate( + self.env.cr.dbname, "users_ldap_groups-username", "password", {} + ) + + def test_users_ldap_groups_ldap_returns_binary_data(self): + self._create_ldap_config( + groups=[ + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello3", + "group_id": self.group_system.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello", + "group_id": self.group_user.id, + }, + { + "ldap_attribute": "name", + "operator": "contains", + "value": "hello2", + "group_id": self.group_contains.id, + }, + { + "ldap_attribute": "name", + "operator": "equals", + "value": "hello", + "group_id": self.group_equals.id, + }, + { + "ldap_attribute": "", + "operator": "query", + "value": "is not run because of patching", + "group_id": self.group_query.id, + }, + ], + only_ldap_groups=True, + ) + with mock.patch( + _company_ldap_class + "._connect", + return_value=FakeLdapConnection( + { + "dc=users_ldap_groups,dc=example,dc=com": { + "cn": [b"User Name"], + "name": [b"hello", b"hello2"], + "thumbnailPhoto": [ + b"GIF89a\x01\x00\x01\x00\x00\xff\x00," + b"\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x00;" + ], + } + } + ), + ), mock_cursor(self.cr): + user_id = ( + self.env["res.users"] + .sudo() + .authenticate( + self.env.cr.dbname, "users_ldap_groups-username", "password", {} + ) + ) + # this asserts group mappings from demo data + user = self.env["res.users"].sudo().browse(user_id) + groups = user.groups_id + self.assertIn(self.group_contains, groups) + self.assertIn(self.group_user, groups) + self.assertNotIn(self.group_equals, groups) + self.assertIn(self.group_query, groups) + self.assertNotIn(self.group_system, groups) diff --git a/users_ldap_groups/views/res_company_ldap_views.xml b/users_ldap_groups/views/res_company_ldap_views.xml new file mode 100644 index 0000000000..f455328961 --- /dev/null +++ b/users_ldap_groups/views/res_company_ldap_views.xml @@ -0,0 +1,33 @@ + + + + + res.company.ldap.form + res.company.ldap + + + + + + + + + +