7 files changed, 92 insertions, 0 deletions

diff --git a/modules/django_application/files/custom_backend.py b/modules/django_application/files/custom_backend.py
new file mode 100644
index 00000000..5ab35385
--- /dev/null
+++ b/modules/django_application/files/custom_backend.py
@@ -0,0 +1,7 @@
+
+from django_auth_ldap.backend import LDAPBackend,_LDAPUser
+
+class ForceUidLDAPBackend(LDAPBackend):
+    def ldap_to_django_username(self, username):
+        # force uid if someone give a email
+        return _LDAPUser(self, username=username).attrs['uid'][0]
diff --git a/modules/django_application/files/django_add_permission_to_group.py b/modules/django_application/files/django_add_permission_to_group.py
new file mode 100644
index 00000000..69ac7be5
--- /dev/null
+++ b/modules/django_application/files/django_add_permission_to_group.py
@@ -0,0 +1,27 @@
+#!/usr/bin/python
+import sys
+group_name = sys.argv[1]
+permission = sys.argv[2]
+
+# as codename is not unique, we need to give the application name
+app = ''
+if len(sys.argv) > 3:
+        app = sys.argv[3]
+
+from django.contrib.auth.models import Group, Permission
+group = Group.objects.get(name=group_name)
+
+permissions = Permission.objects.filter(codename=permission)
+if app:
+    permissions = permissions.filter(content_type__app_label__exact=app)
+
+if len(permissions) > 1:
+        print "Error, result not unique, please give the application among :"
+        print ' '.join([p.content_type.app_label for p in permissions])
+        sys.exit(1)
+elif len(permissions) < 1:
+        print "Error, wrong codename"
+        sys.exit(1)
+
+group.permissions.add(permissions[0])
+group.save()
diff --git a/modules/django_application/files/django_create_group.py b/modules/django_application/files/django_create_group.py
new file mode 100644
index 00000000..b5052217
--- /dev/null
+++ b/modules/django_application/files/django_create_group.py
@@ -0,0 +1,10 @@
+#!/usr/bin/python
+import sys
+group_name = sys.argv[1]
+
+from django.contrib.auth.models import Group
+try:
+    group = Group.objects.get(name=group_name)
+except Group.DoesNotExist:
+    group = Group.objects.create(name=group_name) 
+    group.save()
diff --git a/modules/django_application/manifests/add_permission_to_group.pp b/modules/django_application/manifests/add_permission_to_group.pp
new file mode 100644
index 00000000..6e0663ed
--- /dev/null
+++ b/modules/django_application/manifests/add_permission_to_group.pp
@@ -0,0 +1,11 @@
+define django_application::add_permission_to_group( $path,
+                                                    $module,
+                                                    $group,
+                                                    $app='') {
+    exec { "/usr/local/bin/django_add_permission_to_group.py ${group} ${name} ${app}":
+        user        => 'root',
+        environment => ["DJANGO_SETTINGS_MODULE=${module}.settings",
+                        "PYTHONPATH=${path}" ],
+        require     => Django_application::Script['django_add_permission_to_group.py']
+    }
+}
diff --git a/modules/django_application/manifests/create_group.pp b/modules/django_application/manifests/create_group.pp
new file mode 100644
index 00000000..1931205f
--- /dev/null
+++ b/modules/django_application/manifests/create_group.pp
@@ -0,0 +1,10 @@
+define django_application::create_group($path, $module) {
+    exec { "/usr/local/bin/django_create_group.py ${name}":
+        user        => 'root',
+        environment => ["DJANGO_SETTINGS_MODULE=${module}.settings",
+                        "PYTHONPATH=${path}" ],
+        require     => Django_application::Script['django_create_group.py']
+    }
+}
+
+
diff --git a/modules/django_application/manifests/init.pp b/modules/django_application/manifests/init.pp
new file mode 100644
index 00000000..f56f73ef
--- /dev/null
+++ b/modules/django_application/manifests/init.pp
@@ -0,0 +1,18 @@
+# this class hold the common stuff for all django applications
+# as we cannot declare the same resource twice ( ie,
+# python-psycopg2 for example )
+# it is required to place this in a common class
+class django_application {
+    package {['python-django',
+              'python-psycopg2',
+              'python-django-auth-ldap']: }
+
+    file { '/usr/local/lib/custom_backend.py':
+        source => 'puppet:///modules/django_application/custom_backend.py',
+        notify => Service['apache']
+    }
+
+    django_application::script { ['django_create_group.py',
+                                  'django_add_permission_to_group.py']: }
+
+}
diff --git a/modules/django_application/manifests/script.pp b/modules/django_application/manifests/script.pp
new file mode 100644
index 00000000..f414d864
--- /dev/null
+++ b/modules/django_application/manifests/script.pp
@@ -0,0 +1,9 @@
+define django_application::script() {
+    file { $name:
+        path   => "/usr/local/bin/${name}",
+        mode   => '0755',
+        source => "puppet:///modules/django_application/${name}",
+    }
+}
+
+