make it possible to disable cross-domain sso per cluster

3 files changed, 42 insertions, 2 deletions

diff --git a/meetingtools/apps/cluster/migrations/0002_auto__add_field_accluster_cross_domain_sso.py b/meetingtools/apps/cluster/migrations/0002_auto__add_field_accluster_cross_domain_sso.py
new file mode 100644
index 0000000..96c2431
--- /dev/null
+++ b/meetingtools/apps/cluster/migrations/0002_auto__add_field_accluster_cross_domain_sso.py
@@ -0,0 +1,37 @@
+# -*- coding: utf-8 -*-
+import datetime
+from south.db import db
+from south.v2 import SchemaMigration
+from django.db import models
+
+
+class Migration(SchemaMigration):
+
+    def forwards(self, orm):
+        # Adding field 'ACCluster.cross_domain_sso'
+        db.add_column('cluster_accluster', 'cross_domain_sso',
+                      self.gf('django.db.models.fields.BooleanField')(default=True),
+                      keep_default=False)
+
+
+    def backwards(self, orm):
+        # Deleting field 'ACCluster.cross_domain_sso'
+        db.delete_column('cluster_accluster', 'cross_domain_sso')
+
+
+    models = {
+        'cluster.accluster': {
+            'Meta': {'object_name': 'ACCluster'},
+            'api_url': ('django.db.models.fields.URLField', [], {'max_length': '200'}),
+            'cross_domain_sso': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
+            'default_template_sco_id': ('django.db.models.fields.IntegerField', [], {'unique': 'True', 'blank': 'True'}),
+            'domain_match': ('django.db.models.fields.TextField', [], {}),
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '128', 'blank': 'True'}),
+            'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
+            'url': ('django.db.models.fields.URLField', [], {'max_length': '200'}),
+            'user': ('django.db.models.fields.CharField', [], {'max_length': '128'})
+        }
+    }
+
+    complete_apps = ['cluster']
\ No newline at end of file
diff --git a/meetingtools/apps/cluster/models.py b/meetingtools/apps/cluster/models.py
index 28c7f04..3c3304e 100644
--- a/meetingtools/apps/cluster/models.py
+++ b/meetingtools/apps/cluster/models.py
@@ -16,6 +16,7 @@ class ACCluster(models.Model):
     name = CharField(max_length=128,blank=True,unique=True)
     default_template_sco_id = IntegerField(blank=True,unique=True)
     domain_match = TextField()
+    cross_domain_sso = BooleanField(default=True)
 
     def __unicode__(self):
         return self.url
diff --git a/meetingtools/apps/room/views.py b/meetingtools/apps/room/views.py
index 3476af8..7116f01 100644
--- a/meetingtools/apps/room/views.py
+++ b/meetingtools/apps/room/views.py
@@ -391,7 +391,7 @@ def go_by_path(request,path):
                         {'text/html': 'apps/room/choose.html',
                          'application/json': json_response([base_url(request,room.go_url()) for room in rooms])},
                         {'rooms': rooms})
-        
+
 @login_required
 def promote_and_launch(request,rid):
     room = get_object_or_404(Room,pk=rid)
@@ -409,6 +409,8 @@ def _random_key(length=20):
     alphabet = string.letters + string.digits
     return str().join(rg.choice(alphabet) for _ in range(length))
 
+
+
 def _goto(request,room,clean=True,promote=False):
     if room.is_locked():
         return respond_to(request, {"text/html": "apps/room/retry.html"}, {'room': room, 'wait': 10})
@@ -435,7 +437,7 @@ def _goto(request,room,clean=True,promote=False):
         room.save()
     
     key = None
-    if request.user.is_authenticated():
+    if request.user.is_authenticated() and room.sco.acc.cross_domain_sso:
         key = _random_key(20)
         user_principal = api.find_user(request.user.username)
         principal_id =  user_principal.get('principal-id')