Add an admin page to browse with an approximation of the state of another user

Author: sbp

atr/blueprints/admin/admin.py

@@ -28,7 +28,7 @@
 import aioshutil
 import asfquart
 import asfquart.base as base
-import asfquart.session
+import asfquart.session as session
 import httpx
 import quart
 import sqlalchemy.orm as orm
@@ -49,6 +49,17 @@
 _LOGGER: Final = logging.getLogger(__name__)
 
 
+class BrowseAsUserForm(util.QuartFormTyped):
+    """Form for browsing as another user."""
+
+    uid = wtforms.StringField(
+        "ASF UID",
+        validators=[wtforms.validators.InputRequired()],
+        render_kw={"placeholder": "Enter the ASF UID to browse as"},
+    )
+    submit = wtforms.SubmitField("Browse as this user")
+
+
 class DeleteCommitteeKeysForm(util.QuartFormTyped):
     committee_name = wtforms.SelectField("Committee", validators=[wtforms.validators.InputRequired()])
     confirm_delete = wtforms.StringField(
@@ -378,7 +389,7 @@ async def admin_toggle_admin_view_page() -> str:
 async def admin_toggle_view() -> response.Response:
     await util.validate_empty_form()
 
-    web_session = await asfquart.session.read()
+    web_session = await session.read()
     if web_session is None:
         # For the type checker
         # We should pass this as an argument, then it's guaranteed
@@ -402,12 +413,54 @@ async def admin_toggle_view() -> response.Response:
     return quart.redirect(referrer or quart.url_for("admin.admin_data"))
 
 
+@admin.BLUEPRINT.route("/browse-as", methods=["GET", "POST"])
+async def browse_as() -> str | response.Response:
+    """Allows an admin to browse as another user."""
+    # TODO: Enable this in debugging mode only?
+    from atr.routes import root
+
+    form = await BrowseAsUserForm.create_form()
+    if not (await form.validate_on_submit()):
+        return await template.render("browse-as.html", form=form)
+
+    new_uid = str(util.unwrap(form.uid.data))
+    if not (current_session := await session.read()):
+        raise base.ASFQuartException("Not authenticated", 401)
+
+    bind_dn = quart.current_app.config.get("LDAP_BIND_DN")
+    bind_password = quart.current_app.config.get("LDAP_BIND_PASSWORD")
+    ldap_params = ldap.SearchParameters(
+        uid_query=new_uid,
+        bind_dn_from_config=bind_dn,
+        bind_password_from_config=bind_password,
+    )
+    await asyncio.to_thread(ldap.search, ldap_params)
+
+    if not ldap_params.results_list:
+        await quart.flash(f"User '{new_uid}' not found in LDAP.", "error")
+        return quart.redirect(quart.url_for("admin.browse_as"))
+
+    ldap_projects_data = await apache.get_ldap_projects_data()
+    committee_data = await apache.get_active_committee_data()
+    ldap_data = ldap_params.results_list[0]
+    _LOGGER.info("Current session data: %s", current_session)
+    new_session_data = _session_data(ldap_data, new_uid, current_session, ldap_projects_data, committee_data)
+    _LOGGER.info("New session data: %s", new_session_data)
+    session.write(new_session_data)
+
+    await quart.flash(
+        f"You are now browsing as '{new_uid}'. To return to your own account, please log out and log back in.",
+        "success",
+    )
+    return quart.redirect(util.as_url(root.index))
+
+
 @admin.BLUEPRINT.route("/ldap/", methods=["GET"])
 async def ldap_search() -> str:
     form = await LdapLookupForm.create_form(data=quart.request.args)
     asf_id_for_template: str | None = None
 
-    web_session = await asfquart.session.read()
+    web_session = await session.read()
     if web_session and web_session.uid:
         asf_id_for_template = web_session.uid
 
@@ -513,6 +566,42 @@ async def _process_undiscovered(data: db.Session) -> tuple[int, int]:
     return added_count, updated_count
 
 
+def _session_data(
+    ldap_data: dict[str, Any],
+    new_uid: str,
+    current_session: session.ClientSession,
+    ldap_projects: apache.LDAPProjectsData,
+    committee_data: apache.CommitteeData,
+) -> dict[str, Any]:
+    # This is not quite accurate
+    # For example, this misses "tooling" for tooling members
+    projects = {p.name for p in ldap_projects.projects if (new_uid in p.members) or (new_uid in p.owners)}
+    # And this adds "incubator", which is not in the OAuth data
+    committees = {p.name for p in ldap_projects.projects if (p.pmc and (new_uid in p.members)) or (new_uid in p.owners)}
+
+    # Or asf-member-status?
+    is_member = bool(projects or committees)
+    is_root = False
+    is_chair = any(new_uid in (user.id for user in c.chair) for c in committee_data.committees)
+
+    return {
+        "uid": ldap_data.get("uid", [new_uid])[0],
+        "dn": None,
+        "fullname": ldap_data.get("cn", [new_uid])[0],
+        # "email": ldap_user.get("mail", [""])[0],
+        # Or asf-committer-email?
+        "email": f"{new_uid}@apache.org",
+        "isMember": is_member,
+        "isChair": is_chair,
+        "isRoot": is_root,
+        "committees": sorted(list(committees)),
+        "projects": sorted(list(projects)),
+        "mfa": current_session.mfa,
+        "isRole": False,
+        "metadata": {},
+    }
+
+
 async def _update_committees(
     data: db.Session, ldap_projects: apache.LDAPProjectsData, committees_by_name: Mapping[str, apache.Committee]
 ) -> tuple[int, int]:

atr/blueprints/admin/templates/browse-as.html

@@ -0,0 +1,38 @@
+{% extends "layouts/base-admin.html" %}
+
+{% block title %}Browse as user{% endblock title %}
+
+{% block description %}
+    Enter the ASF UID of the user to browse as.
+{% endblock description %}
+
+{% block content %}
+    <h1>Browse as user</h1>
+
+    <p class="mb-4">
+        Enter the ASF UID of the user to browse as.
+        This will allow you to view the site as that user.
+    </p>
+
+    <form method="post" class="form">
+        {{ form.csrf_token }}
+        <div class="field mb-3">
+            <label class="label" for="uid">{{ form.uid.label }}</label>
+            <div class="control">
+                {{ form.uid(class="form-control") }}
+            </div>
+            {% if form.uid.errors %}
+                <div class="invalid-feedback d-block">
+                    {% for error in form.uid.errors %}
+                        <span>{{ error }}</span>
+                    {% endfor %}
+                </div>
+            {% endif %}
+        </div>
+        <div class="field">
+            <div class="control">
+                {{ form.submit(class="btn btn-primary") }}
+            </div>
+        </div>
+    </form>
+{% endblock %}

atr/ldap.py

@@ -15,11 +15,13 @@
 # specific language governing permissions and limitations
 # under the License.
 
+import collections
 import dataclasses
 from typing import Final
 
 import ldap3
 import ldap3.utils.conv as conv
+import ldap3.utils.dn as dn
 
 LDAP_SEARCH_BASE: Final[str] = "ou=people,dc=apache,dc=org"
 LDAP_SERVER_HOST: Final[str] = "ldap-eu.apache.org"
@@ -39,6 +41,15 @@ class SearchParameters:
     connection: ldap3.Connection | None = None
 
 
+def parse_dn(dn_string: str) -> dict[str, list[str]]:
+    parsed = collections.defaultdict(list)
+    parts = dn.parse_dn(dn_string)
+    for part in parts:
+        for attr, value in part:
+            parsed[attr].append(value)
+    return dict(parsed)
+
+
 def search(params: SearchParameters) -> None:
     try:
         _search_core(params)

atr/templates/includes/sidebar.html

@@ -136,6 +136,11 @@ <h3>Administration</h3>
             <a href="{{ url_for('admin.admin_toggle_admin_view_page') }}"
                {% if request.endpoint == 'admin.admin_toggle_admin_view_page' %}class="active"{% endif %}>Toggle admin view</a>
           </li>
+          <li>
+            <i class="bi bi-person-plus"></i>
+            <a href="{{ url_for('admin.browse_as') }}"
+               {% if request.endpoint == 'admin.browse_as' %}class="active"{% endif %}>Browse as user</a>
+          </li>
         </ul>
       {% endif %}
     {% endif %}