Additional LDAP groups improvements

Author: matteius

.gitignore

@@ -1,4 +1,5 @@
 dist
 *.pyc$
 db.sqlite3
+form-workflows/
 __pycache__/

CHANGELOG.md

@@ -15,6 +15,80 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Advanced reporting and analytics
 - Multi-tenancy support
 
+## [0.4.0] - 2025-11-06
+
+### Added - SJCME Migration Support
+- **Enhanced UserProfile Model**
+  - Added `ldap_last_sync` timestamp field for tracking LDAP synchronization
+  - Added database indexes to `employee_id` and `external_id` fields for better performance
+  - Added `id_number` property as backward-compatible alias for `employee_id`
+  - Added `full_name` and `display_name` properties for convenient user display
+  - Enhanced help text for LDAP attribute fields
+
+- **LDAP Integration Enhancements**
+  - New `signals.py` module with automatic LDAP attribute synchronization
+  - `sync_ldap_attributes()` function for syncing LDAP data to UserProfile
+  - `get_ldap_attribute()` helper function for retrieving LDAP attributes
+  - Auto-sync on user login (configurable via `FORMS_WORKFLOWS['LDAP_SYNC']`)
+  - Signal handlers for automatic UserProfile creation on user creation
+  - Configurable LDAP attribute mappings in settings
+
+- **Database Introspection Utilities**
+  - `DatabaseDataSource.test_connection()` - Test external database connections
+  - `DatabaseDataSource.get_available_tables()` - List tables in a schema
+  - `DatabaseDataSource.get_table_columns()` - Get column information for a table
+  - Support for SQL Server, PostgreSQL, MySQL, and SQLite introspection
+
+- **Utility Functions**
+  - `get_user_manager()` - Get user's manager from LDAP or UserProfile
+  - `user_can_view_form()` - Check if user can view a form
+  - `user_can_view_submission()` - Check if user can view a submission
+  - `check_escalation_needed()` - Check if submission needs escalation
+  - `sync_ldap_groups()` - Synchronize LDAP groups to Django groups
+
+- **Management Commands**
+  - `sync_ldap_profiles` - Bulk sync LDAP attributes for all users
+    - Supports `--username` for single user sync
+    - Supports `--dry-run` for testing without changes
+    - Supports `--verbose` for detailed output
+  - `test_db_connection` - Test external database connections
+    - Supports `--database` to specify database alias
+    - Supports `--verbose` for detailed connection information
+    - Works with SQL Server, PostgreSQL, MySQL, and SQLite
+
+- **Documentation**
+  - `PORTING_ANALYSIS.md` - Detailed analysis of SJCME to package migration
+  - `FEATURE_COMPARISON.md` - Comprehensive feature comparison matrix
+  - `SJCME_SIMPLIFICATION_PLAN.md` - Code reduction and migration strategy
+  - `EXECUTIVE_SUMMARY.md` - High-level overview for stakeholders
+  - `NEXT_STEPS.md` - Actionable implementation guide
+
+### Changed
+- Updated version to 0.4.0 to reflect significant new features
+- Enhanced UserProfile model with LDAP-specific fields and properties
+- Improved database source with introspection capabilities
+- Expanded utility functions for better LDAP and permission handling
+
+### Migration Notes
+- Run `python manage.py migrate django_forms_workflows` to apply UserProfile enhancements
+- Configure LDAP sync in settings:
+  ```python
+  FORMS_WORKFLOWS = {
+      'LDAP_SYNC': {
+          'enabled': True,
+          'sync_on_login': True,
+          'attributes': {
+              'employee_id': 'extensionAttribute1',
+              'department': 'department',
+              'title': 'title',
+              'phone': 'telephoneNumber',
+              'manager_dn': 'manager',
+          }
+      }
+  }
+  ```
+- Use `python manage.py sync_ldap_profiles` to bulk sync existing users
+
 ## [0.2.2] - 2025-10-31
 
 ### Changed

django_forms_workflows/__init__.py

@@ -3,7 +3,7 @@
 Enterprise-grade, database-driven form builder with approval workflows
 """
 
-__version__ = "0.3.0"
+__version__ = "0.4.0"
 __author__ = "Django Forms Workflows Contributors"
 __license__ = "LGPL-3.0-only"
 

django_forms_workflows/apps.py

@@ -16,6 +16,5 @@ def ready(self):
         """
         Import signal handlers and perform app initialization.
         """
-        # Import signals if you have any
-        # from . import signals
-        pass
+        # Import signals to register handlers
+        from . import signals  # noqa: F401

django_forms_workflows/data_sources/database_source.py

@@ -256,3 +256,170 @@ def is_available(self) -> bool:
 
     def get_display_name(self) -> str:
         return "External Database"
+
+    def test_connection(self, database_alias: str = None) -> bool:
+        """
+        Test the database connection.
+
+        Args:
+            database_alias: Database alias to test (uses config default if not provided)
+
+        Returns:
+            True if connection successful, False otherwise
+        """
+        if database_alias is None:
+            config = self._get_config()
+            database_alias = config.get("database_alias")
+
+        if not database_alias:
+            logger.error("No database alias configured")
+            return False
+
+        try:
+            with connections[database_alias].cursor() as cursor:
+                # Try to get database version
+                engine = connections[database_alias].settings_dict.get("ENGINE", "")
+
+                if "mssql" in engine or "sql_server" in engine:
+                    cursor.execute("SELECT @@VERSION")
+                elif "postgresql" in engine or "postgis" in engine:
+                    cursor.execute("SELECT version()")
+                elif "mysql" in engine:
+                    cursor.execute("SELECT VERSION()")
+                elif "sqlite" in engine:
+                    cursor.execute("SELECT sqlite_version()")
+                else:
+                    cursor.execute("SELECT 1")
+
+                result = cursor.fetchone()
+                if result:
+                    logger.info(
+                        f"Database connection successful for '{database_alias}'"
+                    )
+                    return True
+
+            return False
+
+        except Exception as e:
+            logger.error(f"Database connection test failed for '{database_alias}': {e}")
+            return False
+
+    def get_available_tables(
+        self, schema: str = None, database_alias: str = None
+    ) -> list:
+        """
+        Get list of available tables in a schema.
+
+        Args:
+            schema: Schema name (uses config default if not provided)
+            database_alias: Database alias (uses config default if not provided)
+
+        Returns:
+            List of table names
+        """
+        config = self._get_config()
+
+        if schema is None:
+            schema = config.get("default_schema", "dbo")
+
+        if database_alias is None:
+            database_alias = config.get("database_alias")
+
+        if not database_alias:
+            logger.error("No database alias configured")
+            return []
+
+        if not self._is_safe_identifier(schema):
+            logger.error(f"Invalid schema name: {schema}")
+            return []
+
+        try:
+            query = """
+                SELECT TABLE_NAME
+                FROM INFORMATION_SCHEMA.TABLES
+                WHERE TABLE_SCHEMA = %s
+                AND TABLE_TYPE = 'BASE TABLE'
+                ORDER BY TABLE_NAME
+            """
+
+            with connections[database_alias].cursor() as cursor:
+                cursor.execute(query, [schema])
+                rows = cursor.fetchall()
+                return [row[0] for row in rows]
+
+        except Exception as e:
+            logger.error(f"Error getting tables from {schema}: {e}")
+            return []
+
+    def get_table_columns(
+        self, table: str, schema: str = None, database_alias: str = None
+    ) -> list:
+        """
+        Get list of columns in a table.
+
+        Args:
+            table: Table name
+            schema: Schema name (uses config default if not provided)
+            database_alias: Database alias (uses config default if not provided)
+
+        Returns:
+            List of dictionaries with column information:
+            [
+                {
+                    'name': 'COLUMN_NAME',
+                    'type': 'DATA_TYPE',
+                    'max_length': 100,
+                    'nullable': True
+                },
+                ...
+            ]
+        """
+        config = self._get_config()
+
+        if schema is None:
+            schema = config.get("default_schema", "dbo")
+
+        if database_alias is None:
+            database_alias = config.get("database_alias")
+
+        if not database_alias:
+            logger.error("No database alias configured")
+            return []
+
+        if not self._is_safe_identifier(schema) or not self._is_safe_identifier(table):
+            logger.error(f"Invalid schema or table name: {schema}.{table}")
+            return []
+
+        try:
+            query = """
+                SELECT
+                    COLUMN_NAME,
+                    DATA_TYPE,
+                    CHARACTER_MAXIMUM_LENGTH,
+                    IS_NULLABLE
+                FROM INFORMATION_SCHEMA.COLUMNS
+                WHERE TABLE_SCHEMA = %s
+                AND TABLE_NAME = %s
+                ORDER BY ORDINAL_POSITION
+            """
+
+            with connections[database_alias].cursor() as cursor:
+                cursor.execute(query, [schema, table])
+                rows = cursor.fetchall()
+
+                columns = []
+                for row in rows:
+                    columns.append(
+                        {
+                            "name": row[0],
+                            "type": row[1],
+                            "max_length": row[2],
+                            "nullable": row[3] == "YES",
+                        }
+                    )
+
+                return columns
+
+        except Exception as e:
+            logger.error(f"Error getting columns from {schema}.{table}: {e}")
+            return []