diff options
Diffstat (limited to 'linaro/group_sync.py')
-rwxr-xr-x | linaro/group_sync.py | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/linaro/group_sync.py b/linaro/group_sync.py new file mode 100755 index 0000000..3a7fb19 --- /dev/null +++ b/linaro/group_sync.py @@ -0,0 +1,117 @@ +#!/usr/bin/python + +import linaro_ldap +from phabricator import Phabricator +import json + +PHAB_TOKEN = 'api-gpwwrvgqz4qdrzhkbhcazdltwcyp' +PHAB_GROUPS_PARENT = "Groups" + +PHAB_USERS = {} + +PHAB_LOCAL_USERS = ["systemsadmin","phabbot"] + +phab_groups_tbl = {} + +def get_phab_top_level_group_id(phab, name): + phab_query = phab.project.search(constraints={'name': name}) + return phab_query["data"][0]["phid"] + +def get_user(phab,phid): + user_query = phab.user.search(constraints={'phids': [phid]}) + return user_query["data"][0]["fields"]["username"] + +def get_user_phid(phab,username): + if not PHAB_USERS.has_key(username): + user_query = phab.user.search(constraints={'usernames':[username]}) + #print user_query["data"][0] + PHAB_USERS[username] = user_query["data"][0]["phid"] + return PHAB_USERS[username] + +def get_groups_and_users(phab,top_group): + phab_query = phab.project.search(constraints={'parents': [top_group]}, attachments={"members":"true"}) + return phab_query["data"] + +def get_group_phid(phab, top_group, name): + phab_query = phab.project.search(constraints={'parents': [top_group], 'name': name}) + return phab_query["data"][0]["fields"]["phid"] + +def create_group(phab, parent, group_name): + print "phabbot phid: %s" % PHAB_USERS["phabbot"] + tlist = [ + { "type": "name", "value": group_name }, + { "type": "parent", "value": parent }, + { "type": "join", "value": "no-one" }, + { "type": "edit", "value": "users" }, + { "type": "members.set", "value": [PHAB_USERS["systemsadmin"], PHAB_USERS["phabbot"]]}, + { "type": "view", "value": "users" }, + { "type": "icon", "value": "group" }, + ] + return( phab.project.edit( transactions = tlist ) ) + +ldap_groups = linaro_ldap.get_groups_and_users() +#for g in groups: +# print g +# print "Members: %s" % groups[g] + +phab = Phabricator(host="https://staging-bugs.linaro.org/api/", token=PHAB_TOKEN) + +#preload the PHAB_USER table with system accounts +for x in PHAB_LOCAL_USERS: + print get_user_phid(phab,x) + +groups_project_id = get_phab_top_level_group_id(phab, PHAB_GROUPS_PARENT) +groups = get_groups_and_users(phab, groups_project_id) + +for pgroup in groups: + group_name = pgroup["fields"]["name"] + + if not phab_groups_tbl.has_key( group_name ): + phab_groups_tbl[group_name] = [] + + for phid_entry in pgroup["attachments"]["members"]["members"]: + phid = phid_entry["phid"] + username = get_user(phab, phid) + + # create a lookup table for ldap lookups + if not PHAB_USERS.has_key( phid ): + PHAB_USERS[phid] = username + if username not in phab_groups_tbl[group_name] and username not in PHAB_LOCAL_USERS: + phab_groups_tbl[group_name].append( username ) + +#for g in phab_groups_tbl.keys(): +# print "%s: " % g, +# for u in phab_groups_tbl[g]: +# print "%s " % u, +# print + +groups_add_to_phab = [] +groups_remove_from_phab = [] + +for x in ldap_groups: + # check for new group + if not phab_groups_tbl.has_key(x): + print "add group to phab: %s" % x + try: + rv = create_group(phab, groups_project_id, x) + print rv + except Exception e: + print e + + for y in ldap_groups[x]: + print " - add user %s to %s" % (y,x) + else: + # check for new users in ldap group + for y in ldap_groups[x]: + if y not in phab_groups_tbl[x]: + print "- useradd %s to %s" % (y,x) + + # check for removed users in ldap group + for y in phab_groups_tbl[x]: + if y not in PHAB_LOCAL_USERS and y not in ldap_groups[x]: + print "- userdel %s from %s" % (y,x) + +# lastly check for groups removed from ldap +for x in phab_groups_tbl.keys(): + if x not in ldap_groups: + print "del group from phab: %s" % x |