summaryrefslogtreecommitdiff
path: root/linaro_metrics/sync_teams.py
blob: c549d7760bff7fdfaede827df70be1c3b6471ce8 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

#!/usr/bin/env python
import os
import sys

sys.path.append(os.path.join(os.path.dirname(__file__), '..'))
sys.path.append('/srv/linaro-git-tools')
from bin import django_setup, add_logging_arguments
django_setup()  # must be called to get sys.path and django settings in place

import logging

from django.contrib.auth.models import User

from linaro_ldap import do_complex_query, do_query
from linaro_metrics.models import Team, TeamMembership

log = logging.getLogger('sync_teams')

DRY_RUN = False


def get_email_by_uid(uid):
    ldap_user_entry = do_query('uid', uid, ['mail'])
    return(ldap_user_entry[0][1]['mail'][0])


def sync_teams(teams):

    for t in teams:
        ldap_results = do_complex_query(
            search_filter='(&(objectClass=posixGroup)(cn=%s))' % t.name,
            attrlist=['memberUid', 'mail'],
            base='ou=security,ou=groups,dc=linaro,dc=org'
        )

        try:
            uids_ldap = ldap_results[0][1]['memberUid']
        except KeyError as e:
            print("Exception: '%s' for %s" % (e, ldap_results[0][0]))
            continue
        except IndexError as e:
            print("Exception: %s" % e)
            sys.exit(1)

        ldap_users = [get_email_by_uid(x) for x in uids_ldap]
        memberships = TeamMembership.objects.filter(team=t)

        # look for new Users and add
        for ldap_user in ldap_users:
            # user should already exist as the sync_users script
            # should have been run first
            user = User.objects.filter(username=ldap_user).first()
            if user is None:
                continue
            membership = \
                TeamMembership.objects.filter(team=t, user=user).first()
            if membership is None:
                print("Adding '%s' to team '%s'" % (user.username, t.name))
                if not DRY_RUN:
                    m = TeamMembership()
                    m.user = user
                    m.team = t
                    m.save()

        # look for Users to remove
        for m in memberships:
            if m.user.username not in ldap_users:
                print("Removing '%s' from team '%s'" % (
                    m.user.username, t.name))
                if not DRY_RUN:
                    m.delete()


if __name__ == '__main__':
    import argparse

    parser = argparse.ArgumentParser(
        description='Synchronize team memberships with info from LDAP')
    add_logging_arguments(parser)
    parser.add_argument("--dry-run", "-n", action='store_true',
                        dest='DRY_RUN', default=False,
                        help="Run the script but do not execute any changes")
    args = parser.parse_args()

    DRY_RUN = args.DRY_RUN

    sync_teams(Team.objects.filter(active=True))
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 06:23:34 +0000