Projet

Général

Profil

0001-WIP-ldap_backend-process-orphan-accounts-6379.patch

Paul Marillonnet, 12 février 2019 16:06

Télécharger (2,84 ko)

Voir les différences:

Subject: [PATCH] WIP ldap_backend : process orphan accounts (#6379)

 src/authentic2/backends/ldap_backend.py | 28 ++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)
src/authentic2/backends/ldap_backend.py
20 20

  
21 21
log = logging.getLogger(__name__)
22 22

  
23
from datetime import datetime, timedelta
23 24
from django.core.exceptions import ImproperlyConfigured
24 25
from django.conf import settings
25 26
from django.contrib.auth.models import Group
......
70 71
class LDAPUser(get_user_model()):
71 72
    SESSION_LDAP_DATA_KEY = 'ldap-data'
72 73
    _changed = False
74
    _deactivated_on = None
73 75

  
74 76
    class Meta:
75 77
        proxy = True
......
947 949
                yield user_dn, user
948 950

  
949 951
    @classmethod
950
    def get_users(cls):
952
    def _get_user_tuples(cls):
951 953
        logger = logging.getLogger(__name__)
952 954
        for block in cls.get_config():
953 955
            conn = cls.get_connection(block)
......
960 962
            attrs = cls.get_ldap_attributes_names(block)
961 963
            users = cls.paged_search(conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter,
962 964
                                     attrlist=attrs)
963
            backend = cls()
964 965
            for user_dn, data in users:
965 966
                # ignore referrals
966 967
                if not user_dn:
967 968
                    continue
968 969
                data = cls.normalize_ldap_results(data)
969 970
                data['dn'] = user_dn
970
                yield backend._return_user(user_dn, None, conn, block, data)
971
                yield user_dn, None, conn, block, data
972

  
973
    @classmethod
974
    def get_users(cls):
975
        backend = cls()
976
        for user_tuple in cls._get_user_tuples():
977
            yield backend._return_user(*user_tuple)
978

  
979
    @classmethod
980
    def process_orphan_accounts(cls):
981
        backend = cls()
982
        usernames = [backend.create_username(*user_tuple[3:5]) for user_tuple in cls._get_user_tuples()]
983
        for user in LDAPUser.objects.all():
984
            if user.username not in usernames:
985
                if not user.is_active and isinstance(user._deactivated_on, datetime):
986
                    if datetime.today() - user._deactivated_on > timedelta(days=90):
987
                        user.delete()
988
                else:
989
                    setattr(user, 'is_active', False)
990
                    user._changed = True
991
                    user._deactivated_on = datetime.today()
992
                    user.save()
971 993

  
972 994
    @classmethod
973 995
    def ad_encoding(cls, s):
974
-