| 1457 |
1457 |
pg_ctrl.cookie = serverctrls[0].cookie
|
| 1458 |
1458 |
yield from cls.normalize_ldap_results(data)
|
| 1459 |
1459 |
|
|
1460 |
@classmethod
|
|
1461 |
def get_users_for_block(cls, block):
|
|
1462 |
log.info('Synchronising users from realm "%s"', block['realm'])
|
|
1463 |
conn = cls.get_connection(block)
|
|
1464 |
if conn is None:
|
|
1465 |
log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
|
|
1466 |
return
|
|
1467 |
cls.check_group_to_role_mappings(block)
|
|
1468 |
user_basedn = force_text(block.get('user_basedn') or block['basedn'])
|
|
1469 |
user_filter = cls.get_sync_ldap_user_filter(block)
|
|
1470 |
attribute_names = cls.get_ldap_attributes_names(block)
|
|
1471 |
results = cls.paged_search(
|
|
1472 |
conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
|
|
1473 |
)
|
|
1474 |
backend = cls()
|
|
1475 |
count = 0
|
|
1476 |
for dn, attrs in results:
|
|
1477 |
count += 1
|
|
1478 |
user = backend._return_user(dn, None, conn, block, attrs)
|
|
1479 |
if not user:
|
|
1480 |
log.warning('unable to retrieve user for dn %s', dn)
|
|
1481 |
continue
|
|
1482 |
if user._changed or user._created:
|
|
1483 |
log.info(
|
|
1484 |
'%s user %s (uuid %s) from %s',
|
|
1485 |
'Created' if user._created else 'Updated',
|
|
1486 |
user.get_username(),
|
|
1487 |
user.uuid,
|
|
1488 |
', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
|
|
1489 |
)
|
|
1490 |
yield user
|
|
1491 |
log.info('Search for %s returned %s users.', user_filter, count)
|
|
1492 |
|
| 1460 |
1493 |
@classmethod
|
| 1461 |
1494 |
def get_users(cls, realm=None):
|
| 1462 |
1495 |
blocks = cls.get_config()
|
| ... | ... | |
| 1466 |
1499 |
for block in blocks:
|
| 1467 |
1500 |
if realm and realm != block['realm']:
|
| 1468 |
1501 |
continue
|
| 1469 |
|
|
| 1470 |
|
log.info('Synchronising users from realm "%s"', block['realm'])
|
| 1471 |
|
conn = cls.get_connection(block)
|
| 1472 |
|
if conn is None:
|
| 1473 |
|
log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
|
| 1474 |
|
continue
|
| 1475 |
|
cls.check_group_to_role_mappings(block)
|
| 1476 |
|
user_basedn = force_text(block.get('user_basedn') or block['basedn'])
|
| 1477 |
|
user_filter = cls.get_sync_ldap_user_filter(block)
|
| 1478 |
|
attribute_names = cls.get_ldap_attributes_names(block)
|
| 1479 |
|
results = cls.paged_search(
|
| 1480 |
|
conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
|
| 1481 |
|
)
|
| 1482 |
|
backend = cls()
|
| 1483 |
|
count = 0
|
| 1484 |
|
for dn, attrs in results:
|
| 1485 |
|
count += 1
|
| 1486 |
|
user = backend._return_user(dn, None, conn, block, attrs)
|
| 1487 |
|
if not user:
|
| 1488 |
|
log.warning('unable to retrieve user for dn %s', dn)
|
| 1489 |
|
continue
|
| 1490 |
|
if user._changed or user._created:
|
| 1491 |
|
log.info(
|
| 1492 |
|
'%s user %s (uuid %s) from %s',
|
| 1493 |
|
'Created' if user._created else 'Updated',
|
| 1494 |
|
user.get_username(),
|
| 1495 |
|
user.uuid,
|
| 1496 |
|
', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
|
| 1497 |
|
)
|
| 1498 |
|
yield user
|
| 1499 |
|
log.info('Search for %s returned %s users.', user_filter, count)
|
|
1502 |
yield from cls.get_users_for_block(block)
|
| 1500 |
1503 |
|
| 1501 |
1504 |
@classmethod
|
| 1502 |
1505 |
def deactivate_orphaned_users(cls):
|
| 1503 |
|
-
|