1457 |
1457 |
pg_ctrl.cookie = serverctrls[0].cookie
|
1458 |
1458 |
yield from cls.normalize_ldap_results(data)
|
1459 |
1459 |
|
|
1460 |
@classmethod
|
|
1461 |
def get_users_for_block(cls, block):
|
|
1462 |
log.info('Synchronising users from realm "%s"', block['realm'])
|
|
1463 |
conn = cls.get_connection(block)
|
|
1464 |
if conn is None:
|
|
1465 |
log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
|
|
1466 |
return
|
|
1467 |
cls.check_group_to_role_mappings(block)
|
|
1468 |
user_basedn = force_text(block.get('user_basedn') or block['basedn'])
|
|
1469 |
user_filter = cls.get_sync_ldap_user_filter(block)
|
|
1470 |
attribute_names = cls.get_ldap_attributes_names(block)
|
|
1471 |
results = cls.paged_search(
|
|
1472 |
conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
|
|
1473 |
)
|
|
1474 |
backend = cls()
|
|
1475 |
count = 0
|
|
1476 |
for dn, attrs in results:
|
|
1477 |
count += 1
|
|
1478 |
user = backend._return_user(dn, None, conn, block, attrs)
|
|
1479 |
if not user:
|
|
1480 |
log.warning('unable to retrieve user for dn %s', dn)
|
|
1481 |
continue
|
|
1482 |
if user._changed or user._created:
|
|
1483 |
log.info(
|
|
1484 |
'%s user %s (uuid %s) from %s',
|
|
1485 |
'Created' if user._created else 'Updated',
|
|
1486 |
user.get_username(),
|
|
1487 |
user.uuid,
|
|
1488 |
', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
|
|
1489 |
)
|
|
1490 |
yield user
|
|
1491 |
log.info('Search for %s returned %s users.', user_filter, count)
|
|
1492 |
|
1460 |
1493 |
@classmethod
|
1461 |
1494 |
def get_users(cls, realm=None):
|
1462 |
1495 |
blocks = cls.get_config()
|
... | ... | |
1466 |
1499 |
for block in blocks:
|
1467 |
1500 |
if realm and realm != block['realm']:
|
1468 |
1501 |
continue
|
1469 |
|
|
1470 |
|
log.info('Synchronising users from realm "%s"', block['realm'])
|
1471 |
|
conn = cls.get_connection(block)
|
1472 |
|
if conn is None:
|
1473 |
|
log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
|
1474 |
|
continue
|
1475 |
|
cls.check_group_to_role_mappings(block)
|
1476 |
|
user_basedn = force_text(block.get('user_basedn') or block['basedn'])
|
1477 |
|
user_filter = cls.get_sync_ldap_user_filter(block)
|
1478 |
|
attribute_names = cls.get_ldap_attributes_names(block)
|
1479 |
|
results = cls.paged_search(
|
1480 |
|
conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
|
1481 |
|
)
|
1482 |
|
backend = cls()
|
1483 |
|
count = 0
|
1484 |
|
for dn, attrs in results:
|
1485 |
|
count += 1
|
1486 |
|
user = backend._return_user(dn, None, conn, block, attrs)
|
1487 |
|
if not user:
|
1488 |
|
log.warning('unable to retrieve user for dn %s', dn)
|
1489 |
|
continue
|
1490 |
|
if user._changed or user._created:
|
1491 |
|
log.info(
|
1492 |
|
'%s user %s (uuid %s) from %s',
|
1493 |
|
'Created' if user._created else 'Updated',
|
1494 |
|
user.get_username(),
|
1495 |
|
user.uuid,
|
1496 |
|
', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
|
1497 |
|
)
|
1498 |
|
yield user
|
1499 |
|
log.info('Search for %s returned %s users.', user_filter, count)
|
|
1502 |
yield from cls.get_users_for_block(block)
|
1500 |
1503 |
|
1501 |
1504 |
@classmethod
|
1502 |
1505 |
def deactivate_orphaned_users(cls):
|
1503 |
|
-
|