From 6145384f040a8a46eaadf7be574f4f7b00174da1 Mon Sep 17 00:00:00 2001 From: Emmy D'Anello Date: Tue, 18 Feb 2025 10:44:05 +0100 Subject: [PATCH] Ad group attrs in user (eg: mailGroupMember field) --- main.py | 100 ++++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 82 insertions(+), 18 deletions(-) diff --git a/main.py b/main.py index cdba64c..d22912d 100755 --- a/main.py +++ b/main.py @@ -22,10 +22,10 @@ def main(): def manage_users_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy): dolibarr_users = dolibarr_client.find_all_users() for dolibarr_user in dolibarr_users: - manage_user_extra_fields(ldap_conn, dolibarr_user) + manage_user_extra_fields(ldap_conn, dolibarr_user, dolibarr_client) -def manage_user_extra_fields(ldap_conn: Connection, dolibarr_user: dict): +def manage_user_extra_fields(ldap_conn: Connection, dolibarr_user: dict, dolibarr_client: Dolibarrpy): login = dolibarr_user['login'] obj_inetorgperson = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'], ldap_conn) obj_user = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'] + config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES, ldap_conn) @@ -56,6 +56,7 @@ def manage_user_extra_fields(ldap_conn: Connection, dolibarr_user: dict): users_writer = Writer.from_cursor(users_reader, object_def=obj_user) ldap_user = users_writer[0] append_extra_fields_to_ldap_user(ldap_user, dolibarr_user) + append_extra_group_fields_to_ldap_user(ldap_user, dolibarr_user, dolibarr_client) users_writer.commit() @@ -65,17 +66,68 @@ def append_extra_fields_to_ldap_user(ldap_user: WritableEntry, dolibarr_user: di ldap_user.objectClass += extra_object_class for extra_field in config.LDAP_USERS_EXTRA_FIELDS: - dolibarr_attr, ldap_attr = extra_field.split(':') - if dolibarr_attr.endswith('[]'): - dolibarr_attr = dolibarr_attr[:-2] - value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] - value = value.split() if value else [] - setattr(ldap_user, ldap_attr, value) + dolibarr_attrs, ldap_attr = extra_field.split(':') + dolibarr_attrs = dolibarr_attrs.split('|') + values = [] + for dolibarr_attr in dolibarr_attrs: + if dolibarr_attr.startswith('GROUP__'): + continue + if dolibarr_attr.endswith('[]'): + dolibarr_attr = dolibarr_attr[:-2] + value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] + value = value.split() if value else [] + values += value + else: + value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] + if value: + values.append(value) + if not values: + continue + if ldap_attr.endswith('[]'): + ldap_attr = ldap_attr[:-2] + value = values else: - value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] or "" - setattr(ldap_user, ldap_attr, value) + value = values[0] + setattr(ldap_user, ldap_attr, value) +def append_extra_group_fields_to_ldap_user(ldap_user: WritableEntry, dolibarr_user: dict, dolibarr_client: Dolibarrpy): + if not any(dolibarr_attr.startswith('GROUP') + for extra_field in config.LDAP_USERS_EXTRA_FIELDS + for dolibarr_attr in extra_field.split(':')[0].split('|')): + return + + user_id = dolibarr_user['id'] + dolibarr_groups: list[dict] = dolibarr_client.get_user_groups_uid(user_id) + + for extra_field in config.LDAP_USERS_EXTRA_FIELDS: + dolibarr_attrs, ldap_attr = extra_field.split(':') + dolibarr_attrs = dolibarr_attrs.split('|') + values = [] + for dolibarr_attr in dolibarr_attrs: + if not dolibarr_attr.startswith('GROUP__'): + continue + dolibarr_attr = dolibarr_attr[7:] + for dolibarr_group in dolibarr_groups: + if dolibarr_attr.endswith('[]'): + dolibarr_attr = dolibarr_attr[:-2] + value = dolibarr_group.get(dolibarr_attr, dolibarr_group['array_options'][f'options_{dolibarr_attr}']) + value = value.split() if value else [] + values += value + else: + value = dolibarr_group.get(dolibarr_attr, dolibarr_group['array_options'][f'options_{dolibarr_attr}']) + if value: + values.append(value) + if not values: + continue + if ldap_attr.endswith('[]'): + ldap_attr = ldap_attr[:-2] + value = values + else: + value = values[0] + setattr(ldap_user, ldap_attr, value) + + def manage_groups_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy): dolibarr_groups = dolibarr_client.call_list_api('users/groups') for dolibarr_group in dolibarr_groups: @@ -112,15 +164,27 @@ def append_extra_fields_to_ldap_group(ldap_group: WritableEntry, dolibarr_group: ldap_group.objectClass += extra_object_class for extra_field in config.LDAP_GROUPS_EXTRA_FIELDS: - dolibarr_attr, ldap_attr = extra_field.split(':') - if dolibarr_attr.endswith('[]'): - dolibarr_attr = dolibarr_attr[:-2] - value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] - value = value.split() if value else [] - setattr(ldap_group, ldap_attr, value) + dolibarr_attrs, ldap_attr = extra_field.split(':') + dolibarr_attrs = dolibarr_attrs.split('|') + values = [] + for dolibarr_attr in dolibarr_attrs: + if dolibarr_attr.endswith('[]'): + dolibarr_attr = dolibarr_attr[:-2] + value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] + value = value.split() if value else [] + values += value + else: + value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] + if value: + values.append(value) + if not values: + continue + if ldap_attr.endswith('[]'): + ldap_attr = ldap_attr[:-2] + value = values else: - value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] or "" - setattr(ldap_group, ldap_attr, value) + value = values[0] + setattr(ldap_group, ldap_attr, value) flask_app = Flask(__name__)