ynerant/synchronize-dolibarr-to-ldap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Synchronization is now operated from dolibarr data

Browse Source
This commit is contained in:
Emmy D'Anello 2025-02-17 12:16:28 +01:00
parent 01fdd6cc01
commit ed25f0ba2b
Signed by: ynerant
GPG Key ID: 3A75C55819C8CF85
1 changed files with 91 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
main.py Normal file → Executable file
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
from dolibarrpy import Dolibarrpy from dolibarrpy import Dolibarrpy
from ldap3 import ALL, Connection, ObjectDef, Reader, Server, Writer from ldap3 import ALL, Connection, ObjectDef, Reader, Server, WritableEntry, Writer
import config import config
@ -20,22 +20,48 @@ def main():
def manage_users_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy): def manage_users_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy):
dolibarr_users = dolibarr_client.find_all_users() dolibarr_users = dolibarr_client.find_all_users()
obj_inetorgperson = ObjectDef(['inetOrgPerson'] + config.LDAP_USERS_EXTRA_OBJECT_CLASSES, ldap_conn)
users_reader = Reader(ldap_conn, obj_inetorgperson, config.LDAP_USERS_OU)
users_reader.search()
users_writer = Writer.from_cursor(users_reader)
for ldap_user in users_writer:
uid = ldap_user.uid
for dolibarr_user in dolibarr_users: for dolibarr_user in dolibarr_users:
if dolibarr_user['login'] == uid: manage_user_extra_fields(ldap_conn, dolibarr_user)
break
else:
continue
def manage_user_extra_fields(ldap_conn: Connection, dolibarr_user: dict):
login = dolibarr_user['login']
obj_inetorgperson = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'], ldap_conn)
obj_user = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'] + config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES, ldap_conn)
users_reader = Reader(ldap_conn, obj_inetorgperson, config.LDAP_USERS_OU, f"uid:={login}")
users_reader.search()
users_writer = Writer.from_cursor(users_reader, object_def=obj_user)
if users_writer.entries:
ldap_user = users_writer[0]
else:
attrs = {
'cn': f"{dolibarr_user['firstname']} {dolibarr_user['lastname']}".strip(),
'givenName': dolibarr_user['firstname'],
'sn': dolibarr_user['lastname'],
'mail': dolibarr_user['email'],
'street': dolibarr_user['address'],
'postalCode': dolibarr_user['zip'],
'l': dolibarr_user['town'],
'mobile': dolibarr_user['user_mobile'],
'uidNumber': dolibarr_user['id'],
'gidNumber': dolibarr_user['id'],
'homeDirectory': f"/home/{login}",
}
for key, value in list(attrs.items()):
if not value:
del attrs[key]
ldap_conn.add(f"uid={login},{config.LDAP_USERS_OU}", ["top", "inetOrgPerson", "posixAccount", "shadowAccount"], attrs)
users_reader.search()
users_writer = Writer.from_cursor(users_reader, object_def=obj_user)
ldap_user = users_writer[0]
append_extra_fields_to_ldap_user(ldap_user, dolibarr_user)
users_writer.commit()
def append_extra_fields_to_ldap_user(ldap_user: WritableEntry, dolibarr_user: dict):
for extra_object_class in config.LDAP_USERS_EXTRA_OBJECT_CLASSES: for extra_object_class in config.LDAP_USERS_EXTRA_OBJECT_CLASSES:
if extra_object_class not in ldap_user.objectClass: if extra_object_class not in ldap_user.objectClass:
ldap_user.objectClass.append(extra_object_class) ldap_user.objectClass += extra_object_class
for extra_field in config.LDAP_USERS_EXTRA_FIELDS: for extra_field in config.LDAP_USERS_EXTRA_FIELDS:
dolibarr_attr, ldap_attr = extra_field.split(':') dolibarr_attr, ldap_attr = extra_field.split(':')
@ -47,43 +73,53 @@ def manage_users_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy
else: else:
value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] or "" value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] or ""
setattr(ldap_user, ldap_attr, value) setattr(ldap_user, ldap_attr, value)
users_writer.commit()
def manage_groups_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy): def manage_groups_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy):
dolibarr_groups = dolibarr_client.call_list_api('users/groups') dolibarr_groups = dolibarr_client.call_list_api('users/groups')
obj_posixgroup = ObjectDef(['posixGroup'] + config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES, ldap_conn)
groups_reader = Reader(ldap_conn, obj_posixgroup, config.LDAP_GROUPS_OU)
groups_reader.search()
groups_writer = Writer.from_cursor(groups_reader)
for ldap_group in groups_writer:
print(ldap_group)
name = ldap_group.cn
for dolibarr_group in dolibarr_groups: for dolibarr_group in dolibarr_groups:
if dolibarr_group['nom'] == name: manage_group_extra_fields(ldap_conn, dolibarr_group)
break
else:
continue
def manage_group_extra_fields(ldap_conn: Connection, dolibarr_group: dict):
name = dolibarr_group['name']
obj_posixgroup = ObjectDef(['posixGroup'], ldap_conn)
obj_group = ObjectDef(['posixGroup'] + config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES, ldap_conn)
groups_reader = Reader(ldap_conn, obj_posixgroup, config.LDAP_GROUPS_OU, f"cn:={name}")
groups_reader.search()
groups_writer = Writer.from_cursor(groups_reader, object_def=obj_group)
if groups_writer.entries:
ldap_group = groups_writer[0]
else:
attrs = {
'cn': name,
'gidNumber': dolibarr_group['id'],
}
for key, value in list(attrs.items()):
if not value:
del attrs[key]
ldap_conn.add(f"cn={name},{config.LDAP_GROUPS_OU}", ["top", "posixGroup"], attrs)
groups_reader.search()
groups_writer = Writer.from_cursor(groups_reader, object_def=obj_group)
ldap_group = groups_writer[0]
append_extra_fields_to_ldap_group(ldap_group, dolibarr_group)
groups_writer.commit()
def append_extra_fields_to_ldap_group(ldap_group: WritableEntry, dolibarr_group: dict):
for extra_object_class in config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES: for extra_object_class in config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES:
if extra_object_class not in ldap_group.objectClass: if extra_object_class not in ldap_group.objectClass:
ldap_group.objectClass.append(extra_object_class) ldap_group.objectClass += extra_object_class
for extra_field in config.LDAP_GROUPS_EXTRA_FIELDS: for extra_field in config.LDAP_GROUPS_EXTRA_FIELDS:
dolibarr_attr, ldap_attr = extra_field.split(':') dolibarr_attr, ldap_attr = extra_field.split(':')
if dolibarr_attr.endswith('[]'): if dolibarr_attr.endswith('[]'):
dolibarr_attr = dolibarr_attr[:-2] dolibarr_attr = dolibarr_attr[:-2]
print(dolibarr_group)
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] value = dolibarr_group['array_options'][f'options_{dolibarr_attr}']
value = value.split() if value else [] value = value.split() if value else []
print(ldap_attr, value)
setattr(ldap_group, ldap_attr, value) setattr(ldap_group, ldap_attr, value)
else: else:
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] or "" value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] or ""
print(ldap_attr, value)
setattr(ldap_group, ldap_attr, value) setattr(ldap_group, ldap_attr, value)
groups_writer.commit()
if __name__ == '__main__': if __name__ == '__main__':