91 lines
3.7 KiB
Python
91 lines
3.7 KiB
Python
#!/usr/bin/env python3
|
|
|
|
from dolibarrpy import Dolibarrpy
|
|
from ldap3 import ALL, Connection, ObjectDef, Reader, Server, Writer
|
|
|
|
import config
|
|
|
|
|
|
def main():
|
|
dolibarr_client = Dolibarrpy(url=config.DOLIBARR_API_BASE, token=config.DOLIBARR_API_TOKEN, timeout=16, debug=config.DOLIBARR_API_DEBUG)
|
|
|
|
ldap_server = Server(config.LDAP_HOST, config.LDAP_PORT, get_info=ALL)
|
|
with Connection(ldap_server, config.LDAP_BIND_USER, config.LDAP_BIND_PASSWORD) as ldap_conn:
|
|
if config.LDAP_USERS_EXTRA_FIELDS or config.LDAP_USERS_EXTRA_OBJECT_CLASSES:
|
|
manage_users_extra_fields(ldap_conn, dolibarr_client)
|
|
|
|
if config.LDAP_GROUPS_EXTRA_FIELDS or config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES:
|
|
manage_groups_extra_fields(ldap_conn, dolibarr_client)
|
|
|
|
|
|
def manage_users_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy):
|
|
dolibarr_users = dolibarr_client.find_all_users()
|
|
|
|
obj_inetorgperson = ObjectDef(['inetOrgPerson'] + config.LDAP_USERS_EXTRA_OBJECT_CLASSES, ldap_conn)
|
|
users_reader = Reader(ldap_conn, obj_inetorgperson, config.LDAP_USERS_OU)
|
|
users_reader.search()
|
|
users_writer = Writer.from_cursor(users_reader)
|
|
for ldap_user in users_writer:
|
|
uid = ldap_user.uid
|
|
for dolibarr_user in dolibarr_users:
|
|
if dolibarr_user['login'] == uid:
|
|
break
|
|
else:
|
|
continue
|
|
|
|
for extra_object_class in config.LDAP_USERS_EXTRA_OBJECT_CLASSES:
|
|
if extra_object_class not in ldap_user.objectClass:
|
|
ldap_user.objectClass.append(extra_object_class)
|
|
|
|
for extra_field in config.LDAP_USERS_EXTRA_FIELDS:
|
|
dolibarr_attr, ldap_attr = extra_field.split(':')
|
|
if dolibarr_attr.endswith('[]'):
|
|
dolibarr_attr = dolibarr_attr[:-2]
|
|
value = dolibarr_user['array_options'][f'options_{dolibarr_attr}']
|
|
value = value.split() if value else []
|
|
setattr(ldap_user, ldap_attr, value)
|
|
else:
|
|
value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] or ""
|
|
setattr(ldap_user, ldap_attr, value)
|
|
users_writer.commit()
|
|
|
|
|
|
def manage_groups_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy):
|
|
dolibarr_groups = dolibarr_client.call_list_api('users/groups')
|
|
|
|
obj_posixgroup = ObjectDef(['posixGroup'] + config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES, ldap_conn)
|
|
groups_reader = Reader(ldap_conn, obj_posixgroup, config.LDAP_GROUPS_OU)
|
|
groups_reader.search()
|
|
groups_writer = Writer.from_cursor(groups_reader)
|
|
for ldap_group in groups_writer:
|
|
print(ldap_group)
|
|
name = ldap_group.cn
|
|
for dolibarr_group in dolibarr_groups:
|
|
if dolibarr_group['nom'] == name:
|
|
break
|
|
else:
|
|
continue
|
|
|
|
for extra_object_class in config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES:
|
|
if extra_object_class not in ldap_group.objectClass:
|
|
ldap_group.objectClass.append(extra_object_class)
|
|
|
|
for extra_field in config.LDAP_GROUPS_EXTRA_FIELDS:
|
|
dolibarr_attr, ldap_attr = extra_field.split(':')
|
|
if dolibarr_attr.endswith('[]'):
|
|
dolibarr_attr = dolibarr_attr[:-2]
|
|
print(dolibarr_group)
|
|
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}']
|
|
value = value.split() if value else []
|
|
print(ldap_attr, value)
|
|
setattr(ldap_group, ldap_attr, value)
|
|
else:
|
|
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] or ""
|
|
print(ldap_attr, value)
|
|
setattr(ldap_group, ldap_attr, value)
|
|
groups_writer.commit()
|
|
|
|
|
|
if __name__ == '__main__':
|
|
main()
|