ldap: factorize get_users per block actions (#61128)
This commit is contained in:
parent
5607172c9b
commit
d65690e3e0
|
@ -1457,6 +1457,39 @@ class LDAPBackend:
|
|||
pg_ctrl.cookie = serverctrls[0].cookie
|
||||
yield from cls.normalize_ldap_results(data)
|
||||
|
||||
@classmethod
|
||||
def get_users_for_block(cls, block):
|
||||
log.info('Synchronising users from realm "%s"', block['realm'])
|
||||
conn = cls.get_connection(block)
|
||||
if conn is None:
|
||||
log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
|
||||
return
|
||||
cls.check_group_to_role_mappings(block)
|
||||
user_basedn = force_text(block.get('user_basedn') or block['basedn'])
|
||||
user_filter = cls.get_sync_ldap_user_filter(block)
|
||||
attribute_names = cls.get_ldap_attributes_names(block)
|
||||
results = cls.paged_search(
|
||||
conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
|
||||
)
|
||||
backend = cls()
|
||||
count = 0
|
||||
for dn, attrs in results:
|
||||
count += 1
|
||||
user = backend._return_user(dn, None, conn, block, attrs)
|
||||
if not user:
|
||||
log.warning('unable to retrieve user for dn %s', dn)
|
||||
continue
|
||||
if user._changed or user._created:
|
||||
log.info(
|
||||
'%s user %s (uuid %s) from %s',
|
||||
'Created' if user._created else 'Updated',
|
||||
user.get_username(),
|
||||
user.uuid,
|
||||
', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
|
||||
)
|
||||
yield user
|
||||
log.info('Search for %s returned %s users.', user_filter, count)
|
||||
|
||||
@classmethod
|
||||
def get_users(cls, realm=None):
|
||||
blocks = cls.get_config()
|
||||
|
@ -1466,37 +1499,7 @@ class LDAPBackend:
|
|||
for block in blocks:
|
||||
if realm and realm != block['realm']:
|
||||
continue
|
||||
|
||||
log.info('Synchronising users from realm "%s"', block['realm'])
|
||||
conn = cls.get_connection(block)
|
||||
if conn is None:
|
||||
log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
|
||||
continue
|
||||
cls.check_group_to_role_mappings(block)
|
||||
user_basedn = force_text(block.get('user_basedn') or block['basedn'])
|
||||
user_filter = cls.get_sync_ldap_user_filter(block)
|
||||
attribute_names = cls.get_ldap_attributes_names(block)
|
||||
results = cls.paged_search(
|
||||
conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
|
||||
)
|
||||
backend = cls()
|
||||
count = 0
|
||||
for dn, attrs in results:
|
||||
count += 1
|
||||
user = backend._return_user(dn, None, conn, block, attrs)
|
||||
if not user:
|
||||
log.warning('unable to retrieve user for dn %s', dn)
|
||||
continue
|
||||
if user._changed or user._created:
|
||||
log.info(
|
||||
'%s user %s (uuid %s) from %s',
|
||||
'Created' if user._created else 'Updated',
|
||||
user.get_username(),
|
||||
user.uuid,
|
||||
', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
|
||||
)
|
||||
yield user
|
||||
log.info('Search for %s returned %s users.', user_filter, count)
|
||||
yield from cls.get_users_for_block(block)
|
||||
|
||||
@classmethod
|
||||
def deactivate_orphaned_users(cls):
|
||||
|
|
Loading…
Reference in New Issue