ldap: factorize get_users per block actions (#61128)

2022-01-27 11:35:19 +01:00 · 2022-01-27 11:35:19 +01:00 · d65690e3e0
parent 5607172c9b
commit d65690e3e0
1 changed files with 34 additions and 31 deletions
--- a/src/authentic2/backends/ldap_backend.py
+++ b/src/authentic2/backends/ldap_backend.py
@ -1457,6 +1457,39 @@ class LDAPBackend:
            pg_ctrl.cookie = serverctrls[0].cookie
            yield from cls.normalize_ldap_results(data)

+    @classmethod
+    def get_users_for_block(cls, block):
+        log.info('Synchronising users from realm "%s"', block['realm'])
+        conn = cls.get_connection(block)
+        if conn is None:
+            log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
+            return
+        cls.check_group_to_role_mappings(block)
+        user_basedn = force_text(block.get('user_basedn') or block['basedn'])
+        user_filter = cls.get_sync_ldap_user_filter(block)
+        attribute_names = cls.get_ldap_attributes_names(block)
+        results = cls.paged_search(
+            conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
+        )
+        backend = cls()
+        count = 0
+        for dn, attrs in results:
+            count += 1
+            user = backend._return_user(dn, None, conn, block, attrs)
+            if not user:
+                log.warning('unable to retrieve user for dn %s', dn)
+                continue
+            if user._changed or user._created:
+                log.info(
+                    '%s user %s (uuid %s) from %s',
+                    'Created' if user._created else 'Updated',
+                    user.get_username(),
+                    user.uuid,
+                    ', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
+                )
+            yield user
+        log.info('Search for %s returned %s users.', user_filter, count)
+
    @classmethod
    def get_users(cls, realm=None):
        blocks = cls.get_config()
@ -1466,37 +1499,7 @@ class LDAPBackend:
        for block in blocks:
            if realm and realm != block['realm']:
                continue
-
-            log.info('Synchronising users from realm "%s"', block['realm'])
-            conn = cls.get_connection(block)
-            if conn is None:
-                log.warning('unable to synchronize with LDAP servers %s', force_text(block['url']))
-                continue
-            cls.check_group_to_role_mappings(block)
-            user_basedn = force_text(block.get('user_basedn') or block['basedn'])
-            user_filter = cls.get_sync_ldap_user_filter(block)
-            attribute_names = cls.get_ldap_attributes_names(block)
-            results = cls.paged_search(
-                conn, user_basedn, ldap.SCOPE_SUBTREE, user_filter, attrlist=attribute_names
-            )
-            backend = cls()
-            count = 0
-            for dn, attrs in results:
-                count += 1
-                user = backend._return_user(dn, None, conn, block, attrs)
-                if not user:
-                    log.warning('unable to retrieve user for dn %s', dn)
-                    continue
-                if user._changed or user._created:
-                    log.info(
-                        '%s user %s (uuid %s) from %s',
-                        'Created' if user._created else 'Updated',
-                        user.get_username(),
-                        user.uuid,
-                        ', '.join('%s=%s' % (k, v) for k, v in attrs.items()),
-                    )
-                yield user
-            log.info('Search for %s returned %s users.', user_filter, count)
+            yield from cls.get_users_for_block(block)

    @classmethod
    def deactivate_orphaned_users(cls):