From c6833377a1c632e372c7fe4e8ed4be19b5a670c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Tue, 15 Aug 2017 11:58:05 +0200
Subject: [PATCH] authentic: add draft import users script

---
 authentic/import-users.py | 52 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 authentic/import-users.py

diff --git a/authentic/import-users.py b/authentic/import-users.py
new file mode 100644
index 0000000..85ce1c1
--- /dev/null
+++ b/authentic/import-users.py
@@ -0,0 +1,52 @@
+import json
+import sys
+
+from django.contrib.auth import get_user_model
+from django.contrib.contenttypes.models import ContentType
+
+from django_rbac.utils import get_role_model, get_ou_model
+from authentic2.models import Attribute, AttributeValue
+
+
+User = get_user_model()
+Role = get_role_model()
+Ou = get_ou_model()
+
+export = json.load(open(sys.argv[1]))
+
+def get_role(role_dict):
+    kwargs = {'slug': role_dict['slug']}
+    if role_dict['is_service']:
+        kwargs['service__slug'] = role_dict['service_slug']
+    else:
+        kwargs['service__isnull'] = True
+    if role_dict['ou__slug']:
+        kwargs['ou__slug'] = role_dict['ou__slug']
+    else:
+        kwargs['ou__isnull'] = True
+    return Role.objects.get(**kwargs)
+
+for user_dict in export['users']:
+    if user_dict['username'] and user_dict['username'].endswith('@ldap'):
+        # skip ldap users for now
+        continue
+    user, created = User.objects.get_or_create(
+            uuid=user_dict['uuid'],
+            username=user_dict['username'],
+            ou=Ou.objects.get(slug=user_dict['ou__slug']) if user_dict['ou__slug'] else None)
+    if created:
+        user.password = user_dict['password']
+    for attribute in ('email', 'first_name', 'last_name', 'is_superuser', 'email_verified'):
+        setattr(user, attribute, user_dict.get(attribute))
+
+    user.save()
+
+    content_type = ContentType.objects.get_for_model(User)
+    for attribute_name, attribute_value in user_dict['attributes'].items():
+        Attribute.objects.get(name=attribute_name).set_value(user, attribute_value)
+
+    for role_dict in user_dict['roles']:
+        try:
+            user.roles.add(get_role(role_dict))
+        except Role.DoesNotExist:
+            print 'failed to add role "%s" to user "%s"' % (role_dict['name'], user)