misc-fred/grandlyon/scripts/duplicate-roles.py

# usage:
#  cmd ou-orig ou-dest
# ex:
#  authentic2-multitenant-manage tenant_command runscript -d connexion.guichet-recette.grandlyon.com ~tma/scripts/duplicate-roles.py Bron Dardilly

import datetime
import json
import sys

from authentic2.models import Attribute
from authentic2.compat import get_user_model
from authentic2.utils import datetime_to_utc
from django_rbac.utils import get_role_model, get_ou_model
from hobo.agent.authentic2.provisionning import Provisionning

ORIG = json.load(open('communes.json'))['orig']
DESTS = [x['name'] for x in json.load(open('communes.json'))['dests']]

User = get_user_model()
Role = get_role_model()
Ou = get_ou_model()

ou_orig = Ou.objects.get(name=ORIG)

with Provisionning():
    mapping = {}
    for orig_role in Role.objects.filter(ou=ou_orig):
        if orig_role.slug.startswith('_a2'):
            continue
        mapping[orig_role.uuid] = {}
        for dest in DESTS:
            ou_dest = Ou.objects.get(name=dest)
            dest_role, created = Role.objects.get_or_create(ou=ou_dest, name=orig_role.name.replace(ORIG, dest))
            dest_role.save()
            mapping[orig_role.uuid][dest] = dest_role.uuid
    json.dump(mapping, open('/tmp/roles.mapping.json', 'w'), indent=2)