authentic: improve export/import of LDAP synchronized accounts

This commit is contained in:
Frédéric Péters 2017-11-24 10:34:14 +01:00
parent 865c8d7e17
commit c849731adc
2 changed files with 22 additions and 9 deletions

View File

@ -32,6 +32,10 @@ def to_json(user):
'password': user.password,
'email_verified': user.email_verified,
'roles': [role_to_json(role) for role in user.roles.all()],
'external_id': {
'id': user.userexternalid_set.first().external_id,
'source': user.userexternalid_set.first().source
} if user.userexternalid_set.count() else None,
'attributes': {}
}
for av in AttributeValue.objects.with_owner(user):

View File

@ -27,19 +27,28 @@ def get_role(role_dict):
return Role.objects.get(**kwargs)
for user_dict in export['users']:
if user_dict['username'] and user_dict['username'].endswith('@ldap'):
# skip ldap users for now
continue
user, created = User.objects.get_or_create(
if user_dict.get('external_id'):
# don't create external users, hopefully they've already been
# synchronized.
try:
user = User.objects.get(
userexternalid__external_id=user_dict['external_id']['id'],
userexternalid__source=user_dict['external_id']['source']
)
except User.DoesNotExist:
print 'missing external:', user_dict['external_id']
continue
else:
user, created = User.objects.get_or_create(
uuid=user_dict['uuid'],
username=user_dict['username'],
ou=Ou.objects.get(slug=user_dict['ou__slug']) if user_dict['ou__slug'] else None)
if created:
user.password = user_dict['password']
for attribute in ('email', 'first_name', 'last_name', 'is_superuser', 'email_verified'):
setattr(user, attribute, user_dict.get(attribute))
if created:
user.password = user_dict['password']
for attribute in ('email', 'first_name', 'last_name', 'is_superuser', 'email_verified'):
setattr(user, attribute, user_dict.get(attribute))
user.save()
user.save()
content_type = ContentType.objects.get_for_model(User)
for attribute_name, attribute_value in user_dict['attributes'].items():