Commit 7df385d3 authored by Daniel Klaffenbach's avatar Daniel Klaffenbach 🐍

Initial commit

parents
Pipeline #1412 skipped
*~
*.pyc
*.swp
.__afs*
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>django-fountain</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.python.pydev.PyDevBuilder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.python.pydev.django.djangoNature</nature>
<nature>org.python.pydev.pythonNature</nature>
</natures>
</projectDescription>
default_app_config = 'fountain.apps.MainAppConfig'
from django.apps import AppConfig
from django.contrib.auth import get_user_model
from django.db.models.signals import pre_save
from .ldap import Ldap
def set_attributes_from_ldap(sender, instance, **kwargs):
l = Ldap()
username = getattr(instance, instance.USERNAME_FIELD)
attrs = l.get_attributes(username)
for attr in attrs:
value = attrs[attr]
setattr(instance, attr, value)
class MainAppConfig(AppConfig):
name = 'fountain'
def ready(self):
super(MainAppConfig, self).ready()
User = get_user_model()
pre_save.connect(set_attributes_from_ldap, User, dispatch_uid='fountain.set_attributes_from_ldap')
import ssl
from ldap3 import Server, Connection
from ldap3.core.tls import Tls
from ldap3.utils.uri import parse_uri
from django.conf import settings
from django.utils.functional import cached_property
DEFAULT_LDAP_SYNC_URI = 'ldaps://ldap.tu-chemnitz.de/ou=Users,dc=tu-chemnitz,dc=de'
DEFAULT_LDAP_SYNC_USER_ATTRIBUTES = {
'givenName': 'first_name',
'sn': 'last_name',
'mail': 'email',
}
class Ldap(object):
def __init__(self):
self.LDAP_SYNC_URI = getattr(settings, 'LDAP_SYNC_URI', DEFAULT_LDAP_SYNC_URI)
self.LDAP_PARAMS = parse_uri(self.LDAP_SYNC_URI)
self.LDAP_SYNC_BASE_USER = getattr(settings, 'LDAP_SYNC_BASE_USER', None)
self.LDAP_SYNC_BASE_PASS = getattr(settings, 'LDAP_SYNC_BASE_PASS', None)
self.LDAP_SYNC_USER_ATTRIBUTES = getattr(settings, 'LDAP_SYNC_USER_ATTRIBUTES', DEFAULT_LDAP_SYNC_USER_ATTRIBUTES)
@cached_property
def connection(self):
tls = Tls(ca_certs_file="/etc/pki/tls/certs/ca-bundle.crt", validate=ssl.CERT_REQUIRED)
s=Server(self.LDAP_PARAMS['host'], use_ssl=True, tls=tls)
c = Connection(s, auto_bind=True)
return c
def get_attributes(self, username):
conn = self.connection
model_attrs = {}
if conn.search(self.LDAP_PARAMS['base'], '(uid=%s)' %username, attributes=self.LDAP_SYNC_USER_ATTRIBUTES.keys()):
for attr in self.LDAP_SYNC_USER_ATTRIBUTES:
if attr in conn.response[0]['attributes']:
model_attrs[self.LDAP_SYNC_USER_ATTRIBUTES[attr]] = conn.response[0]['attributes'][attr][0]
return model_attrs
from django.core.management.base import NoArgsCommand
from fountain.ldap import Ldap
from django.contrib.auth import get_user_model
class Command(NoArgsCommand):
help = "Updates the attributes from all current Django users from a LDAP server."
def handle_noargs(self, **options):
verbosity = options.get('verbosity')
User = get_user_model()
l = Ldap()
values = list(l.LDAP_SYNC_USER_ATTRIBUTES.values())
values.append(User.USERNAME_FIELD)
for user_dict in User.objects.all().values(*values).iterator():
username = user_dict[User.USERNAME_FIELD]
attrs = l.get_attributes(username)
changed = False
for attr in attrs:
if user_dict[attr] != attrs[attr]:
changed = True
break
if changed:
filter_args = {User.USERNAME_FIELD: username}
if verbosity > 1:
self.stdout.write('Updating %s: %s' %(username, attrs))
User.objects.filter(**filter_args).update(**attrs)
#!/usr/bin/env python
from setuptools import setup, find_packages
setup(name='django-fountain',
version='0.1',
description='Synchronizes the attributes of existing Django users from LDAP.',
author='Daniel Klaffenbach',
author_email='daniel.klaffenbach@hrz.tu-chemnitz.de',
url='https://gitlab.hrz.tu-chemnitz.de/urz-django/fountain/',
packages=find_packages(),
install_requires=[
'django>=1.8',
'ldap3>=1.2.0',
],
)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment