ldapimport.rb

file I modified - rain man, 2010-09-20 16:36

Download (3.36 KB)

 
1
@auth_method = AuthSourceLdap.find(1)
2
class AuthSourceLdap
3
  
4
        def import
5
                logger.info("**********************************************************************\n")
6
                logger.info("#{Time.now.inspect}\n\n")
7

    
8
                ldap_con = initialize_ldap_con(self.account, self.account_password)
9

    
10
                search_filter = Net::LDAP::Filter.eq("objectClass", "user")
11

    
12
                found = created = skipped =0
13
                created = []
14
                disabled = []
15
                ldap_con.search(:base => self.base_dn,:filter => search_filter,
16
                        :attributes => ['dn', self.attr_firstname, self.attr_lastname, self.attr_mail, self.attr_login, "distinguishedName",]
17
                ) do | entry |
18

    
19
                        login = AuthSourceLdap.get_attr(entry, self.attr_login)
20

    
21
                        logger.info("Found DN: #{entry.dn}")
22
                        found += 1
23

    
24
                        distinguishedName = AuthSourceLdap.get_attr(entry,"distinguishedName")
25
                        is_disabled_in_ldap = distinguishedName.include? "OU=Disabled"
26
                        user_in_rm = User.find(:first, :conditions => ["login=?", login])
27
                        #logger.info("  User #{login} inspect: #{user_in_rm.inspect}\n")
28

    
29
                        attrs = [:firstname => (AuthSourceLdap.get_attr(entry, self.attr_firstname) != nil ? \
30
                                                                        AuthSourceLdap.get_attr(entry, self.attr_firstname) : "Unknown"),
31
                                         :lastname => AuthSourceLdap.get_attr(entry, self.attr_lastname),
32
                                         :mail => AuthSourceLdap.get_attr(entry, self.attr_mail),
33
                                         :auth_source_id => self.id ]
34
                        #sanity checking (all the above attributes are required)
35

    
36
                        #If any of the attributes is missing then don't proceed but skip
37
                        skip = false
38
                        catch :SKIP do
39
                                skip = false
40
                                attrs.each { |e| 
41
                                        e.each { |k, v|
42
                                                if v == nil
43
                                                # give the admin a clue why importing failed...
44
                                                logger.info("  User #{login} misses value for attribute '#{k}'.\n")
45
                                                #skipped.push(login+" (missing attribute '#{k}')")
46
                                                skip = true
47
                                                throw :SKIP
48
                                                end
49
                                        }
50
                                }
51
                        end # catch                        
52
                        if skip
53
                            skipped += 1
54
                                next
55
                        end                        
56

    
57
                        #User account was disabled in LDAP
58
                        if is_disabled_in_ldap
59
                                logger.info("  User #{login} is disabled in ldap\n")
60
                                #If user exists in redmine then lock the account
61
                                if (user_in_rm != nil) and (user_in_rm.status != User::STATUS_LOCKED)
62
                                        user_in_rm.status=User::STATUS_LOCKED
63
                                        user_in_rm.save
64
                                    logger.info("  User #{login} is now locked in redmine\n")
65
                                end
66
                                #skipped.push(login+' (disabled in ldap)')
67
                            skipped += 1
68
                                next
69
                        end
70
                        
71
                        #User exists in Redmine, no need to update, I think.
72
                        if user_in_rm != nil
73
                                logger.info("  User #{login} exists in redmine\n")
74
                            skipped += 1
75
                           next
76
                        end
77
                                 
78
                        #create user
79
                        logger.info("  User #{login} is added user with attrs: #{attrs.to_s}\n")
80
                        u = User.create(*attrs)
81
                        u.login = login
82
                        u.language = Setting.default_language
83
                        if u.save
84
                                created.push(login+' (created)')
85
                        else
86
                                #skipped.push(login+' (add failed)')
87
                            skipped += 1
88
                                logger.info("  User #{login} failed in saving: #{attrs.to_s}\n")
89
                        end
90

    
91
                end #do
92
                logger.info("Found #{found} users in the system\n")
93
                logger.info("Skipped #{skipped} users in the system\n")
94
                logger.info("Created #{created.size} users:") #{created.join("\n")}\n")
95
                logger.info("Disabled #{created.size} users:") #{Disabled.join("\n")}\n")
96
                logger.info("#{Time.now.inspect}\n")                
97
                logger.info("\n**********************************************************************\n\n")
98
                return {:found => found, :imported => created, :skipped => skipped}
99
        end # import
100

    
101
end #class
102

    
103

    
104
@auth_method.import
105