autogen conf crans (première version)
This commit is contained in:
Daniel STAN
parent
2d5fd8e0cd
commit
42e1e16c5a
1 changed files with 76 additions and 0 deletions
76
utils/genconf_crans.py
Executable file
76
utils/genconf_crans.py
Executable file
|
|
@ -0,0 +1,76 @@
|
|||
#!/bin/bash /usr/scripts/python.sh
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from __future__ import print_function, unicode_literals
|
||||
|
||||
from lc_ldap import shortcuts
|
||||
import pprint
|
||||
|
||||
ROLES_FILE = '/var/lib/cpasswords/roles.py'
|
||||
KEYS_FILE = '/var/lib/cpasswords/keys.py'
|
||||
|
||||
|
||||
conn = shortcuts.lc_ldap_readonly()
|
||||
|
||||
# Pour ne faire pas de conf à rallonge, cette liste ne contient pas
|
||||
# tous les droits crans (par exemple multimachine ou apprenti sont exclus)
|
||||
TOUS_DROITS = ["nounou", "apprenti", "bureau", "tresorier", "rtc", "president"]
|
||||
|
||||
# Cette liste ne contient que les EXTRA (on rajoute les canoniques juste après)
|
||||
ROLES_OF_DROITS = {
|
||||
'nounou': ['apprenti', 'apprenti-w'],
|
||||
'rtc': ['tresorier', 'tresorier-w'],
|
||||
'president': ['tresorier', 'tresorier-w'],
|
||||
}
|
||||
for droits in TOUS_DROITS:
|
||||
if droits not in ROLES_OF_DROITS:
|
||||
ROLES_OF_DROITS[droits] = []
|
||||
ROLES_OF_DROITS[droits] += [droits, droits+'-w']
|
||||
|
||||
def format_fpr(fpr):
|
||||
return fpr.replace(' ','')
|
||||
|
||||
roles = dict()
|
||||
keys = dict()
|
||||
|
||||
fa = '(|%s)' % ''.join(u'(droits=%s)' % x for x in TOUS_DROITS)
|
||||
|
||||
#filterstr = '(&(!(droits=ancien))%s)' % fa
|
||||
filterstr = fa
|
||||
|
||||
for member in conn.search(filterstr):
|
||||
# Member again ?
|
||||
login = member['uid'][0].value
|
||||
|
||||
# On remplit la clé
|
||||
if member['gpgFingerprint']:
|
||||
fpr = format_fpr(member['gpgFingerprint'][0].value)
|
||||
else:
|
||||
continue
|
||||
#fpr = None
|
||||
|
||||
# Now le mail associé
|
||||
if member['gpgMail']:
|
||||
mail = member['gpgMail'][0].value
|
||||
else:
|
||||
mail = member['mail'][0].value
|
||||
|
||||
keys[login] = (mail, fpr)
|
||||
|
||||
# Tous les droits pour login (sans doublon)
|
||||
their_roles = set()
|
||||
for droit in member['droits']:
|
||||
their_roles.update(ROLES_OF_DROITS.get(droit.value.lower(), []))
|
||||
|
||||
# On remplit roles
|
||||
for role in their_roles:
|
||||
if role not in roles:
|
||||
roles[role] = []
|
||||
roles[role].append(login)
|
||||
|
||||
pp = pprint.PrettyPrinter(indent=4)
|
||||
with open(KEYS_FILE, 'w') as f:
|
||||
f.write('value = %s' % pp.pformat(keys))
|
||||
|
||||
with open(ROLES_FILE, 'w') as f:
|
||||
f.write('value = %s' % pp.pformat(roles))
|
||||
Loading…
Add table
Add a link
Reference in a new issue