76 lines
2 KiB
Python
Executable file
76 lines
2 KiB
Python
Executable file
#!/bin/bash /usr/scripts/python.sh
|
|
# -*- coding: utf-8 -*-
|
|
|
|
from __future__ import print_function, unicode_literals
|
|
|
|
from lc_ldap import shortcuts
|
|
import pprint
|
|
|
|
ROLES_FILE = '/var/lib/cpasswords/roles.py'
|
|
KEYS_FILE = '/var/lib/cpasswords/keys.py'
|
|
|
|
|
|
conn = shortcuts.lc_ldap_readonly()
|
|
|
|
# Pour ne faire pas de conf à rallonge, cette liste ne contient pas
|
|
# tous les droits crans (par exemple multimachine ou apprenti sont exclus)
|
|
TOUS_DROITS = ["nounou", "apprenti", "bureau", "tresorier", "rtc", "president"]
|
|
|
|
# Cette liste ne contient que les EXTRA (on rajoute les canoniques juste après)
|
|
ROLES_OF_DROITS = {
|
|
'nounou': ['apprenti', 'apprenti-w'],
|
|
'rtc': ['tresorier', 'tresorier-w'],
|
|
'president': ['tresorier', 'tresorier-w'],
|
|
}
|
|
for droits in TOUS_DROITS:
|
|
if droits not in ROLES_OF_DROITS:
|
|
ROLES_OF_DROITS[droits] = []
|
|
ROLES_OF_DROITS[droits] += [droits, droits+'-w']
|
|
|
|
def format_fpr(fpr):
|
|
return fpr.replace(' ','')
|
|
|
|
roles = dict()
|
|
keys = dict()
|
|
|
|
fa = '(|%s)' % ''.join(u'(droits=%s)' % x for x in TOUS_DROITS)
|
|
|
|
#filterstr = '(&(!(droits=ancien))%s)' % fa
|
|
filterstr = fa
|
|
|
|
for member in conn.search(filterstr):
|
|
# Member again ?
|
|
login = member['uid'][0].value
|
|
|
|
# On remplit la clé
|
|
if member['gpgFingerprint']:
|
|
fpr = format_fpr(member['gpgFingerprint'][0].value)
|
|
else:
|
|
continue
|
|
#fpr = None
|
|
|
|
# Now le mail associé
|
|
if member['gpgMail']:
|
|
mail = member['gpgMail'][0].value
|
|
else:
|
|
mail = member['mail'][0].value
|
|
|
|
keys[login] = (mail, fpr)
|
|
|
|
# Tous les droits pour login (sans doublon)
|
|
their_roles = set()
|
|
for droit in member['droits']:
|
|
their_roles.update(ROLES_OF_DROITS.get(droit.value.lower(), []))
|
|
|
|
# On remplit roles
|
|
for role in their_roles:
|
|
if role not in roles:
|
|
roles[role] = []
|
|
roles[role].append(login)
|
|
|
|
pp = pprint.PrettyPrinter(indent=4)
|
|
with open(KEYS_FILE, 'w') as f:
|
|
f.write('value = %s' % pp.pformat(keys))
|
|
|
|
with open(ROLES_FILE, 'w') as f:
|
|
f.write('value = %s' % pp.pformat(roles))
|