modify admin to connect via TCPHEADmaster

3 files changed, 121 insertions, 8 deletions

diff --git a/admin/doorman_ldap_sync b/admin/doorman_ldap_sync
new file mode 100755
index 0000000..9ff3c74
--- /dev/null
+++ b/admin/doorman_ldap_sync
@@ -0,0 +1,101 @@
+#!/usr/bin/env python2
+
+import ldap
+import getpass
+import pprint
+import requests
+
+from sys import argv
+
+import options
+from lib.actions import revoke_hash, add
+from lib.proto import Proto
+from lib.storage import get_card
+from lib.password import get_token
+from lib.command import signed_command
+
+MEMBER_FILTER = ('(|'
+    '(memberOf=cn=starving,ou=Group,dc=hackerspace,dc=pl)'
+    '(memberOf=cn=fatty,ou=Group,dc=hackerspace,dc=pl)'
+    '(memberOf=cn=potato,ou=Group,dc=hackerspace,dc=pl)'
+    ')')
+
+
+class shorthash(tuple):
+    """string which only compares first 12 characters"""
+
+    def __hash__(self):
+        return hash(str(self[0][:12].lower()))
+
+    def __eq__(self, other):
+        return hash(self) == hash(other)
+
+    def __repr__(self):
+        return 'shorthash(%s)' % (tuple.__repr__(self))
+
+
+def get_current_cards(token, proto):
+    cards = set()
+
+    proto.send(signed_command(command='P', hash=options.empty_hash, uid=0, token=token))
+
+    while True:
+        l = proto.fd.readline().strip()
+
+        if not l.startswith('REC,'):
+            continue
+        print(l)
+        _, i, d, card_hash = l.strip().split(',')
+
+        if i == d:
+            cards.add(shorthash((card_hash.lower(), None)))
+
+        if i == '8C':
+            return cards
+
+
+def get_target_cards(c):
+    cards = set()
+    for user, attrs in c.search_s('ou=People,dc=hackerspace,dc=pl',ldap.SCOPE_SUBTREE,'(&(mifareIDHash=*)%s)' % MEMBER_FILTER, ['mifareIDHash', 'uid']):
+        for h in attrs['mifareIDHash']:
+            cards.add(shorthash((h, user)))
+    return cards
+
+if __name__ == "__main__":
+    url = argv[1] if len(argv) > 1 else options.url
+    token = get_token()
+    proto = Proto(url)
+
+    c = ldap.initialize('ldap://ldap.hackerspace.pl')
+    c.start_tls_s()
+    c.simple_bind_s('uid=%s,ou=People,dc=hackerspace,dc=pl' % (getpass.getuser(),), getpass.getpass('LDAP password: '))
+    target = get_target_cards(c)
+    cur = get_current_cards(token, proto)
+
+    to_remove = cur - target
+    to_add = target - cur
+    print 'current:', len(cur)
+    print 'target:', len(target)
+    pprint.pprint(target)
+
+    print 'to add:', len(to_add)
+    pprint.pprint(to_add)
+    print 'to remove:', len(to_remove)
+    pprint.pprint(to_remove)
+
+    max_cards = 140
+
+    print 'Memory utilization: %d / %d (%.2f%%)' % (
+        len(cur), max_cards, 100.0 * len(cur) / max_cards
+        )
+
+    print('Press y to confirm removal')
+
+    if raw_input().lower().strip() == 'y':
+        for h, u in to_remove:
+            print('Removing %s' % h)
+            revoke_hash(token, h, proto=proto)
+
+    for h, u in to_add:
+        print('Adding %s' % u)
+        add(token, h, proto=proto)
diff --git a/admin/lib/proto.py b/admin/lib/proto.py
index 16c0ae3..8ceb8d8 100644
--- a/admin/lib/proto.py
+++ b/admin/lib/proto.py
@@ -2,6 +2,8 @@ from time import sleep
 from sys import stderr
 
 import serial
+import socket
+import ssl
 
 from command import Command
 import options
@@ -14,20 +16,30 @@ class Proto(object):
         kwa.update(options.serial)
         kwa.update(kwargs)
         url = url or options.url
-        self.fd = serial.serial_for_url(url, **kwa)
+        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        sock.settimeout(20)
+        print ('wrapping..')
+        ctx = ssl.create_default_context()
+        self.sock = ssl.wrap_socket(sock)
+        print ('connecting')
+        self.sock.connect((url, 443))
+        self.sock.settimeout(60)
+        print ('done')
+
+        self.fd = self.sock.makefile()
+        #self.fd = serial.serial_for_url(url, **kwa)
         sleep(options.init_sleep)
-        self.fd.flushInput()
-        self.fd.flushOutput()
+        ##self.fd.flushInput()
+        #self.fd.flushOutput()
         print >> stderr, 'Serial port ready'
     def send(self, command):
         cmd = str(command) + '\n'
         print cmd
         for i in cmd:
-            sleep(0.02)
-            self.fd.write(i)
+            self.sock.send(i)
     def recv(self):
         line = self.fd.readline()
-        print line
+        print (line)
         if line[0] != '$':
             return self.recv()
         cmd = Command.from_str(line)
diff --git a/admin/options.py b/admin/options.py
index a8dc32a..b8c7025 100644
--- a/admin/options.py
+++ b/admin/options.py
@@ -1,4 +1,4 @@
-url = '/dev/ttyACM0'
+url = '10.8.0.119'
 serial = dict(
     baudrate = 19200,
     timeout = 60,
@@ -21,4 +21,4 @@ hash_bytes = 64
 
 mac_bytes = 64
 
-init_sleep = 3
+init_sleep = 0