web: workaround for LDAP crashes when syncing groups

2017-05-12 17:53:10 +02:00 · 2017-05-12 17:53:10 +02:00 · 52358888bb
parent 1457f91531
commit 52358888bb
2 changed files with 36 additions and 7 deletions
--- a/web/webapp/directory.py
+++ b/web/webapp/directory.py
@ -65,15 +65,41 @@ def get_ldap_group_diff(members):
        return None
    return result

+# kinda clunky with all the member fetching, transforming the list in various ways and updating it again here, but it's a workaround for LDAP crashing on modify_s, no fucks given
 def update_member_groups(c, changes):
+    for group in changes:
+        target_members = set(get_group_members(g.ldap, group))
+        changed = False
+        for op in changes[group]:
+            for username in changes[group][op]:
+                if op == 'add':
+                    changed = True
+                    target_members.add(username)
+                elif op == 'remove':
+                    changed = True
+                    target_members.remove(username)
+        if not changed:
+            continue
+        values = []
+        for username in target_members:
+            values.append('uid={},{}'.format(username.encode('utf-8'),app.config['LDAP_USER_BASE']))
+        modlist = [(ldap.MOD_REPLACE,'uniqueMember',values)]
+        #print group,modlist
+        c.modify_s('cn={},{}'.format(group.encode('utf-8'),app.config['LDAP_GROUP_BASE']), modlist)
+
+# keeping it here instead of git history because it's preferable to the other method, as long as LDAP stops crashing
+def update_member_groups_fucked(c, changes):
    ops = {'add': ldap.MOD_ADD, 'remove': ldap.MOD_DELETE}
    for group in changes:
        modlist = []
        for op in changes[group]:
+            values = []
            for username in changes[group][op]:
-                modlist.append((ops[op],'uniqueMember','uid={},{}'.format(username.encode('utf-8'),app.config['LDAP_USER_BASE'])))
+                values.append('uid={},{}'.format(username.encode('utf-8'),app.config['LDAP_USER_BASE']))
+            if values:
+                modlist.append((ops[op],'uniqueMember',values))
+        print group, modlist
        c.modify_s('cn={},{}'.format(group.encode('utf-8'),app.config['LDAP_GROUP_BASE']), modlist)
-        #print group, modlist

 def get_group_members(c, group):
    lfilter = '(&(cn={}){})'.format(group, app.config['LDAP_GROUP_FILTER'])
--- a/web/webapp/views.py
+++ b/web/webapp/views.py
@ -135,11 +135,14 @@ def admin_ldap_sync():
@admin_required
@login_required
 def admin_csv():
-    members = [m.get_status() for m in models.Member.get_members(True)]
-    for member in members:
-        member["cn"] = directory.get_member_fields(g.ldap, member['username'], 'cn')['cn']
-    
-    active_members = filter(lambda m: m['judgement'] and not m['type'] == 'supporting', members)
+    members = []
+    for m in models.Member.get_members(True):
+        member = m.get_status()
+        member['contact_email'] = m.get_contact_email()
+        member['cn'] = directory.get_member_fields(g.ldap, member['username'], 'cn')['cn']
+        members.append(member)
+
+    active_members = filter(lambda m: m['judgement'], members)
    output = render_template("admin_csv.html", active_members=active_members)
    return Response(output)