initial commit

README

@@ -0,0 +1,5 @@
+A script to sync our LDAP and Redmine user bases.
+
+Currently it only makes sure every person in our member groups is in the redmine database.
+
+Have mercy, I really, *really* don't know ruby.

sync_users.rb

@@ -0,0 +1,50 @@
+ENV['RAILS_ENV'] = 'production'
+require '../config/environment.rb'
+require 'net/ldap'
+require 'test/unit/assertions'
+require 'set'
+
+class AuthSourceLdap < AuthSource
+# monkey patch because redmine authors didn't think this is needed.
+	def attrs_for_user(ldap_con, login)
+		search_filter = base_filter & Net::LDAP::Filter.eq(self.attr_login, login)
+		ldap_con.search( :base => self.base_dn,
+		     :filter => search_filter,
+		     :attributes=> search_attributes) do |entry|
+			return get_user_attributes_from_ldap_entry(entry).except(:dn) # nice method name, btw
+		end
+	end
+end
+
+def ldap_get_logins(ldap, search_base, filter)
+	Net::LDAP.new.search(:base => search_base, :filter => filter, 
+		:attributes => ["uid"]).collect { |entry| entry.uid.first }
+end
+
+search_base = "ou=People,dc=hackerspace,dc=pl"
+group_base = "ou=Group,dc=hackerspace,dc=pl"
+filter = "(|(memberOf=cn=fatty,#{group_base})(memberOf=cn=starving,#{group_base}))"
+
+ldap = Net::LDAP.new
+
+unregistered = ldap_get_logins(ldap, search_base, filter) - User.pluck(:login)
+puts "Missing users:" 
+puts unregistered
+
+sources = AuthSource.all # sigh
+unless sources.size == 1 then
+	raise RuntimeError.new "More than one AuthSource, bailing"
+end
+
+auth_source = sources.first
+
+unregistered.each { |login|
+	attrs = auth_source.attrs_for_user(ldap, login)
+	user = User.new(attrs)
+	user.login = login
+	user.language = Setting.default_language
+	if user.save
+		user.reload
+		Rails.logger.info("User '#{user.login}' added by sync_users")
+	end
+}