def populate(engine, ldap):
""" Retrieve users from ldap directory and import them in local database
"""
session = DBSession()
# retrieve managers from dedicated group
managers = ldap.list_manager()
# retrieve users
searchFilter = '(&(objectClass=inetOrgPerson)(employeetype=Employee))'
required = ['objectClass', 'employeeType', 'cn', 'givenName', 'sn',
'manager', 'mail', 'ou', 'uid', 'userPassword']
users = ldap._search(searchFilter, required)
for user_dn, user_entry in users:
user_data = ldap.parse_ldap_entry(user_dn, user_entry)
if not user_data or not user_data.get('login'):
continue
login = user_data['login'].decode('utf-8')
# check what type of user it is
group = 'user'
# if it's a manager he should be in manager group
if user_data['dn'] in managers:
group = 'manager'
# if it's an admin he should be in admin group
what = '(member=%s)' % user_data['dn']
if len(ldap._search_admin(what, None)) > 0:
group = 'admin'
user = User.by_login(session, login)
if not user:
user = User.create_from_ldap(session, user_data, group)
else:
# update user with ldap informations in case it changed
user.email = user_data['email'].decode('utf-8')
user.firstname = user_data['firstname'].decode('utf-8')
user.lastname = user_data['lastname'].decode('utf-8')
user.manager_dn = user_data['manager_dn'].decode('utf-8')
user.dn = user_data['dn'].decode('utf-8')
user.role = group
session.add(user)
session.commit()
def populate(engine, ldap):
""" Retrieve users from ldap directory and import them in local database
"""
session = DBSession()
# retrieve managers from dedicated group
managers = ldap.list_manager()
# retrieve users
searchFilter = '(&(objectClass=inetOrgPerson)(employeetype=Employee))'
required = ['objectClass', 'employeeType', 'cn', 'givenName', 'sn',
'manager', 'mail', 'ou', 'uid', 'userPassword']
users = ldap._search(searchFilter, required)
for user_dn, user_entry in users:
user_data = ldap.parse_ldap_entry(user_dn, user_entry)
login = user_data['login'].decode('utf-8')
# check what type of user it is
group = u'user'
# if it's a manager he should be in manager group
if user_data['dn'] in managers:
group = u'manager'
# if it's an admin he should be in admin group
what = '(member=%s)' % user_data['dn']
if len(ldap._search_admin(what, None)) > 0:
group = u'admin'
user = User.by_login(session, login)
if not user:
user = User.create_from_ldap(session, user_data, group)
else:
# update user with ldap informations in case it changed
user.email = user_data['email'].decode('utf-8')
user.firstname = user_data['firstname'].decode('utf-8')
user.lastname = user_data['lastname'].decode('utf-8')
user.manager_dn = user_data['manager_dn'].decode('utf-8')
user.dn = user_data['dn'].decode('utf-8')
user.role = group
session.add(user)
session.commit()