def _prepare():
"""Prepare data."""
importer = LdapUserImporter()
# Prepare users in DB. Use `LdapUserImporter` to make it easy
# create old users
WILL_BE_UPDATED = deepcopy(ldap_users[1])
WILL_BE_UPDATED["displayName"] = [b"Previous name"]
WILL_BE_UPDATED["department"] = [b"Old department"]
ldap_user = serialize_ldap_user(WILL_BE_UPDATED)
importer.import_user(ldap_user)
WILL_NOT_CHANGE = deepcopy(ldap_users[2])
ldap_user = serialize_ldap_user(WILL_NOT_CHANGE)
importer.import_user(ldap_user)
# create a user that does not exist anymore in LDAP, but will not
# be deleted for safety
COULD_BE_DELETED = {
"displayName": [b"old user left CERN"],
"department": [b"Department"],
"uidNumber": [b"444"],
"mail": [b"*****@*****.**"],
"cernAccountType": [b"Primary"],
"employeeID": [b"00444"],
"postOfficeBox": [b"M12345"]
}
ldap_user = serialize_ldap_user(COULD_BE_DELETED)
importer.import_user(ldap_user)
db.session.commit()
current_app_ils.patron_indexer.reindex_patrons()
def import_users():
"""Import LDAP users in db."""
start_time = time.time()
ldap_client = LdapClient()
ldap_users = ldap_client.get_primary_accounts()
print("Users in LDAP: {}".format(len(ldap_users)))
imported = 0
importer = LdapUserImporter()
for ldap_user_data in ldap_users:
ldap_user = serialize_ldap_user(ldap_user_data)
already_exists = user_exists(ldap_user)
if not ldap_user or already_exists:
continue
employee_id = ldap_user["remote_account_person_id"]
print("Importing user with person id {}".format(employee_id))
importer.import_user(ldap_user)
imported += 1
db.session.commit()
print("Users imported: {}".format(imported))
print("Now re-indexing all patrons...")
current_app_ils.patron_indexer.reindex_patrons()
print("--- Finished in %s seconds ---" % (time.time() - start_time))
def _prepare():
"""Prepare data."""
importer = LdapUserImporter()
# Prepare users in DB. Use `LdapUserImporter` to make it easy
# create old users
existing_user = deepcopy(ldap_users[0])
ldap_user = serialize_ldap_user(existing_user)
importer.import_user(ldap_user)
user_to_delete1 = deepcopy(ldap_users[1])
ldap_user = serialize_ldap_user(user_to_delete1)
importer.import_user(ldap_user)
user_to_delete2 = deepcopy(ldap_users[2])
ldap_user = serialize_ldap_user(user_to_delete2)
importer.import_user(ldap_user)
db.session.commit()
current_app_ils.patron_indexer.reindex_patrons()
def _prepare_duplicate():
duplicated = {
"displayName": [b"Name 2"],
"department": [b"Department 2"],
# same id as one of the previous, different emails
# should be skipped
"uidNumber": [b"555"],
"mail": [b"*****@*****.**"],
"cernAccountType": [b"Primary"],
"employeeID": [b"00555"],
"postOfficeBox": [b"M12345"]
}
importer = LdapUserImporter()
ldap_user = serialize_ldap_user(duplicated)
importer.import_user(ldap_user)
db.session.commit()
def get_ldap_users(log_func):
"""Create and return a map of all LDAP users."""
ldap_users_emails = set()
ldap_users_map = {}
# get all CERN users from LDAP
ldap_client = LdapClient()
ldap_users = ldap_client.get_primary_accounts()
ldap_users_count = len(ldap_users)
log_func("ldap_users_fetched", dict(users_fetched=ldap_users_count))
for ldap_user_data in ldap_users:
ldap_user = serialize_ldap_user(ldap_user_data, log_func=log_func)
if ldap_user and ldap_user["user_email"] not in ldap_users_emails:
ldap_person_id = ldap_user["remote_account_person_id"]
ldap_users_map[ldap_person_id] = ldap_user
ldap_users_emails.add(ldap_user["user_email"])
log_func("ldap_users_cached")
return ldap_users_count, ldap_users_map, ldap_users_emails
def test_import_users(app, db, testdata, mocker):
"""Test import of users from LDAP."""
ldap_users = [{
"displayName": [b"Ldap User"],
"department": [b"Department"],
"uidNumber": [b"111"],
"mail": [b"*****@*****.**"],
"cernAccountType": [b"Primary"],
"employeeID": [b"111"],
"postOfficeBox": [b"M12345"]
}]
# mock LDAP response
mocker.patch(
"cds_ils.ldap.api.LdapClient.get_primary_accounts",
return_value=ldap_users,
)
mocker.patch(
"invenio_app_ils.patrons.indexer.PatronIndexer.reindex_patrons")
import_users()
ldap_user_data = ldap_users[0]
ldap_user = serialize_ldap_user(ldap_user_data)
email = ldap_user["user_email"]
user = User.query.filter(User.email == email).one()
assert user
assert UserProfile.query.filter(UserProfile.user_id == user.id).one()
uid_number = ldap_user["user_identity_id"]
user_identity = UserIdentity.query.filter(
UserIdentity.id == uid_number).one()
assert user_identity
assert user_identity.method == OAUTH_REMOTE_APP_NAME
assert RemoteAccount.query.filter(RemoteAccount.user_id == user.id).one()