def run_csv_file(db_conn, filename, optdict): """Runs the appropriate actions from a CSV file. :param db_conn: DB connection object :param filename: CSV filename :param optdict: Options dictionary. :returns int: number of successful user actions. """ api = account_mgr.get_api(config) log = logging.getLogger("run_csv_file") dict_reader = csv.DictReader(filename) if 'setpw' in optdict: user_dicts = assure_keys(dict_reader, SETPW_REQUIRED_KEYS) emails = (email for email in user_dicts['email_addr']) pws = (pw for pw in user_dicts['password']) set_multi_passwords(db_conn, emails, pws) # All done, so leave the function here. return len(user_dicts) success_count = 0 if 'create' in optdict: # Runs the creation routine for each user. user_dicts = assure_keys(dict_reader, CREATE_REQUIRED_KEYS) for user in user_dicts: api.create_user( {'name': user['given_name'] + ' ' + user['surname'], 'email': user['email_addr'], 'group_id': user['group_id'], }) success_count += 1 elif 'set_email' in optdict: # Sets emails for each user. user_dicts = assure_keys(dict_reader, SET_EMAIL_REQUIRED_KEYS) for user in user_dicts: api.edit_user(user['email_addr'], dict(email=user['new_email'])) success_count += 1 elif 'set_group' in optdict: # Sets groups for each user. user_dicts = assure_keys(dict_reader, SET_GROUP_REQUIRED_KEYS) for user in user_dicts: api.edit_user(user['email_addr'], dict(group_id=user['group_id'])) success_count += 1 elif 'disable' in optdict: user_dicts = assure_keys(dict_reader, frozenset(['email_addr'])) for user in user_dicts: api.edit_user(user['email_addr'], dict(enabled=False)) success_count += 1 elif 'enable' in optdict: user_dicts = assure_keys(dict_reader, frozenset(['email_addr'])) for user in user_dicts: api.edit_user(user['email_addr'], dict(enabled=True)) success_count += 1 else: raise UsersActionError("Got an action that's not accounted for!") return success_count
def run_db_repair(config, db_conn): """Repairs the current user DB and billing API versus LDAP.""" # TODO: figure out what to do when email addresses *don't* match. log = logging.getLogger("run_db_repair") # Collect the users from LDAP, and insert into a temporary table. ldap_conn = ldap_source.OMLDAPConnection(config["dir_uri"], config["dir_base_dn"], config["dir_user"], config["dir_password"]) log.info("Collecting LDAP groups") ldap_users = ldap_source.collect_groups(ldap_conn, config) cur = db_conn.cursor() cur.execute("CREATE TEMPORARY TABLE ldap_users (LIKE users) ON COMMIT DROP;") cur.execute("ALTER TABLE ldap_users DROP COLUMN avatar_id;") cur.execute("ALTER TABLE ldap_users DROP COLUMN enabled;") cur.executemany("INSERT INTO ldap_users (uniqueid, email, givenname, surname, group_id) VALUES (%(uniqueid)s, %(email)s, %(firstname)s, %(lastname)s, %(group_id)s);", ldap_users) # Collect the users from the SpiderOak Accounts API, and insert into # a temporary table. log.info("Collecting SpiderOak user details") api = account_mgr.get_api(config) spider_users = api.list_users() for spider_user in spider_users: first_name, sep, last_name = spider_user['name'].strip().partition(' ') if not last_name: last_name = ' ' spider_user['firstname'] = first_name spider_user['lastname'] = last_name cur = db_conn.cursor() cur.execute("CREATE TEMPORARY TABLE spider_users (LIKE users) ON COMMIT DROP;") cur.execute("ALTER TABLE spider_users DROP COLUMN uniqueid;") cur.executemany("INSERT INTO spider_users " "(avatar_id, email, givenname, surname, group_id, enabled) VALUES " "(%(avatar_id)s, %(email)s, %(firstname)s, %(lastname)s, " "%(group_id)s, %(enabled)s);", spider_users) cur.execute("SELECT email, count(email) as occurences from ldap_users group by email having ( count(email) > 1 )") for row in cur.fetchall(): log.error("---> Duplicate user %s found %d times in LDAP query!", row[0], row[1]) # Clear out the current database. cur.execute("DELETE FROM users;") log.info("Inserting joined fields into the database") # Insert rows into users where email addresses match. cur.execute("INSERT INTO users " "SELECT l.uniqueid, s.email, s.avatar_id, s.givenname, " "s.surname, s.group_id, s.enabled " "FROM ldap_users l JOIN spider_users AS s ON l.email = s.email ") db_conn.commit()
def run_single_command(db_conn, email_address, optdict): log = logging.getLogger("run_single_command") api = account_mgr.get_api(config) if optdict['setpw']: set_user_password(db_conn, email_address, optdict['password']) elif optdict['create']: api.create_user( {'name': optdict['given_name'] + ' ' + optdict['surname'], 'email': optdict['email_addr'], 'group_id': optdict['group_id'], }) elif optdict['set_email']: api.edit_user(optdict['email_addr'], dict(email=optdict['new-email'])) elif optdict['set_group']: api.edit_user(optdict['email_addr'], dict(group_id=optdict['group_id'])) elif optdict['disable']: api.edit_user(optdict['email_addr'], dict(enabled=False)) elif optdict['enable']: api.edit_user(optdict['email_addr'], dict(enabled=True)) else: raise UsersActionError("Got an action that's not accounted for!")
def __init__(self, config, db_conn): self._log = logging.getLogger("AccountRunner") self._promo_code = config.get("promo_code", None) self._db_conn = db_conn self._api = account_mgr.get_api(config) self._config = config
def run_db_repair(config, db_conn): """Repairs the current user DB and billing API versus LDAP.""" # TODO: figure out what to do when email addresses *don't* match. log = logging.getLogger("run_db_repair") # Collect the users from LDAP, and insert into a temporary table. ldap_conn = ldap_source.OMLDAPConnection(config["dir_uri"], config["dir_base_dn"], config["dir_user"], config["dir_password"]) log.info("Collecting LDAP groups") ldap_users = ldap_source.collect_groups(ldap_conn, config) cur = db_conn.cursor() cur.execute("CREATE TEMPORARY TABLE ldap_users (LIKE users) ON COMMIT DROP;") cur.execute("ALTER TABLE ldap_users DROP COLUMN avatar_id;") cur.execute("ALTER TABLE ldap_users DROP COLUMN enabled;") cur.executemany("INSERT INTO ldap_users (uniqueid, email, givenname, surname, group_id) VALUES (%(uniqueid)s, %(email)s, %(firstname)s, %(lastname)s, %(group_id)s);", ldap_users) # Collect the users from the SpiderOak Accounts API, and insert into # a temporary table. log.info("Collecting SpiderOak user details") api = account_mgr.get_api(config) spider_users = api.list_users() for spider_user in spider_users: first_name, sep, last_name = spider_user['name'].strip().partition(' ') if not last_name: last_name = ' ' spider_user['firstname'] = first_name spider_user['lastname'] = last_name cur = db_conn.cursor() cur.execute("CREATE TEMPORARY TABLE spider_users (LIKE users) ON COMMIT DROP;") cur.execute("ALTER TABLE spider_users DROP COLUMN uniqueid;") cur.executemany("INSERT INTO spider_users " "(avatar_id, email, givenname, surname, group_id, enabled) VALUES " "(%(avatar_id)s, %(email)s, %(firstname)s, %(lastname)s, " "%(group_id)s, %(enabled)s);", spider_users) # Delete duplicate rows cur.execute("DELETE FROM ldap_users " "WHERE ctid NOT IN " "(SELECT MAX(l.ctid) " "FROM ldap_users l " "GROUP BY l.email)" ) # Clear out the current database. cur.execute("DELETE FROM users;") log.info("Inserting joined fields into the database") # Insert rows into users where email addresses match. cur.execute("INSERT INTO users " "SELECT l.uniqueid, s.email, s.avatar_id, s.givenname, " "s.surname, s.group_id, s.enabled " "FROM ldap_users l JOIN spider_users AS s ON l.email = s.email ") # Collect the list of users who are NOT in the LDAP # There are two types of users not in the LDAP sync groups we're looking through: # 1. Users who exist in the LDAP still, but not anymore in a monitored group # 2. Users who do not at all exist in the LDAP. # # Users in the first group we can enter back into the user sync database as disabled, # as we can locate some form of unique ID from the LDAP to put in the sync DB. The # second group needs to be just disabled on the Accounts API side. Note that users # in this second group will have to have the whole DB rebuilt if they reappear on the LDAP # and wish to continue using the same account. cur.execute("SELECT s.email, s.avatar_id, s.givenname, s.surname, s.group_id, s.enabled " "FROM spider_users s " "LEFT OUTER JOIN ldap_users l USING (email) " "WHERE l.email IS NULL") orphans = cur.fetchall() # We only care about ldap users here orphans = [x for x in orphans \ if get_config_group(config, x[4])["user_source"] == 'ldap'] # "found_orphans" are the users who exist *somewhere* in the LDAP. lost_orphans do not. found_orphans = _run_disabled_users_for_repair(ldap_conn, config, cur.description, orphans) found_emails = [y['email'] for y in found_orphans] lost_orphans = [x for x in orphans if x[0] not in found_emails] # Put the found orphans in the DB. cur.executemany("INSERT INTO users " "(avatar_id, email, givenname, surname, group_id, enabled, uniqueid) " "VALUES (%(avatar_id)s, %(email)s, %(givenname)s, %(surname)s, " " %(group_id)s, %(enabled)s, %(uniqueid)s);", found_orphans) db_conn.commit() # ...and disable the lost orphans. We don't care about already disabled lost orphans, # we want to only disable orphans who are enabled so they can be rounded up and # deleted. for orphan in lost_orphans: if orphan[5]: # If the user is enabled then disable them. api.edit_user(orphan[0], dict(enabled=False))
def __init__(self, config, db_conn): self._log = logging.getLogger("AccountRunner") self._promo_code = config.get("promo_code", None) self._db_conn = db_conn self._api = account_mgr.get_api(config)
def get_user_list(): """Fetches the list of users from SpiderOak, returns it as JSON.""" api = account_mgr.get_api(config) return api.list_users()