184 |
184 |
185 LOGO = DATADIR/path/to/mylogo.gif |
185 LOGO = DATADIR/path/to/mylogo.gif |
186 |
186 |
187 where DATADIR is ``mycubes/data``. |
187 where DATADIR is ``mycubes/data``. |
188 |
188 |
189 * How to import LDAP users in `CubicWeb`? |
189 * How to configure LDAP source? |
190 |
190 |
191 Here is a very usefull script which enables you to import LDAP users |
191 Your instance's sources are defined in ``/etc/cubicweb.d/myapp/sources``. |
192 into your `CubicWeb` application by runing the following: :: |
192 Configuring an LDAP source is about declaring that source in your |
193 |
193 instance configuration file such as: :: |
194 |
194 |
195 import os |
195 [ldapuser] |
196 import pwd |
196 adapter=ldapuser |
197 import sys |
197 # ldap host |
198 |
198 host=myhost |
199 from logilab.common.db import get_connection |
199 # base DN to lookup for usres |
200 |
200 user-base-dn=ou=People,dc=mydomain,dc=fr |
201 def getlogin(): |
201 # user search scope |
202 """avoid usinng os.getlogin() because of strange tty / stdin problems |
202 user-scope=ONELEVEL |
203 (man 3 getlogin) |
203 # classes of user |
204 Another solution would be to use $LOGNAME, $USER or $USERNAME |
204 user-classes=top,posixAccount |
205 """ |
205 # attribute used as login on authentication |
206 return pwd.getpwuid(os.getuid())[0] |
206 user-login-attr=uid |
207 |
207 # name of a group in which ldap users will be by default |
208 |
208 user-default-group=users |
209 try: |
209 # map from ldap user attributes to erudi attributes |
210 database = sys.argv[1] |
210 user-attrs-map=gecos:email,uid:login |
211 except IndexError: |
211 |
212 print 'USAGE: python ldap2system.py <database>' |
212 Any change applied to configuration file requires to restart your |
213 sys.exit(1) |
213 application. |
214 |
|
215 if raw_input('update %s db ? [y/n]: ' % database).strip().lower().startswith('y'): |
|
216 cnx = get_connection(user=getlogin(), database=database) |
|
217 cursor = cnx.cursor() |
|
218 |
|
219 insert = ('INSERT INTO euser (creation_date, eid, modification_date, login, firstname, surname, last_login_time, upassword) ' |
|
220 "VALUES (%(mtime)s, %(eid)s, %(mtime)s, %(login)s, %(firstname)s, %(surname)s, %(mtime)s, './fqEz5LeZnT6');") |
|
221 update = "UPDATE entities SET source='system' WHERE eid=%(eid)s;" |
|
222 cursor.execute("SELECT eid,type,source,extid,mtime FROM entities WHERE source!='system'") |
|
223 for eid, type, source, extid, mtime in cursor.fetchall(): |
|
224 if type != 'EUser': |
|
225 print "don't know what to do with entity type", type |
|
226 continue |
|
227 if source != 'ldapuser': |
|
228 print "don't know what to do with source type", source |
|
229 continue |
|
230 ldapinfos = dict(x.strip().split('=') for x in extid.split(',')) |
|
231 login = ldapinfos['uid'] |
|
232 firstname = ldapinfos['uid'][0].upper() |
|
233 surname = ldapinfos['uid'][1:].capitalize() |
|
234 if login != 'jcuissinat': |
|
235 args = dict(eid=eid, type=type, source=source, login=login, |
|
236 firstname=firstname, surname=surname, mtime=mtime) |
|
237 print args |
|
238 cursor.execute(insert, args) |
|
239 cursor.execute(update, args) |
|
240 |
|
241 cnx.commit() |
|
242 cnx.close() |
|
243 |
|
244 |
|