Mercurial Mercurial > pub > hg > cubicweb / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
misc/scripts/cwuser_ldap2system.py
author Sylvain Thénault <sylvain.thenault@logilab.fr>
Tue, 31 Jan 2012 21:43:24 +0100
changeset 8188 1867e252e487
parent 6387 edbc53707bac
child 9460 a2a0bc984863
permissions -rw-r--r--
[repository] ldap-feed source. Closes #2086984 datafeed based source which copy a subtree of the ldap directory into the system database. Authentication still go through ldap though. Pros: * don't need temporary tables and such for multi-sources RQL queries execution * much more flexible to enhance / configure behaviour (you simply have to replace the parser) * run better when ldap isn't reachable Cons: * no more 'on the fly' discovery of users (though a user authenticating itself will be automatically added if it doesn't exist in the db yet) * synchronization may be heavy if there are a lot of users A new cw.server.ldaputils containing code in common between former ldapuser and new ldapfeed sources has been introduced. Also ldapuser source now uses url instead of custom host/protocol option so it looks like a datafeed source (could be improved).

import base64
from cubicweb.server.utils import crypt_password

dbdriver  = config.sources()['system']['db-driver']
from logilab.database import get_db_helper
dbhelper = get_db_helper(driver)

insert = ('INSERT INTO cw_cwuser (cw_creation_date,'
          '                       cw_eid,'
          '                       cw_modification_date,'
          '                       cw_login,'
          '                       cw_firstname,'
          '                       cw_surname,'
          '                       cw_last_login_time,' 
          '                       cw_upassword,'
          '                       cw_cwuri) '
          "VALUES (%(mtime)s, %(eid)s, %(mtime)s, %(login)s, "
          "        %(firstname)s, %(surname)s, %(mtime)s, %(pwd)s, 'foo');")
update = "UPDATE entities SET source='system' WHERE eid=%(eid)s;"
rset = sql("SELECT eid,type,source,extid,mtime FROM entities WHERE source!='system'", ask_confirm=False)
for eid, type, source, extid, mtime in rset:
    if type != 'CWUser':
        print "don't know what to do with entity type", type
        continue
    if not source.lower().startswith('ldap'):
        print "don't know what to do with source type", source
        continue
    extid = base64.decodestring(extid)
    ldapinfos = [x.strip().split('=') for x in extid.split(',')]
    login = ldapinfos[0][1]
    firstname = login.capitalize()
    surname = login.capitalize()
    args = dict(eid=eid, type=type, source=source, login=login,
                firstname=firstname, surname=surname, mtime=mtime,
                pwd=dbhelper.binary_value(crypt_password('toto')))
    print args
    sql(insert, args)
    sql(update, args)

commit()
cubicweb