Mercurial Mercurial > pub > hg > cubicweb / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
misc/scripts/ldap_change_base_dn.py
author Julien Cristau <julien.cristau@logilab.fr>
Wed, 05 Feb 2014 16:34:21 +0100 (2014-02-05)
branchstable
changeset 9523 cd5738fc440f
parent 5969 caea22e82d83
child 9460 a2a0bc984863
permissions -rw-r--r--
[ajax] use a custom tag to handle dynamically loaded js Using <pre class="script"> makes it trivial for a malicious user to inject arbitrary javascript into a html or rest text element (because it looks innocent to the html sanitizer). Using a custom tag we can be sure that it actually comes from our code and not from untrusted user data. IE ignores custom tags, though, so we put it in its own namespace. https://extranet.logilab.fr/1530578
from base64 import b64decode, b64encode
try:
    uri, newdn = __args__
except ValueError:
    print 'USAGE: cubicweb-ctl shell <instance> ldap_change_base_dn.py -- <ldap source uri> <new dn>'
    print
    print 'you should not have updated your sources file yet'

olddn = repo.config.sources()[uri]['user-base-dn']

assert olddn != newdn

raw_input("Ensure you've stopped the instance, type enter when done.")

for eid, extid in sql("SELECT eid, extid FROM entities WHERE source='%s'" % uri):
    olduserdn = b64decode(extid)
    newuserdn = olduserdn.replace(olddn, newdn)
    if newuserdn != olduserdn:
        print olduserdn, '->', newuserdn
        sql("UPDATE entities SET extid='%s' WHERE eid=%s" % (b64encode(newuserdn), eid))

commit()

print 'you can now update the sources file to the new dn and restart the instance'
cubicweb