Project

General

Profile

Feature #1838 » ldapimport.rb

file I modified - rain man, 2010-09-20 16:36

 
1
@auth_method = AuthSourceLdap.find(1)
2
class AuthSourceLdap
3
  
4
	def import
5
		logger.info("**********************************************************************\n")
6
		logger.info("#{Time.now.inspect}\n\n")
7

    
8
		ldap_con = initialize_ldap_con(self.account, self.account_password)
9

    
10
		search_filter = Net::LDAP::Filter.eq("objectClass", "user")
11

    
12
		found = created = skipped =0
13
		created = []
14
		disabled = []
15
		ldap_con.search(:base => self.base_dn,:filter => search_filter,
16
			:attributes => ['dn', self.attr_firstname, self.attr_lastname, self.attr_mail, self.attr_login, "distinguishedName",]
17
		) do | entry |
18

    
19
			login = AuthSourceLdap.get_attr(entry, self.attr_login)
20

    
21
			logger.info("Found DN: #{entry.dn}")
22
			found += 1
23

    
24
			distinguishedName = AuthSourceLdap.get_attr(entry,"distinguishedName")
25
			is_disabled_in_ldap = distinguishedName.include? "OU=Disabled"
26
			user_in_rm = User.find(:first, :conditions => ["login=?", login])
27
			#logger.info("  User #{login} inspect: #{user_in_rm.inspect}\n")
28

    
29
			attrs = [:firstname => (AuthSourceLdap.get_attr(entry, self.attr_firstname) != nil ? \
30
									AuthSourceLdap.get_attr(entry, self.attr_firstname) : "Unknown"),
31
					 :lastname => AuthSourceLdap.get_attr(entry, self.attr_lastname),
32
					 :mail => AuthSourceLdap.get_attr(entry, self.attr_mail),
33
					 :auth_source_id => self.id ]
34
			#sanity checking (all the above attributes are required)
35

    
36
			#If any of the attributes is missing then don't proceed but skip
37
			skip = false
38
			catch :SKIP do
39
				skip = false
40
				attrs.each { |e| 
41
					e.each { |k, v|
42
						if v == nil
43
						# give the admin a clue why importing failed...
44
						logger.info("  User #{login} misses value for attribute '#{k}'.\n")
45
						#skipped.push(login+" (missing attribute '#{k}')")
46
						skip = true
47
						throw :SKIP
48
						end
49
					}
50
				}
51
			end # catch			
52
			if skip
53
			    skipped += 1
54
				next
55
			end			
56

    
57
			#User account was disabled in LDAP
58
			if is_disabled_in_ldap
59
				logger.info("  User #{login} is disabled in ldap\n")
60
				#If user exists in redmine then lock the account
61
				if (user_in_rm != nil) and (user_in_rm.status != User::STATUS_LOCKED)
62
					user_in_rm.status=User::STATUS_LOCKED
63
					user_in_rm.save
64
				    logger.info("  User #{login} is now locked in redmine\n")
65
				end
66
				#skipped.push(login+' (disabled in ldap)')
67
			    skipped += 1
68
				next
69
			end
70
			
71
			#User exists in Redmine, no need to update, I think.
72
			if user_in_rm != nil
73
				logger.info("  User #{login} exists in redmine\n")
74
			    skipped += 1
75
			   next
76
			end
77
				 
78
			#create user
79
			logger.info("  User #{login} is added user with attrs: #{attrs.to_s}\n")
80
			u = User.create(*attrs)
81
			u.login = login
82
			u.language = Setting.default_language
83
			if u.save
84
				created.push(login+' (created)')
85
			else
86
				#skipped.push(login+' (add failed)')
87
			    skipped += 1
88
				logger.info("  User #{login} failed in saving: #{attrs.to_s}\n")
89
			end
90

    
91
		end #do
92
		logger.info("Found #{found} users in the system\n")
93
		logger.info("Skipped #{skipped} users in the system\n")
94
		logger.info("Created #{created.size} users:") #{created.join("\n")}\n")
95
		logger.info("Disabled #{created.size} users:") #{Disabled.join("\n")}\n")
96
		logger.info("#{Time.now.inspect}\n")		
97
		logger.info("\n**********************************************************************\n\n")
98
		return {:found => found, :imported => created, :skipped => skipped}
99
	end # import
100

    
101
end #class
102

    
103

    
104
@auth_method.import
105

    
(6-6/6)