Sync owners of group

0393afcd · Tom Teichler · Nik | Klampfradler · f8dcc986 · 0393afcd · 0393afcd
Verified Commit 0393afcd authored 4 years ago by Tom Teichler Committed by Nik | Klampfradler 4 years ago
--- a/aleksis/apps/ldap/settings.py
+++ b/aleksis/apps/ldap/settings.py
@@ -14,6 +14,16 @@ CONSTANCE_ADDITIONAL_FIELDS = {
            ),
        },
    ],
+    "owner-attr-type": [
+        "django.forms.fields.ChoiceField",
+        {
+            "widget": "django.forms.Select",
+            "choices": (
+                ("dn", _("Distinguished Name")),
+                ("uid", _("UID")),
+            ),
+        },
+    ],
 }

 CONSTANCE_CONFIG = {
@@ -32,6 +42,8 @@ CONSTANCE_CONFIG = {
    "LDAP_GROUP_SYNC_FIELD_NAME": ("cn", _("Field for name of group"), str),
    "LDAP_GROUP_SYNC_FIELD_NAME_RE": ("", _("Regular expression to match LDAP value for group name against, e.g. class_(?P<class>.*); separate multiple patterns by |"), str),
    "LDAP_GROUP_SYNC_FIELD_NAME_REPLACE": ("", _("Replacement template to apply to group name, e.g. \\g<class>; separate multiple templates by |"), str),
+    "LDAP_GROUP_SYNC_OWNER_ATTR": ("", _("LDAP field with dn of group owner"), str),
+    "LDAP_GROUP_SYNC_OWNER_ATTR_TYPE": ("dn", _("Type of data in the ldap_field. Either DN or UID"), "owner-attr-type"),
 }
 CONSTANCE_CONFIG_FIELDSETS = {
    "LDAP-Sync settings": (
@@ -40,6 +52,8 @@ CONSTANCE_CONFIG_FIELDSETS = {
        "LDAP_SYNC_CREATE_MISSING_PERSONS",
        "LDAP_MATCHING_FIELDS",
        "ENABLE_LDAP_GROUP_SYNC",
+        "LDAP_GROUP_SYNC_OWNER_ATTR",
+        "LDAP_GROUP_SYNC_OWNER_ATTR_TYPE",
        "LDAP_GROUP_SYNC_FIELD_SHORT_NAME",
        "LDAP_GROUP_SYNC_FIELD_SHORT_NAME_RE",
        "LDAP_GROUP_SYNC_FIELD_SHORT_NAME_REPLACE",

--- a/aleksis/apps/ldap/util/ldap_sync.py
+++ b/aleksis/apps/ldap/util/ldap_sync.py
@@ -313,6 +313,7 @@ def mass_ldap_import():
    # Synchronise group memberships now
    if config.ENABLE_LDAP_GROUP_SYNC:
        member_attr = getattr(backend.settings.GROUP_TYPE, "member_attr", "memberUid")
+        owner_attr = config.LDAP_GROUP_SYNC_OWNER_ATTR

        for group, ldap_group in tqdm(zip(group_objects, ldap_groups)):
            dn, attrs = ldap_group
@@ -323,6 +324,15 @@ def mass_ldap_import():
            else:
                members = Person.objects.filter(ldap_dn__in=ldap_members)

+            if config.LDAP_GROUP_SYNC_OWNER_ATTR:
+                ldap_owners = [_.lower() for _ in attrs[owner_attr]] if owner_attr in attrs else []
+                if config.LDAP_GROUP_SYNC_OWNER_ATTR_TYPE == "uid":
+                    owners = Person.objects.filter(user__username__in=ldap_owners)
+                elif config.LDAP_GROUP_SYNC_OWNER_ATTR_TYPE == "dn":
+                    owners = Person.objects.filter(ldap_dn__in=ldap_owners)
+
            group.members.set(members)
+            if config.LDAP_GROUP_SYNC_OWNER_ATTR:
+                group.owners.set(owners)
            group.save()
            logger.info("Set group members of group %s" % str(group))