From 43c1b9e7f6fb70967f992342f47d9c25e8f40263 Mon Sep 17 00:00:00 2001
From: John Gaunt <jgaunt@johnhgaunt.com>
Date: Sat, 6 Nov 2021 15:07:58 -0400
Subject: [PATCH] group updates and request method logging

---
 seafile-ldap.py | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/seafile-ldap.py b/seafile-ldap.py
index b77638d..7d6aa53 100644
--- a/seafile-ldap.py
+++ b/seafile-ldap.py
@@ -17,8 +17,9 @@ def request(resource, seafileURL, seafileToken, method='GET', data=None):
     else:
         data = json.dumps(data)
     url = '{0}/api/v2.1/{1}'.format(seafileURL, resource)
-    logger.debug('Request URL: {}'.format(url))
-    logger.debug('Request Data: {}'.format(data))
+    logger.debug('Request URL: {0}'.format(url))
+    logger.debug('Request Method: {0}'.format(method))
+    logger.debug('Request Data: {0}'.format(data))
     r = requests.request(
         method,
         url,
@@ -243,20 +244,25 @@ for group in ldap.entries:
         continue
 seafileGroups = request('admin/groups/', seafileURL, seafileToken)['response']['groups']
 for ldapGroup in ldapGroups:
-    searchSeafileGroup = request('admin/search-group/?query={0}'.format(ldapGroup.name), seafileURL, seafileToken)['response']['group_list']
     # loop through the results and make sure we match on the group name
+    searchSeafileGroup = request('admin/search-group/?query={0}'.format(ldapGroup.name), seafileURL, seafileToken)['response']['group_list']
     for seafileGroup in searchSeafileGroup:
         if seafileGroup['name'] == ldapGroup.name:
             seafileGroupMembers = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken)['response']['members']
             for ldapGroupMember in ldapGroup.member:
                 logger.debug("Searching for LDAP user {0}".format(ldapGroupMember))
-                ldap.search(ldapBase, '(&(distinguishedName={0})(!(userAccountControl:1.2.840.113556.1.4.803:=2))({1}))'.format(ldapGroupMember, ldapFilter), attributes=['mail'])
+                ldap.search(ldapBase, '(&(distinguishedName={0})(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))({1}))'.format(ldapGroupMember, ldapFilter), attributes=['mail'])
                 count = len(ldap.entries)
                 logger.debug("Found {0} LDAP user.".format(count))
-                if count == 1 and [item for item in seafileGroupMembers if ldap.entries[0]['mail'] in item ]:
-                    continue
+                if count == 1:
+                    if [item for item in seafileGroupMembers if ldap.entries[0]['mail'] == item['email']]:
+                        logger.debug("User {0} is already member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name']))
+                        continue
+                    else:
+                        logger.info("User {0} is not a member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name']))
+                        addMembertoSeafileGroup = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken, "POST",  {"email": "{0}".format(ldap.entries[0]['mail'])})['response']
                 else:
-                    print("User {0} is not in Seafile Group {1}".format(ldap.entries[0]['mail'], ldapGroup.name))
+                    logger.debug("User {0} is not enabled, have no email, or not in the Seafile Group".format(ldap.entries[0]['mail']))
         else:
             continue