diff --git a/seafile-ldap.py b/seafile-ldap.py index 0e53b47..54620c0 100644 --- a/seafile-ldap.py +++ b/seafile-ldap.py @@ -255,9 +255,15 @@ for ldapGroup in ldapGroups: searchSeafileGroup = request('admin/search-group/?query={0}'.format(ldapGroup.name), seafileURL, seafileToken)['response']['group_list'] for seafileGroup in searchSeafileGroup: if seafileGroup['name'] == ldapGroup.name: - addMembertoSeafileGroup = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken, "POST", "email={0}".format(ldap.entries[0]['mail']), False)['response'] - if addMembertoSeafileGroup['failed']['email'] == ldap.entries[0]['mail'] and addMembertoSeafileGroup['failed']['error_msg'].endswith(" is already a group member."): - logger.debug("User {0} is already member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name'])) + for ldapGroupMember in ldapGroup.member: + logger.debug("Searching for LDAP user {0}".format(ldapGroupMember)) + ldap.search(ldapBase, '(&(distinguishedName={0})(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))({1}))'.format(ldapGroupMember, ldapFilter), attributes=['mail']) + count = len(ldap.entries) + logger.debug("Found {0} LDAP user.".format(count)) + if count == 1: + addMembertoSeafileGroup = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken, "POST", "email={0}".format(ldap.entries[0]['mail']), False)['response'] + if addMembertoSeafileGroup['failed']['email'] == ldap.entries[0]['mail'] and addMembertoSeafileGroup['failed']['error_msg'].endswith(" is already a group member."): + logger.debug("User {0} is already member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name'])) #seafileGroupMembers = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken)['response']['members']