From bb947bf3f551f3144dcf53a7a1aa10c9775451d4 Mon Sep 17 00:00:00 2001 From: John Gaunt Date: Sat, 6 Nov 2021 15:19:28 -0400 Subject: [PATCH] updated ldap loop --- seafile-ldap.py | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/seafile-ldap.py b/seafile-ldap.py index f76b06e..510532c 100644 --- a/seafile-ldap.py +++ b/seafile-ldap.py @@ -253,21 +253,26 @@ for ldapGroup in ldapGroups: searchSeafileGroup = request('admin/search-group/?query={0}'.format(ldapGroup.name), seafileURL, seafileToken)['response']['group_list'] for seafileGroup in searchSeafileGroup: if seafileGroup['name'] == ldapGroup.name: - seafileGroupMembers = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken)['response']['members'] - for ldapGroupMember in ldapGroup.member: - logger.debug("Searching for LDAP user {0}".format(ldapGroupMember)) - ldap.search(ldapBase, '(&(distinguishedName={0})(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))({1}))'.format(ldapGroupMember, ldapFilter), attributes=['mail']) - count = len(ldap.entries) - logger.debug("Found {0} LDAP user.".format(count)) - if count == 1: - if [item for item in seafileGroupMembers if ldap.entries[0]['mail'] == item['email']]: - logger.debug("User {0} is already member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name'])) - continue - else: - logger.info("User {0} is not a member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name'])) - addMembertoSeafileGroup = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken, "POST", {"email": "{0}".format(ldap.entries[0]['mail'])})['response'] - else: - logger.debug("User {0} is not enabled, have no email, or not in the Seafile Group".format(ldap.entries[0]['mail'])) + addMembertoSeafileGroup = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken, "POST", "email={0}".format(ldap.entries[0]['mail']), False)['response'] + if addMembertoSeafileGroup['failed']['email'] == ldap.entries[0]['mail'] and addMembertoSeafileGroup['failed']['error_msg'].endswith(" is already a group member."): + logger.debug("User {0} is already member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name'])) + + + #seafileGroupMembers = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken)['response']['members'] + #for ldapGroupMember in ldapGroup.member: + # logger.debug("Searching for LDAP user {0}".format(ldapGroupMember)) + # ldap.search(ldapBase, '(&(distinguishedName={0})(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))({1}))'.format(ldapGroupMember, ldapFilter), attributes=['mail']) + # count = len(ldap.entries) + # logger.debug("Found {0} LDAP user.".format(count)) + # if count == 1: + # if [item for item in seafileGroupMembers if ldap.entries[0]['mail'] == item['email']]: + # logger.debug("User {0} is already member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name'])) + # continue + # else: + # logger.info("User {0} is not a member of Seafile Group {1}".format(ldap.entries[0]['mail'], seafileGroup['name'])) + # addMembertoSeafileGroup = request('admin/groups/{0}/members/'.format(seafileGroup['id']), seafileURL, seafileToken, "POST", {"email": "{0}".format(ldap.entries[0]['mail'])})['response'] + # else: + # logger.debug("User {0} is not enabled, have no email, or not in the Seafile Group".format(ldap.entries[0]['mail'])) else: continue