From 0440601e0735d2d3585ec89b3d67c3f82e31b284 Mon Sep 17 00:00:00 2001 From: Nico Jehle Date: Tue, 4 Mar 2025 14:48:12 +0000 Subject: [PATCH] manage_dim: add subcommand to add user from LDAP add command to add a user from LDAP, so they can be added to groups for permissions --- dim/dim/ldap_sync.py | 18 ++++++++++++++++++ dim/dim/manage_dim.py | 8 ++++++++ 2 files changed, 26 insertions(+) diff --git a/dim/dim/ldap_sync.py b/dim/dim/ldap_sync.py index c52dbec7..f0b4092f 100644 --- a/dim/dim/ldap_sync.py +++ b/dim/dim/ldap_sync.py @@ -135,6 +135,24 @@ def sync_users(ldap: LDAP, deletion_threshold: int = -1, ignore_deletion_thresho check_deletion_threshold(User, deletion_threshold) +@time_function +@transaction +def add_user(username: str): + try: + _ = User.query.filter(User.username == username).one() + log_stdout('User %s already present' % username) + except: + try: + ldap = LDAP() + ldap_user = ldap.users(f'(o={username})')[0] + db.session.add(ldap_user) + log_stdout('Added user %s' % username) + ldap_user.register() + log_stdout('Added user %s to user-group all_users' % username) + except: + log_stdout('User %s not in LDAP' % username) + + @time_function @transaction def ldap_sync(ignore_deletion_threshold: bool = False, cleanup_department_groups: bool = False): diff --git a/dim/dim/manage_dim.py b/dim/dim/manage_dim.py index 2833690e..c5b5ad7f 100755 --- a/dim/dim/manage_dim.py +++ b/dim/dim/manage_dim.py @@ -49,6 +49,14 @@ def update_validity(): dim.models.db.session.commit() +@manage_dim.cli.command('ldap_add_user') +@click.option('-u', '--username') +@click.option('-n', '--dry-run', '--noop', 'dryrun', is_flag=True) +def ldap_sync(dryrun: bool, username: str): + '''Add User from LDAP''' + dim.ldap_sync.add_user(dryrun=dryrun, username=username) + + @manage_dim.cli.command('ldap_sync') @click.option('-n', '--dry-run', '--noop', 'dryrun', is_flag=True) @click.option('-f', '--ignore-deletion-threshold', 'ignore_deletion_threshold', is_flag=True)