paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-05 22:43:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8e7ce7cc7903681fec5f51d2d1405cbba73af905
zulip/zerver/management/commands/sync_ldap_user_data.py
Tim Abbott 8e7ce7cc79 python: Sort migrations/management command imports with isort. 
This is a preparatory commit for using isort for sorting all of our
imports, merging changes to files where we can easily review the
changes as something we're happy with.

These are also files with relatively little active development, which
means we don't expect much merge conflict risk from these changes.
2020-01-14 13:07:47 -08:00

72 lines
3.3 KiB
Python
Raw Blame History

import logging
from argparse import ArgumentParser
from typing import Any, List
from django.conf import settings
from django.db import transaction
from zerver.lib.logging_util import log_to_file
from zerver.lib.management import ZulipBaseCommand
from zerver.models import UserProfile
from zproject.backends import ZulipLDAPException, sync_user_from_ldap
## Setup ##
logger = logging.getLogger('zulip.sync_ldap_user_data')
log_to_file(logger, settings.LDAP_SYNC_LOG_PATH)
# Run this on a cronjob to pick up on name changes.
def sync_ldap_user_data(user_profiles: List[UserProfile], deactivation_protection: bool=True) -> None:
logger.info("Starting update.")
with transaction.atomic():
realms = set([u.realm.string_id for u in user_profiles])
for u in user_profiles:
# This will save the user if relevant, and will do nothing if the user
# does not exist.
try:
sync_user_from_ldap(u, logger)
except ZulipLDAPException as e:
logger.error("Error attempting to update user %s:" % (u.delivery_email,))
logger.error(e)
if deactivation_protection:
if not UserProfile.objects.filter(is_bot=False, is_active=True).exists():
error_msg = ("Ldap sync would have deactivated all users. This is most likely due " +
"to a misconfiguration of ldap settings. Rolling back...\n" +
"Use the --force option if the mass deactivation is intended.")
logger.error(error_msg)
# Raising an exception in this atomic block will rollback the transaction.
raise Exception(error_msg)
for string_id in realms:
if not UserProfile.objects.filter(is_bot=False, is_active=True, realm__string_id=string_id,
role__gte=UserProfile.ROLE_REALM_ADMINISTRATOR).exists():
error_msg = ("Ldap sync would have deactivated all administrators of realm %s. " +
"This is most likely due " +
"to a misconfiguration of ldap settings. Rolling back...\n" +
"Use the --force option if the mass deactivation is intended.")
error_msg = error_msg % (string_id,)
logger.error(error_msg)
raise Exception(error_msg)
logger.info("Finished update.")
class Command(ZulipBaseCommand):
def add_arguments(self, parser: ArgumentParser) -> None:
parser.add_argument('-f', '--force',
dest='force',
action="store_true",
default=False,
help='Disable the protection against deactivating all users.')
self.add_realm_args(parser)
self.add_user_list_args(parser)
def handle(self, *args: Any, **options: Any) -> None:
if options.get('realm_id') is not None:
realm = self.get_realm(options)
user_profiles = self.get_users(options, realm, is_bot=False,
include_deactivated=True)
else:
user_profiles = UserProfile.objects.select_related().filter(is_bot=False)
sync_ldap_user_data(user_profiles, not options['force'])
Reference in New Issue View Git Blame Copy Permalink