|author||Milo Casagrande <firstname.lastname@example.org>||2013-05-13 15:23:59 +0200|
|committer||Milo Casagrande <email@example.com>||2013-05-13 15:23:59 +0200|
Fixed ldap sync script.
1 files changed, 16 insertions, 10 deletions
diff --git a/scripts/ldap-sync b/scripts/ldap-sync
index 9dcf3c5..272b0fc 100755
@@ -398,7 +398,12 @@ class LdapSync():
if uid_or_cn not in self.get_rhodecode_usernames():
# We can have more than one here, but we take the first.
- email = details.get('mail')
+ email = details.get('mail')
+ logger.warn("User %s has no 'mail' LDAP attribute." %
+ email = 'Not provided'
firstname = details.get('givenName')
lastname = details.get('sn')
@@ -532,13 +537,14 @@ if __name__ == '__main__':
- # Commented out section, since right now there is not much stability on
- # LDAP side, and we receive different results. This would lead to false
- # users deactivation.
+ # We need a way to remove groups from RhodeCode that are not in LDAP anymore.
+ # At this time, RhodeCode API does not support group removal, it should be
+ # added in a future release.
# Users to remove.
- # diff = set(sync.get_rhodecode_usernames()).difference(set(all_usernames))
- # if diff:
- # for username in diff:
- # for group in groups:
- # sync.remove_user_from_group(username, group)
- # sync.disable_user(username)
+ diff = list(set(sync.get_rhodecode_usernames()).difference(set(all_usernames)))
+ if diff:
+ for username in diff:
+ for group in groups:
+ sync.remove_user_from_group(username, group)