ynerant/synchronize-dolibarr-to-ldap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ynerant:4907b2d7f5fd6139de6d8dd8fa7d33f4158c64ac
Branches Tags
ynerant:main
...
compare: ynerant:de5483107a788b6fda8b282538d517f131072529
Branches Tags
ynerant:main

2 Commits
4907b2d7f5 ... de5483107a

Author SHA1 Message Date
Emmy D'Anello
de5483107a
Debug webhook receiver 2025-02-18 10:48:00 +01:00
Emmy D'Anello
6145384f04
Ad group attrs in user (eg: mailGroupMember field) 2025-02-18 10:44:05 +01:00
1 changed files with 87 additions and 18 deletions
Show Stats Expand all files Collapse all files

105
main.py
View File

@ -1,5 +1,7 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import json
from dolibarrpy import Dolibarrpy from dolibarrpy import Dolibarrpy
from flask import Flask, abort, request from flask import Flask, abort, request
from ldap3 import ALL, Connection, ObjectDef, Reader, Server, WritableEntry, Writer from ldap3 import ALL, Connection, ObjectDef, Reader, Server, WritableEntry, Writer
@ -22,10 +24,10 @@ def main():
def manage_users_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy): def manage_users_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy):
dolibarr_users = dolibarr_client.find_all_users() dolibarr_users = dolibarr_client.find_all_users()
for dolibarr_user in dolibarr_users: for dolibarr_user in dolibarr_users:
manage_user_extra_fields(ldap_conn, dolibarr_user) manage_user_extra_fields(ldap_conn, dolibarr_user, dolibarr_client)
def manage_user_extra_fields(ldap_conn: Connection, dolibarr_user: dict): def manage_user_extra_fields(ldap_conn: Connection, dolibarr_user: dict, dolibarr_client: Dolibarrpy):
login = dolibarr_user['login'] login = dolibarr_user['login']
obj_inetorgperson = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'], ldap_conn) obj_inetorgperson = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'], ldap_conn)
obj_user = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'] + config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES, ldap_conn) obj_user = ObjectDef(['top', 'inetOrgPerson', 'posixAccount'] + config.LDAP_GROUPS_EXTRA_OBJECT_CLASSES, ldap_conn)
@ -56,6 +58,7 @@ def manage_user_extra_fields(ldap_conn: Connection, dolibarr_user: dict):
users_writer = Writer.from_cursor(users_reader, object_def=obj_user) users_writer = Writer.from_cursor(users_reader, object_def=obj_user)
ldap_user = users_writer[0] ldap_user = users_writer[0]
append_extra_fields_to_ldap_user(ldap_user, dolibarr_user) append_extra_fields_to_ldap_user(ldap_user, dolibarr_user)
append_extra_group_fields_to_ldap_user(ldap_user, dolibarr_user, dolibarr_client)
users_writer.commit() users_writer.commit()
@ -65,17 +68,68 @@ def append_extra_fields_to_ldap_user(ldap_user: WritableEntry, dolibarr_user: di
ldap_user.objectClass += extra_object_class ldap_user.objectClass += extra_object_class
for extra_field in config.LDAP_USERS_EXTRA_FIELDS: for extra_field in config.LDAP_USERS_EXTRA_FIELDS:
dolibarr_attr, ldap_attr = extra_field.split(':') dolibarr_attrs, ldap_attr = extra_field.split(':')
if dolibarr_attr.endswith('[]'): dolibarr_attrs = dolibarr_attrs.split('|')
dolibarr_attr = dolibarr_attr[:-2] values = []
value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] for dolibarr_attr in dolibarr_attrs:
value = value.split() if value else [] if dolibarr_attr.startswith('GROUP__'):
setattr(ldap_user, ldap_attr, value) continue
if dolibarr_attr.endswith('[]'):
dolibarr_attr = dolibarr_attr[:-2]
value = dolibarr_user['array_options'][f'options_{dolibarr_attr}']
value = value.split() if value else []
values += value
else:
value = dolibarr_user['array_options'][f'options_{dolibarr_attr}']
if value:
values.append(value)
if not values:
continue
if ldap_attr.endswith('[]'):
ldap_attr = ldap_attr[:-2]
value = values
else: else:
value = dolibarr_user['array_options'][f'options_{dolibarr_attr}'] or "" value = values[0]
setattr(ldap_user, ldap_attr, value) setattr(ldap_user, ldap_attr, value)
def append_extra_group_fields_to_ldap_user(ldap_user: WritableEntry, dolibarr_user: dict, dolibarr_client: Dolibarrpy):
if not any(dolibarr_attr.startswith('GROUP')
for extra_field in config.LDAP_USERS_EXTRA_FIELDS
for dolibarr_attr in extra_field.split(':')[0].split('|')):
return
user_id = dolibarr_user['id']
dolibarr_groups: list[dict] = dolibarr_client.get_user_groups_uid(user_id)
for extra_field in config.LDAP_USERS_EXTRA_FIELDS:
dolibarr_attrs, ldap_attr = extra_field.split(':')
dolibarr_attrs = dolibarr_attrs.split('|')
values = []
for dolibarr_attr in dolibarr_attrs:
if not dolibarr_attr.startswith('GROUP__'):
continue
dolibarr_attr = dolibarr_attr[7:]
for dolibarr_group in dolibarr_groups:
if dolibarr_attr.endswith('[]'):
dolibarr_attr = dolibarr_attr[:-2]
value = dolibarr_group.get(dolibarr_attr, dolibarr_group['array_options'][f'options_{dolibarr_attr}'])
value = value.split() if value else []
values += value
else:
value = dolibarr_group.get(dolibarr_attr, dolibarr_group['array_options'][f'options_{dolibarr_attr}'])
if value:
values.append(value)
if not values:
continue
if ldap_attr.endswith('[]'):
ldap_attr = ldap_attr[:-2]
value = values
else:
value = values[0]
setattr(ldap_user, ldap_attr, value)
def manage_groups_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy): def manage_groups_extra_fields(ldap_conn: Connection, dolibarr_client: Dolibarrpy):
dolibarr_groups = dolibarr_client.call_list_api('users/groups') dolibarr_groups = dolibarr_client.call_list_api('users/groups')
for dolibarr_group in dolibarr_groups: for dolibarr_group in dolibarr_groups:
@ -112,15 +166,27 @@ def append_extra_fields_to_ldap_group(ldap_group: WritableEntry, dolibarr_group:
ldap_group.objectClass += extra_object_class ldap_group.objectClass += extra_object_class
for extra_field in config.LDAP_GROUPS_EXTRA_FIELDS: for extra_field in config.LDAP_GROUPS_EXTRA_FIELDS:
dolibarr_attr, ldap_attr = extra_field.split(':') dolibarr_attrs, ldap_attr = extra_field.split(':')
if dolibarr_attr.endswith('[]'): dolibarr_attrs = dolibarr_attrs.split('|')
dolibarr_attr = dolibarr_attr[:-2] values = []
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] for dolibarr_attr in dolibarr_attrs:
value = value.split() if value else [] if dolibarr_attr.endswith('[]'):
setattr(ldap_group, ldap_attr, value) dolibarr_attr = dolibarr_attr[:-2]
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}']
value = value.split() if value else []
values += value
else:
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}']
if value:
values.append(value)
if not values:
continue
if ldap_attr.endswith('[]'):
ldap_attr = ldap_attr[:-2]
value = values
else: else:
value = dolibarr_group['array_options'][f'options_{dolibarr_attr}'] or "" value = values[0]
setattr(ldap_group, ldap_attr, value) setattr(ldap_group, ldap_attr, value)
flask_app = Flask(__name__) flask_app = Flask(__name__)
@ -132,6 +198,9 @@ def webhook_receiver():
abort(400) abort(400)
triggercode = data['triggercode'] triggercode = data['triggercode']
obj = data['object'] obj = data['object']
if config.DOLIBARR_API_DEBUG:
print("Received webhook trigger of type", triggercode, "with content:")
print(json.dumps(obj))
dolibarr_client = Dolibarrpy(url=config.DOLIBARR_API_BASE, token=config.DOLIBARR_API_TOKEN, timeout=16, debug=config.DOLIBARR_API_DEBUG) dolibarr_client = Dolibarrpy(url=config.DOLIBARR_API_BASE, token=config.DOLIBARR_API_TOKEN, timeout=16, debug=config.DOLIBARR_API_DEBUG)
ldap_server = Server(config.LDAP_HOST, config.LDAP_PORT, get_info=ALL) ldap_server = Server(config.LDAP_HOST, config.LDAP_PORT, get_info=ALL)
if triggercode.startswith('USER_'): if triggercode.startswith('USER_'):