API tools faq
paste
Guest User

Untitled

a guest
Oct 12th, 2018
191
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.03 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2. import sys
  3. import optparse
  4. import ldap
  5. from suds.client import Client
  6.  
  7. from vidyo_disabler_config import LDAP_HOST, LDAP_USER, LDAP_PASS, VIDYO_API, VIDYO_USER, VIDYO_PASS, VIDYO_EXCEPTIONS
  8.  
  9. def get_all_ldap_users(ldap_conn, verbose):
  10. # For vidyo, we basically care about all human users in LDAP, regardless of which org they are in, since I think
  11. # community members could have vidyo accounts, as well as moco and mofo staff. We only need their e-mail address.
  12. # Doing one query and gathering *all* 3000+ users into a giant list is far less expensive than checking each of the
  13. # 1400+ users from vidyo individually
  14. all_users = ldap_conn.search_s(
  15. 'dc=mozilla',
  16. ldap.SCOPE_SUBTREE,
  17. '(&(objectClass=inetOrgPerson)(!(employeeType=DISABLED))(|(o:dn:=org)(o:dn:=com)(o:dn:=net)))',
  18. attrlist=['mail'])
  19. ldap_users = []
  20. for user in all_users:
  21. ldap_users.append(user[1]['mail'][0])
  22.  
  23. if verbose:
  24. print "LDAP users:"
  25. print ldap_users
  26. return ldap_users
  27.  
  28.  
  29. def get_vidyo_users(vidyo_client, verbose):
  30. # The getMembers method of the API returns both the total number of users
  31. # as well as up to 200 users at a time. Here's my attempt at a simple
  32. # pagination fix in order to get all the users. First, we make a call asking for just
  33. # a single user, so that we can also get the total number of users, which is returned
  34. # in every call.
  35. Filter=vidyo_client.factory.create('Filter')
  36. Filter.limit = 1
  37.  
  38. total_accounts = vidyo_client.service.getMembers(Filter).total
  39.  
  40. # Now that we know the total number of users in vidyo, we can form a simple
  41. # while loop to grab 200 at a time, which is the max limit that the API will
  42. # return at once. So start at 0 position, then increment the position by 200
  43. # at the end of each iteration, while subtracting 200, so we loop until there
  44. # none left.
  45. Filter.limit = 200
  46. Filter.start = 0
  47. member_dict = {}
  48. while total_accounts > 0:
  49. resp = vidyo_client.service.getMembers(Filter)
  50. for member in resp.member:
  51. # It seems that human LDAP users have name and emailAddress set to the same
  52. # thing. Non-human accounts, like conference rooms and such don't seem to have
  53. # that similarity, and we probably don't care about those anyway, so to make
  54. # things easy, let's only look at users where the "name" attribute is identical
  55. # to emailAddress attribute.
  56. if member.name == member.emailAddress:
  57. member_dict[member.name] = member.memberID
  58. total_accounts -= 200
  59. Filter.start += 200
  60.  
  61. # We care about the member.name (username/email) for comparing to LDAP, but
  62. # we need the memberID in order to delete a user, so we return a dict with both
  63. if verbose:
  64. print "vidyo users:"
  65. print member_dict
  66. return member_dict
  67.  
  68. def delete_vidyo_member(vidyo_client, member, member_id, commit):
  69. print "deleting %s" % member
  70. if commit:
  71. # fix me. For testing and initial review, don't actually delete yet
  72. print "for real"
  73. #vidyo_client.service.deleteMember(member_id)
  74.  
  75. def main(prog_args = None):
  76.  
  77. if prog_args is None:
  78. prog_args = sys.argv
  79. # command line options. For Cron usage, we probably want only --commit.
  80. # For debug purposes, --verbose is more helpful
  81. parser = optparse.OptionParser()
  82. parser.usage = "Script to generate LDAP groups from search filters"
  83. parser.add_option ('-v', '--verbose',
  84. action='store_true',
  85. default=False,
  86. dest = 'verbose',
  87. help='verbose output')
  88. parser.add_option ('--commit',
  89. action='store_true',
  90. default=False,
  91. dest='commit',
  92. help='run script in commit mode')
  93.  
  94. options, args = parser.parse_args(sys.argv[1:])
  95.  
  96. commit = options.commit
  97. verbose = options.verbose
  98.  
  99. # Using suds, initialize a SOAP client for the vidyo portal. Apparently it only
  100. # works with username and password.
  101. vidyo_client = Client(VIDYO_API, username=VIDYO_USER, password=VIDYO_PASS)
  102.  
  103. # Main LDAP connection. This is used to get users from LDAP
  104. ldap_conn = ldap.initialize('ldap://%s' % LDAP_HOST)
  105. ldap_conn.start_tls_s()
  106. ldap_conn.simple_bind_s(LDAP_USER, LDAP_PASS)
  107.  
  108. # We pretty much just need a list active users from vidyo and a list of
  109. # active users from LDAP in order to compare
  110. all_ldap_users = get_all_ldap_users(ldap_conn, verbose)
  111. all_vidyo_users = get_vidyo_users(vidyo_client, verbose)
  112.  
  113. # For vidyo users, we get a dict back, because we want to display the e-mail
  114. # address of the user, but the deleteMember method needs the memberID.
  115. # Iterate through the email/memberid pairs checking each user against active
  116. # LDAP users, and if not found, and not in the exceptions list, delete.
  117. for k, v in all_vidyo_users.items():
  118. if k not in all_ldap_users:
  119. if k not in VIDYO_EXCEPTIONS:
  120. delete_vidyo_member(vidyo_client, k, v, commit)
  121.  
  122.  
  123. if __name__ == "__main__":
  124. main()
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!