From c2373b9041dc81014cae944902c993ea2b9699b5 Mon Sep 17 00:00:00 2001
From: Ricardo Silva <Ricardo.SILVA@ext.ec.europa.eu>
Date: Tue, 9 Aug 2022 15:30:42 +0200
Subject: [PATCH] modified the sid_user script to synchronize the proxy users
 lk:31512104517634

---
 bin/sid_user.py | 47 +++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 45 insertions(+), 2 deletions(-)

diff --git a/bin/sid_user.py b/bin/sid_user.py
index 77743bb..30b282c 100755
--- a/bin/sid_user.py
+++ b/bin/sid_user.py
@@ -199,7 +199,8 @@ def ec_ldap_get():
     password = ldap_config.get('LDAP_EC', 'PASSWORD')
     basedn = ldap_config.get('LDAP_EC', 'BASE')
 
-    groups = ldap_config.get('LDAP_EC', 'LEANKIT_GROUP').split(',')
+    #groups = ldap_config.get('LDAP_EC', 'LEANKIT_GROUP').split(',')
+    groups = ldap_config.get('LDAP_EC', 'SID_GROUP').split(',')
     attributes = ['uid', 'cn']
 
     ldap_server = Server(server_name, port=server_port, use_ssl=False)
@@ -529,12 +530,22 @@ def main():
     # last reminder request: 04/2022 : used to remove the relations for others users
     official_broken_leg = ['tsigref', 'wagnejl', 'hautari', 'durmeda', 'stoiama']
 
-    departments = ['DIGIT.C.4', 'DIGIT.C.4.001', 'DIGIT.C.4.002', 'DIGIT.C.4.003', 'DIGIT.C.4.006', 'DIGIT.C.4.007', 'DIGIT.C.4.008']
+    departments = ['DIGIT.C.4', 'DIGIT.C.4.001', 'DIGIT.C.4.002', 'DIGIT.C.4.003', 'DIGIT.C.4.004','DIGIT.C.4.006', 'DIGIT.C.4.007', 'DIGIT.C.4.008']
 
     approver_scheduler_list = ['fournla', 'chevaju', 'gondago']
 
     snet_results = dict()
     snet_results = snet_ldap_get()
+
+    ec_ldap_sid_results = dict()
+    ec_ldap_sid_results = ec_ldap_get() 
+    snet_prox = list()
+    
+    for group in ec_ldap_sid_results['groups']:
+        if group == "DIGIT_SNET_PROX":
+            snet_prox = ec_ldap_sid_results['groups'][group]['mapped-ldap-users']   
+
+
     if debug:
         if logindebug:
             logger.debug("debuging " + logindebug)
@@ -548,6 +559,7 @@ def main():
     ec_results = dict()
 
     ec_ldap_users = list(snet_results['users'].keys())
+    ec_ldap_users += snet_prox
     ec_ldap_users += official_broken_leg
     ec_results = ec_ldap_get_user(ec_ldap_users)
     if debug:
@@ -636,6 +648,17 @@ def main():
                 snet_results['users'][user]['membership'] = list()
                 snet_results['users'][user]['membership'].append('officials')
 
+    for user in snet_prox:
+        if user not in ec_results['users']:
+            logger.error("proxy user '%s' not found in ec ldap." % (user))
+        else:
+            ec_results['users'][user]['mail'] = 'proxy user, no email'
+            snet_mail_index[ec_results['users'][user]['mail']] = user
+            snet_account_index[user] = ec_results['users'][user]['mail']
+            snet_results['users'][user] = dict()    
+            snet_results['users'][user]['membership'] = list()
+            snet_results['users'][user]['membership'].append('proxy')            
+
     logger.info('Bad User: ' + pformat(bad_user))
     logger.info('Snet User snet_mail_index: ' + pformat(snet_mail_index))
     logger.info('Snet User snet_account_index: ' + pformat(snet_account_index))
@@ -754,6 +777,20 @@ def main():
                 block_to_update['properties']['has write access to'] = list()
                 block_to_update['properties']['has write access to'].append(t)
 
+            if 'has as role' not in block_to_update['properties']:
+                block_to_update['properties']['has as role'] = list()
+            elif 'has as role' in block_to_update['properties'] and not isinstance(block_to_update['properties']['has as role'], list):
+                t = block_to_update['properties']['has as role']
+                block_to_update['properties']['has as role'] = list()
+                block_to_update['properties']['has as role'].append(t)
+
+            if 'belongs to' not in block_to_update['properties']:
+                block_to_update['properties']['belongs to'] = list()
+            elif 'belongs to' in block_to_update['properties'] and not isinstance(block_to_update['properties']['belongs to'], list):
+                t = block_to_update['properties']['belongs to']
+                block_to_update['properties']['belongs to'] = list()
+                block_to_update['properties']['belongs to'].append(t)
+
         if 'has as short name' not in block_to_update['properties'] or block_to_update['properties']['has as short name'] is None or '':
             block_to_update['properties']['has as short name'] = ec_results['users'][user]['givenName'][0] + ec_results['users'][user]['sn'][:2]
 
@@ -962,6 +999,12 @@ def main():
                     if 'Profile Support' not in block_to_update['properties']['has access to easiCAPs feature']:
                         block_to_update['properties']['has access to easiCAPs feature'].append('Profile Support')
 
+            elif mb == 'proxy':
+                #For proxy users, in case more fields are to be added in the future 
+                if need_to_update is False and need_to_create is True:
+                    block_to_update['properties']['belongs to'].append('SNet Prox')
+                    block_to_update['properties']['has as role'].append('Proxy User')
+
             # Cleanup the properties
 
             if need_to_update is False and need_to_create is True and 'departmentNumber' in ec_results['users'][user]:
-- 
GitLab