384 lines
16 KiB
Diff
384 lines
16 KiB
Diff
diff --git usr/bin/importation_scribe usr/bin/importation_scribe
|
|
index 0db4982..47f5c80 100755
|
|
--- usr/bin/importation_scribe
|
|
+++ usr/bin/importation_scribe
|
|
@@ -42,21 +42,22 @@ choix de la source de données et imports
|
|
- personnels administratifs
|
|
- comptes invités
|
|
|
|
"""
|
|
import sys
|
|
from os import environ, getcwd, chdir
|
|
from os.path import isfile, dirname
|
|
from pyeole.process import system_out, system_code
|
|
from scribe.storage import init_store
|
|
from scribe.eoleldap import Ldap
|
|
-from scribe.ldapconf import SUPPORT_ETAB
|
|
+from scribe.eoleuser import User
|
|
+from scribe.ldapconf import SUPPORT_ETAB, PROF_FILTER
|
|
from scribe.eoletools import nscd_start, nscd_stop
|
|
from scribe.parsing import sconet, aaf, be1d, scribecsv2
|
|
from scribe.importation import preferences, writer, config
|
|
from scribe.importation import log
|
|
|
|
#______________________________________________________________________________
|
|
# utilitaires de manipulation de la console
|
|
|
|
class OutOfRange(Exception):
|
|
""" Exception OutOfRange """
|
|
@@ -458,33 +459,44 @@ class Console:
|
|
"""
|
|
log.add_lock()
|
|
log.debuglog("Arrêt de LSC...", title=True)
|
|
nscd_stop()
|
|
connexion = Ldap()
|
|
connexion.connect()
|
|
if SUPPORT_ETAB:
|
|
prefs = preferences.get_enseignants_prefs()
|
|
etab = prefs.get_default('etab')
|
|
etab_prefix = prefs.get_default('etab_prefix')
|
|
+ purge_option = 'keep'
|
|
+ old_logins = connexion._search('(&{})'.format(PROF_FILTER), 'uid')
|
|
+
|
|
else:
|
|
etab = None
|
|
etab_prefix = ''
|
|
if self.import_type != 'maj':
|
|
writer.purge_equipes(connexion=connexion, etab=etab)
|
|
writer.verify_classe(store=self.store, connexion=connexion,
|
|
etab_prefix=etab_prefix)
|
|
writer.write_matiere(store=self.store, connexion=connexion,
|
|
etab=etab, etab_prefix=etab_prefix)
|
|
writer.verify_option(store=self.store, connexion=connexion,
|
|
etab_prefix=etab_prefix)
|
|
- writer.write_enseignant(store=self.store, connexion=connexion,
|
|
+ logins = writer.write_enseignant(store=self.store, connexion=connexion,
|
|
etab=etab)
|
|
+ if SUPPORT_ETAB:
|
|
+ user = User()
|
|
+ user.ldap_admin = connexion
|
|
+ obsolete_logins = [login[1]['uid'] for login in old_logins if login[1]['uid'] not in logins]
|
|
+ for obsolete_login in obsolete_logins:
|
|
+ # eoleusers from dns and eoleuser._quit_etab
|
|
+ user._quit_etab(obsolete_login, etab=etab)
|
|
+ print(obsolete_logins)
|
|
if self.data_type in ['sconet', 'aaf']:
|
|
writer.write_service(store=self.store, connexion=connexion,
|
|
etab=etab, etab_prefix=etab_prefix)
|
|
writer.write_administratif(store=self.store, connexion=connexion,
|
|
etab=etab)
|
|
writer.write_samba(connexion)
|
|
connexion.close()
|
|
log.debuglog("Démarrage de LSC...", title=True)
|
|
nscd_start()
|
|
log.del_lock()
|
|
diff --git usr/lib/python3/dist-packages/scribe/enseignants.py usr/lib/python3/dist-packages/scribe/enseignants.py
|
|
index 69f3411..97bf905 100644
|
|
--- usr/lib/python3/dist-packages/scribe/enseignants.py
|
|
+++ usr/lib/python3/dist-packages/scribe/enseignants.py
|
|
@@ -145,45 +145,37 @@ class Enseignant(User):
|
|
rep = join(AD_HOME_PATH, login)
|
|
# répertoire supérieur
|
|
clear_acl(rep)
|
|
set_user_acl(rep, login, 'rwx')
|
|
copy_default_acl(rep)
|
|
# chown pour la prise en compte des quotas
|
|
set_owner(perso, login)
|
|
if 'quota' in args:
|
|
set_quota(login, args['quota'])
|
|
|
|
- def _change_etab(self, user, old_etab, new_etab):
|
|
+ def _change_etab(self, user, new_etab):
|
|
old_dn = self.get_user_dn(user)
|
|
new_dn = self.get_user_dn(user, force_etab=new_etab)
|
|
#copie de l'utilisateur + suppression
|
|
uidfilter = "(&%s(uid=%s))" % (USER_FILTER, user)
|
|
cur_ldif = self.ldap_admin._search_one(uidfilter)
|
|
- self._desinscription(user, old_etab, sync=False)
|
|
- self._desinscription(user, 'profs-' + old_etab, sync=False)
|
|
- for grp in self._get_user_groups(user, old_etab):
|
|
- self._desinscription(user, grp, sync=False)
|
|
self.ldap_admin._delete(old_dn)
|
|
#Suppression du cache
|
|
self.cache_etab['login'].pop(user)
|
|
self.ldap_admin._add(new_dn, modlist.addModlist(cur_ldif))
|
|
- #inscription dans le groupe du nouvel etablissement
|
|
- self._inscription(user, new_etab, sync=False, etab=num_etab)
|
|
- self._inscription(user, 'profs-' + new_etab, sync=False, etab=new_etab)
|
|
-
|
|
|
|
def _update(self, login, **args):
|
|
"""
|
|
Mise à niveau Enseignant via l'extraction
|
|
"""
|
|
- if 'etab' in args:
|
|
- user_dn = self.get_user_dn(login, force_etab=args.get('etab')) #USER_DN % dict(uid=login, _type=self._type)
|
|
+ if 'etab' in args: # cas multi-étab => enseignant dans une UO spécifique
|
|
+ user_dn = self.get_user_dn(login, force_etab='00000000') #USER_DN % dict(uid=login, _type=self._type)
|
|
else:
|
|
user_dn = self.get_user_dn(login) #USER_DN % dict(uid=login, _type=self._type)
|
|
datas = []
|
|
if not_empty(args, 'mail_acad'):
|
|
datas.append((MOD_REPLACE, 'FederationKey',
|
|
args['mail_acad'].lower()))
|
|
if not_empty(args, 'int_id'):
|
|
datas.append((MOD_REPLACE, 'intid', args['int_id'] ))
|
|
if not_empty(args, 'entpersonjointure'):
|
|
datas.append((MOD_REPLACE, 'ENTPersonJointure', args['entpersonjointure']))
|
|
@@ -196,21 +188,21 @@ class Enseignant(User):
|
|
datas.append((MOD_REPLACE, 'ENTAuxEnsCategoDiscipline', args['disciplines']))
|
|
datas.append((MOD_REPLACE, 'sn', args['nom']))
|
|
datas.append((MOD_REPLACE, 'givenName', args['prenom']))
|
|
datas.append((MOD_REPLACE, 'cn', "%(prenom)s %(nom)s" % args ))
|
|
datas.append((MOD_REPLACE, 'displayName', "%(prenom)s %(nom)s" % args ))
|
|
datas.append((MOD_REPLACE, 'gecos', replace_cars("%(prenom)s %(nom)s" % args) ))
|
|
datas.append((MOD_REPLACE, 'LastUpdate', format_current_date()))
|
|
self.ldap_admin._modify(user_dn, datas)
|
|
if not_empty(args, 'groups'):
|
|
groups = to_list(args['groups'])
|
|
- old_groups = self._get_user_groups(login)
|
|
+ old_groups = self._get_user_groups(login, etab=args.get('etab'))
|
|
for group in groups:
|
|
if group not in old_groups:
|
|
self._inscription(login, group, sync=False)
|
|
self._gen_ftpdir(login)
|
|
self._gen_groupesdir(login)
|
|
|
|
def _Upgrade(self, login):
|
|
"""
|
|
Mise à niveau d'un compte enseignant
|
|
"""
|
|
diff --git usr/lib/python3/dist-packages/scribe/eoleldap.py usr/lib/python3/dist-packages/scribe/eoleldap.py
|
|
index 45ec338..9a67c6d 100644
|
|
--- usr/lib/python3/dist-packages/scribe/eoleldap.py
|
|
+++ usr/lib/python3/dist-packages/scribe/eoleldap.py
|
|
@@ -8,21 +8,21 @@
|
|
# eoleldap.py
|
|
#
|
|
# librairie pour la connexion à un serveur ldap
|
|
#
|
|
###########################################################################
|
|
"""
|
|
Librairie Ldap pour Scribe
|
|
"""
|
|
import sys
|
|
from .ldapconf import SUFFIX, ROOT_DN, USER_FILTER, GROUP_FILTER, SHARE_FILTER, \
|
|
- SUPPORT_ETAB, ldap_server, ldap_passwd, num_etab, BRANCHE_GROUP_ETAB, LDAP_MODE, acad
|
|
+ SUPPORT_ETAB, ldap_server, ldap_passwd, num_etab, BRANCHE_GROUP_ETAB, BRANCHE_ETAB, LDAP_MODE, acad
|
|
from scribe.errors import LdapExistingGroup, LdapExistingUser, \
|
|
SystemExistingUser, NiveauNotFound
|
|
from .eoletools import to_list
|
|
import ldap
|
|
from ldap import SCOPE_ONELEVEL
|
|
|
|
|
|
def is_system_user(user):
|
|
"""
|
|
indique si le login proposé est déjà un utilisateur système
|
|
@@ -267,29 +267,27 @@ class _LdapEntry(object):
|
|
res = res['memberUid']
|
|
res.sort()
|
|
return res
|
|
else:
|
|
return []
|
|
|
|
def _get_user_groups(self, login, etab=None):
|
|
"""
|
|
renvoit la liste des groupes d'un utilisateur
|
|
"""
|
|
+ if etab:
|
|
+ suffix = BRANCHE_ETAB % {'etab': etab}
|
|
+ else:
|
|
+ suffix = None
|
|
res = self.ldap_admin._search("(&%s(memberUid=%s))" % (
|
|
- GROUP_FILTER, login), 'cn')
|
|
- groups = []
|
|
- for group in res:
|
|
- if etab is not None:
|
|
- grp_etab = group[0].split(',ou=')[-3]
|
|
- if etab != grp_etab:
|
|
- continue
|
|
- groups.append(group[1]['cn'][0])
|
|
+ GROUP_FILTER, login), 'cn', suffix=suffix)
|
|
+ groups = [group[1]['cn'][0] for group in res]
|
|
groups.sort()
|
|
return groups
|
|
|
|
def _get_users(self, filtre='', attrs=['uid']):
|
|
"""
|
|
recherche d'utilisateurs
|
|
"""
|
|
users = []
|
|
res = self.ldap_admin._search("(&%s%s)" % (USER_FILTER, filtre), attrs)
|
|
for user in res:
|
|
diff --git usr/lib/python3/dist-packages/scribe/eoleuser.py usr/lib/python3/dist-packages/scribe/eoleuser.py
|
|
index 05569fd..c092698 100644
|
|
--- usr/lib/python3/dist-packages/scribe/eoleuser.py
|
|
+++ usr/lib/python3/dist-packages/scribe/eoleuser.py
|
|
@@ -410,20 +410,25 @@ class User(LdapEntry):
|
|
grp = Group()
|
|
grp.ldap_admin = self.ldap_admin
|
|
if touch:
|
|
grp._touch(groupe)
|
|
# cas eleve + option
|
|
if sync:
|
|
self._gen_ftpdir(login)
|
|
self._gen_groupesdir(login)
|
|
return True
|
|
|
|
+ def _quit_etab(self, user, etab):
|
|
+ self._desinscription(user, etab, sync=False)
|
|
+ for grp in self._get_user_groups(user, etab):
|
|
+ self._desinscription(user, grp, sync=False)
|
|
+
|
|
def _gen_ftpdir(self, login):
|
|
"""
|
|
Gestion du répertoire "/home/adhomes/<login>/.ftp"
|
|
"""
|
|
homedir = join(AD_HOME_PATH, login)
|
|
ftpdir = join(homedir, '.ftp')
|
|
if isdir(ftpdir):
|
|
rmtree(ftpdir)
|
|
makedirs(ftpdir, 0o500)
|
|
system('/bin/chown %s %s' % (login, ftpdir))
|
|
@@ -594,27 +599,27 @@ class User(LdapEntry):
|
|
authldap = Ldap(binddn=user_dn,
|
|
passwd=password)
|
|
try:
|
|
authldap.connect()
|
|
authldap.close()
|
|
return True
|
|
except:
|
|
authldap.close()
|
|
return False
|
|
|
|
- def get_user_groups(self, login):
|
|
+ def get_user_groups(self, login, etab=None):
|
|
"""
|
|
renvoie la liste des groupes d'un utilisateur
|
|
avec connexion ldap
|
|
"""
|
|
self.ldap_admin.connect()
|
|
- res = self._get_user_groups(login)
|
|
+ res = self._get_user_groups(login, etab=etab)
|
|
self.ldap_admin.close()
|
|
return res
|
|
|
|
def _touch(self, login):
|
|
"""
|
|
Mise à jour de l'attribut LastUpdate
|
|
"""
|
|
self._set_attr(login, 'LastUpdate', tool.format_current_date())
|
|
|
|
def _get_ead_type(self, login):
|
|
diff --git usr/lib/python3/dist-packages/scribe/importation/writer.py usr/lib/python3/dist-packages/scribe/importation/writer.py
|
|
index 34ce0fb..626143b 100644
|
|
--- usr/lib/python3/dist-packages/scribe/importation/writer.py
|
|
+++ usr/lib/python3/dist-packages/scribe/importation/writer.py
|
|
@@ -810,21 +810,21 @@ def _new_enseignant(enseignant, user, prefs, etab=None, new_passwords=[]):
|
|
'classe':classe,
|
|
'groups':groups,
|
|
'entlogin':False,
|
|
'disciplines':eval(enseignant.disciplines),
|
|
'entpersonjointure':str(enseignant.entpersonjointure),
|
|
# préférences générales
|
|
'quota':prefs.get_default('quota'),
|
|
'profil':prefs.get_default('profil'),
|
|
'shell':prefs.get_default('shell') == 'oui',
|
|
'change_pwd':prefs.get_default('change_pwd') == 'oui' if FORCED_PASSWORD_MODIFICATION_ALLOWED else False,
|
|
- 'etab': etab,
|
|
+ 'etab': etab if etab is None else '00000000',
|
|
'syncpassword': not EOLE_AD,
|
|
}
|
|
# création de l'enseignant
|
|
user._add(**my_enseignant)
|
|
info = "%(nom)s;%(prenom)s;%(login)s;%(password)s"
|
|
log.write_info(info % my_enseignant, config.ENS_INFO)
|
|
if EOLE_AD:
|
|
new_passwords.append((login, password))
|
|
return login
|
|
|
|
@@ -832,25 +832,26 @@ def _maj_enseignant(enseignant, user, login, etab, administratif=False):
|
|
"""
|
|
traitement d'un enseignant existant (mise à jour)
|
|
enseignant : store.Enseignant()
|
|
user : eoleuser.Enseignant()
|
|
login : uid de l'utilisateur dans ldap
|
|
administratif : personnel administratif avec un compte enseignant
|
|
"""
|
|
log.log.debug("maj de %s" % login)
|
|
classe = []
|
|
groups = []
|
|
+ special_etab = '00000000'
|
|
# attention : des administratifs peuvent avoir un compte enseignant
|
|
if isinstance(enseignant, Enseignant):
|
|
old_etab = user.get_etab(login)
|
|
- if old_etab != etab:
|
|
- user._change_etab(login, old_etab, etab)
|
|
+ if old_etab != special_etab:
|
|
+ user._change_etab(login, special_etab)
|
|
for joint in enseignant.get_classes():
|
|
groups.append('profs-%s' % str(joint.classe.nom))
|
|
if joint.profprincipal:
|
|
classe.append(str(joint.classe.nom))
|
|
for matiere in enseignant.get_matieres():
|
|
groups.append(str(matiere.nom))
|
|
for option in enseignant.get_groupes():
|
|
groups.append('profs-%s' % str(option.nom))
|
|
disciplines = eval(enseignant.disciplines)
|
|
else:
|
|
@@ -885,20 +886,21 @@ def write_enseignant(store, connexion, etab=None, current_ead_user=config.DEFAUL
|
|
log.write_header(config.ENS_HEADER, config.ENS_INFO)
|
|
user = LdapEnseignant()
|
|
user.ldap_admin = connexion
|
|
prefs = preferences.get_enseignants_prefs()
|
|
quota = prefs.get_default('quota')
|
|
if FORCED_PASSWORD_MODIFICATION_ALLOWED:
|
|
change_pwd = prefs.get_default('change_pwd') == 'oui'
|
|
else:
|
|
change_pwd = False
|
|
new_passwords = []
|
|
+ logins = []
|
|
for enseignant in store.query(Enseignant):
|
|
if enseignant.force_login:
|
|
# login forcé
|
|
if user._is_enseignant(str(enseignant.force_login)):
|
|
login = str(enseignant.force_login)
|
|
else:
|
|
login = ''
|
|
else:
|
|
login = _enseignant_exists(enseignant, user)
|
|
if login != '':
|
|
@@ -909,29 +911,31 @@ def write_enseignant(store, connexion, etab=None, current_ead_user=config.DEFAUL
|
|
if str(enseignant.nom) == '' or str(enseignant.prenom) == '':
|
|
log.infolog("Enseignant n°%s invalide" % str(enseignant.int_id))
|
|
continue
|
|
try:
|
|
login = _new_enseignant(enseignant, user, prefs, etab=etab, new_passwords=new_passwords)
|
|
except BadLogin as message:
|
|
log.infolog(str(message))
|
|
continue
|
|
# enregistrement du login attribué
|
|
enseignant.login = str(login)
|
|
+ logins.append(enseignant.login)
|
|
num += 1
|
|
if num % config.DEBUG_NUM == 0:
|
|
log.debuglog("%d enseignants traités..." % num)
|
|
if EOLE_AD:
|
|
_sync_passwords(user, new_passwords, change_pwd=change_pwd)
|
|
_create_dirs(user, quota, new_passwords)
|
|
log.infolog("TOTAL : %d enseignants" % num)
|
|
if num != 0:
|
|
log.copy_info(config.ENS_INFO, user=current_ead_user)
|
|
+ return logins
|
|
|
|
|
|
# -------------------- administratifs -------------------- #
|
|
|
|
def _new_administratif(administratif, user, prefs, etab=None, new_passwords=[]):
|
|
"""
|
|
traitement d'un nouvel administratif (création)
|
|
administratif : store.Administratif()
|
|
user : eoleuser.Administratif()
|
|
"""
|