Implement expired account emails
This commit is contained in:
parent
6bec583059
commit
47531a0ec2
|
@ -1,6 +1,6 @@
|
||||||
import sys, ldap, termios
|
import sys, ldap, termios
|
||||||
from getopt import getopt
|
from getopt import getopt
|
||||||
from ceo import members, terms
|
from ceo import members, terms, uwldap
|
||||||
import ceo.ldapi as ldapi
|
import ceo.ldapi as ldapi
|
||||||
|
|
||||||
shortopts = [
|
shortopts = [
|
||||||
|
@ -11,7 +11,7 @@ longopts = [
|
||||||
|
|
||||||
def start():
|
def start():
|
||||||
(opts, args) = getopt(sys.argv[1:], shortopts, longopts)
|
(opts, args) = getopt(sys.argv[1:], shortopts, longopts)
|
||||||
if len(args) == 1:
|
if len(args) >= 1:
|
||||||
if args[0] in commands:
|
if args[0] in commands:
|
||||||
commands[args[0]](args[1:])
|
commands[args[0]](args[1:])
|
||||||
else:
|
else:
|
||||||
|
@ -36,11 +36,11 @@ def memberlist(args):
|
||||||
|
|
||||||
def updateprogram(args):
|
def updateprogram(args):
|
||||||
mlist = members.list_all().items()
|
mlist = members.list_all().items()
|
||||||
uwldap = ldap.initialize(uwldap_uri())
|
uwl = ldap.initialize(uwldap.uri())
|
||||||
fd = sys.stdin.fileno()
|
fd = sys.stdin.fileno()
|
||||||
for (dn, member) in mlist:
|
for (dn, member) in mlist:
|
||||||
uid = member['uid'][0]
|
uid = member['uid'][0]
|
||||||
user = uwldap.search_s(uwldap_base(), ldap.SCOPE_SUBTREE,
|
user = uwl.search_s(uwldap.base(), ldap.SCOPE_SUBTREE,
|
||||||
'(uid=%s)' % ldapi.escape(uid))
|
'(uid=%s)' % ldapi.escape(uid))
|
||||||
if len(user) == 0:
|
if len(user) == 0:
|
||||||
continue
|
continue
|
||||||
|
@ -71,9 +71,30 @@ def updateprogram(args):
|
||||||
# TODO: don't use members.ld directly
|
# TODO: don't use members.ld directly
|
||||||
members.ld.modify_s(dn, mlist)
|
members.ld.modify_s(dn, mlist)
|
||||||
|
|
||||||
|
def expiredaccounts(args):
|
||||||
|
send_email = False
|
||||||
|
if len(args) == 1 and args[0] == '--email':
|
||||||
|
sys.stderr.write("If you want to send an account expiration notice to " \
|
||||||
|
"these users then type 'Yes, do this' and hit enter\n")
|
||||||
|
if raw_input() == 'Yes, do this':
|
||||||
|
send_email = True
|
||||||
|
uwl = ldap.initialize(uwldap.uri())
|
||||||
|
mlist = members.expired_accounts()
|
||||||
|
for member in mlist.values():
|
||||||
|
uid = member['uid'][0]
|
||||||
|
name = member['cn'][0]
|
||||||
|
email = uid
|
||||||
|
user = uwl.search_s(uwldap.base(), ldap.SCOPE_SUBTREE,
|
||||||
|
'(uid=%s)' % ldapi.escape(uid))
|
||||||
|
if len(user) > 0 and 'mailLocalAddress' in user[0][1]:
|
||||||
|
email = user[0][1]['mailLocalAddress'][0]
|
||||||
|
if send_email:
|
||||||
|
members.send_account_expired_email(name, email)
|
||||||
|
print '%s %s %s' % (uid.ljust(12), name.ljust(30), email)
|
||||||
|
|
||||||
# list of commands
|
# list of commands
|
||||||
commands = {
|
commands = {
|
||||||
'memberlist' : memberlist,
|
'memberlist' : memberlist,
|
||||||
'updateprogram' : updateprogram,
|
'updateprogram' : updateprogram,
|
||||||
|
'expiredaccounts' : expiredaccounts,
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@ Future changes to the members database that need to be atomic
|
||||||
must also be moved into this module.
|
must also be moved into this module.
|
||||||
"""
|
"""
|
||||||
import os, re, subprocess, ldap
|
import os, re, subprocess, ldap
|
||||||
from ceo import conf, ldapi
|
from ceo import conf, ldapi, terms
|
||||||
from ceo.excep import InvalidArgument
|
from ceo.excep import InvalidArgument
|
||||||
|
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ def configure():
|
||||||
string_fields = [ 'username_regex', 'shells_file', 'server_url',
|
string_fields = [ 'username_regex', 'shells_file', 'server_url',
|
||||||
'users_base', 'groups_base', 'sasl_mech', 'sasl_realm',
|
'users_base', 'groups_base', 'sasl_mech', 'sasl_realm',
|
||||||
'admin_bind_keytab', 'admin_bind_userid', 'realm',
|
'admin_bind_keytab', 'admin_bind_userid', 'realm',
|
||||||
'admin_principal', 'admin_keytab' ]
|
'admin_principal', 'admin_keytab', 'expired_account_email' ]
|
||||||
numeric_fields = [ 'min_password_length' ]
|
numeric_fields = [ 'min_password_length' ]
|
||||||
|
|
||||||
# read configuration file
|
# read configuration file
|
||||||
|
@ -514,3 +514,13 @@ def group_members(group):
|
||||||
return []
|
return []
|
||||||
else:
|
else:
|
||||||
return []
|
return []
|
||||||
|
|
||||||
|
def expired_accounts():
|
||||||
|
members = ldapi.search(ld, cfg['users_base'],
|
||||||
|
'(&(objectClass=member)(!(|(term=%s)(nonMemberTerm=%s))))' %
|
||||||
|
(terms.current(), terms.current()))
|
||||||
|
return dict([(member[0], member[1]) for member in members])
|
||||||
|
|
||||||
|
def send_account_expired_email(name, email):
|
||||||
|
args = [ cfg['expired_account_email'], name, email ]
|
||||||
|
os.spawnv(os.P_WAIT, cfg['expired_account_email'], args)
|
||||||
|
|
Loading…
Reference in New Issue