public
/
pyceo
27
1
Fork 3
Code Issues 25 Pull Requests 5 Projects Releases 1 Wiki Activity

add (objectClass=member) filter for expired members

This commit is contained in:
Max Erenberg 2021-12-25 11:23:06 -05:00
parent 250d24ae37
commit 6e96e409be
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ceod/model/LDAPService.py
View File

@ -236,20 +236,21 @@ class LDAPService:
raise GroupAlreadyExistsError()
def get_expiring_users(self) -> List[IUser]:
query = []
clauses = []
term = Term.current()
query.append(f'term={term}')
query.append(f'nonMemberTerm={term}')
clauses.append(f'term={term}')
clauses.append(f'nonMemberTerm={term}')
# Include last term too if the new term just started
dt = ceo_common_utils.get_current_datetime()
if dt.month == term.start_month():
last_term = term - 1
query.append(f'term={last_term}')
query.append(f'nonMemberTerm={last_term}')
clauses.append(f'term={last_term}')
clauses.append(f'nonMemberTerm={last_term}')
query = '(!(|(shadowExpire=1)(' + ')('.join(query) + ')))'
query = '(!(|(shadowExpire=1)(' + ')('.join(clauses) + ')))'
query = '(&' + query + '(objectClass=member))'
conn = self._get_ldap_conn()
conn.search(