Create endpoint to expire members #23
Labels
No Label
priority
high
priority
low
priority
medium
priority
very high
BUG
Feature
High Priority
Low Priority
Medium Priority
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: public/pyceo#23
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
We should set a flag in LDAP when someone's membership has expired so that they no longer have access to our various web-based services (which use LDAP for authentication).
I propose setting ShadowExpire (an attribute of ShadowAccount) to 1. We can then use LDAP filters in our web services to filter out users who have this flag set.
Implementation
/api/members/expire
(or similar) which sets the LDAP flag on users' records if their membership has expired for over a month. This endpoint should accept adry_run
URL parameter which, when set to true, returns the list of members who would be updated. When the flag is set to false (the default), a list of members who were updated should be returned.There is a helper class in ceo_common called Term; this may be helpful.
/api/members/<username/renew
.ceo members expire [--dry-run]
. In production, this will be called on a cron job, e.g. once a day.