fws
/
ipasserelle-base
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

optimize udpate-reverse-group

Browse Source
tags/ipasserelle-base-0.2.65-1
Daniel Berteaud 13 years ago
parent 005048900b
commit e192df1880
1 changed files with 23 additions and 21 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 44
      root/etc/e-smith/events/actions/update-reverse-group

44
root/etc/e-smith/events/actions/update-reverse-group
Unescape View File

@ -39,14 +39,12 @@ my $i = $c->get('ipasserelle');
my $ip = $i->prop('status') || 'disabled';
my $reverse = $i->prop('LdapReverseGroups') || 'disabled';
if (($ip eq 'disabled') || ($reverse eq 'disabled')){
exit (0);
}
exit (0) if (($ip eq 'disabled') || ($reverse eq 'disabled')){
my $l = $c->get('ldap');
my $status = $l->prop('status') || "disabled";
unless ($status eq "enabled" )
{
unless ($status eq "enabled" ){
warn "Not running action script $0, LDAP service not enabled!\n";
exit(0);
}
@ -64,18 +62,15 @@ my $account;
my $event = shift || die "Event name must be specified";
if ($event eq 'ldap-update' or
$event eq 'bootstrap-ldap-save' or
$event =~ m/group\-(create|modify|delete)/)
{
$event =~ m/group\-(create|modify|delete)/){
@accounts = ($a->users);
push(@accounts, $a->get('admin'));
}
else
{
else{
my @name = @ARGV;
die "Account name argument missing." unless scalar (@name) >= 1;
foreach my $name (@name)
{
foreach my $name (@name){
$account = $a->get($name);
die "Account $name not found.\n" unless defined $account;
my $type = $account->prop('type') || "unknown";
@ -89,8 +84,7 @@ else
my $base = esmith::util::ldapBase ($domain);
my $pw = esmith::util::LdapPassword();
my $ldap = Net::LDAP->new('localhost')
or die "$@";
my $ldap = Net::LDAP->new('localhost') or die "$@";
$ldap->bind(
dn => "cn=root,$base",
@ -98,8 +92,7 @@ $ldap->bind(
);
my $result;
foreach my $acct (@accounts)
{
foreach my $acct (@accounts){
my $key = $acct->key;
# Ensure this account has the iPasserelleUser objectclass
@ -110,30 +103,39 @@ foreach my $acct (@accounts)
);
$result->code && warn "Error looking for entry uid=$key,ou=Users,$base: ", $result->error;
my @oc = ();
my @oldgroups = ();
foreach my $entry ($result->all_entries()){
push @oc, $entry->get_value('objectClass');
push @oldgroups, $entry->get_value('posixMemberOf');
}
push @oc, 'iPasserelleUser' unless (grep { $_ =~ /iPasserelleUser/i } @oc);
unless (grep { $_ =~ /iPasserelleUser/i } @oc){
push @oc, 'iPasserelleUser';
$result = $ldap->modify(
$result = $ldap->modify(
"uid=$key,ou=Users,$base",
replace => {
objectClass => \@oc
}
);
$result->code && warn "failed to modify entry uid=$key,ou=Users,$base: ", $result->error;
$result->code && warn "failed to modify entry uid=$key,ou=Users,$base: ", $result->error;
}
my @groups = $a->user_group_list($key);
@oldgroups = sort @oldgroups;
@groups = sort @groups;
my $oldgroups = join('\0', @oldgroups);
my $groups = join('\0', @groups);
$result = $ldap->modify(
unless ($oldgroups eq $groups){
$result = $ldap->modify(
"uid=$key,ou=Users,$base",
replace => {
posixMemberOf => \@groups
}
);
$result->code && warn "failed to modify entry uid=$key,ou=Users,$base: ", $result->error;
$result->code && warn "failed to modify entry uid=$key,ou=Users,$base: ", $result->error;
}
}
$ldap->unbind;

Write Preview
Loading…
Cancel
Save