use primitive values for task parameters

- remove all code from osusers.models
- add description field to ldapentities.models.LdapGroup
- change tasks defined in osusers.tasks to use primitive values as
  parameters to avoid serialization and model synchronization
This commit is contained in:
Jan Dittberner 2014-05-30 18:42:04 +02:00
parent 5174e144ba
commit 4b9d8d02ba
3 changed files with 114 additions and 53 deletions

View file

@ -23,6 +23,7 @@ class LdapGroup(ldapmodels.Model):
# posixGroup attributes # posixGroup attributes
gid = IntegerField(db_column='gidNumber', unique=True) gid = IntegerField(db_column='gidNumber', unique=True)
name = CharField(db_column='cn', max_length=200, primary_key=True) name = CharField(db_column='cn', max_length=200, primary_key=True)
description = CharField(db_column='description')
members = ListField(db_column='memberUid', blank=True) members = ListField(db_column='memberUid', blank=True)
def __str__(self): def __str__(self):

View file

@ -1,42 +0,0 @@
from django.db import models
from django.utils.encoding import python_2_unicode_compatible
from django.utils.translation import ugettext as _
from model_utils.models import TimeStampedModel
@python_2_unicode_compatible
class Group(TimeStampedModel, models.Model):
groupname = models.CharField(
_('Group name'), max_length=16, unique=True)
gid = models.PositiveSmallIntegerField(
_('Group ID'), unique=True, primary_key=True)
descr = models.TextField(_('Description'), blank=True)
passwd = models.CharField(
_('Group password'), max_length=128, blank=True)
class Meta:
verbose_name = _('Group')
verbose_name_plural = _('Groups')
def __str__(self):
return '{0} ({1})'.format(self.groupname, self.gid)
@python_2_unicode_compatible
class User(TimeStampedModel, models.Model):
username = models.CharField(
_('User name'), max_length=64, unique=True)
uid = models.PositiveSmallIntegerField(
_('User ID'), unique=True, primary_key=True)
group = models.ForeignKey(Group, verbose_name=_('Group'))
gecos = models.CharField(_('Gecos field'), max_length=128, blank=True)
homedir = models.CharField(_('Home directory'), max_length=256)
shell = models.CharField(_('Login shell'), max_length=64)
class Meta:
verbose_name = _('User')
verbose_name_plural = _('Users')
def __str__(self):
return '{0} ({1})'.format(self.username, self.uid)

View file

@ -1,28 +1,130 @@
from __future__ import absolute_import from __future__ import absolute_import
from django.core.exceptions import ObjectDoesNotExist
from celery import shared_task from celery import shared_task
from celery.utils.log import get_task_logger
from celery.exceptions import Reject
from ldapentities.models import ( from ldapentities.models import (
LdapGroup, LdapGroup,
LdapUser, LdapUser,
) )
_logger = get_task_logger(__name__)
@shared_task @shared_task
def create_ldap_group(group): def create_ldap_group(groupname, gid, descr):
ldapgroup = LdapGroup(gid=group.gid, name=group.groupname) try:
ldapgroup = LdapGroup.objects.get(name=groupname)
_logger.info(
'ldap group with dn {0} already exists'.format(ldapgroup.dn)
)
ldapgroup.gid = gid
except LdapGroup.DoesNotExist:
ldapgroup = LdapGroup(gid=gid, name=groupname)
ldapgroup.description = descr
ldapgroup.save() ldapgroup.save()
return ldapgroup.dn return ldapgroup.dn
@shared_task @shared_task
def create_ldap_user(user, password): def create_ldap_user(username, uid, gid, gecos, homedir, shell, password):
ldapuser = LdapUser( try:
uid=user.uid, group=user.group.gid, gecos=user.gecos, ldapuser = LdapUser.objects.get(username=username)
home_directory=user.homedir, login_shell=user.shell, _logger.info(
username=user.username, common_name=user.username) 'ldap user with dn {0} already exists'.format(ldapuser.dn)
ldapuser.set_password(password) )
ldapgroup = LdapGroup.objects.get(gid=ldapuser.group) except LdapUser.DoesNotExist:
ldapgroup.members.append(ldapuser.username) ldapuser = LdapUser(username=username)
ldapgroup.save() try:
ldapgroup = LdapGroup.objects.get(gid=gid)
except ObjectDoesNotExist as exc:
_logger.info('ldap group with gid {0} does not exist')
raise Reject(exc, requeue=False)
ldapuser.uid = uid
ldapuser.group = gid
ldapuser.gecos = gecos
ldapuser.home_directory = homedir
ldapuser.login_shell = shell
ldapuser.username = username
ldapuser.common_name = username
if password is not None:
ldapuser.set_password(password)
if ldapuser.username in ldapgroup.members:
_logger.info('user {0} is already member of {1}'.format(
ldapuser.username, ldapgroup.dn)
)
else:
ldapgroup.members.append(ldapuser.username)
ldapgroup.save()
ldapuser.save() ldapuser.save()
return ldapuser.dn return ldapuser.dn
@shared_task(bind=True)
def add_ldap_user_to_group(self, username, groupname):
try:
ldapgroup = LdapGroup.objects.get(name=groupname)
ldapuser = LdapUser.objects.get(username=username)
except LdapGroup.DoesNotExist:
_logger.error('ldap group {0} does not exist'.format(groupname))
except LdapUser.DoesNotExist as exc:
_logger.error('ldap user {0} does not exist'.format(username))
self.retry(exc=exc, time_limit=5)
else:
if not ldapuser.username in ldapgroup.members:
ldapgroup.members.append(ldapuser.username)
ldapgroup.save()
else:
_logger.info('ldap user {0} is already in group {1}'.format(
ldapuser.username, ldapgroup.dn)
)
@shared_task
def remove_ldap_user_from_group(username, groupname):
ldapgroup = LdapGroup.objects.get(name=groupname)
ldapuser = LdapUser.objects.get(username=username)
if ldapuser.username in ldapgroup.members:
ldapgroup.members.remove(ldapuser.username)
ldapgroup.save()
@shared_task
def delete_ldap_user(username):
try:
ldapuser = LdapUser.objects.get(username=username)
except LdapUser.DoesNotExist:
_logger.info('there is no ldap user with uid {0}'.format(
username)
)
else:
try:
ldapgroup = LdapGroup.objects.get(gid=ldapuser.group)
except LdapGroup.DoesNotExist:
_logger.info('group {0} for user {1} does not exist'.format(
ldapuser.group, ldapuser.username)
)
else:
if ldapuser.username in ldapgroup.members:
ldapgroup.members.remove(ldapuser.username)
ldapgroup.save()
ldapuser.delete()
@shared_task
def delete_ldap_group_if_empty(groupname):
try:
ldapgroup = LdapGroup.objects.get(name=groupname)
except LdapGroup.DoesNotExist:
_logger.info('ldap group with name {0} does not exist'.format(
groupname)
)
else:
if len(ldapgroup.members) == 0:
ldapgroup.delete()
else:
_logger.info('ldap group {0} still has {1} members'.format(
ldapgroup.dn, len(ldapgroup.members))
)