flaschengeist/flaschengeist/plugins/auth_ldap/cli.py

import click
from flask import current_app
from flask.cli import with_appcontext


@click.command(no_args_is_help=True)
@click.option("--sync", is_flag=True, default=False, help="Synchronize users from LDAP -> database")
@with_appcontext
@click.pass_context
def ldap(ctx, sync):
    """Tools for the LDAP authentification"""
    if sync:
        from flaschengeist.controller import userController
        from flaschengeist.plugins.auth_ldap import AuthLDAP
        from ldap3 import SUBTREE

        auth_ldap: AuthLDAP = current_app.config.get("FG_AUTH_BACKEND")
        if auth_ldap is None or not isinstance(auth_ldap, AuthLDAP):
            ctx.fail("auth_ldap plugin not found or not enabled!")
        conn = auth_ldap.ldap.connection
        if not conn:
            conn = auth_ldap.ldap.connect(auth_ldap.root_dn, auth_ldap.root_secret)
        conn.search(auth_ldap.search_dn, "(uid=*)", SUBTREE, attributes=["uid", "givenName", "sn", "mail"])
        ldap_users_response = conn.response
        for ldap_user in ldap_users_response:
            uid = ldap_user["attributes"]["uid"][0]
            userController.find_user(uid)