Commit f37748c4 authored by Côme Chilliet's avatar Côme Chilliet

Merge branch '5744-add-supann-2018-account-life-cyle-support-in-user-reminder' into '1.4-dev'

Resolve "Add SupAnn 2018 account life cyle support in user-reminder"

See merge request argonaut/argonaut!115
parents cc98ef1f 561323bb
#######################################################################
#
# Argonaut::Libraries::WorkflowUpdate -- Tools to maintain worflow through FusionDirectory API
#
# Copyright (C) 2018-2019 FusionDirectory project
#
# Author: Côme Chilliet
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
#
#######################################################################
package Argonaut::Libraries::WorkflowUpdate;
use strict;
use warnings;
use 5.008;
use Argonaut::Libraries::FusionDirectoryWebService qw(argonaut_get_rest_client);
use JSON;
use Exporter 'import'; # gives you Exporter's import() method directly
our @EXPORT_OK = qw(&argonaut_supann_update_states); # symbols to export on request
=item argonaut_supann_update_states
Updates states in supannRessourceEtatDate if needed
=cut
sub argonaut_supann_update_states {
my ($verbose) = @_;
my $client = argonaut_get_rest_client();
# Hardcoded for now
# Format: regexp, state, substate, enddate postpone in seconds]
my @rules = (
[qr/^{[^}]+}A:.+$/, 'I', 'SupannExpire', 0],
[qr/^.+$/, 'I', '', 0]
);
# Time and date in seconds
my $now = time();
$client->GET('/objects/user?filter=(supannRessourceEtatDate=*)&attrs[supannRessourceEtatDate]=*');
if ($client->responseCode() eq '200') {
my $users = decode_json($client->responseContent());
while (my ($dn, $attrs) = each (%$users)) {
my $supannRessourceEtatDateNewValues = [];
my $updateNeeded = 0;
VALUES: foreach my $supannRessourceEtatDate (@{$attrs->{'supannRessourceEtatDate'}}) {
my ($labelstate, $substate, $start, $end) = split(':', $supannRessourceEtatDate);
if ($end ne '') {
my $dt = DateTime->new(
year => substr($end, 0, 4),
month => substr($end, 4, 2),
day => substr($end, 6, 2),
);
my $endInSeconds = $dt->epoch;
if ($endInSeconds < $now) {
# This state has expired
foreach my $rule (@rules) {
my ($re, $newState, $newSubstate, $newEnd) = @$rule;
if ($supannRessourceEtatDate =~ $re) {
my $newLabelstate = $labelstate;
if ($newLabelstate =~ s/}[^:]$/}$newState/) {
my $newStart = $start;
if (($labelstate ne $newLabelstate) || ($substate ne $newSubstate)) {
# State or substate changed, update the start date
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime($now);
$newStart = sprintf("%04d%02d%02d", 1900 + $year, 1 + $mon, $mday);
}
if ($newEnd) {
# Postpone end date if appropriate
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime($endInSeconds + $newEnd);
$newEnd = sprintf("%04d%02d%02d", 1900 + $year, 1 + $mon, $mday);
} else {
$newEnd = '';
}
$updateNeeded = 1;
print "Updating $dn from $supannRessourceEtatDate to ".join(':', $newLabelstate, $newSubstate, $newStart, $newEnd)."\n" if $verbose;
push(@$supannRessourceEtatDateNewValues, join(':', $newLabelstate, $newSubstate, $newStart, $newEnd));
next VALUES;
} else {
print "Could not parse $labelstate into label and state, skipping\n";
}
last;
}
}
}
}
push(@$supannRessourceEtatDateNewValues, $supannRessourceEtatDate);
}
if ($updateNeeded) {
$client->PUT('/objects/user/'.$dn.'/supannAccountStatus/supannRessourceEtatDate', encode_json($supannRessourceEtatDateNewValues));
if ($client->responseCode() ne '200') {
die('Request to REST API failed: '.$client->responseCode().' '.$client->responseContent());
}
}
}
} else {
die('Request to REST API failed: '.$client->responseCode().' '.$client->responseContent());
}
}
1;
__END__
...@@ -33,6 +33,8 @@ use Digest::SHA qw(sha256_base64); ...@@ -33,6 +33,8 @@ use Digest::SHA qw(sha256_base64);
use Argonaut::Libraries::Common qw(:ldap :string :config); use Argonaut::Libraries::Common qw(:ldap :string :config);
use Argonaut::Libraries::WorkflowUpdate qw(argonaut_supann_update_states);
use Net::LDAP::Constant qw(LDAP_NO_SUCH_OBJECT); use Net::LDAP::Constant qw(LDAP_NO_SUCH_OBJECT);
use Net::LDAP::Util qw(generalizedTime_to_time); use Net::LDAP::Util qw(generalizedTime_to_time);
...@@ -47,25 +49,27 @@ my $config; ...@@ -47,25 +49,27 @@ my $config;
$config = argonaut_read_config; $config = argonaut_read_config;
$config->{'fd_rdn'} = 'ou=fusiondirectory'; $config->{'fd_rdn'} = 'ou=fusiondirectory';
my $verbose = 0; my $verbose = 0;
my $posix = 0; my $posix = 0;
my $ppolicy = 0; my $ppolicy = 0;
my $supann = 0; my $supann = 0;
my $workflow = 0;
sub print_usage sub print_usage
{ {
my ($help) = @_; my ($help) = @_;
print "Usage : argonaut-user-reminder [--help] [--verbose] [--posix] [--ppolicy] [--supann] [--all]\n"; print "Usage : argonaut-user-reminder [--help] [--verbose] [--posix] [--ppolicy] [--supann] [--all] [--supann-update]\n";
if ($help) { if ($help) {
print << "EOF"; print << "EOF";
--help : this (help) message --help : this (help) message
--verbose : be verbose --verbose : be verbose
--posix : check POSIX account expiration --posix : check POSIX account expiration
--ppolicy : check ppolicy password expiration --ppolicy : check ppolicy password expiration
--supann : check supannRessourceEtatDate --supann : check supannRessourceEtatDate
--all : check POSIX, ppolicy and supannRessourceEtatDate --all : check POSIX, ppolicy and supannRessourceEtatDate
--supann-update : maintain supann workflow through webservice
EOF EOF
exit(0); exit(0);
} else { } else {
...@@ -86,6 +90,8 @@ foreach my $arg ( @ARGV ) { ...@@ -86,6 +90,8 @@ foreach my $arg ( @ARGV ) {
$posix = 1; $posix = 1;
$ppolicy = 1; $ppolicy = 1;
$supann = 1; $supann = 1;
} elsif (lc($arg) eq "--supann-update") {
$workflow = 1;
} elsif ((lc($arg) eq "--help") || (lc($arg) eq "-h")) { } elsif ((lc($arg) eq "--help") || (lc($arg) eq "-h")) {
print_usage(1); print_usage(1);
} else { } else {
...@@ -93,7 +99,7 @@ foreach my $arg ( @ARGV ) { ...@@ -93,7 +99,7 @@ foreach my $arg ( @ARGV ) {
} }
} }
if (!$posix && !$ppolicy && !$supann) { if (!$posix && !$ppolicy && !$supann && !$workflow) {
# Defaults to --all # Defaults to --all
$posix = 1; $posix = 1;
$ppolicy = 1; $ppolicy = 1;
...@@ -102,6 +108,10 @@ if (!$posix && !$ppolicy && !$supann) { ...@@ -102,6 +108,10 @@ if (!$posix && !$ppolicy && !$supann) {
check_expired_users(); check_expired_users();
if ($workflow) {
argonaut_supann_update_states($verbose);
}
exit 0; exit 0;
########################################################################################## ##########################################################################################
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment