memberPlumbing/ucsAccounts.py

#!/usr/bin/env python3
import random
import re
import string
import subprocess

from common import membershipworks

LDAP_BASE = "cn=users,dc=sawtooth,dc=claremontmakerspace,dc=org"
GROUP_BASE = "cn=groups,dc=sawtooth,dc=claremontmakerspace,dc=org"
GROUPS_REGEX = "|".join(["Certified: .*", "Access .*\?", "CMS .*", "Volunteer: .*"])
RAND_PW_LEN = 20


def makeGroups(members):
    groups = [
        key.replace(":", ".").replace("?", "")
        for key in members[0].keys()
        if re.match(GROUPS_REGEX, key) is not None
    ]
    for group in groups:
        subprocess.call(
            [
                "udm",
                "groups/group",
                "create",
                "--position",
                GROUP_BASE,
                "--set",
                "name=" + group,
            ]
        )


def makeSets(props):
    return sum([["--set", key + "=" + value] for key, value in props.items()], [])


def makeAppendGroups(member):
    groups = [
        key.replace(":", ".").replace("?", "")
        for key, value in member.items()
        if re.match(GROUPS_REGEX, key) is not None and value != ""
    ]
    return sum(
        [["--append", "groups=cn=" + group + "," + GROUP_BASE] for group in groups], []
    )


def main():
    members = membershipworks.get_members(
        ["Members", "CMS Staff"], "lvl,phn,eml,lbl,nam,end,_id"
    )
    makeGroups(members)

    for member in members:
        randomPass = "".join(
            random.choice(string.ascii_letters + string.digits)
            for x in range(0, RAND_PW_LEN)
        )
        username = member["Account Name"].lower().replace(" ", ".")

        props = {
            "title": "",  # Title
            "firstname": member["First Name"],
            "lastname": member["Last Name"],  # (c)
            "username": username,  # (cmr)
            "description": "",  # Description
            "password": randomPass,  # (c) Password
            # "mailPrimaryAddress": member["Email"], # Primary e-mail address
            # "displayName": "", # Display name
            # "birthday": "", # Birthdate
            # "jpegPhoto": "", # Picture of the user (JPEG format)
            "employeeNumber": member["Account ID"],
            # "employeeType": "", # Employee type
            "homedrive": "H:",  # Windows home drive
            "sambahome": "\\\\ucs\\" + username,  # Windows home path
            "profilepath": "%LOGONSERVER%\\%USERNAME%\\windows-profiles\\default",  # Windows profile directory
            "disabled": "1" if member["Account on Hold"] != "" else "0",
            # "userexpiry": member["Renewal Date"],
            "pwdChangeNextLogin": "1",  # User has to change password on next login
            # "sambaLogonHours": "", # Permitted times for Windows logins
            "e-mail": member["Email"],  # ([]) E-mail address
            "phone": member["Phone"],  # Telephone number
            # "PasswordRecoveryMobile": member["Phone"], # Mobile phone number
            "PasswordRecoveryEmail": member["Email"],
        }

        subprocess.call(
            ["udm", "users/user", "create", "--position", LDAP_BASE] + makeSets(props)
        )

        # remove props we don't want to reset
        props.pop("password")
        props.pop("pwdChangeNextLogin")

        subprocess.call(
            ["udm", "users/user", "modify", "--dn", "uid=" + username + "," + LDAP_BASE]
            + makeSets(props)
            + makeAppendGroups(member)
        )


if __name__ == "__main__":
    main()