[sysadmin-bin] Add sync-foundationdb-with-ldap.py, it will keep the electorate in sync with the foundation group on

[Andrea Veri <av src gnome org>]

commit 3bcb06dcf8e9154a7c78eaade86dd37fd939d565
Author: Andrea Veri <av gnome org>
Date:   Fri Mar 28 20:47:20 2014 +0100

    Add sync-foundationdb-with-ldap.py, it will keep the electorate in sync with the foundation group on LDAP

 sync-foundationdb-with-ldap.py |   88 ++++++++++++++++++++++++++++++++++++++++
 1 files changed, 88 insertions(+), 0 deletions(-)
---
diff --git a/sync-foundationdb-with-ldap.py b/sync-foundationdb-with-ldap.py
new file mode 100755
index 0000000..4452566
--- /dev/null
+++ b/sync-foundationdb-with-ldap.py
@@ -0,0 +1,88 @@
+#!/usr/bin/python
+
+import MySQLdb
+import ldap
+import ldap.filter
+
+LDAP_USER_BASE='ou=people,dc=gnome,dc=org'
+LDAP_GROUP_BASE='ou=groups,dc=gnome,dc=org'
+
+file = open('/home/admin/secret/anonvoting','r')
+lines = file.readlines()
+
+for line in lines:
+        if line.find("mysql_password") > -1:
+                dirty_password = line.split()
+                anonvoting_password = str(dirty_password)
+
+                sanitize_file=["\'","(",")","$mysql_password","=","[","]","\"",";"]
+                for i in range(len(sanitize_file)):
+                        anonvoting_password = anonvoting_password.replace(sanitize_file[i],"")
+file.close()
+
+db = MySQLdb.connect(host="range-back",
+                     user="anonvoting",
+                     passwd=anonvoting_password,
+                     db="foundation")
+cur = db.cursor() 
+
+cur.execute("SELECT userid from electorate;")
+result=cur.fetchall()
+
+file = open('/home/admin/secret/ldap','r')
+lines = file.readlines()
+
+for line in lines:
+        if line.find("ldap_password") > -1:
+                dirty_password = line.split()
+                ldap_password = str(dirty_password)
+
+                sanitize_file=["ldap_password","=","\"","'","[","]"]
+                for i in range(len(sanitize_file)):
+                        ldap_password = ldap_password.replace(sanitize_file[i],"")
+file.close()
+
+try:
+    l = ldap.open('ldap.gnome.org')
+    l.simple_bind("cn=Manager,dc=gnome,dc=org", ldap_password)
+except ldap.LDAPError, e:
+    print >>sys.stderr, e
+    sys.exit(1)
+
+# Import the various LDAP functions from the create-auth script.
+def _get_group_from_ldap(group):
+
+    filter = ldap.filter.filter_format('(&(objectClass=posixGroup)(cn=%s))', (group, ))
+    results = l.search_s(LDAP_GROUP_BASE, ldap.SCOPE_SUBTREE, filter, ('memberUid', ))
+
+    members = set()
+    for entry in results:
+        id = entry[0]
+        attr = entry[1]
+
+        members.update(attr['memberUid'])
+
+    return members
+
+def get_uids_from_group(group):
+    people = _get_group_from_ldap(group)
+
+    return people
+
+def sync_user_to_ldap_foundation(username):
+    add_members = [ (ldap.MOD_ADD, 'memberUid', username) ]
+    l.modify_s('cn=foundation,ou=groups,dc=gnome,dc=org', add_members)
+
+def sync_user_to_ldap_mailusers(username):
+    add_members = [ (ldap.MOD_ADD, 'memberUid', username) ]
+    l.modify_s('cn=mailusers,ou=groups,dc=gnome,dc=org', add_members)
+
+for row in result:
+    if row[0] is not None and row[0] != '':
+        mailusers = (get_uids_from_group('mailusers'))
+        foundation = (get_uids_from_group('foundation'))
+        if row[0] not in mailusers:
+            (sync_user_to_ldap_mailusers(row[0]))
+        if row[0] not in foundation:
+            (sync_user_to_ldap_foundation(row[0]))
+