Skip to content

Instantly share code, notes, and snippets.

@nemani

nemani/admission_script.py

Last active January 6, 2019 03:58
Show Gist options
  • Save nemani/e67a5ec929e6e0797a9f05bb5ae6514d to your computer and use it in GitHub Desktop.
Save nemani/e67a5ec929e6e0797a9f05bb5ae6514d to your computer and use it in GitHub Desktop.
Download ZIP
IIIT: Admission Script / Create GAM user from email LDAP / Migration files
Raw
admission_script.py
import os
import re
import ldap
import sys
import random
import string
import subprocess
import logging
def run_command_no_output(command):
logging.debug("running command {}".format(command))
if dryrun:
print(command)
return 0
return subprocess.call(command.split(" "), stdout=open(os.devnull, "w"), stderr=subprocess.STDOUT)
def main(mail):
results = l.search_s("ou=Users,dc=iiit,dc=ac,dc=in", ldap.SCOPE_SUBTREE, filterstr="(mail={})".format(mail))
if not results:
logging.error("Cannot find {} in LDAP".format(mail))
elif len(results) != 1:
logging.error("more than one results found in LDAP for this email")
else:
result = results[0]
homeDirectory = result[1]['homeDirectory'][0].decode()
# array of ou heirarchy
res = re.sub(r"(Students|Research)",r"\1.iiit.ac.in", result[0]).lower()
heirarchy = list(reversed(re.split("uid=|,ou=|,dc=", res)[1:-4]))
# the ou we need to add the person in
ou = "/".join(heirarchy[:-1])
# the parent of this ou
parent = "/".join(heirarchy[:-2])
# the parent of parent should always exist
pop = "/".join(heirarchy[:-3])
if run_command_no_output("gam info org {}".format(ou)):
# ou does not exists
if run_command_no_output("gam info org {}".format(parent)):
# parent does not exists
# create parent under pop
if run_command_no_output("gam create org {} parent {}".format(heirarchy[-3], pop)):
# log that we cant create ou
logging.error("cannot create ou {}".format(parent))
else:
# parent exists
logging.debug("parent ou {} exists".format(parent))
# create ou under parent
if run_command_no_output("gam create org {} parent {}".format(heirarchy[-2], parent)):
log.error("cannot create ou {}".format(ou))
else:
logging.info("created ou {}".format(ou))
else:
logging.debug("ou {} exists".format(ou))
# Now the ou is created for sure.
# Next we create the user and add it to the ou
randompass = ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(8))
givenName = result[1]['givenName'][0].decode()
sn = result[1]['sn'][0].decode()
cn = result[1]['cn'][0].decode()
uid = result[1]['uid'][0].decode()
command = "gam create user {} firstname {} lastname {} password {} org {}".format(mail, givenName, sn, randompass, ou)
if run_command_no_output(command) == 0:
logging.info("succesfully created google user {} in org {}".format(mail, ou))
else:
logging.error("cannot create user {}".format(mail))
# return maybe??
if "students" in heirarchy[0]:
logging.debug("user {} is in students".format(mail))
branch = heirarchy[-2]
batch = heirarchy[-3]
master = heirarchy[-4] # ug or pg
master_group = "{}@students.iiit.ac.in".format(master)
batch_group = "{}@students.iiit.ac.in".format(batch)
branch_group = "{}_{}@students.iiit.ac.in".format(batch, branch)
# Create batch group and add it to master group
if run_command_no_output("gam info group {}".format(batch_group)):
# group does not exists
logging.debug("group {} does not exists".format(batch_group))
if run_command_no_output('gam create group {0} name "{1}" description "{1} mailing list"'.format(batch_group, batch)):
logging.error("cannot create group {}".format(batch_group))
else:
command = "gam update group {} add member user {}".format(master_group, batch_group)
if run_command_no_output(command) == 0:
logging.info("succesfully added {} group to {} group".format(batch_group, master_group))
else:
logging.error("cannot add group {} to {}".format(batch_group, master_group))
# Create branch group and add it to batch group
if run_command_no_output("gam info group {}".format(branch_group)):
# group does not exists
logging.debug("group {} does not exists".format(branch_group))
if run_command_no_output('gam create group {0} name "{1} {2}" description "{1} {2} mailing list"'.format(branch_group, batch, branch)):
logging.error("cannot create group {}".format(branch_group))
else:
command = "gam update group {} add member user {}".format(batch_group, branch_group)
if run_command_no_output(command) == 0:
logging.info("succesfully added {} list to {} list".format(branch_group, batch_group))
else:
logging.error("cannot add group {} to {}".format(branch_group, batch_group))
# add user to branch group
command = "gam update group {} add member user {}".format(branch_group, mail)
if run_command_no_output(command) == 0:
logging.info("succesfully add google user {} to group {}".format(mail, branch_group))
else:
logging.error("cannot add google user {} to {} group".format(mail, branch_group))
# Now we append to students migration file
#with open("students_migration_file.txt", 'a') as fp:
# fp.write("{}::502:503::{}::userdb_quota_rule=*:bytes=150M\n".format(uid,homeDirectory))
# logging.info("added user {} to students migration file".format(mail))
else:
#research student
# 200 MB quota
quota = 200 * 1024 * 1024
with open("research_migration_file.txt", 'a') as fp:
fp.write("ca {} {} displayName {} givenName {} sn {} zimbraMailQuota {}\n".format(mail, randompass, cn, givenName, sn, quota))
logging.info("added user {} to research migration file".format(mail))
if __name__ == '__main__':
logging.basicConfig(filename='new_admission_script.log', level=logging.INFO)
dryrun = True
if len(sys.argv) < 2 or "iiit.ac.in" not in sys.argv[1]:
print("usage: python3 create_gam_user_ldap.py iiit_mail_address")
print("example: python3 create_gam.py [email protected]")
exit(0)
mail = sys.argv[1]
# We can add a for loop here for multiple emails
l = ldap.initialize('ldaps://ldap.iiit.ac.in')
logging.debug("connected to ldap")
main(mail)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment