github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

feat: 支持LDAP用户组变更时,JS同步变更

pull/11792/head
jiangweidong 2023-10-09 13:55:55 +08:00 committed by Bryan
parent 6017f804a6
commit 73db1bf50c
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
apps/settings/utils/ldap.py
View File

@ -426,7 +426,21 @@ class LDAPImportUtil(object):
return errors return errors
@staticmethod @staticmethod
def bind_org(org, users, group_users_mapper): def exit_user_group(user_groups_mapper):
# 通过对比查询本次导入用户需要移除的用户组
group_remove_users_mapper = defaultdict(set)
for user, current_groups in user_groups_mapper.items():
old_groups = set(user.groups.all())
exit_groups = old_groups - current_groups
logger.debug(f'Ldap user {user} exits user groups {exit_groups}')
for g in exit_groups:
group_remove_users_mapper[g].add(user)
# 根据用户组统一移除用户
for g, rm_users in group_remove_users_mapper.items():
g.users.remove(*rm_users)
def bind_org(self, org, users, group_users_mapper):
if not org: if not org:
return return
if org.is_root(): if org.is_root():
@ -436,11 +450,15 @@ class LDAPImportUtil(object):
org.add_member(user) org.add_member(user)
# add user to group # add user to group
with tmp_to_org(org): with tmp_to_org(org):
user_groups_mapper = defaultdict(set)
for group_name, users in group_users_mapper.items(): for group_name, users in group_users_mapper.items():
group, created = UserGroup.objects.get_or_create( group, created = UserGroup.objects.get_or_create(
name=group_name, defaults={'name': group_name} name=group_name, defaults={'name': group_name}
) )
for user in users:
user_groups_mapper[user].add(group)
group.users.add(*users) group.users.add(*users)
self.exit_user_group(user_groups_mapper)
class LDAPTestUtil(object): class LDAPTestUtil(object):