|
|
|
from django.dispatch import receiver
|
|
|
|
from django.db.models.signals import post_save, post_delete, m2m_changed
|
|
|
|
from django.contrib.auth import get_user_model
|
|
|
|
from django.conf import settings
|
|
|
|
from .ldap_sync import make_ldap_conn, LDAPUserEntry, LDAPUserSyncer
|
|
|
|
|
|
|
|
User = get_user_model()
|
|
|
|
|
|
|
|
def synchronous_user_sync(user, remove=False):
|
|
|
|
sync_enabled = getattr(settings, 'BAM_LDAP_SYNCHRONOUS_SYNC_ENABLED', True)
|
|
|
|
if sync_enabled:
|
|
|
|
uri = settings.BAM_LDAP_URI
|
|
|
|
bind_dn = settings.BAM_LDAP_BIND_DN
|
|
|
|
secret = settings.BAM_LDAP_SECRET
|
|
|
|
base_dn_map = settings.BAM_LDAP_BASE_DN_MAP
|
|
|
|
ldap_conn = make_ldap_conn(uri, bind_dn, secret)
|
|
|
|
|
|
|
|
try:
|
|
|
|
syncer = LDAPUserSyncer(ldap_conn, base_dn_map)
|
|
|
|
if remove:
|
|
|
|
syncer.remove_user(user)
|
|
|
|
else:
|
|
|
|
syncer.sync_user(user)
|
|
|
|
finally:
|
|
|
|
ldap_conn.unbind_s()
|
|
|
|
|
|
|
|
@receiver(post_save, sender=User)
|
|
|
|
def handle_user_save(sender, instance, created, raw, using, update_fields,
|
|
|
|
**kwargs):
|
|
|
|
relevant_fields = LDAPUserEntry.get_mapped_fields()
|
|
|
|
if update_fields is None or not update_fields.isdisjoint(relevant_fields):
|
|
|
|
synchronous_user_sync(instance)
|
|
|
|
|
|
|
|
@receiver(post_delete, sender=User)
|
|
|
|
def handle_user_delete(sender, instance, **kwargs):
|
|
|
|
synchronous_user_sync(instance, remove=True)
|
|
|
|
|
|
|
|
@receiver(m2m_changed, sender=User.groups.through)
|
|
|
|
def handle_user_groups_change(sender, instance, action, **kwargs):
|
|
|
|
if action in ('post_add', 'post_remove'):
|
|
|
|
synchronous_user_sync(instance)
|