bam/bam/management/commands/sync_users.py

from django.core.management.base import BaseCommand, CommandError
from django.contrib.auth import get_user_model
from django.conf import settings
from ...ldap_sync import make_ldap_conn, LDAPAction, LDAPUserSyncer

User = get_user_model()

class Command(BaseCommand):
    def handle(self, *args, **kwargs):
        uri = settings.BAM_LDAP_URI
        bind_dn = settings.BAM_LDAP_BIND_DN
        secret = settings.BAM_LDAP_SECRET
        base_dn_map = settings.BAM_LDAP_BASE_DN_MAP
        ldap_conn = make_ldap_conn(uri, bind_dn, secret)

        syncer = LDAPUserSyncer(ldap_conn, base_dn_map)
        for user in User.objects.all():
            self.stdout.write('Syncing user "%s"...' % user.username)
            actions = syncer.sync_user(user)
            something_done = False
            for base_dn, act in zip(base_dn_map.keys(), actions):
                if act == LDAPAction.USER_ADDED:
                    self.stdout.write(self.style.SUCCESS(
                        '... added them to "%s"' % base_dn))
                    something_done = True
                elif act == LDAPAction.USER_UPDATED:
                    self.stdout.write(self.style.WARNING(
                        '... updated their entry in "%s"' % base_dn
                    ))
                    something_done = True
                elif act == LDAPAction.USER_DELETED:
                    self.stdout.write(self.style.ERROR(
                        '... deleted their entry from "%s"' % base_dn
                    ))
                    something_done = True
            if not something_done:
                self.stdout.write('... nothing to do')