Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nit 1204 ldap data refresh remove passwords #42

Merged
merged 12 commits into from
Apr 29, 2024
Merged

Nit 1204 ldap data refresh remove passwords #42

merged 12 commits into from
Apr 29, 2024

Conversation

georgepstaylor
Copy link
Member

@georgepstaylor georgepstaylor commented Apr 25, 2024
edited
Loading

  • added command to remove the password attribute from all users except the AutomatedTestUser
  • Fixed the code formatting workflow

@georgepstaylor georgepstaylor requested a review from a team as a code owner April 25, 2024 18:25
@georgepstaylor georgepstaylor changed the base branch from main to dev April 25, 2024 18:25
@georgepstaylor georgepstaylor changed the base branch from dev to main April 25, 2024 18:52
@georgepstaylor georgepstaylor changed the base branch from main to dev April 25, 2024 18:52
@georgepstaylor georgepstaylor mentioned this pull request Apr 25, 2024
Merged
georgepstaylor
georgepstaylor commented Apr 26, 2024
View reviewed changes
cli/ldap_cmds/user.py
Comment on lines +511 to +554
def remove_all_user_passwords(user_ou, root_dn):
log.info("Removing all user passwords")

ldap_connection = ldap_connect(
env.vars.get("LDAP_HOST"),
env.vars.get("LDAP_USER"),
env.secrets.get("LDAP_BIND_PASSWORD"),
)

user_filter = "(!(cn=AutomatedTestUser))"

try:
ldap_connection.search(
",".join([user_ou, root_dn]),
user_filter,
attributes=["cn"],
search_scope="LEVEL",
)
except Exception as e:
log.exception("Failed to search for users")
raise e

found_users = [entry.entry_dn for entry in ldap_connection.entries]
log.debug("Users found:")
log.debug(found_users)

for user in found_users:
try:
ldap_connection.modify(
user,
{
"userPassword": [
(
MODIFY_DELETE,
[],
)
]
},
)
log.info(f"Successfully removed passwd for user {user}, or it didn't have one to begin with")
except Exception as e:
log.exception(f"Failed to remove passwd for user {user}")
raise e
ldap_connection.unbind()
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove_all_user_passwords function

@georgepstaylor georgepstaylor merged commit d28728c into dev Apr 29, 2024
3 checks passed
georgepstaylor added a commit that referenced this pull request Jul 1, 2024
@georgepstaylor @adeweetman-al
@andrewmooreio @IjazMoJ @github-actions
Dev -> Main (#41)
02e8a6a 
* Add initial python for updating home areas

* adding comments for future work

* Update rbac.py

* pre=release

* prerelease test

* PRERELEASE

* release work flow test

* pre release

* Update rbac.py

* clean up home area function

* add setuptools requirements

* Update setup.py

* remove quotes unneeded

* Retrofit logging and env dict from rbac uplift (#17)

* flexibility

* logging

* add shorthand options

* options for log levels

* Update logging.py

* Update __init__.py

* Nit 824 nit 823 - update user roles and user notes (#18)

* new functions and structure

* find common entries in both

* refactor + python rewrite foruser roles

* remove action

* remove debugging

* start oracle db

* add update notes

* typo + rm commented code

* refactor + comments

* Update __init__.py

* fix logger duplicates

* re format + remove print debugging

* log levels + debugging

* Update logger.py

* fixes requirements

* reformat connection for oracle

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* bind by name

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* Update user.py

* add handling for user notes

* Nit 822 (#19)

* add CRC user script

* add click cmd

* add deactivate-crc-users to main group

* Update user.py

* Update requirements.txt

---------

Co-authored-by: Seb Norris <[email protected]>

* Nit 822 (#20)

* add CRC user script

* add click cmd

* add deactivate-crc-users to main group

* Update user.py

* Update requirements.txt

* Update rbac.py

---------

Co-authored-by: Seb Norris <[email protected]>

* Nit 822 (#21)

* add CRC user script

* add click cmd

* add deactivate-crc-users to main group

* Update user.py

* Update requirements.txt

* Update rbac.py

* no token needed for rbac

---------

Co-authored-by: Seb Norris <[email protected]>

* Nit 822 (#22)

* add CRC user script

* add click cmd

* add deactivate-crc-users to main group

* Update user.py

* Update requirements.txt

* Update rbac.py

* no token needed for rbac

* Update rbac.py

---------

Co-authored-by: Seb Norris <[email protected]>

* Nit 822 (#23)

* add CRC user script

* add click cmd

* add deactivate-crc-users to main group

* Update user.py

* Update requirements.txt

* Update rbac.py

* no token needed for rbac

* Update rbac.py

* ldap config dict or local val

---------

Co-authored-by: Seb Norris <[email protected]>

* Formatting & linting pre commits (#24)

* add pre commit

* Update readme.md

* format

* Update tag-and-release.yml

* Update pyproject.toml

* Update .flake8

* Update .flake8

* use black defualt

* format to black defaults

* update black to latest

* remove boilerplate excludes

* update logging and requirements

* NIT-854 Add exception handling and add logging where appropriate

* NIT-854 fix typos

* Apply suggestions from code review

Co-authored-by: George Taylor <[email protected]>

* Update rbac.py

* migration to python-ldap - correction on tree deletion (#28)

* Merge branch 'main' into dev

* Update .flake8

* User expiry script added

* Update rbac.py (#31)

* init py change added

* quotations

* add error handling + get the ou path from the cli input/defaults

* Update format-python.yml

* Nit 1204 ldap data refresh remove passwords (#42)

* remove passwords command

* formatting

* Update user.py

* Update user.py

* Update user.py

* Update format-python.yml

* Update format-python.yml

* Formatted code with black --line-length 120

* Update format-python.yml

---------

Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

---------

Co-authored-by: adrianweetman <[email protected]>
Co-authored-by: Seb Norris <[email protected]>
Co-authored-by: Andrew Moore <[email protected]>
Co-authored-by: Andrew Moore <[email protected]>
Co-authored-by: Ijaz Sultan <[email protected]>
Co-authored-by: IjazMoJ <[email protected]>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewmooreio andrewmooreio andrewmooreio approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@georgepstaylor @andrewmooreio