remplacer les appels mmctl soit par l'api REST soit par un webhook entrant
This commit is contained in:
+122
-17
@@ -5,6 +5,8 @@
|
|||||||
# ki : fab
|
# ki : fab
|
||||||
# test git du 02/10/2023 depuis snster
|
# test git du 02/10/2023 depuis snster
|
||||||
|
|
||||||
|
#maj by fab du 05/07/2026: remplacer les appels mmctl soit par l'api REST soit par un webhook entrant
|
||||||
|
|
||||||
# !!! need by htpasswd
|
# !!! need by htpasswd
|
||||||
# apt-get install apache2-utils dos2unix
|
# apt-get install apache2-utils dos2unix
|
||||||
|
|
||||||
@@ -42,6 +44,7 @@ cd "${KAZ_ROOT}"
|
|||||||
. $KAZ_KEY_DIR/env-ldapServ
|
. $KAZ_KEY_DIR/env-ldapServ
|
||||||
. $KAZ_KEY_DIR/env-sympaServ
|
. $KAZ_KEY_DIR/env-sympaServ
|
||||||
. $KAZ_KEY_DIR/env-paheko
|
. $KAZ_KEY_DIR/env-paheko
|
||||||
|
. $KAZ_KEY_DIR/env-mattermostAdmin
|
||||||
|
|
||||||
# DOCK_DIR="${KAZ_COMP_DIR}" # ???
|
# DOCK_DIR="${KAZ_COMP_DIR}" # ???
|
||||||
|
|
||||||
@@ -218,15 +221,36 @@ FILE_LDIF=/home/sauve/ldap.ldif
|
|||||||
gunzip ${FILE_LDIF}.gz -f
|
gunzip ${FILE_LDIF}.gz -f
|
||||||
grep -aEiorh '([[:alnum:]]+([._-][[:alnum:]]+)*@[[:alnum:]]+([._-][[:alnum:]]+)*\.[[:alpha:]]{2,6})' ${FILE_LDIF} | sort -u > ${TFILE_EMAIL}
|
grep -aEiorh '([[:alnum:]]+([._-][[:alnum:]]+)*@[[:alnum:]]+([._-][[:alnum:]]+)*\.[[:alpha:]]{2,6})' ${FILE_LDIF} | sort -u > ${TFILE_EMAIL}
|
||||||
|
|
||||||
echo "récupération des login mattermost... "
|
# remplacé par la l'API REST
|
||||||
docker exec -i mattermostServ bin/mmctl user list --all | grep ":.*(" | cut -d ':' -f 2 | cut -d ' ' -f 2 | sort > "${TFILE_MM}"
|
# echo "récupération des login mattermost... "
|
||||||
|
# docker exec -i mattermostServ bin/mmctl user list --all | grep ":.*(" | cut -d ':' -f 2 | cut -d ' ' -f 2 | sort > "${TFILE_MM}"
|
||||||
|
|
||||||
|
> "${TFILE_MM}"
|
||||||
|
|
||||||
|
page=0
|
||||||
|
while true; do
|
||||||
|
json=$(curl -s \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
"https://${URL_AGORA}/api/v4/users?page=${page}&per_page=200")
|
||||||
|
|
||||||
|
nb=$(echo "${json}" | jq 'length')
|
||||||
|
|
||||||
|
if [ "${nb}" -eq 0 ]; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "${json}" | jq -r '.[].username' >> "${TFILE_MM}"
|
||||||
|
page=$((page + 1))
|
||||||
|
done
|
||||||
|
sort -o "${TFILE_MM}" "${TFILE_MM}"
|
||||||
|
|
||||||
|
|
||||||
dos2unix "${TFILE_MM}"
|
dos2unix "${TFILE_MM}"
|
||||||
echo "done"
|
|
||||||
|
|
||||||
|
# remplacé par la l'API REST
|
||||||
# se connecter à l'agora pour ensuite pouvoir passer toutes les commandes mmctl
|
# se connecter à l'agora pour ensuite pouvoir passer toutes les commandes mmctl
|
||||||
. $KAZ_KEY_DIR/env-mattermostAdmin
|
# . $KAZ_KEY_DIR/env-mattermostAdmin
|
||||||
echo "docker exec -i mattermostServ bin/mmctl auth login ${httpProto}://${URL_AGORA} --name local-server --username ${mattermost_user} --password ${mattermost_pass}" | tee -a "${CMD_INIT}"
|
# echo "docker exec -i mattermostServ bin/mmctl auth login ${httpProto}://${URL_AGORA} --name local-server --username ${mattermost_user} --password ${mattermost_pass}" | tee -a "${CMD_INIT}"
|
||||||
|
|
||||||
# vérif des emails
|
# vérif des emails
|
||||||
regex="^(([A-Za-z0-9]+((\.|\-|\_|\+)?[A-Za-z0-9]?)*[A-Za-z0-9]+)|[A-Za-z0-9]+)@(([A-Za-z0-9]+)+((\.|\-|\_)?([A-Za-z0-9]+)+)*)+\.([A-Za-z]{2,})+$"
|
regex="^(([A-Za-z0-9]+((\.|\-|\_|\+)?[A-Za-z0-9]?)*[A-Za-z0-9]+)|[A-Za-z0-9]+)@(([A-Za-z0-9]+)+((\.|\-|\_)?([A-Za-z0-9]+)+)*)+\.([A-Za-z]{2,})+$"
|
||||||
@@ -593,23 +617,99 @@ userPassword: {CRYPT}${pass}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=$
|
|||||||
if grep -q "^${IDENT_KAZ}$" "${TFILE_MM}" 2>/dev/null; then
|
if grep -q "^${IDENT_KAZ}$" "${TFILE_MM}" 2>/dev/null; then
|
||||||
echo "${IDENT_KAZ} existe déjà sur mattermost" | tee -a "${LOG}"
|
echo "${IDENT_KAZ} existe déjà sur mattermost" | tee -a "${LOG}"
|
||||||
else
|
else
|
||||||
|
|
||||||
# on créé le compte mattermost
|
# on créé le compte mattermost
|
||||||
echo "docker exec -i mattermostServ bin/mmctl user create --email ${EMAIL_SOUHAITE} --username ${IDENT_KAZ} --password ${PASSWORD}" | tee -a "${CMD_LOGIN}"
|
#echo "docker exec -i mattermostServ bin/mmctl user create --email ${EMAIL_SOUHAITE} --username ${IDENT_KAZ} --password ${PASSWORD}" | tee -a "${CMD_LOGIN}"
|
||||||
|
#on remplace par l'api rest
|
||||||
|
cat <<EOF | tee -a "${CMD_LOGIN}"
|
||||||
|
curl -s -X POST "https://${URL_AGORA}/api/v4/users" \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d '{"email":"${EMAIL_SOUHAITE}","username":"${IDENT_KAZ}","password":"${PASSWORD}"}'
|
||||||
|
EOF
|
||||||
|
|
||||||
|
#quel user_id ?
|
||||||
|
USER_ID=$(curl -s -H "Authorization: Bearer ${mattermost_token}" "https://${URL_AGORA}/api/v4/users/email/${EMAIL_SOUHAITE}" | jq -r '.id')
|
||||||
|
#KAZ a quelle team id ?
|
||||||
|
KAZ_ID=$(curl -s -H "Authorization: Bearer ${mattermost_token}" "https://${URL_AGORA}/api/v4/teams/name/kaz" | jq -r '.id')
|
||||||
|
|
||||||
# et enfin on ajoute toujours le user à l'équipe KAZ et aux 2 channels publiques
|
# et enfin on ajoute toujours le user à l'équipe KAZ et aux 2 channels publiques
|
||||||
echo "docker exec -i mattermostServ bin/mmctl team users add kaz ${EMAIL_SOUHAITE}" | tee -a "${CMD_LOGIN}"
|
#echo "docker exec -i mattermostServ bin/mmctl team users add kaz ${EMAIL_SOUHAITE}" | tee -a "${CMD_LOGIN}"
|
||||||
echo "docker exec -i mattermostServ bin/mmctl channel users add kaz:une-question--un-soucis ${EMAIL_SOUHAITE}" | tee -a "${CMD_LOGIN}"
|
cat <<EOF | tee -a "${CMD_LOGIN}"
|
||||||
echo "docker exec -i mattermostServ bin/mmctl channel users add kaz:cafe-du-commerce--ouvert-2424h ${EMAIL_SOUHAITE}" | tee -a "${CMD_LOGIN}"
|
curl -s -X POST "https://${URL_AGORA}/api/v4/teams/${KAZ_ID}/members" \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d '{"team_id":"${KAZ_ID}","user_id":"${USER_ID}"}'
|
||||||
|
EOF
|
||||||
|
|
||||||
|
CHAN1_ID=$(curl -s -H "Authorization: Bearer ${mattermost_token}" "https://${URL_AGORA}/api/v4/teams/name/kaz/channels/name/une-question--un-soucis" | jq -r '.id')
|
||||||
|
CHAN2_ID=$(curl -s -H "Authorization: Bearer ${mattermost_token}" "https://${URL_AGORA}/api/v4/teams/name/kaz/channels/name/cafe-du-commerce--ouvert-2424h" | jq -r '.id')
|
||||||
|
|
||||||
|
# echo "docker exec -i mattermostServ bin/mmctl channel users add kaz:une-question--un-soucis ${EMAIL_SOUHAITE}" | tee -a "${CMD_LOGIN}"
|
||||||
|
# echo "docker exec -i mattermostServ bin/mmctl channel users add kaz:cafe-du-commerce--ouvert-2424h ${EMAIL_SOUHAITE}" | tee -a "${CMD_LOGIN}"
|
||||||
|
|
||||||
|
cat <<EOF | tee -a "${CMD_LOGIN}"
|
||||||
|
curl -s -X PUT "https://${URL_AGORA}/api/v4/channels/${CHAN1_ID}/members/${USER_ID}" \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
-H "Content-Type: application/json"
|
||||||
|
EOF
|
||||||
|
|
||||||
|
cat <<EOF | tee -a "${CMD_LOGIN}"
|
||||||
|
curl -s -X PUT "https://${URL_AGORA}/api/v4/channels/${CHAN2_ID}/members/${USER_ID}" \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
-H "Content-Type: application/json"
|
||||||
|
EOF
|
||||||
|
|
||||||
NB_SERVICES_BASE=$((NB_SERVICES_BASE+1))
|
NB_SERVICES_BASE=$((NB_SERVICES_BASE+1))
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${EQUIPE_AGORA}" != "" -a "${EQUIPE_AGORA}" != "kaz" ]; then
|
if [ "${EQUIPE_AGORA}" != "" -a "${EQUIPE_AGORA}" != "kaz" ]; then
|
||||||
# l'équipe existe t-elle déjà ?
|
# l'équipe existe t-elle déjà ?
|
||||||
nb=$(docker exec mattermostServ bin/mmctl team list | grep -w "${EQUIPE_AGORA}" | wc -l)
|
|
||||||
if [ "${nb}" == "0" ];then # non, on la créé en mettant le user en admin de l'équipe
|
#nb=$(docker exec mattermostServ bin/mmctl team list | grep -w "${EQUIPE_AGORA}" | wc -l)
|
||||||
echo "docker exec -i mattermostServ bin/mmctl team create --name ${EQUIPE_AGORA} --display-name ${EQUIPE_AGORA} --email ${EMAIL_SOUHAITE}" --private | tee -a "${CMD_INIT}"
|
http_code=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer ${mattermost_token}" "https://${URL_AGORA}/api/v4/teams/name/${EQUIPE_AGORA}")
|
||||||
fi
|
[ "$http_code" -eq 200 ] && nb=1 || nb=0
|
||||||
# puis ajouter le user à l'équipe
|
|
||||||
echo "docker exec -i mattermostServ bin/mmctl team users add ${EQUIPE_AGORA} ${EMAIL_SOUHAITE}" | tee -a "${CMD_INIT}"
|
if [ "${nb}" == "0" ];then # non, on la créé en mettant le user en admin de l'équipe
|
||||||
|
|
||||||
|
#echo "docker exec -i mattermostServ bin/mmctl team create --name ${EQUIPE_AGORA} --display-name ${EQUIPE_AGORA} --email ${EMAIL_SOUHAITE}" --private | tee -a "${CMD_INIT}"
|
||||||
|
cat <<EOF | tee -a "${CMD_INIT}"
|
||||||
|
curl -s -X POST "https://${URL_AGORA}/api/v4/teams" \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d '{
|
||||||
|
"name": "'"${EQUIPE_AGORA}"'",
|
||||||
|
"display_name": "'"${EQUIPE_AGORA}"'",
|
||||||
|
"type": "I",
|
||||||
|
"email": "'"${EMAIL_SOUHAITE}"'"
|
||||||
|
}'
|
||||||
|
EOF
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
# puis ajouter le user à l'équipe
|
||||||
|
#echo "docker exec -i mattermostServ bin/mmctl team users add ${EQUIPE_AGORA} ${EMAIL_SOUHAITE}" | tee -a "${CMD_INIT}"
|
||||||
|
|
||||||
|
#l'équipe a quelle team id ?
|
||||||
|
TEAM_ID=$(curl -s -H "Authorization: Bearer ${mattermost_token}" "https://${URL_AGORA}/api/v4/teams/name/${EQUIPE_AGORA}" | jq -r '.id')
|
||||||
|
cat <<EOF | tee -a "${CMD_INIT}"
|
||||||
|
curl -s -X POST "https://${URL_AGORA}/api/v4/teams/${TEAM_ID}/members" \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d '{
|
||||||
|
"team_id": "'"${TEAM_ID}"'",
|
||||||
|
"user_id": "'"${USER_ID}"'"
|
||||||
|
}'
|
||||||
|
EOF
|
||||||
|
#et on le rend admin de son équipe
|
||||||
|
cat <<EOF | tee -a "${CMD_INIT}"
|
||||||
|
curl -s -X PUT "https://${URL_AGORA}/api/v4/teams/${TEAM_ID}/members/${USER_ID}/roles" \
|
||||||
|
-H "Authorization: Bearer ${mattermost_token}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d '{"roles":"team_admin"}'
|
||||||
|
EOF
|
||||||
|
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "${CREATE_ORGA_SERVICES}" ]; then
|
if [ -n "${CREATE_ORGA_SERVICES}" ]; then
|
||||||
@@ -757,7 +857,12 @@ bisou!"
|
|||||||
EOF" | tee -a "${CMD_MSG}"
|
EOF" | tee -a "${CMD_MSG}"
|
||||||
|
|
||||||
echo " # on envoie la confirmation d'inscription sur l'agora " | tee -a "${CMD_MSG}"
|
echo " # on envoie la confirmation d'inscription sur l'agora " | tee -a "${CMD_MSG}"
|
||||||
echo "docker exec -i mattermostServ bin/mmctl post create kaz:Creation-Comptes --message \"${MAIL_KAZ}\"" | tee -a "${CMD_MSG}"
|
#echo "docker exec -i mattermostServ bin/mmctl post create kaz:Creation-Comptes --message \"${MAIL_KAZ}\"" | tee -a "${CMD_MSG}"
|
||||||
|
cat <<'EOF' | tee -a "${CMD_MSG}"
|
||||||
|
curl -i -X POST -H 'Content-Type: application/json' \
|
||||||
|
-d '{"channel": "creation-comptes","text": "${MAIL_KAZ}"}' \
|
||||||
|
https://${URL_AGORA}/hooks/${token_webhook}
|
||||||
|
EOF
|
||||||
|
|
||||||
# fin des inscriptions
|
# fin des inscriptions
|
||||||
done <<< "${ALL_LINES}"
|
done <<< "${ALL_LINES}"
|
||||||
|
|||||||
Reference in New Issue
Block a user