194 lines
7.9 KiB
Python
Executable File
194 lines
7.9 KiB
Python
Executable File
#!/usr/bin/python3
|
|
|
|
import sys
|
|
|
|
from lib.paheko import Paheko
|
|
from lib.ldap import Ldap
|
|
from lib.ssh import Ssh
|
|
from lib.misc import get_disk_size
|
|
|
|
paheko = Paheko()
|
|
categorie_membres = paheko.get_categorie_id("Membres")
|
|
membres = paheko.get_users_in_categorie(categorie_membres)
|
|
categorie_collegiale = paheko.get_categorie_id("Collégiale")
|
|
membres += paheko.get_users_in_categorie(categorie_collegiale)
|
|
categorie_administrateurs = paheko.get_categorie_id("Administrateurs")
|
|
membres += paheko.get_users_in_categorie(categorie_administrateurs)
|
|
|
|
|
|
def test_services(paheko_entry, ldap_entry):
|
|
# Vérifie que les services orga activés sont bien désactivés sur le mutu. Juste nextcloud pour l'instant.
|
|
is_orga = paheko_entry["admin_orga"].strip("'") == "Oui"
|
|
if is_orga:
|
|
paheko_has_cloud = paheko_entry["cloud"].strip("'") == "Oui"
|
|
ldap_cloud_enabled = ldap_entry[1]['nextcloudEnabled'][0] == b"TRUE"
|
|
# if (paheko_has_cloud and ldap_cloud_enabled):
|
|
# path = f"/var/lib/docker/volumes/cloud_cloudData/_data/{ldap_entry[1]['identifiantKaz'][0].decode()}"
|
|
# size = get_disk_size(path)
|
|
# if size < 40529249:
|
|
# print(f"{ldap_entry[1]['identifiantKaz'][0].decode()} {size}")
|
|
# with Ldap() as ldap:
|
|
# print(ldap_entry[1]['mail'][0].decode())
|
|
# ldap.update_user(ldap_entry[1]['mail'][0].decode(), "nextcloudEnabled", b"FALSE")
|
|
return not (paheko_has_cloud and ldap_cloud_enabled)
|
|
|
|
return True
|
|
|
|
def test_quota(paheko_entry, ldap_entry):
|
|
quota_paheko = int(paheko_entry["quota_disque"].strip("'"))
|
|
quota_nextcloud = int(ldap_entry[1]['nextcloudQuota'][0][:-3])
|
|
quota_mail = int(ldap_entry[1]['mailQuota'][0][:-1])
|
|
quota_global = int(ldap_entry[1]['quota'][0])
|
|
is_orga = paheko_entry["admin_orga"].strip("'") == "Oui"
|
|
has_mail = ldap_entry[1]['mailEnabled'][0] == b"TRUE"
|
|
has_nextcloud = ldap_entry[1]['nextcloudEnabled'][0] == b"TRUE"
|
|
|
|
if quota_paheko != quota_global:
|
|
return False
|
|
|
|
quota_given = 0
|
|
if has_mail:
|
|
quota_given += quota_mail
|
|
if has_nextcloud:
|
|
quota_given += quota_nextcloud
|
|
|
|
if is_orga:
|
|
linked_emails = paheko_entry["emails_rattaches"]
|
|
if linked_emails:
|
|
for linked_email in linked_emails.splitlines():
|
|
ldap_linked_entry = ldap.get_email(linked_email)
|
|
if ldap_linked_entry:
|
|
quota_given += int(ldap_linked_entry[0][1]['mailQuota'][0][:-1])
|
|
|
|
# beaucoup ont en fait xGO de mail et xGO de cloud pour xGO en tout, à corriger à terme.
|
|
if quota_global * 2 == quota_given or 1 + quota_global * 2 == quota_given:
|
|
return True
|
|
|
|
# On laisse 1GO de rab' pour tous ceux qui ont 10 de cloud et 1 de mail.
|
|
if quota_given <= quota_global + 1:
|
|
return True
|
|
|
|
return False
|
|
|
|
|
|
def test_mail_secours(paheko_entry, ldap_entry):
|
|
# Vérifie que le mail de secours dans le LDAP correspond à celui dans paheko.
|
|
if paheko_entry["email_secours"]:
|
|
return paheko_entry["email_secours"].strip("'").encode() == ldap_entry[1]['mailDeSecours'][0]
|
|
else:
|
|
return False
|
|
|
|
|
|
def test_mails_orga(paheko_entry):
|
|
# Vérifie que les mails des orgas sont bien dans le LDAP.
|
|
is_orga = paheko_entry["admin_orga"].strip("'") == "Oui"
|
|
res = []
|
|
if is_orga:
|
|
linked_emails = paheko_entry["emails_rattaches"]
|
|
if linked_emails:
|
|
for linked_email in linked_emails.splitlines():
|
|
ldap_linked_entry = ldap.get_email(linked_email)
|
|
if not ldap_linked_entry:
|
|
res.append(linked_email)
|
|
return res
|
|
|
|
|
|
def test_server_location(paheko_entry):
|
|
# Vérifie que le serveur est bien renseigné.
|
|
is_orga = paheko_entry["admin_orga"].strip("'") == "Oui"
|
|
if is_orga and (paheko_entry["cloud"].strip("'") == "Oui" or paheko_entry["wordpress"].strip("'") == "Oui"):
|
|
serveur_prod = paheko_entry["serveur_prod"]
|
|
if not serveur_prod:
|
|
return False
|
|
directory = f"/kaz/dockers/{paheko_entry['nom_orga']}-orga"
|
|
with Ssh(serveur_prod) as ssh:
|
|
return ssh.check_return_code(f"ls {directory}") == 0
|
|
return True
|
|
|
|
with Ldap() as ldap:
|
|
try:
|
|
not_in_ldap = []
|
|
not_in_paheko = []
|
|
mail_secours = []
|
|
quota = []
|
|
services = []
|
|
mails_orgas = []
|
|
servers_locations = []
|
|
for membre in membres:
|
|
ldap_entry = ldap.get_email(membre["email"])
|
|
if ldap_entry:
|
|
ldap_entry = ldap_entry[0]
|
|
|
|
if not test_mail_secours(membre, ldap_entry):
|
|
mail_secours.append(f"{membre['email']}: Paheko {membre['email_secours']}, LDAP {ldap_entry[1]['mailDeSecours'][0].decode()}")
|
|
|
|
if not test_services(membre, ldap_entry):
|
|
path = f"/var/lib/docker/volumes/cloud_cloudData/_data/{ldap_entry[1]['identifiantKaz'][0].decode()}"
|
|
size = int(get_disk_size(path) / 1024 / 1024)
|
|
services.append(f"{membre['email']}: Paheko {membre['cloud']}, LDAP {ldap_entry[1]['nextcloudEnabled'][0].decode()}, espace cloud commun {size}Mo")
|
|
|
|
if not test_quota(membre, ldap_entry):
|
|
suffix = ""
|
|
if membre['emails_rattaches']:
|
|
suffix = " rattachés\n " + "\n ".join(membre['emails_rattaches'].splitlines())
|
|
quota.append(f"{membre['email']}: Paheko {membre['quota_disque']}, LDAP mail {ldap_entry[1]['mailQuota'][0].decode()} cloud {ldap_entry[1]['nextcloudQuota'][0].decode()} quotaGlobal {ldap_entry[1]['quota'][0].decode()}{suffix}")
|
|
|
|
mails_orga = test_mails_orga(membre)
|
|
if mails_orga:
|
|
suffix = '\n '.join(mails_orga)
|
|
mails_orgas.append(f"{membre['email']}:\n {suffix}")
|
|
|
|
# if not test_server_location(membre):
|
|
# servers_locations.append(f"{membre['email']} - {membre['nom_orga']}, pas trouvé sur {membre['serveur_prod']}")
|
|
|
|
else:
|
|
ldap_entry = ldap.get_mail_forwarding(membre["email"])
|
|
if not ldap_entry:
|
|
not_in_ldap.append(f"{membre['email']} / id : {membre['id']}")
|
|
except Exception as e:
|
|
print(membre)
|
|
print(ldap.get_email(membre["email"]))
|
|
raise e
|
|
|
|
ldap_users = ldap.get_users()
|
|
for ldap_user in ldap_users:
|
|
ldap_user = ldap_user[1]
|
|
paheko_entry = [x for x in membres if x["email"] == ldap_user["mail"][0].decode() or (x["emails_rattaches"] and ldap_user["mail"][0].decode() in x["emails_rattaches"])]
|
|
paheko_entry = paheko_entry[0] if len(paheko_entry) else None
|
|
if paheko_entry:
|
|
pass
|
|
else:
|
|
not_in_paheko.append(ldap_user["mail"][0].decode())
|
|
|
|
ldap_forwardings = ldap.get_mail_forwardings()
|
|
for ldap_user in ldap_forwardings:
|
|
ldap_user = ldap_user[1]
|
|
paheko_entry = [x for x in membres if x["email"] == ldap_user["mail"][0].decode() or (x["emails_rattaches"] and ldap_user["mail"][0].decode() in x["emails_rattaches"])]
|
|
paheko_entry = paheko_entry[0] if len(paheko_entry) else None
|
|
if paheko_entry:
|
|
pass
|
|
else:
|
|
not_in_paheko.append(ldap_user["mail"][0].decode() + " (forwarding)")
|
|
|
|
|
|
print("Mails dans paheko mais pas dans le LDAP :")
|
|
print("\n".join(not_in_ldap))
|
|
|
|
print("Mails dans le LDAP mais pas dans paheko :")
|
|
print("\n".join(not_in_paheko))
|
|
|
|
print("\nMails de secours pas ok dans le LDAP :")
|
|
print("\n".join(mail_secours))
|
|
|
|
print("\nServices pas ok dans le LDAP (ont nextcloud commun + dédié) :")
|
|
print("\n".join(services))
|
|
|
|
print("\nQuotas pas ok dans le LDAP :")
|
|
print("\n".join(quota))
|
|
|
|
print("\nMails d'orga dans paheko mais manquant dans le LDAP :")
|
|
print("\n".join(mails_orgas))
|
|
|
|
print("\nOrgas pas trouvées sur le serveur renseigné dans paheko :")
|
|
print("\n".join(servers_locations))
|