Add groups from ldap

4 files changed, 70 insertions, 7 deletions

diff --git a/config_default b/config_default
index f233c16..d28ae4a 100644
--- a/config_default
+++ b/config_default
@@ -1,4 +1,11 @@
 ---
+ldapserver: ldap.mageia.org
+binddn: uid=mgagit,ou=People,dc=mageia,dc=org
+bindpwfile: /etc/mgagit.secret
+groupbase: ou=Group,dc=mageia,dc=org
+groupfilter: '(objectClass=groupOfNames)'
+uid_username_re: '^uid=(.+),ou=People,dc=mageia,dc=org$'
+group_re: '^cn=(.+),ou=Group,dc=mageia,dc=org$'
 tmpl_dir: /usr/share/mgagit/tmpl
 gitolite_config: /var/lib/git/.gitolite/conf/gitolite.conf
 repos_config:
diff --git a/lib/MGA/Git.pm b/lib/MGA/Git.pm
index 45fe701..e84b3d4 100644
--- a/lib/MGA/Git.pm
+++ b/lib/MGA/Git.pm
@@ -4,6 +4,7 @@ use strict;
 use YAML qw(LoadFile);
 use Template;
 use File::Slurp;
+use Net::LDAP;
 use feature 'state';
 use Data::Dump qw/dd/;
 
@@ -42,6 +43,40 @@ sub load_gitrepos {
     }
 }
 
+sub get_ldap {
+    state $ldap;
+    return $ldap if $ldap;
+    my $bindpw = read_file($config->{bindpwfile}) 
+        or die "Error reading $config->{bindpwfile}";
+    chomp $bindpw;
+    $ldap = Net::LDAP->new($config->{ldapserver}) or die "$@";
+    my $m = $ldap->start_tls(verify => 'none');
+    die $m->error if $m->is_error;
+    $m = $ldap->bind($config->{binddn}, password => $bindpw);
+    die $m->error if $m->is_error;
+    return $ldap;
+}
+
+sub re {
+    my ($re, $txt) = @_;
+    my $rr = qr/$config->{$re}/;
+    $txt =~ s/$rr/$1/;
+    return $txt;
+}
+
+sub load_groups {
+    my ($r) = @_;
+    my $ldap = get_ldap;
+    my $m = $ldap->search(
+        base => $config->{groupbase},
+        filter => $config->{groupfilter},
+    );
+    my $res = $m->as_struct;
+    @{$r->{groups}}{map { re('group_re', $_) } keys %$res} =
+        map { [ map { re('uid_username_re', $_) } @{$_->{member}} ] }
+        values %$res;
+}
+
 sub get_tmpl {
     my ($name, $ext) = @_;
     state %tmpl;
@@ -52,25 +87,41 @@ sub get_tmpl {
     return $tmpl{"$name.$ext"};
 }
 
+sub process_tmpl {
+    my ($tmplname, $ext, $vars) = @_;
+    my $tt = Template->new;
+    my $tmpl = get_tmpl($tmplname, $ext);
+    my $c;
+    $tt->process(\$tmpl, $vars, \$c);
+    return $c;
+}
+
 sub gitolite_repo_config {
     my ($r, $repo) = @_;
-    my $tt = Template->new;
-    my $tmpl = get_tmpl($r->{repos}{$repo}{gl_template}, 'gl');
     my $vars = {
         r      => $r,
         repo   => $repo,
         config => $config,
     };
-    my $c;
-    $tt->process(\$tmpl, $vars, \$c);
-    return $c;
+    return process_tmpl($r->{repos}{$repo}{gl_template}, 'gl', $vars);
+}
+
+sub gitolite_group_config {
+    my ($r, $group) = @_;
+    my $vars = {
+        r      => $r,
+        group  => $group,
+        config => $config,
+    };
+    return process_tmpl('group', 'gl', $vars);
 }
 
 sub gitolite_config {
     my ($r) = @_;
-    my @repos;
+    my (@repos, @groups);
     @repos = map { gitolite_repo_config($r, $_) } sort keys %{$r->{repos}};
-    return join("\n", @repos);
+    @groups = map { gitolite_group_config($r, $_) } sort keys %{$r->{groups}};
+    return join("\n", @groups, @repos);
 }
 
 sub update_gitolite_config {
diff --git a/mgagit b/mgagit
index df5e699..9b8da85 100755
--- a/mgagit
+++ b/mgagit
@@ -54,6 +54,7 @@ sub glconf {
     usageexit('usage', $_[0]) unless @_ <= 2;
     my %r;
     MGA::Git::load_gitrepos(\%r);
+    MGA::Git::load_groups(\%r) if @_ == 1;
     if (my $repo = $_[1]) {
         if (!$r{repos}{$repo}) {
             print STDERR "Cannot find repository $repo\n";
@@ -69,6 +70,7 @@ sub glrun {
     usageexit('usage', $_[0]) unless @_ == 1;
     my %r;
     MGA::Git::load_gitrepos(\%r);
+    MGA::Git::load_groups(\%r);
     MGA::Git::update_gitolite_config(\%r);
 }
 
diff --git a/tmpl/group.gl b/tmpl/group.gl
new file mode 100644
index 0000000..1d8ad52
--- /dev/null
+++ b/tmpl/group.gl
@@ -0,0 +1,3 @@
+[% FOREACH user IN r.groups.$group -%]
+@[% group %] = [% user %]
+[% END %]