From 5b952a48794fad7115754090dc79c85195082456 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sat, 22 Jun 2013 03:13:01 +0200 Subject: Add groups from ldap --- config_default | 7 +++++++ lib/MGA/Git.pm | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++------- mgagit | 2 ++ tmpl/group.gl | 3 +++ 4 files changed, 70 insertions(+), 7 deletions(-) create mode 100644 tmpl/group.gl diff --git a/config_default b/config_default index f233c16..d28ae4a 100644 --- a/config_default +++ b/config_default @@ -1,4 +1,11 @@ --- +ldapserver: ldap.mageia.org +binddn: uid=mgagit,ou=People,dc=mageia,dc=org +bindpwfile: /etc/mgagit.secret +groupbase: ou=Group,dc=mageia,dc=org +groupfilter: '(objectClass=groupOfNames)' +uid_username_re: '^uid=(.+),ou=People,dc=mageia,dc=org$' +group_re: '^cn=(.+),ou=Group,dc=mageia,dc=org$' tmpl_dir: /usr/share/mgagit/tmpl gitolite_config: /var/lib/git/.gitolite/conf/gitolite.conf repos_config: diff --git a/lib/MGA/Git.pm b/lib/MGA/Git.pm index 45fe701..e84b3d4 100644 --- a/lib/MGA/Git.pm +++ b/lib/MGA/Git.pm @@ -4,6 +4,7 @@ use strict; use YAML qw(LoadFile); use Template; use File::Slurp; +use Net::LDAP; use feature 'state'; use Data::Dump qw/dd/; @@ -42,6 +43,40 @@ sub load_gitrepos { } } +sub get_ldap { + state $ldap; + return $ldap if $ldap; + my $bindpw = read_file($config->{bindpwfile}) + or die "Error reading $config->{bindpwfile}"; + chomp $bindpw; + $ldap = Net::LDAP->new($config->{ldapserver}) or die "$@"; + my $m = $ldap->start_tls(verify => 'none'); + die $m->error if $m->is_error; + $m = $ldap->bind($config->{binddn}, password => $bindpw); + die $m->error if $m->is_error; + return $ldap; +} + +sub re { + my ($re, $txt) = @_; + my $rr = qr/$config->{$re}/; + $txt =~ s/$rr/$1/; + return $txt; +} + +sub load_groups { + my ($r) = @_; + my $ldap = get_ldap; + my $m = $ldap->search( + base => $config->{groupbase}, + filter => $config->{groupfilter}, + ); + my $res = $m->as_struct; + @{$r->{groups}}{map { re('group_re', $_) } keys %$res} = + map { [ map { re('uid_username_re', $_) } @{$_->{member}} ] } + values %$res; +} + sub get_tmpl { my ($name, $ext) = @_; state %tmpl; @@ -52,25 +87,41 @@ sub get_tmpl { return $tmpl{"$name.$ext"}; } +sub process_tmpl { + my ($tmplname, $ext, $vars) = @_; + my $tt = Template->new; + my $tmpl = get_tmpl($tmplname, $ext); + my $c; + $tt->process(\$tmpl, $vars, \$c); + return $c; +} + sub gitolite_repo_config { my ($r, $repo) = @_; - my $tt = Template->new; - my $tmpl = get_tmpl($r->{repos}{$repo}{gl_template}, 'gl'); my $vars = { r => $r, repo => $repo, config => $config, }; - my $c; - $tt->process(\$tmpl, $vars, \$c); - return $c; + return process_tmpl($r->{repos}{$repo}{gl_template}, 'gl', $vars); +} + +sub gitolite_group_config { + my ($r, $group) = @_; + my $vars = { + r => $r, + group => $group, + config => $config, + }; + return process_tmpl('group', 'gl', $vars); } sub gitolite_config { my ($r) = @_; - my @repos; + my (@repos, @groups); @repos = map { gitolite_repo_config($r, $_) } sort keys %{$r->{repos}}; - return join("\n", @repos); + @groups = map { gitolite_group_config($r, $_) } sort keys %{$r->{groups}}; + return join("\n", @groups, @repos); } sub update_gitolite_config { diff --git a/mgagit b/mgagit index df5e699..9b8da85 100755 --- a/mgagit +++ b/mgagit @@ -54,6 +54,7 @@ sub glconf { usageexit('usage', $_[0]) unless @_ <= 2; my %r; MGA::Git::load_gitrepos(\%r); + MGA::Git::load_groups(\%r) if @_ == 1; if (my $repo = $_[1]) { if (!$r{repos}{$repo}) { print STDERR "Cannot find repository $repo\n"; @@ -69,6 +70,7 @@ sub glrun { usageexit('usage', $_[0]) unless @_ == 1; my %r; MGA::Git::load_gitrepos(\%r); + MGA::Git::load_groups(\%r); MGA::Git::update_gitolite_config(\%r); } diff --git a/tmpl/group.gl b/tmpl/group.gl new file mode 100644 index 0000000..1d8ad52 --- /dev/null +++ b/tmpl/group.gl @@ -0,0 +1,3 @@ +[% FOREACH user IN r.groups.$group -%] +@[% group %] = [% user %] +[% END %] -- cgit v1.2.1