[Feature] 添加同步 LDAP/AD 用户的定时任务2（添加同步参数配置项）

8b7c5b15 · BaiJiangJie · 8081a864 · 8b7c5b15 · 8b7c5b15 · 8b7c5b15
Commit 8b7c5b15 authored Sep 27, 2019 by BaiJiangJie
Show whitespace changes
Inline Side-by-side

Showing with 22 additions and 4 deletions

conf.py apps/jumpserver/conf.py +4 -1

settings.py apps/jumpserver/settings.py +4 -0

utils.py apps/settings/utils.py +2 -1

tasks.py apps/users/tasks.py +12 -2

No files found.
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@@ -374,6 +374,10 @@ defaults = {
    'RADIUS_SERVER': 'localhost',
    'RADIUS_PORT': 1812,
    'RADIUS_SECRET': '',
+    'AUTH_LDAP_SEARCH_PAGED_SIZE': 1000,
+    'AUTH_LDAP_SYNC_IS_PERIODIC': False,
+    'AUTH_LDAP_SYNC_INTERVAL': None,
+    'AUTH_LDAP_SYNC_CRONTAB': None,
    'HTTP_BIND_HOST': '0.0.0.0',
    'HTTP_LISTEN_PORT': 8080,
    'WS_LISTEN_PORT': 8070,
@@ -386,7 +390,6 @@ defaults = {
    'PERM_SINGLE_ASSET_TO_UNGROUP_NODE': False,
    'WINDOWS_SSH_DEFAULT_SHELL': 'cmd',
    'FLOWER_URL': "127.0.0.1:5555",
-    'AUTH_LDAP_SEARCH_PAGED_SIZE': 1000,
    'DEFAULT_ORG_SHOW_ALL_USERS': True,
 }


--- a/apps/jumpserver/settings.py
+++ b/apps/jumpserver/settings.py
@@ -425,6 +425,10 @@ OTP_VALID_WINDOW = CONFIG.OTP_VALID_WINDOW
 # Auth LDAP settings
 AUTH_LDAP = False
 AUTH_LDAP_SEARCH_PAGED_SIZE = CONFIG.AUTH_LDAP_SEARCH_PAGED_SIZE
+AUTH_LDAP_SYNC_IS_PERIODIC = CONFIG.AUTH_LDAP_SYNC_IS_PERIODIC
+AUTH_LDAP_SYNC_INTERVAL = CONFIG.AUTH_LDAP_SYNC_INTERVAL
+AUTH_LDAP_SYNC_CRONTAB = CONFIG.AUTH_LDAP_SYNC_CRONTAB
+
 AUTH_LDAP_SERVER_URI = 'ldap://localhost:389'
 AUTH_LDAP_BIND_DN = 'cn=admin,dc=jumpserver,dc=org'
 AUTH_LDAP_BIND_PASSWORD = ''

--- a/apps/settings/utils.py
+++ b/apps/settings/utils.py
@@ -170,7 +170,7 @@ class LDAPUtil:
        email = construct_user_email(username, email)
        return email

-    def create_or_update_users(self, user_items, force_update=True):
+    def create_or_update_users(self, user_items):
        succeed = failed = 0
        for user_item in user_items:
            exist = user_item.pop('existing', False)
@@ -180,6 +180,7 @@ class LDAPUtil:
            else:
                ok, error = self.update_user(user_item)
            if not ok:
+                logger.info("Failed User: {}".format(user_item))
                failed += 1
            else:
                succeed += 1

--- a/apps/users/tasks.py
+++ b/apps/users/tasks.py
@@ -82,11 +82,21 @@ def sync_ldap_user():
 def sync_ldap_user_periodic():
    if not settings.AUTH_LDAP:
        return
+    if not settings.AUTH_LDAP_SYNC_IS_PERIODIC:
+        return
+
+    interval = settings.AUTH_LDAP_SYNC_INTERVAL
+    if isinstance(interval, int):
+        interval = interval * 3600
+    else:
+        interval = None
+    crontab = settings.AUTH_LDAP_SYNC_CRONTAB
+
    tasks = {
        'sync_ldap_user_periodic': {
            'task': sync_ldap_user.name,
-            'interval': None,
-            'crontab': '* * * * *',
+            'interval': interval,
+            'crontab': crontab,
            'enabled': True,
        }
    }