fruworg/pgls
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

moved log output into #match_membership and #match_roles

Browse Source
This commit is contained in:
Lars Kanis 2011-05-23 10:34:53 +02:00
parent 853367186d
commit 47d5b9862e
1 changed files with 26 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
lib/pg_ldap_sync/application.rb
View File

@ -130,30 +130,36 @@ class Application
ldap_by_name = ldaps.inject({}){|h,u| h[u.name] = u; h } ldap_by_name = ldaps.inject({}){|h,u| h[u.name] = u; h }
pg_by_name = pgs.inject({}){|h,u| h[u.name] = u; h } pg_by_name = pgs.inject({}){|h,u| h[u.name] = u; h }
users = [] roles = []
ldaps.each do |ld| ldaps.each do |ld|
pg = pg_by_name[ld.name] pg = pg_by_name[ld.name]
user = MatchedRole.new ld, pg, ld.name role = MatchedRole.new ld, pg, ld.name
users << user roles << role
end end
pgs.each do |pg| pgs.each do |pg|
ld = ldap_by_name[pg.name] ld = ldap_by_name[pg.name]
next if ld next if ld
user = MatchedRole.new ld, pg, pg.name role = MatchedRole.new ld, pg, pg.name
users << user roles << role
end end
users.each do |u| roles.each do |r|
u.state = case r.state = case
when u.ldap && !u.pg then :create when r.ldap && !r.pg then :create
when !u.ldap && u.pg then :drop when !r.ldap && r.pg then :drop
when u.pg && u.ldap then :keep when r.pg && r.ldap then :keep
else raise "invalid user #{u.inspect}" else raise "invalid user #{r.inspect}"
end end
u.type = type r.type = type
end end
return users log.info{
roles.each do |role|
log.debug{ "#{role.state} #{role.type}: #{role.name}" }
end
"#{type} stat: create: #{roles.count{|r| r.state==:create }} drop: #{roles.count{|r| r.state==:drop }} keep: #{roles.count{|r| r.state==:keep }}"
}
return roles
end end
def pg_exec(sql, params=nil) def pg_exec(sql, params=nil)
@ -218,6 +224,13 @@ class Application
memberships = (ldap_by_m2m & pg_by_m2m).map{|r,mo| MatchedMembership.new r, mo, :keep } memberships = (ldap_by_m2m & pg_by_m2m).map{|r,mo| MatchedMembership.new r, mo, :keep }
memberships += (ldap_by_m2m - pg_by_m2m).map{|r,mo| MatchedMembership.new r, mo, :grant } memberships += (ldap_by_m2m - pg_by_m2m).map{|r,mo| MatchedMembership.new r, mo, :grant }
memberships += (pg_by_m2m - ldap_by_m2m).map{|r,mo| MatchedMembership.new r, mo, :revoke } memberships += (pg_by_m2m - ldap_by_m2m).map{|r,mo| MatchedMembership.new r, mo, :revoke }
log.info{
memberships.each do |membership|
log.debug{ "#{membership.state} #{membership.role_name} to #{membership.member_of}" }
end
"membership stat: grant: #{memberships.count{|u| u.state==:grant }} revoke: #{memberships.count{|u| u.state==:revoke }} keep: #{memberships.count{|u| u.state==:keep }}"
}
return memberships return memberships
end end
@ -262,20 +275,8 @@ class Application
mroles = match_roles(ldap_users, pg_users, :user) mroles = match_roles(ldap_users, pg_users, :user)
mroles += match_roles(ldap_groups, pg_groups, :group) mroles += match_roles(ldap_groups, pg_groups, :group)
log.info{
mroles.each do |mrole|
log.debug{ "#{mrole.state} #{mrole.type}: #{mrole.name}" }
end
"user/group stat: create: #{mroles.count{|u| u.state==:create }} drop: #{mroles.count{|u| u.state==:drop }} keep: #{mroles.count{|u| u.state==:keep }}"
}
mmemberships = match_memberships(ldap_users+ldap_groups, pg_users+pg_groups) mmemberships = match_memberships(ldap_users+ldap_groups, pg_users+pg_groups)
log.info{
mmemberships.each do |mmembership|
log.debug{ "#{mmembership.state} #{mmembership.role_name} to #{mmembership.member_of}" }
end
"membership stat: grant: #{mmemberships.count{|u| u.state==:grant }} revoke: #{mmemberships.count{|u| u.state==:revoke }} keep: #{mmemberships.count{|u| u.state==:keep }}"
}
sync_roles_to_pg(mroles) sync_roles_to_pg(mroles)
sync_membership_to_pg(mmemberships) sync_membership_to_pg(mmemberships)