/lib/tasks/ldap.rake - Foreman

| Branch: | Tag: | Revision:

foreman/lib/tasks/ldap.rake @ f728bfd4

       namespace :ldap do
         task :refresh_usergroups => :environment do
           desc <<-END_DESC
           Refreshes LDAP usergroups. It adds to an LDAP usergroup all the foreman users that belong to it, and removes foreman users
           in that usergroup that do not belong in LDAP anymore.
           END_DESC
           ExternalUsergroup.all.each do |eu|
             begin
               eu.refresh
             rescue => error
               puts "User group #{eu} could not be refreshed - LDAP source #{eu.auth_source} not available: #{error}"
             end
           end
         end
         task :remove_deleted_users => :environment do
           desc <<-END_DESC
           Deletes all foreman users that authenticate via LDAP, but whose LDAP users do not exist anymore.
           Also deletes them as the owner of their hosts.
           END_DESC
           User.as_anonymous_admin do
             User.joins(:auth_source).where(:'auth_sources.type' => 'AuthSourceLdap').each do |user|
               unless user.auth_source.valid_user?(user.login)
                 Host.where(:owner => user).update_all(:owner_type => nil, :owner_id => nil)
                 user.destroy!
                 puts "Deleted user #{user.login}"
               end
             end
           end
         end
       end

(18-18/41)