From 98832beb275bc9561b4b820d66b40cd0de0fde6a Mon Sep 17 00:00:00 2001 From: Thary Date: Wed, 24 Sep 2025 17:05:07 +0300 Subject: [PATCH] fix --- mastodon-kanidm-sync.py | 61 ++++++++++++++++++++++------------------- 1 file changed, 33 insertions(+), 28 deletions(-) diff --git a/mastodon-kanidm-sync.py b/mastodon-kanidm-sync.py index d4d2fa5..59fc199 100644 --- a/mastodon-kanidm-sync.py +++ b/mastodon-kanidm-sync.py @@ -1,8 +1,6 @@ from io import DEFAULT_BUFFER_SIZE import os -import time import json -from psycopg2.sql import NULL import requests import psycopg2 as ps @@ -26,9 +24,9 @@ OWNER_USERNAME = getenv("OWNER_USERNAME") # Fetch kanidm users list from userdata file # Userdata file is json list with information about what users are configured by kanidm try: - USERDATA = read_file(getenv("USERDATA_FILE_PATH")).strip() - userdata = json.loads(USERDATA) - print("userdata from file loaded") + USERDATA = read_file(getenv("USERDATA_FILE_PATH")).strip() + userdata = json.loads(USERDATA) + print("[INFO] ") except FileNotFoundError: userdata = [] @@ -44,9 +42,9 @@ cur = conn.cursor() cur.execute(''' SELECT identities.uid, users.id, user_roles.name FROM users - JOIN identities - ON users.id = identities.id - LEFT JOIN user_roles + JOIN identities + ON users.id = identities.id + LEFT JOIN user_roles ON users.role_id = user_roles.id; ''' ) @@ -71,45 +69,53 @@ kanidm_users_raw = requests.get( timeout=5, ).json() +def give_role(uid, role, putUserdata = True): + if (uid not in userdata) and (putUserdata): + userdata.append(uid) + users[uid]["isKanidmUser"] = True + users[uid]["role"] = role + print(f"[INFO] {uid} is marked as {role}") + + for i in kanidm_users_raw: i = i["attrs"] for uid in i["name"]: # [user].attrs.name is a list if uid in users: # Don't apply anything for users who have no mastodon access (sp.mastodon.users) or didn't register if uid == OWNER_USERNAME: - users[uid]["isKanidmUser"] = True - users[uid]["role"] = "Owner" + give_role(uid, "Owner", False) continue for group in i["memberof"]: if group.startswith("sp.mastodon.admins@") or group.startswith("sp.admins@"): - print(uid not in userdata) - if uid not in userdata: - userdata.append(uid) - print("a") - users[uid]["isKanidmUser"] = True - users[uid]["role"] = "Admin" - print(f"[INFO] {uid} got role Admin") + give_role(uid, "Admin") break + elif group.startswith("sp.mastodon.moderators@"): - if uid not in userdata: - userdata.append(uid) - users[uid]["isKanidmUser"] = True - users[uid]["role"] = "Moderator" - print(f"[INFO] {uid} got role Moderator") + give_role(uid, "Moderator") break + elif uid in userdata: # If user, who previously had a role, has no roles set by Kanidm, delete them from userdata list so allow setting roles directly by mastodon - users[uid]["isKanidmUser"] = True - users[uid]["role"] = None + give_role(uid, None, False) userdata.remove(uid) - print(f"[INFO] {uid} has no roles") print("[DEBUG] ", users) # DEBUG +for uid in users: + if not users[uid]["isKanidmUser"]: + continue + + if users[uid]["role"]: + roleid = users[uid]["role"] + else: + roleid = "NULL" + + cur.execute("UPDATE users SET role_id = {roleid} WHERE id = {users[uid]};") + cur.close() conn.close() -print("[INFO] Final userdata file: ", userdata) +print("[INFO] Final userdata.json file content: ", userdata) def write_userdata(mode): with open(getenv("USERDATA_FILE_PATH"), mode) as f: @@ -118,7 +124,6 @@ def write_userdata(mode): try: write_userdata("w") - print("aw") except FileNotFoundError: + print("[INFO] userdata.json file doesn't exist. Creating it") write_userdata("x") - print("ax")