Skip to content

Commit 4c4545a

Browse files
committed
add "additional group" support to other connectors
except Okta which doesn't give us member groups
1 parent 5a351cb commit 4c4545a

File tree

5 files changed

+23
-5
lines changed

5 files changed

+23
-5
lines changed

user_sync/app.py

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -371,11 +371,7 @@ def begin_work_umapi(config_loader: UMAPIConfigLoader):
371371
if additional_groups and isinstance(additional_groups, list):
372372
additional_group_filters = [r['source'] for r in additional_groups]
373373
if directory_connector is not None:
374-
directory_connector.additional_group_filters = additional_group_filters
375-
# show error dynamic mappings enabled but 'dynamic_group_member_attribute' is not defined
376-
if additional_group_filters and directory_connector.options['dynamic_group_member_attribute'] is None:
377-
raise AssertionException(
378-
"Failed to enable dynamic group mappings. 'dynamic_group_member_attribute' is not defined in config")
374+
directory_connector.set_additional_group_filters(additional_group_filters)
379375

380376
primary_name = '.primary' if secondary_umapi_configs else ''
381377
umapi_primary_connector = UmapiConnector(primary_name, primary_umapi_config, True)

user_sync/connector/directory_adobe_console.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ class AdobeConsoleConnector(DirectoryConnector):
3737

3838
def __init__(self, caller_options, *args, **kwargs):
3939
super(AdobeConsoleConnector, self).__init__(*args, **kwargs)
40+
self.additional_group_filters = None
4041
caller_config = config_common.DictConfig('<%s configuration>' % self.name, caller_options)
4142
builder = config_common.OptionsBuilder(caller_config)
4243
# Let just ignore this
@@ -104,6 +105,9 @@ def __init__(self, caller_options, *args, **kwargs):
104105
self.umapi_users = []
105106
self.user_by_usr_key = {}
106107

108+
def set_additional_group_filters(self, _):
109+
pass
110+
107111
def load_users_and_groups(self, groups, extended_attributes, all_users):
108112
"""
109113
:type groups: list(str)
@@ -178,6 +182,10 @@ def convert_user(self, record):
178182
source_attributes['country'] = user['country'] = record['country']
179183

180184
user['source_attributes'] = source_attributes.copy()
185+
186+
groups = record.get('groups', [])
187+
user['member_groups'] = groups
188+
181189
return user
182190

183191
def iter_umapi_groups(self):

user_sync/connector/directory_csv.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@ def __init__(self, caller_options, *args, **kwargs):
5858
self.encoding = options['string_encoding']
5959
# identity type for new users if not specified in column
6060
self.user_identity_type = user_sync.identity_type.parse_identity_type(options['user_identity_type'])
61+
self.additional_group_filters = None
6162

6263
def load_users_and_groups(self, groups, extended_attributes, all_users):
6364
"""
@@ -140,6 +141,7 @@ def get_column_name(key):
140141
groups = self.get_column_value(row, groups_column_name)
141142
if groups is not None:
142143
user['groups'].extend(groups.split(','))
144+
user['member_groups'] = user['groups']
143145

144146
username = self.get_column_value(row, username_column_name)
145147
if username is None:
@@ -170,6 +172,9 @@ def get_column_name(key):
170172

171173
return users
172174

175+
def set_additional_group_filters(self, _):
176+
pass
177+
173178
def get_column_value(self, row, column_name):
174179
"""
175180
:type row: dict

user_sync/connector/directory_ldap.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,11 @@ def __init__(self, caller_options, *args, **kwargs):
116116
self.user_by_dn = {}
117117
self.additional_group_filters = None
118118

119+
def set_additional_group_filters(self, additional_group_filters):
120+
if self.options['dynamic_group_member_attribute'] is None:
121+
raise AssertionException(
122+
"Failed to enable dynamic group mappings. 'dynamic_group_member_attribute' is not defined in config")
123+
119124
@staticmethod
120125
def get_options(caller_config):
121126
builder = config_common.OptionsBuilder(caller_config)

user_sync/connector/directory_okta.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ class OktaDirectoryConnector(DirectoryConnector):
3838

3939
def __init__(self, caller_options, *args, **kwargs):
4040
super(OktaDirectoryConnector, self).__init__(*args, **kwargs)
41+
self.additional_group_filters = None
4142
caller_config = DictConfig('%s configuration' % self.name, caller_options)
4243
builder = OptionsBuilder(caller_config)
4344
builder.set_string_value('group_filter_format',
@@ -130,6 +131,9 @@ def load_users_and_groups(self, groups, extended_attributes, all_users):
130131

131132
return user_by_uid.values()
132133

134+
def set_additional_group_filters(self, _):
135+
self.logger.warn("Additional group rules are not supported by the Okta connector")
136+
133137
def find_group(self, group):
134138
"""
135139
:type group: str

0 commit comments

Comments
 (0)