Dev -> Main (#41)

* Add initial python for updating home areas * adding comments for future work * Update rbac.py * pre=release * prerelease test * PRERELEASE * release work flow test * pre release * Update rbac.py * clean up home area function * add setuptools requirements * Update setup.py * remove quotes unneeded * Retrofit logging and env dict from rbac uplift (#17) * flexibility * logging * add shorthand options * options for log levels * Update logging.py * Update __init__.py * Nit 824 nit 823 - update user roles and user notes (#18) * new functions and structure * find common entries in both * refactor + python rewrite foruser roles * remove action * remove debugging * start oracle db * add update notes * typo + rm commented code * refactor + comments * Update __init__.py * fix logger duplicates * re format + remove print debugging * log levels + debugging * Update logger.py * fixes requirements * reformat connection for oracle * Update user.py * Update user.py * Update user.py * Update user.py * Update user.py * Update user.py * Update user.py * Update user.py * bind by name * Update user.py * Update user.py * Update user.py * Update user.py * Update user.py * Update user.py * add handling for user notes * Nit 822 (#19) * add CRC user script * add click cmd * add deactivate-crc-users to main group * Update user.py * Update requirements.txt --------- Co-authored-by: Seb Norris <[email protected]> * Nit 822 (#20) * add CRC user script * add click cmd * add deactivate-crc-users to main group * Update user.py * Update requirements.txt * Update rbac.py --------- Co-authored-by: Seb Norris <[email protected]> * Nit 822 (#21) * add CRC user script * add click cmd * add deactivate-crc-users to main group * Update user.py * Update requirements.txt * Update rbac.py * no token needed for rbac --------- Co-authored-by: Seb Norris <[email protected]> * Nit 822 (#22) * add CRC user script * add click cmd * add deactivate-crc-users to main group * Update user.py * Update requirements.txt * Update rbac.py * no token needed for rbac * Update rbac.py --------- Co-authored-by: Seb Norris <[email protected]> * Nit 822 (#23) * add CRC user script * add click cmd * add deactivate-crc-users to main group * Update user.py * Update requirements.txt * Update rbac.py * no token needed for rbac * Update rbac.py * ldap config dict or local val --------- Co-authored-by: Seb Norris <[email protected]> * Formatting & linting pre commits (#24) * add pre commit * Update readme.md * format * Update tag-and-release.yml * Update pyproject.toml * Update .flake8 * Update .flake8 * use black defualt * format to black defaults * update black to latest * remove boilerplate excludes * update logging and requirements * NIT-854 Add exception handling and add logging where appropriate * NIT-854 fix typos * Apply suggestions from code review Co-authored-by: George Taylor <[email protected]> * Update rbac.py * migration to python-ldap - correction on tree deletion (#28) * Merge branch 'main' into dev * Update .flake8 * User expiry script added * Update rbac.py (#31) * init py change added * quotations * add error handling + get the ou path from the cli input/defaults * Update format-python.yml * Nit 1204 ldap data refresh remove passwords (#42) * remove passwords command * formatting * Update user.py * Update user.py * Update user.py * Update format-python.yml * Update format-python.yml * Formatted code with black --line-length 120 * Update format-python.yml --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com> --------- Co-authored-by: adrianweetman <[email protected]> Co-authored-by: Seb Norris <[email protected]> Co-authored-by: Andrew Moore <[email protected]> Co-authored-by: Andrew Moore <[email protected]> Co-authored-by: Ijaz Sultan <[email protected]> Co-authored-by: IjazMoJ <[email protected]> Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
ministryofjustice · Jul 1, 2024 · 02e8a6a · 02e8a6a
1 parent 7e43607
commit 02e8a6a
Show file tree

Hide file tree

Showing 9 changed files with 189 additions and 106 deletions.
diff --git a/.github/workflows/format-python.yml b/.github/workflows/format-python.yml
@@ -1,16 +1,16 @@
 name: Format Python
 on:
   pull_request:
-    paths:
-      - '**.py'
+    types: [ opened, edited, reopened, synchronize, ready_for_review ]
   workflow_dispatch:
 jobs:
   format:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
         with:
-          fetch-depth: 0
+          repository: ${{ github.event.pull_request.head.repo.full_name }}
+          ref: ${{ github.event.pull_request.head.ref }}
       - name: Format code with black
         run: |
           pip install black

diff --git a/cli/__init__.py b/cli/__init__.py
@@ -186,19 +186,55 @@ def deactivate_crc_users(
     user_ou,
     root_dn,
 ):
-    cli.ldap.user.deactivate_crc_users(
+    cli.ldap_cmds.user.deactivate_crc_users(
         user_ou,
         root_dn,
     )
 
 
+@click.command()
+@click.option(
+    "-u",
+    "--user-ou",
+    help="OU to add users to, defaults to ou=Users",
+    default="ou=Users",
+)
+@click.option(
+    "-r",
+    "--root-dn",
+    help="Root DN to add users to, defaults to dc=moj,dc=com",
+    default="dc=moj,dc=com",
+)
+def user_expiry(user_ou, root_dn):
+    cli.ldap_cmds.user.user_expiry(user_ou=user_ou, root_dn=root_dn)
+
+
+@click.command()
+@click.option(
+    "-u",
+    "--user-ou",
+    help="OU to add users to, defaults to ou=Users",
+    default="ou=Users",
+)
+@click.option(
+    "-r",
+    "--root-dn",
+    help="Root DN to add users to, defaults to dc=moj,dc=com",
+    default="dc=moj,dc=com",
+)
+def remove_all_user_passwords(user_ou, root_dn):
+    cli.ldap_cmds.user.remove_all_user_passwords(user_ou=user_ou, root_dn=root_dn)
+
+
 # from cli.ldap import test
 
 main_group.add_command(add_roles_to_users)
 main_group.add_command(rbac_uplift)
 main_group.add_command(update_user_home_areas)
 main_group.add_command(update_user_roles)
 main_group.add_command(deactivate_crc_users)
+main_group.add_command(user_expiry)
+main_group.add_command(remove_all_user_passwords)
 
 logger.configure_logging()
 

diff --git a/cli/database/__init__.py b/cli/database/__init__.py
@@ -13,7 +13,5 @@ def connection():
         log.debug("Created database connection successfully")
         return conn
     except Exception as e:
-        log.exception(
-            f"Failed to create database connection. An exception of type {type(e).__name__} occurred: {e}"
-        )
+        log.exception(f"Failed to create database connection. An exception of type {type(e).__name__} occurred: {e}")
         raise e
diff --git a/cli/env.py b/cli/env.py
@@ -27,9 +27,7 @@
         ).replace(
             "_DICT",
             "",
-        ): ast.literal_eval(val)
-        if "DICT" in key
-        else val
+        ): (ast.literal_eval(val) if "DICT" in key else val)
         for key, val in dotenv_values(".vars").items()
         if val is not None
     },  # load development variables
@@ -40,9 +38,7 @@
         ).replace(
             "_DICT",
             "",
-        ): ast.literal_eval(val)
-        if "DICT" in key
-        else val
+        ): (ast.literal_eval(val) if "DICT" in key else val)
         for key, val in os.environ.items()
         if key.startswith("VAR_") and val is not None
     },
@@ -61,9 +57,7 @@
         .replace(
             "SSM_",
             "",
-        ): ast.literal_eval(val)
-        if "_DICT" in key
-        else val
+        ): (ast.literal_eval(val) if "_DICT" in key else val)
         for key, val in dotenv_values(".secrets").items()
         if val is not None
     },
@@ -79,9 +73,7 @@
         .replace(
             "SSM_",
             "",
-        ): ast.literal_eval(val)
-        if "DICT" in key
-        else val
+        ): (ast.literal_eval(val) if "DICT" in key else val)
         for key, val in os.environ.items()
         if key.startswith("SECRET_") or key.startswith("SSM_") and val is not None
     },

diff --git a/cli/git/__init__.py b/cli/git/__init__.py
@@ -36,9 +36,7 @@ def get_access_token(
             headers=headers,
         )
     except Exception as e:
-        logging.exception(
-            f"Failed to get access token. An exception of type {type(e).__name__} occurred: {e}"
-        )
+        logging.exception(f"Failed to get access token. An exception of type {type(e).__name__} occurred: {e}")
         raise e
 
     # extract the token from the response
@@ -68,9 +66,7 @@ def get_repo(
                 multi_options=multi_options,
             )
         except Exception as e:
-            logging.exception(
-                f"Failed to clone repo. An exception of type {type(e).__name__} occurred: {e}"
-            )
+            logging.exception(f"Failed to clone repo. An exception of type {type(e).__name__} occurred: {e}")
             raise e
     # if there is a token, assume auth is required and use the token and auth_type
     elif token:
@@ -83,9 +79,7 @@ def get_repo(
                 multi_options=multi_options,
             )
         except Exception as e:
-            logging.exception(
-                f"Failed to clone repo. An exception of type {type(e).__name__} occurred: {e}"
-            )
+            logging.exception(f"Failed to clone repo. An exception of type {type(e).__name__} occurred: {e}")
             raise e
     # if there is no token, assume auth is not required and clone without
     else:
@@ -97,7 +91,5 @@ def get_repo(
                 multi_options=multi_options,
             )
         except Exception as e:
-            logging.exception(
-                f"Failed to clone repo. An exception of type {type(e).__name__} occurred: {e}"
-            )
+            logging.exception(f"Failed to clone repo. An exception of type {type(e).__name__} occurred: {e}")
             raise e
diff --git a/cli/ldap_cmds/rbac.py b/cli/ldap_cmds/rbac.py
@@ -439,7 +439,7 @@ def user_ldifs(
     for file in user_files:
         records = ldif.LDIFRecordList(open(file, "rb"))
         records.parse()
-        
+
         # pprint(records.all_records)
         # loop through the records
         for entry in records.all_records: