From 75a0ae077d2f994ad0d64d6190ee5c99d543e638 Mon Sep 17 00:00:00 2001
From: Derek Feichtinger <derek.feichtinger@psi.ch>
Date: Mon, 13 May 2019 13:54:30 +0200
Subject: [PATCH] Higher verbosity can be used to get raw user LDAP attribute
 fields

- verbosity is now an integer that can be successively increased
- added printing of department number for simple verbosity user output
---
 bin/ldapuserdir-ctl                | 21 +++++++++++---------
 conda-recipe/ldapuserdir/meta.yaml |  2 +-
 ldapuserdir/ldapuserdir.py         | 31 ++++++++++++++++++------------
 ldapuserdir/version.py             |  2 +-
 4 files changed, 33 insertions(+), 23 deletions(-)

diff --git a/bin/ldapuserdir-ctl b/bin/ldapuserdir-ctl
index c051531..38e7975 100755
--- a/bin/ldapuserdir-ctl
+++ b/bin/ldapuserdir-ctl
@@ -51,7 +51,7 @@ config = {
     'group_ou' : 'OU=Groups,DC=example.com,DC=ch',
     'default_user_dn' : 'CN=minpriv_user,OU=Services,DC=example.com,DC=ch',
     'default_user_pw' : 'dummypwd',
-    'default_group_filter' : 'svc-ra*'
+    'default_group_filter' : 'svc-cluster_merlin*'
 }
 
 flag_needprivileges = False
@@ -59,6 +59,7 @@ userfilter = '-'
 
 user_pw = ''
 mode = 'grouplist'
+verbosity = 0
 
 mylogger = logging.getLogger(os.path.basename(sys.argv[0]))
 mylogger.setLevel(logging.DEBUG)
@@ -75,7 +76,7 @@ usage = """%prog [options] groupname [usernames]
   Shows or changes members of a group in Active Directory. Also
   can be used to investigate users and their group memberships.
 
-  User and group names can be given as full distinguished names or
+  User and group names can be given as fully distinguished names or
   just as the short system names (the tool will try to figure out
   the full names based on the standard OU extensions in the config
   and a lookup)
@@ -188,9 +189,9 @@ parser.add_option('-f',
                   default = ''
 )
 parser.add_option('-v',
-                  action = 'store_true',
-                  dest = 'flag_verbose',
-                  help = 'use more verbose output (for group and user lists)',
+                  action = 'count',
+                  dest = 'verbosity',
+                  help = 'use more verbose output (for group and user lists. Verbosity can be increased by multiple -v flags)',
                   default = False
 )
 parser.add_option('--user-ou',
@@ -241,7 +242,9 @@ parser.add_option('-R',
 if options.flag_debug:
     ch.setLevel(logging.DEBUG)
 
-flag_verbose = options.flag_verbose
+if options.verbosity:
+    verbosity = options.verbosity
+
 userfilter = options.userfilter
 mailfilter = options.mailfilter
 flag_mssfu = options.flag_mssfu
@@ -349,17 +352,17 @@ try:
         if args:
             sfilter = args.pop(0)
         ldapdir.list_groups(sfilter, mssfu=flag_mssfu, returndn=flag_showdn,
-                            verbose=flag_verbose, recursive=options.recursive)
+                            verbose=verbosity, recursive=options.recursive)
         
             
 
     elif mode == 'userlist':
         records = ldapdir.get_users(userfilter, config['user_ou'], mssfu=flag_mssfu)
-        ldapdir.list_users_etcpwd(records, verbose = flag_verbose)
+        ldapdir.list_users_etcpwd(records, verbose = verbosity)
 
     elif mode == 'maillist':
         records = ldapdir.get_users_by_mailaddr(mailfilter, config['user_ou'], mssfu=flag_mssfu) 
-        ldapdir.list_users_etcpwd(records, verbose = flag_verbose)
+        ldapdir.list_users_etcpwd(records, verbose = verbosity)
 
     elif mode == 'user_to_group':
         sfilter = None
diff --git a/conda-recipe/ldapuserdir/meta.yaml b/conda-recipe/ldapuserdir/meta.yaml
index 348202f..0a6da6d 100644
--- a/conda-recipe/ldapuserdir/meta.yaml
+++ b/conda-recipe/ldapuserdir/meta.yaml
@@ -1,6 +1,6 @@
 package:
   name: ldapuserdir
-  version: "2.2.0"
+  version: "2.2.1"
 
 source:
   path: ../../
diff --git a/ldapuserdir/ldapuserdir.py b/ldapuserdir/ldapuserdir.py
index a25efce..f8fd7f0 100755
--- a/ldapuserdir/ldapuserdir.py
+++ b/ldapuserdir/ldapuserdir.py
@@ -111,8 +111,11 @@ class LdapUserDir(object):
 
     @staticmethod
     def ensure_utf8(bstr):
-        if type(bstr) == bytes:
-            return bstr.decode('utf-8')
+        try:
+            if type(bstr) == bytes:
+                return bstr.decode('utf-8')
+        except UnicodeDecodeError:
+            pass
         return bstr
 
     @staticmethod
@@ -345,28 +348,32 @@ class LdapUserDir(object):
                                  srch % filter)
         return r
 
-    def list_users_etcpwd(self, records, verbose=False):
+    def list_users_etcpwd(self, records, verbose=0):
         """Print '/etc/pwd' format like information about matching users
         Parameters
         ----------
         records : ldap result structure with user records
-        verbose  : bool, optional
+        verbose  : int, optional
         """
         fields = ['cn', 'msSFU30UidNumber', 'msSFU30UidNumber',
                   'msSFU30GidNumber', 'displayName',
                   'msSFU30LoginShell', 'msSFU30HomeDirectory']
         for dn, entry in records:
-            if verbose:
-                for k in fields + ['description', 'mail', 'mobile']:
+            if verbose == 1:
+                for k in fields + ['description', 'mail', 'mobile','department']:
                     if k in entry:
                         sys.stdout.write('[%s:]%s:' % (k, self.ensure_utf8(entry[k][0])))
                     else:
                         sys.stdout.write('[%s:]N.A.:' % k)
                 sys.stdout.write('\n')
+            elif verbose >= 1:
+                print("DN=%s" % dn)
+                for k in entry:
+                    sys.stdout.write('  %s: %s\n' % (k, self.ensure_utf8(entry[k][0])))
             else:
                 for k in fields:
                     if k in entry:
-                        sys.stdout.write('%s:' % (self.ensure_utf8(entry[k][0])))
+                         sys.stdout.write('%s:' % (self.ensure_utf8(entry[k][0])))
                     else:
                         sys.stdout.write('N.A.:')
                 sys.stdout.write('\n')
@@ -549,7 +556,7 @@ class LdapUserDir(object):
         return reslist
 
     def list_groups(self, filter='*', ou=None, mssfu=False,
-                    returndn=False, verbose=False, recursive=False,indent=0):
+                    returndn=False, verbose=0, recursive=False,indent=0):
         """Prints a list of groups from the LDAP directory to stdout
 
         Parameters
@@ -562,22 +569,22 @@ class LdapUserDir(object):
            Whether to only show users with mssfu mappings
         returndn : bool, optional
            If true, return full DNs
-        verbose : bool, optional
+        verbose : int, optional
            If true, print one name per line
         recursive : bool, optional
            If true, any groups contained within the output will be resolved recursively to users
         indent : int, optional
            For internal use only. Indicates indent level for verbose recursive mode. Otherwise ignored.
         """
-        if returndn:
-            verbose = True
+        if returndn and verbose == 0:
+            verbose = 1
 
         r = self.get_groups_struct(filter, ou, mssfu)
         if len(r) == 0:
             sys.stderr.write("%sError: no groups found (filter: %s)\n" % (' '*indent, filter))
             return
 
-        if verbose:
+        if verbose > 0:
             indent_increment = 3  # amount to indent members
             for dn, entry in r:
                 if returndn:
diff --git a/ldapuserdir/version.py b/ldapuserdir/version.py
index 8a124bf..b19ee4b 100644
--- a/ldapuserdir/version.py
+++ b/ldapuserdir/version.py
@@ -1 +1 @@
-__version__ = "2.2.0"
+__version__ = "2.2.1"