openDesk User import or generation tool

This script allows you to either import an existing user list into an openDesk environment, or to create randomly generated fictitious users for it.

• Prerequisites
  • Script
  • API
• Then just kick it off...
• (Demo) Data
  • Text files
  • Profile pictures: /data/images_?/*
• License
• Copyright

Prerequisites

Script

You have to have Python 3 and PIP installed. For Debian based systems you can get it done like this:

sudo apt install python3 python3-pip

Afterwards you install the script's requirements like:

pip install -r requirements.txt

API

The account that is being used for the import has to be enabled for API usage be being part of a group that has API permissions, so we can

• create a group,
• add the API permissions to the group and
• add the user to the group like this:

udm groups/group create \
  --position="cn=groups,$(ucr get ldap/base)" \
  --set name="UDM REST API Users"
ucr set directory/manager/rest/authorized-groups/udm-api-users="cn=UDM REST API Users,cn=groups,$(ucr get ldap/base)"
udm users/user modify --dn "uid=default.admin,cn=users,dc=swp-ldap,dc=internal" --append groups="cn=UDM REST API Users,cn=groups,$(ucr get ldap/base)"

In openDesk the default.admin account that is currently hardcoded in the script is already API enabled.

Then just kick it off...

Execute

./user_import_udm_rest_api.py

You will be interactively queried for the following values, if the first mentioned environment variable is not already set providing the required input:

• IMPORT_DOMAIN: The domain of the openDesk environment you want to create the users in, e.g. nightly.dev.souvap.cloud. So omit the protocol and portal.
• IMPORT_ADMIN_PASSWORD: The password for the build-in admin openDesk admin user default.admin.
• IMPORT_USERS_PASSWORD: The password the created user account should get assigned. If you leave that empty random passwords are being generated and written into the file accounts_credentials.txt. This file is on the .gitignore list.
• IMPORT_FILENAME: The filename of the .ods file you want to import, please use accounts_template.ods if you have questions regarding the required format.
• IMPORT_CREATE_ADMIN_ACCOUNTS: Creates one admin account per user by appending -admin to the username
• IMPORT_RANDOM_AMOUNT: If you do not provide a filename or the file cannot be found the script assumes you are in "generate random user" mode and will ask you how many users should be created.

Note: Users pre-existing on the target system will not be duplicated or updated.

(Demo) Data

When creating dummy accounts the used data is read from files that can be found in the ./data directory. There is also a little helper script for fetching additional images.

Text files

The sources for the text files are provided in the respective file headers.

Profile pictures: /data/images_?/*

The profile pictures have been taken from https://thispersondoesnotexists.com which is using StyleGAN2 to create artificial profile pictures. As copyright protection cannot be applied to AI "art" at the moment, we are free to use the pictures.

To fetch additional pictures you can make use of fetch_thispersondoesnotexist_100.sh and sorted the pictures manually into the matching subdirectory.

License

This project uses the following license: Apache-2.0

Copyright

Copyright (C) 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"