From 07e11cf2edf83a34698a7645b6a0f5303af5bdc6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thorsten=20Ro=C3=9Fner?= <thorsten.rossner.extern@zendis.de>
Date: Thu, 26 Sep 2024 14:23:35 +0200
Subject: [PATCH] fix: Add `--admin_enable_knowledgemanagement` option (in
 development in openDesk).

---
 lib/ucs.py                  |  1 +
 user_import_udm_rest_api.py | 48 ++++++++++++++++++++-----------------
 2 files changed, 27 insertions(+), 22 deletions(-)

diff --git a/lib/ucs.py b/lib/ucs.py
index 4f70ab8..b1bfd81 100644
--- a/lib/ucs.py
+++ b/lib/ucs.py
@@ -178,6 +178,7 @@ class Ucs:
                 "opendeskLivecollaborationEnabled": (not person['is_admin'] and not self.__option2bool(self.options_object.component_disable_livecollaboration)),
                 "opendeskFileshareAdmin": self.__option2bool(self.options_object.admin_enable_fileshare),
                 "opendeskProjectmanagementAdmin": self.__option2bool(self.options_object.admin_enable_projectmanagement),
+                "opendeskKnowledgemanagementAdmin": self.__option2bool(self.options_object.admin_enable_knowledgemanagement),
                 "mailPrimaryAddress": person['username']+"@"+self.maildomain if not 'mailPrimaryAddress' in person or not isinstance(person['mailPrimaryAddress'], str) else person['mailPrimaryAddress'],
                 "PasswordRecoveryEmail": person['email'],
                 "oxContext": int(person['oxContext'] if 'oxContext' in person and not pd.isna(person['oxContext']) else self.options_object.default_oxcontext),
diff --git a/user_import_udm_rest_api.py b/user_import_udm_rest_api.py
index c49eb53..0bc1676 100755
--- a/user_import_udm_rest_api.py
+++ b/user_import_udm_rest_api.py
@@ -15,40 +15,44 @@ from lib.random_user import RandomUser
 from lib.import_user import ImportUser
 
 non_reconcile_groups = [
-    "cn=managed-by-attribute-Groupware,cn=groups,dc=swp-ldap,dc=internal",
+    "cn=Domain Admins,cn=groups,dc=swp-ldap,dc=internal"
+    "cn=Domain Users,cn=groups,dc=swp-ldap,dc=internal",
     "cn=managed-by-attribute-Fileshare,cn=groups,dc=swp-ldap,dc=internal",
-    "cn=managed-by-attribute-Projectmanagement,cn=groups,dc=swp-ldap,dc=internal",
+    "cn=managed-by-attribute-FileshareAdmin,cn=groups,dc=swp-ldap,dc=internal",
+    "cn=managed-by-attribute-Groupware,cn=groups,dc=swp-ldap,dc=internal",
     "cn=managed-by-attribute-Knowledgemanagement,cn=groups,dc=swp-ldap,dc=internal",
+    "cn=managed-by-attribute-KnowledgemanagementAdmin,cn=groups,dc=swp-ldap,dc=internal",
     "cn=managed-by-attribute-Livecollaboration,cn=groups,dc=swp-ldap,dc=internal",
-    "cn=Domain Users,cn=groups,dc=swp-ldap,dc=internal",
-    "cn=Domain Admins,cn=groups,dc=swp-ldap,dc=internal"
+    "cn=managed-by-attribute-Projectmanagement,cn=groups,dc=swp-ldap,dc=internal",
 ]
 
 p = configargparse.ArgParser()
-p.add('--import_domain', env_var='IMPORT_DOMAIN', required=True, help='The domain name of your openDesk instance - omit the "portal." or other service specific hostnames.')
-p.add('--udm_api_username', env_var='UDM_API_USERNAME', default='default.admin', help='User to authentication against the UDM REST API with.')
-p.add('--udm_api_password', env_var='UDM_API_PASSWORD', required=True, help='Password for the UDM REST API user.')
-p.add('--import_filename', env_var='IMPORT_FILENAME', required=False, default=None, help='The filename containing the user account details for the import - see template.ods for reference. If filename is not provided or related file is not found random users will be imported.')
-p.add('--import_random_amount', env_var='IMPORT_RANDOM_AMOUNT', default=10, help='The number of random accounts to import if the "import_filename" was not set or found.')
-p.add('--import_maildomain', env_var='IMPORT_MAILDOMAIN', required=False, help='Optional: If you are using a different maildomain please specify it, otherwise `IMPORT_DOMAIN` is used.')
+#p.add('--admin_enable_chat', env_var='ADMIN_ENABLE_CHAT', default=False, help='Optional: Set to "True" if users should get functional admin permissions for chat component - Requires openDesk Enterprise.')
+p.add('--admin_enable_fileshare', env_var='ADMIN_ENABLE_FILESHARE', default=False, help='Optional: Set to "True" if users should get functional admin permissions for fileshare component.')
+p.add('--admin_enable_knowledgemanagement', env_var='ADMIN_ENABLE_KNOWLEDGEMANAGEMENT', default=False, help='Optional: Set to "True" if users should get functional admin permissions for knowledgemanagement component.')
+p.add('--admin_enable_projectmanagement', env_var='ADMIN_ENABLE_PROJECTMANAGEMENT', default=False, help='Optional: Set to "True" if users should get functional admin permissions for projectmanagement component.')
+p.add('--component_disable_fileshare', env_var='COMPONENT_DISABLE_FILESHARE', default=False, help='Optional: Set to "True" if users should not get the flag for fileshare access.')
+p.add('--component_disable_groupware', env_var='COMPONENT_DISABLE_GROUPWARE', default=False, help='Optional: Set to "True" if users should not get the flag for groupware access.')
+p.add('--component_disable_knowledgemanagement', env_var='COMPONENT_DISABLE_KNOWLEDGEMANAGEMENT', default=False, help='Optional: Set to "True" if users should not get the flag for knowledgemanagement access.')
+p.add('--component_disable_livecollaboration', env_var='COMPONENT_DISABLE_LIVECOLLABORATION', default=False, help='Optional: Set to "True" if users should not get the flag for livecollaboration access.')
+p.add('--component_disable_projectmanagement', env_var='COMPONENT_DISABLE_PROJECTMANAGEMENT', default=False, help='Optional: Set to "True" if users should not get the flag for projectmanagement access.')
+p.add('--create_admin_accounts', env_var='CREATE_ADMIN_ACCOUNTS', default=False, help='Optional: Set to "True" if each user also should get an additional "<username>-admin" account')
 p.add('--create_maildomains', env_var='CREATE_MAILDOMAINS', default=False, help='Optional: Set to "True" to get non existing mail domains auto-created. Only relevant when importing a files in which mailPrimaryAddresses are provided that differ from the default (mail)domain.')
 p.add('--create_oxcontexts', env_var='CREATE_OXCONTEXT', default=False, help='Optional: Set to "True" to get non-existing OX contexts auto-created.')
 p.add('--default_oxcontext', env_var='DEFAULT_OXCONTEXT', default=1, help='Optional: Set the default OX context ID to use when creating users.')
-p.add('--create_admin_accounts', env_var='CREATE_ADMIN_ACCOUNTS', default=False, help='Optional: Set to "True" if each user also should get an additional "<username>-admin" account')
+p.add('--import_domain', env_var='IMPORT_DOMAIN', required=True, help='The domain name of your openDesk instance - omit the "portal." or other service specific hostnames.')
+p.add('--import_filename', env_var='IMPORT_FILENAME', required=False, default=None, help='The filename containing the user account details for the import - see template.ods for reference. If filename is not provided or related file is not found random users will be imported.')
+p.add('--import_maildomain', env_var='IMPORT_MAILDOMAIN', required=False, help='Optional: If you are using a different maildomain please specify it, otherwise `IMPORT_DOMAIN` is used.')
+p.add('--import_random_amount', env_var='IMPORT_RANDOM_AMOUNT', default=10, help='The number of random accounts to import if the "import_filename" was not set or found.')
+p.add('--loglevel', env_var='LOGLEVEL', default='INFO', help='Set the loglevel: DEBUG, INFO, WARNING, ERROR, CRITICAL. Default: WARNING')
+p.add('--logpath', env_var='LOGPATH', default='./logs', help='Path where the script write its logfile to. Default: ./logs')
+p.add('--output_accounts_filename', env_var='OUTPUT_ACCOUNTS_FILENAME', required=False, default=None, help='The filename to write the created accounts (username<tab>password) into, appends if file exists). If none is provided the default name will be "users-<import_domain>-<timestamp>.txt"')
+p.add('--password_recovery_email', env_var='PASSWORD_RECOVERY_EMAIL', help='Optional: When creating random accounts this password recovery email is used.')
 p.add('--reconcile_groups', env_var='RECONCILE_GROUPS', default=False, help='Optional: Set to "True" if groups on the users should be reconciled based on the input file. Will remove all groups from the user not defined in sheet except for the standard groups: '+', '.join(non_reconcile_groups))
 p.add('--set_default_password', env_var='SET_DEFAULT_PASSWORD', default='', help='Optional: When set the given password is used on the newly created accounts, otherwise a random one will be created.')
-p.add('--password_recovery_email', env_var='PASSWORD_RECOVERY_EMAIL', help='Optional: When creating random accounts this password recovery email is used.')
 p.add('--trigger_invitation_mail', env_var='TRIGGER_INVITATION_MAIL', help='Optional: Set to "True" if you want invitation mail (same as password recovery mail) being trigger for each created user.')
-p.add('--component_disable_groupware', env_var='COMPONENT_DISABLE_GROUPWARE', default=False, help='Optional: Set to "True" if users should not get the flag for groupware access')
-p.add('--component_disable_fileshare', env_var='COMPONENT_DISABLE_FILESHARE', default=False, help='Optional: Set to "True" if users should not get the flag for fileshare access')
-p.add('--component_disable_projectmanagement', env_var='COMPONENT_DISABLE_PROJECTMANAGEMENT', default=False, help='Optional: Set to "True" if users should not get the flag for projectmanagement access')
-p.add('--component_disable_knowledgemanagement', env_var='COMPONENT_DISABLE_KNOWLEDGEMANAGEMENT', default=False, help='Optional: Set to "True" if users should not get the flag for knowledgemanagement access')
-p.add('--component_disable_livecollaboration', env_var='COMPONENT_DISABLE_LIVECOLLABORATION', default=False, help='Optional: Set to "True" if users should not get the flag for livecollaboration access')
-p.add('--admin_enable_fileshare', env_var='ADMIN_ENABLE_FILESHARE', default=False, help='Optional: Set to "True" if users should get functional admin permissions for fileshare component')
-p.add('--admin_enable_projectmanagement', env_var='ADMIN_ENABLE_PROJECTMANAGEMENT', default=False, help='Optional: Set to "True" if users should get functional admin permissions for projectmanagement component')
-p.add('--output_accounts_filename', env_var='OUTPUT_ACCOUNTS_FILENAME', required=False, default=None, help='The filename to write the created accounts (username<tab>password) into, appends if file exists). If none is provided the default name will be "users-<import_domain>-<timestamp>.txt"')
-p.add('--loglevel', env_var='LOGLEVEL', default='INFO', help='Set the loglevel: DEBUG, INFO, WARNING, ERROR, CRITICAL. Default: WARNING')
-p.add('--logpath', env_var='LOGPATH', default='./logs', help='Path where the script write its logfile to. Default: ./logs')
+p.add('--udm_api_password', env_var='UDM_API_PASSWORD', required=True, help='Password for the UDM REST API user.')
+p.add('--udm_api_username', env_var='UDM_API_USERNAME', default='default.admin', help='User to authentication against the UDM REST API with.')
 options = p.parse_args()
 
 new_user_password = options.set_default_password
-- 
GitLab