From 6dc5cd590df0cec61f4de9c2f4949257e19a63ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gardais=20J=C3=A9r=C3=A9my?=
 <jeremy.gardais@univ-rennes1.fr>
Date: Fri, 26 Nov 2021 16:55:05 +0100
Subject: [PATCH] Get users list from LDAP group

---
 duplicati/create.homedir.sh | 46 +++++++++++++++++++++++++++++++++----
 1 file changed, 42 insertions(+), 4 deletions(-)

diff --git a/duplicati/create.homedir.sh b/duplicati/create.homedir.sh
index 3eb5785..a6cb487 100755
--- a/duplicati/create.homedir.sh
+++ b/duplicati/create.homedir.sh
@@ -54,7 +54,7 @@ OPTIONS :
 
     -g,--group LDAP_GROUP_CN
         Required.
-        LDAP group to parse in order to get the list of homedir
+        LDAP group to parse in order to get the list of homedir to create
         to create.
 
     -h,--home,--home-base
@@ -142,6 +142,9 @@ define_vars() {                                                 # {{{
 	fi
 	# }}}
 
+	## Temp file vars {{{
+	readonly ldap_user_list_path="/tmp/${PROGNAME}.ldap.user.list"
+	## }}}
 }
 # }}}
 
@@ -239,6 +242,36 @@ The directory ${RED}${local_directory_absent}${COLOR_DEBUG} doesn't exist."
 
 	return "${return_is_directory_absent}"
 
+}
+# }}}
+get_ldap_user_list() {                                          # {{{
+
+	## Return False by default
+	return_get_ldap_user_list="1"
+
+	debug_message "get_ldap_user_list − \
+Create or empty ${RED}${ldap_user_list_path}${COLOR_DEBUG} file to store user list of ${RED}${ldap_group_cn}${COLOR_DEBUG} LDAP group."
+	true > "${ldap_user_list_path}"
+
+	if command ldapsearch -ZZ -D "${ldap_user}" -w "${ldap_passwd}" -H "${ldap_server}" -s one -b "${ldap_group_base}" "(cn=${ldap_group_cn})" member | sed -n 's/\(^member: uid=\)\(.*\)\(,ou=.*\)/\2/p' > "${ldap_user_list_path}"; then
+		if [ -s "${ldap_user_list_path}" ]; then
+			debug_message "get_ldap_user_list − \
+${RED}${ldap_group_cn}${COLOR_DEBUG} users list successfully created (see ${ldap_user_list_path} file)."
+			command chmod 0400 -- "${ldap_user_list_path}"
+			return_get_ldap_user_list="0"
+		else
+			debug_message "get_ldap_user_list − \
+Error, the users list of ${ldap_group_cn} is empty (${ldap_user_list_path} file)."
+			return_get_ldap_user_list="1"
+		fi
+	else
+		debug_message "get_ldap_user_list − \
+Error in ${RED}ldapsearch${COLOR_DEBUG} command for ${ldap_group_cn} LDAP group."
+		return_get_ldap_user_list="1"
+	fi
+
+	return "${return_get_ldap_user_list}"
+
 }
 # }}}
 main() {                                                        # {{{
@@ -266,17 +299,22 @@ main() {                                                        # {{{
 		&& usage \
 		&& error_message "LDAP user or password is empty. Please verify your configuration or the --user-cmd|--passwd-cmd options." 2
 	## }}}
-
 	## If home_base directory doesn't exists {{{
 	### AND exit with message and error
 	is_directory_absent "${home_base}" \
 		&& error_message "Home base directory (${home_base}) doesn't exists. Check your configuration or use -h|--home option." 3
 	## }}}
 
+	## Try to get the user list of LDAP group {{{
+	### OR Exit
+	get_ldap_user_list \
+		|| error_message "Can't get the user list of ${ldap_group_cn} LDAP group. Please use --debug option." 4
+	## }}}
 
 	## Information message
-	debug_message "Search for members in ${RED}${ldap_group_cn},${ldap_group_base}${COLOR_DEBUG} group \
-on ${RED}${ldap_server}${COLOR_DEBUG} LDAP server in ${RED}${home_base}${COLOR_DEBUG}."
+	debug_message "Create home directory in ${RED}${home_base}${COLOR_DEBUG}, \
+for all members of ${RED}${ldap_group_cn},${ldap_group_base}${COLOR_DEBUG} LDAP group \
+from ${RED}${ldap_server}${COLOR_DEBUG} LDAP server ."
 
 }
 # }}}