-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconvert.py
78 lines (62 loc) · 2.5 KB
/
convert.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
from argparse import Namespace
from compiler_admin.commands import RESULT_SUCCESS, RESULT_FAILURE
from compiler_admin.services.google import (
GROUP_PARTNERS,
GROUP_STAFF,
OU_CONTRACTORS,
OU_PARTNERS,
OU_STAFF,
add_user_to_group,
move_user_ou,
remove_user_from_group,
user_account_name,
user_exists,
user_is_partner,
user_is_staff,
)
ACCOUNT_TYPE_OU = {"contractor": OU_CONTRACTORS, "partner": OU_PARTNERS, "staff": OU_STAFF}
def convert(args: Namespace) -> int:
f"""Convert a user of one type to another.
Args:
username (str): The account to convert. Must exist already.
account_type (str): One of {", ".join(ACCOUNT_TYPE_OU.keys())}
Returns:
A value indicating if the operation succeeded or failed.
"""
if not hasattr(args, "username"):
raise ValueError("username is required")
if not hasattr(args, "account_type"):
raise ValueError("account_type is required")
account = user_account_name(args.username)
account_type = args.account_type
if not user_exists(account):
print(f"User does not exist: {account}")
return RESULT_FAILURE
if account_type not in ACCOUNT_TYPE_OU:
print(f"Unknown account type for conversion: {account_type}")
return RESULT_FAILURE
print(f"User exists, converting to: {account_type} for {account}")
res = RESULT_SUCCESS
if account_type == "contractor":
if user_is_partner(account):
res += remove_user_from_group(account, GROUP_PARTNERS)
res += remove_user_from_group(account, GROUP_STAFF)
elif user_is_staff(account):
res = remove_user_from_group(account, GROUP_STAFF)
elif account_type == "staff":
if user_is_partner(account):
res += remove_user_from_group(account, GROUP_PARTNERS)
elif user_is_staff(account):
print(f"User is already staff: {account}")
return RESULT_FAILURE
res += add_user_to_group(account, GROUP_STAFF)
elif account_type == "partner":
if user_is_partner(account):
print(f"User is already partner: {account}")
return RESULT_FAILURE
if not user_is_staff(account):
res += add_user_to_group(account, GROUP_STAFF)
res += add_user_to_group(account, GROUP_PARTNERS)
res += move_user_ou(account, ACCOUNT_TYPE_OU[account_type])
print(f"Account conversion complete for: {account}")
return RESULT_SUCCESS if res == RESULT_SUCCESS else RESULT_FAILURE