diff --git a/README.md b/README.md index 608b980b4..c318cef25 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,8 @@ ou mieux, importer les utilisateurs de ScoDoc7 avec: flask user-db-import-scodoc7 -(la base `SCOUSERS` de ScoDoc7 n'est pas affectée, ScoDoc8 utilise une base séparée, nommée `SCO8USERS`). +(on peut le faire plus tard avec le script de migration décrit plus bas) +(Note: la base `SCOUSERS` de ScoDoc7 n'est pas affectée, ScoDoc8 utilise une base séparée, nommée `SCO8USERS`). Pour créer un utilisateur "super admin", c'est à dire admin dans tous les départements: diff --git a/app/auth/models.py b/app/auth/models.py index 1943125c6..9fd40ca3c 100644 --- a/app/auth/models.py +++ b/app/auth/models.py @@ -66,17 +66,17 @@ class User(UserMixin, db.Model): assert admin_role self.add_role(admin_role, None) db.session.commit() - current_app.logger.info("creating user with roles={}".format(self.roles)) + # current_app.logger.info("creating user with roles={}".format(self.roles)) def __repr__(self): - return "".format(u=self) + return f"" def __str__(self): return self.user_name def set_password(self, password): "Set password" - current_app.logger.info("set_password({})".format(self)) + current_app.logger.info(f"set_password({self})") if password: self.password_hash = generate_password_hash(password) else: @@ -92,7 +92,7 @@ class User(UserMixin, db.Model): # Special case: user freshly migrated from ScoDoc7 if scu.check_scodoc7_password(self.password_scodoc7, password): current_app.logger.warning( - "migrating legacy ScoDoc7 password for {}".format(self) + f"migrating legacy ScoDoc7 password for {self}" ) self.set_password(password) self.password_scodoc7 = None @@ -132,15 +132,15 @@ class User(UserMixin, db.Model): "date_created": self.date_created.isoformat() + "Z" if self.date_created else "", - "dept": (self.dept or "").encode("utf-8"), # sco8 + "dept": (self.dept or ""), # sco8 "id": self.id, "active": self.active, "status_txt": "actif" if self.active else "fermé", "last_seen": self.last_seen.isoformat() + "Z", - "nom": (self.nom or "").encode("utf-8"), # sco8 - "prenom": (self.prenom or "").encode("utf-8"), # sco8 + "nom": (self.nom or ""), # sco8 + "prenom": (self.prenom or ""), # sco8 "roles_string": self.get_roles_string(), # eg "Ens_RT, Ens_Info" - "user_name": self.user_name.encode("utf-8"), # sco8 + "user_name": self.user_name, # sco8 # Les champs calculés: "nom_fmt": self.get_nom_fmt(), "prenom_fmt": self.get_prenom_fmt(), @@ -155,7 +155,7 @@ class User(UserMixin, db.Model): def from_dict(self, data, new_user=False): """Set users' attributes from given dict values. - Roles must be encodes as "roles_string", like "Ens_RT, Secr_CJ" + Roles must be encoded as "roles_string", like "Ens_RT, Secr_CJ" """ for field in ["nom", "prenom", "dept", "status", "email"]: if field in data: diff --git a/app/utils/import_scodoc7_user_db.py b/app/utils/import_scodoc7_user_db.py index de43f9d22..034d4d68f 100644 --- a/app/utils/import_scodoc7_user_db.py +++ b/app/utils/import_scodoc7_user_db.py @@ -41,14 +41,22 @@ def import_scodoc7_user_db(scodoc7_db="dbname=SCOUSERS"): ) # Set roles: # ScoDoc7 roles are stored as 'AdminRT,EnsRT' - for role_dept in u7["roles"].split(","): - m = re.match(r"^([A-Za-z0-9]+?)([A-Z][A-Za-z0-9]*?)$", role_dept) + if u7["roles"]: + roles7 = u7["roles"].split(",") + else: + roles7 = [] + for role_dept in roles7: + m = re.match(r"^-?([A-Za-z0-9]+?)([A-Z][A-Za-z0-9]*?)$", role_dept) if not m: current_app.logger.warning( "User {}: ignoring role {}".format(u7["user_name"], role_dept) ) else: role_name = m.group(1) + if role_name.startswith("-"): + # disabled users in ScoDoc7 + role_name = role_name[1:] + assert not u.active dept = m.group(2) role = Role.query.filter_by(name=role_name).first() if not role: diff --git a/scodoc.py b/scodoc.py index 2ef00eff7..1490a04ce 100755 --- a/scodoc.py +++ b/scodoc.py @@ -178,6 +178,7 @@ def test_interactive(filename=None): def user_db_import_scodoc7(): # user-db-import-scodoc7 """Import used defined in ScoDoc7 postgresql database into ScoDoc8 The old database SCOUSERS must be alive and readable by the current user. - This script is typically run as unix user www-data. + This script is typically run as unix user "scodoc". + The original SCOUSERS database is left unmodified. """ utils.import_scodoc7_user_db() diff --git a/tools/migrate_from_scodoc7.sh b/tools/migrate_from_scodoc7.sh index c7a65b560..c82694f7a 100755 --- a/tools/migrate_from_scodoc7.sh +++ b/tools/migrate_from_scodoc7.sh @@ -22,8 +22,12 @@ # 4- TODO migrer de Apache à nginx, scripts service systemd # -source config.sh -source utils.sh +# Le répertoire de ce script: +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" + +source "$SCRIPT_DIR/config.sh" +source "$SCRIPT_DIR/utils.sh" + check_uid_root SCODOC7_HOME="/opt/scodoc7" @@ -102,3 +106,13 @@ else fi fi +# Migration base utilisateurs +echo +echo "Importer les utilisateurs de ScoDoc7 dans ScoDoc8 ?" +echo "(la base SCOUSERS de ScoDoc7 sera laissée inchangée)" +echo "(les utilisateurs ScoDoc8 existants seront laissés inchangés)" +read -r ans +if [ "$(norm_ans "$ans")" != 'N' ] +then + (cd "$SCODOC_DIR" && flask user-db-import-scodoc7) +fi