70 lines
2.4 KiB
PHP
70 lines
2.4 KiB
PHP
#!/usr/bin/php
|
|
<?php
|
|
|
|
chdir(__DIR__);
|
|
require('../core.php');
|
|
|
|
$users = $user_dir->list_users();
|
|
|
|
// Use 'keys-sync' user as the active user (create if it does not yet exist)
|
|
try {
|
|
$active_user = $user_dir->get_user_by_uid('keys-sync');
|
|
} catch(UserNotFoundException $e) {
|
|
$active_user = new User;
|
|
$active_user->uid = 'keys-sync';
|
|
$active_user->name = 'Synchronization script';
|
|
$active_user->email = '';
|
|
$active_user->active = 1;
|
|
$active_user->admin = 1;
|
|
$active_user->developer = 0;
|
|
$user_dir->add_user($active_user);
|
|
}
|
|
|
|
foreach($users as $user) {
|
|
if($user->auth_realm == 'LDAP') {
|
|
$active = $user->active;
|
|
try {
|
|
$user->get_details_from_ldap();
|
|
if(isset($config['ldap']['user_superior'])) {
|
|
$user->get_superior_from_ldap();
|
|
}
|
|
} catch(UserNotFoundException $e) {
|
|
$user->active = 0;
|
|
}
|
|
if($active && !$user->active) {
|
|
// Check for servers that will now be admin-less
|
|
$servers = $user->list_admined_servers();
|
|
foreach($servers as $server) {
|
|
$server_admins = $server->list_effective_admins();
|
|
$total_server_admins = 0;
|
|
foreach($server_admins as $server_admin) {
|
|
if($server_admin->active) $total_server_admins++;
|
|
}
|
|
if($total_server_admins == 0) {
|
|
if(isset($config['ldap']['user_superior'])) {
|
|
$rcpt = $user->superior;
|
|
while(!is_null($rcpt) && !$rcpt->active) {
|
|
$rcpt = $rcpt->superior;
|
|
}
|
|
}
|
|
$email = new Email;
|
|
$email->subject = "Server {$server->hostname} has been orphaned";
|
|
$email->body = "{$user->name} ({$user->uid}) was an administrator for {$server->hostname}, but they have now been marked as a former employee and there are no active administrators remaining for this server.\n\n";
|
|
$email->body .= "Please find a replacement owner for this server and inform {$config['email']['admin_address']} ASAP, otherwise the server will be registered for decommissioning.";
|
|
$email->add_reply_to($config['email']['admin_address'], $config['email']['admin_name']);
|
|
if(is_null($rcpt)) {
|
|
$email->subject .= " - NO SUPERIOR EMPLOYEE FOUND";
|
|
$email->body .= "\n\nWARNING: No suitable superior employee could be found!";
|
|
$email->add_recipient($config['email']['report_address'], $config['email']['report_name']);
|
|
} else {
|
|
$email->add_recipient($rcpt->email, $rcpt->name);
|
|
$email->add_cc($config['email']['report_address'], $config['email']['report_name']);
|
|
}
|
|
$email->send();
|
|
}
|
|
}
|
|
}
|
|
$user->update();
|
|
}
|
|
}
|