Added LDAP sync Sequencer Sequences and Units.

lib/sequencer/sequence/import/ldap/user.rb

@@ -0,0 +1,42 @@
+class Sequencer
+  class Sequence
+    module Import
+      module Ldap
+        class User < Sequencer::Sequence::Base
+
+          def self.expecting
+            [:instance]
+          end
+
+          def self.sequence
+            [
+              'Import::Ldap::User::NormalizeEntry',
+              'Import::Ldap::User::RemoteId',
+              'Import::Ldap::User::Mapping',
+              'Import::Ldap::User::Skip::MissingMandatory',
+              'Import::Ldap::User::Skip::Blank',
+              'Import::Common::Model::Lookup::ExternalSync',
+              'Import::Common::User::Attributes::Downcase',
+              'Import::Common::User::Email::CheckValidity',
+              'Import::Ldap::User::Lookup::Attributes',
+              'Import::Ldap::User::Attributes::RoleIds::Dn',
+              'Import::Ldap::User::Attributes::RoleIds::Unassigned',
+              'Import::Common::Model::Associations::Extract',
+              'Import::Ldap::User::Attributes::Static',
+              'Import::Common::Model::Attributes::AddByIds',
+              'Import::Common::Model::Update',
+              'Import::Common::Model::Create',
+              'Import::Common::Model::Associations::Assign',
+              'Import::Ldap::User::Model::Save',
+              'Import::Common::Model::ExternalSync::Integrity',
+              'Import::Ldap::User::HttpLog',
+              'Import::Ldap::User::Statistics::Diff',
+              'Import::Common::ImportJob::Statistics::Update',
+              'Import::Common::ImportJob::Statistics::Store',
+            ]
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/sequence/import/ldap/users.rb

@@ -0,0 +1,27 @@
+class Sequencer
+  class Sequence
+    module Import
+      module Ldap
+        class Users < Sequencer::Sequence::Base
+
+          def self.sequence
+            [
+              'Import::Ldap::Users::StaticAttributes',
+              'Import::Ldap::Users::DryRun::Flag',
+              'Import::Ldap::Users::DryRun::Payload',
+              'Ldap::Connection',
+              'Import::Ldap::Users::UserRoles',
+              'Import::Ldap::Users::Sum',
+              'Import::Common::ImportJob::Statistics::Update',
+              'Import::Common::ImportJob::Statistics::Store',
+              'Import::Ldap::Users::SubSequence',
+              'Import::Ldap::Users::Lost::Ids',
+              'Import::Ldap::Users::Lost::StatisticsDiff',
+              'Import::Ldap::Users::Lost::Deactivate',
+            ]
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/attributes/role_ids/dn.rb

@@ -0,0 +1,46 @@
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          module Attributes
+            module RoleIds
+              class Dn < Sequencer::Unit::Base
+                include ::Sequencer::Unit::Import::Common::Mapping::Mixin::ProvideMapped
+                prepend ::Sequencer::Unit::Import::Common::Model::Mixin::Skip::InstanceAction
+
+                skip_any_instance_action
+
+                uses :resource, :remote_id, :dn_roles
+
+                def process
+                  dn = resource[:dn]
+                  raise "Missing 'dn' attribute for remote id '#{remote_id}'" if dn.blank?
+
+                  # use signup/Zammad default roles
+                  # if no mapping was provided
+                  return if dn_roles.blank?
+
+                  # check if roles are mapped for the found dn
+                  role_ids = dn_roles[ dn.downcase ]
+
+                  # use signup/Zammad default roles
+                  # if no mapping entry was found
+                  return if role_ids.blank?
+
+                  # LDAP is the leading source if
+                  # a mapping entry is present
+                  provide_mapped do
+                    {
+                      role_ids: role_ids
+                    }
+                  end
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/attributes/role_ids/unassigned.rb

@@ -0,0 +1,47 @@
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          module Attributes
+            module RoleIds
+              class Unassigned < Sequencer::Unit::Base
+                prepend ::Sequencer::Unit::Import::Common::Model::Mixin::Skip::InstanceAction
+
+                skip_any_instance_action
+
+                uses :resource, :dn_roles, :ldap_config, :mapped
+                provides :instance_action
+
+                def process
+                  # use signup/Zammad default roles
+                  # if no mapping was provided
+                  return if dn_roles.blank?
+
+                  # return if a mapping entry was found
+                  return if mapped[:role_ids].present?
+
+                  # use signup/Zammad default roles
+                  # if unassigned users should not get skipped
+                  return if ldap_config[:unassigned_users] != 'skip_sync'
+
+                  instance = state.optional(:instance)
+
+                  if instance.present?
+                    # deactivate instance if role assignment is lost
+                    instance.update!(active: false)
+                    state.provide(:instance_action, :deactivated)
+                  else
+                    # skip instance creation if no existing
+                    # instance was found yet
+                    state.provide(:instance_action, :skipped)
+                  end
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/attributes/static.rb

@@ -0,0 +1,29 @@
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          module Attributes
+            class Static < Sequencer::Unit::Base
+              include ::Sequencer::Unit::Import::Common::Mapping::Mixin::ProvideMapped
+              prepend ::Sequencer::Unit::Import::Common::Model::Mixin::Skip::InstanceAction
+
+              skip_any_instance_action
+
+              def process
+                provide_mapped do
+                  {
+                    # we have to add the active state manually
+                    # because otherwise disabled instances won't get
+                    # re-activated if they should get synced again
+                    active: true,
+                  }
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/http_log.rb

@@ -0,0 +1,17 @@
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          class HttpLog < Import::Common::Model::HttpLog
+            private
+
+            def facility
+              'ldap'
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/lookup/attributes.rb

@@ -0,0 +1,19 @@
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          module Lookup
+            class Attributes < Sequencer::Unit::Import::Common::Model::Lookup::Attributes
+              private
+
+              def attributes
+                %i[login email]
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/mapping.rb

@@ -0,0 +1,25 @@
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          class Mapping < Sequencer::Unit::Import::Common::Mapping::FlatKeys
+            uses :ldap_config
+
+            private
+
+            def mapping
+              ldap_config[:user_attributes].dup.tap do |config|
+                # fallback to uid as login
+                # if no login is given via mapping
+                if !config.values.include?('login')
+                  config[ ldap_config[:user_uid] ] = 'login'
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/model/save.rb

@@ -0,0 +1,20 @@
+require 'sequencer/unit/import/common/model/mixin/without_callback'
+
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          module Model
+            class Save < Import::Common::Model::Save
+              prepend ::Sequencer::Unit::Import::Common::Model::Mixin::WithoutCallback
+
+              without_callback :create, :after, :avatar_for_email_check
+              without_callback :update, :after, :avatar_for_email_check
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/sequencer/unit/import/ldap/user/normalize_entry.rb

@@ -0,0 +1,24 @@
+class Sequencer
+  class Unit
+    module Import
+      module Ldap
+        module User
+          class NormalizeEntry < Sequencer::Unit::Base
+            uses :resource
+            provides :resource
+
+            def process
+
+              state.provide(:resource) do
+                empty = ActiveSupport::HashWithIndifferentAccess.new
+                resource.each_with_object(empty) do |(key, values), normalized|
+                  normalized[key] = values.first
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end