From 5cfb2fe93653ad724d9d2fe6504e76482c0bd6a9 Mon Sep 17 00:00:00 2001
From: Alex Dehnert <adehnert@mit.edu>
Date: Fri, 8 Nov 2013 01:36:04 -0500
Subject: [PATCH] classify-users: determine type of Athena accounts

This script takes a list of usernames (or email addresses, or whatever) and
classifies each as student, staff, etc., or unknown.
---
 Makefile       |  1 +
 README         |  1 +
 classify-users | 43 +++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 45 insertions(+)
 create mode 100755 classify-users

diff --git a/Makefile b/Makefile
index 74dfb1a..357dbf7 100644
--- a/Makefile
+++ b/Makefile
@@ -3,6 +3,7 @@ common=$(archdir)/common/bin/
 
 scripts=\
     bores-me\
+    classify-users\
     diff-memberships\
     get-emails\
     grep-owners\
diff --git a/README b/README
index 1219a51..f3e6573 100644
--- a/README
+++ b/README
@@ -2,6 +2,7 @@ All scripts in this directory are Copyright (C) 2008--2013 Alex Dehnert
 (and sometimes others)
 
 bores-me    - original
+classify-users  - original
 diff-memberships    - original
 get-emails  - original
 grep-owners - original
diff --git a/classify-users b/classify-users
new file mode 100755
index 0000000..657c452
--- /dev/null
+++ b/classify-users
@@ -0,0 +1,43 @@
+#!/usr/bin/python
+
+import ldap
+import ldap.filter
+import sys
+
+class LdapDirectory(object):
+    def __init__(self, ):
+        self.con = ldap.open('ldap-too.mit.edu')
+        self.con.simple_bind_s("", "")
+
+    def ldap_lookup(self, username):
+        dn = "ou=users,ou=moira,dc=mit,dc=edu"
+        fields = ['eduPersonAffiliation', 'mitDirStudentYear']
+        userfilter = ldap.filter.filter_format('uid=%s', [username])
+        result = self.con.search_s(dn, ldap.SCOPE_SUBTREE, userfilter, fields)
+        if len(result) > 0:
+            if len(result) > 1:
+                print >>sys.stderr, "Unexpectedly received multiple results: %s" % (result, )
+            return result[0][1]
+        else:
+            return False
+
+def classify(ldap_result):
+    secondary = "-"
+    if ldap_result == False:
+        primary = "unknown"
+    elif ldap_result == {}:
+        primary = "secret"
+    else:
+        primary = ldap_result['eduPersonAffiliation'][0]
+        secondary = ldap_result.get('mitDirStudentYear', ['-'])[0]
+    return primary, secondary
+
+if __name__ == '__main__':
+    print >>sys.stderr, "Connecting to LDAP..."
+    directory = LdapDirectory()
+    print >>sys.stderr, "Starting lookups..."
+    for name in sys.stdin:
+        name = name.strip()
+        result = directory.ldap_lookup(name)
+        primary, secondary = classify(result)
+        print "%s\t%s\t%s" % (primary, secondary, name)
-- 
2.34.1