[unix_ldap] Add command to force LDAP sync

unix_ldap/apps.py

 from django.apps import AppConfig
-from django.db.models.signals import post_delete, post_save
+from django.db.models.signals import post_delete, post_save, pre_save
 
-from .signals import post_save_passwd
+from .signals import pre_save_passwd
 
 
 class UnixLdapConfig(AppConfig):
@@ -9,7 +9,7 @@ class UnixLdapConfig(AppConfig):
     name = 'unix_ldap'
 
     def ready(self):
-        post_save.connect(
-            post_save_passwd,
+        pre_save.connect(
+            pre_save_passwd,
             sender='unix.Passwd',
         )

unix_ldap/management/commands/ldap_sync.py

+from django.core.management.base import BaseCommand, CommandError
+from unix.models import Passwd
+from unix.signals import base, sync_passwd
+
+
+class Command(BaseCommand):
+    help = "Synchronize database with LDAP"
+
+    def handle(self, *args, **options):
+        base = base()
+        for instance in Passwd.objects.all():
+            sync_passwd(base, instance)

unix_ldap/signals.py

@@ -11,9 +11,7 @@ def base():
         base.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
     base.simple_bind_s(settings.LDAP_USER, settings.LDAP_PASSWORD)
 
-
-def post_save_passwd(sender, instance, using, **kwargs):
-    base = base()
+def sync_passwd(base, instance):
     ldap_user = {
         'objectClass': [b'inetOrgPerson', b'organizationalPerson', b'person', b'posixAccount'],
         'uid': instance.uid.encode('ascii'),
@@ -30,3 +28,10 @@ def post_save_passwd(sender, instance, using, **kwargs):
         base.add_s(f'{settings.LDAP_USERS_KEY}={instance.uid},{settings.LDAP_USERS_DN}', modlist.addModList(ldap_user))
     else:
         base.modify_s(f'{settings.LDAP_USERS_KEY}={instance.uid},{settings.LDAP_USERS_DN}', modlist.modifyModlist(old_ldap_user, ldap_user))
+
+def pre_save_passwd(sender, instance, using, **kwargs):
+    try:
+        base = base()
+    except ldap.SERVER_DOWN:
+        raise
+    sync_passwd(base, instance)