Metadata-Version: 1.1
Name: authzync
Version: 0.1.3
Summary: SVN AuthZ-LDAP sync tool
Home-page: https://github.com/rbw0/authzync
Author: Robert Wikman
Author-email: rbw@vault13.org
License: MIT
Download-URL: https://github.com/rbw0/authzync/tarball/0.1.3
Description: authzync
        ========
        
        LDAP to authz sync tool.
        
        
        Installation
        ------------
        
        **git**
        
        .. code-block:: bash
          
          $ pypi install ldap3
          $ git clone https://github.com/rbw0/authzync.git  
          
        **pypi**
        
        .. code-block:: bash
        
          $ pypi install authzync
        
        
        Usage
        -----
        
        Perform a sync of the LDAP directory specified in ``authzync.json``, get non-LDAP permissions from ``local_db.json`` and write results to ``svn_authz.txt``
        
        .. code-block:: bash
        
          $ python authzync.py --config authzync.json --local_db local_db.json --authz svn_authz.txt
        
        
        Configuration
        -------------
        
        **Authzync**
        
        Configures LDAP, mappings and parse rules.
        
        .. code-block:: bash
        
          $ python authzync.py --config authzync.json
          
        Example: https://github.com/rbw0/authzync/blob/master/examples/authzync.json
        
        
        
        **Non-LDAP users (optional)** 
        
        Can be used to set repository permissions for users not present in the LDAP directory, i.e. local users.
        
        .. code-block:: bash
        
          $ python authzync.py --local_db local_db.json
          
        Example: https://github.com/rbw0/authzync/blob/master/examples/local_db.json
        
        
        How it works
        ------------
        1. Authzync starts by looking for groups matching the ``patterns.access_pattern`` in ``ldap.base_dn``
        
          Note that there's only one required part in the group name: ``repo_access`` (**RO** or **RW**). This tells authzync which permission to apply to members of this group.
           
        2. Next, the value of the attribute set in ``mappings.section_name`` is parsed according to ``patterns.section_pattern``
        3. Finally, a list of members is fetched and the authz file generated.
        
        
        Example
        -------
        
        **Authzync config**
        
        ========================  ===========================
        Name                      Value
        ========================  ===========================
        ldap.base_dn              ou=SVN,dc=example,dc=com
        mappings.section_name     description
        patterns.access_pattern   ^svn_.*_(?P<repo_access>RO|RW)$
        patterns.section_pattern  ^(?P<repo_name>.*):(?P<repo_path>\/.*)
        ========================  ===========================
        
        **LDAP directory**
        
        =====================  ===========================  ===========================
        Group name             ``description`` value        Members
        =====================  ===========================  ===========================
        svn_repo1-trunk_ro     repo1:/trunk                 user1, user2
        svn_repo2-branches_ro  repo2:/branches              user1, user3
        svn_repo1_rw           repo1:/                      user3
        =====================  ===========================  ===========================
        
        
        **This should result in the following SVN authz file**::
        
          [repo1:/trunk]
          user1 = ro
          user2 = ro
          
          [repo2:/branches]
          user1 = ro
          user3 = ro
          
          [repo1:/]
          user3 = rw
        
        
        
        Compatibility
        -------------
        Compatible with both Python 2 and 3.
        
        
        Author
        ------
        Created by Robert Wikman <rbw@vault13.org> in 2017
        
        
        
Keywords: subversion,ldap,authz,sync
Platform: any
Classifier: Programming Language :: Python
