from ldap3 import Server, Connection, MODIFY_ADD, MODIFY_DELETE

ldap_server = 'ldap://localhost'
ldap_user = '{{ ldap_bind_dn }}'
ldap_password = '{{ ldap_password }}'
base_dn = '{{ ldap_user_dn }}'
groups_base_dn = '{{ ldap_group_dn }}'
new_objectclass = 'verification'

# Connect to the LDAP server
server = Server(ldap_server)
conn = Connection(server, user=ldap_user, password=ldap_password)

if not conn.bind():
    print(f"Failed to bind to LDAP server: {conn.last_error}")
    exit(1)

# handle groups #
conn.search(groups_base_dn)
for entry in conn.entries:

    dn = entry.entry_dn
   
    # add verification class if it is missing #
    conn.modify(dn, {'member': [(MODIFY_DELETE, [""])]})

# handle people #
conn.search(base_dn, '(objectClass=person)')
for entry in conn.entries:

    dn = entry.entry_dn
   
    # add verification class if it is missing #
    conn.modify(dn, {'objectClass': [(MODIFY_ADD, ["verification"])]})
    
    # set verification value if it is not set #
    modifications = {
        'emailVerified': [(MODIFY_ADD, ["false"])]
    }
    conn.modify(dn, modifications)

# Unbind from the LDAP server
conn.unbind()