Delete accounts that hasn't being logged in for a year

main.go

@@ -20,6 +20,7 @@ var (
 	inviteExpireDuration  = time.Hour * 24 * 30     // 30 days
 	accountExpireDuration = time.Hour * 24 * 90     // 90 days
 	accountBlockDuration  = time.Hour * 24 * 6 * 30 // ~ 6 months
+	accountDeleteDuration = time.Hour * 24 * 365    // ~ 1 year
 )
 
 func main() {
@@ -88,15 +89,19 @@ func updateUsers(l ldap.Ldap) {
 				}
 			}
 
-			// TODO: add deleted flag
-			if u.Locked != ldap.Unlocked ||
-				u.LastLogin.Add(accountBlockDuration).After(time.Now()) {
+			newLocked := ldap.Unknown
+			sinceLastLogin := time.Now().Sub(u.LastLogin)
+			if u.Locked != ldap.Deleted && sinceLastLogin > accountDeleteDuration {
+				newLocked = ldap.Deleted
+			} else if u.Locked != ldap.Blocked && sinceLastLogin > accountBlockDuration {
+				newLocked = ldap.Blocked
+			} else {
 				continue
 			}
 
-			err = l.ChangeLocked(u.Name, ldap.Blocked)
+			err = l.ChangeLocked(u.Name, newLocked)
 			if err != nil {
-				log.Printf("Error changing locked for user %s: %v", u.Name, err)
+				log.Printf("Error changing locked to %s for user %s: %v", newLocked.String(), u.Name, err)
 			}
 			if u.Role == ldap.Sindominante {
 				err = l.ChangeRole(u.Name, ldap.Amiga)