Some bash to pull local wiki users in a certain group and check against centralauth - in this case, 2fa enablement

foreachwikisql.sh

#!/usr/bin/env bash
################################################################################
# Author: [email protected]
# License: Apache 2 <https://opensource.org/licenses/Apache-2.0>
################################################################################

. /etc/profile.d/mediawiki.sh

# pass debug as an argument to use a smaller test dblist
if [[ "$1" != "debug" ]]; then
    all_dblist="$MEDIAWIKI_STAGING_DIR/dblists/all.dblist"
else
    all_dblist="test.all.dblist"
fi

echo "A USER GROUP : NO 2FA ENABLED"
echo "---------------------------"
while read db; do
    count=0
    user_query='select user_id, user_name from user_groups join user on ug_user=user_id where ug_group="A_USER_GROUP";'
    if [[ ! $db =~ ^#.* ]]; then
        user_results=$(sql "$db" <<< "$user_query")
    fi  
    while IFS= read -r line; do
        if [[ $line =~ ^[0-9].* ]]; then
            tuple=($line)
            tuple=("${tuple[@]:1}")
            user_name="${tuple[@]}"
            user_name=$(echo "${user_name}" | sed s/"'"/"\\\'"/g)  # quick and dirty sqlclean
            ca_query="select ou.id from oathauth_users ou left join globaluser gu on gu.gu_name = '$user_name' where gu.gu_id = ou.id"
            ca_results=$(sql centralauth <<< "$ca_query")
            if [[ -z "$ca_results" ]]; then
                echo "$db,$user_name"
                ((count=count+1))
            fi  
        fi  
    done <<< "$user_results"
done <$all_dblist