implement group methods,
implement modUser
This commit is contained in:
		| @@ -1,7 +1,7 @@ | |||||||
| export BASE_DN='' | export BASE_DN='' | ||||||
| read -p "Base DN: " BASE_DN | read -p "Base DN: " BASE_DN | ||||||
|  |  | ||||||
| export PAAS_PASSWD=$(tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~' </dev/urandom | head -c 256; echo) | export PAAS_PASSWD=$(tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~' < /dev/urandom | head -c 256; echo) | ||||||
| echo "$PAAS_PASSWD" -n > paas.token | echo "$PAAS_PASSWD" -n > paas.token | ||||||
| echo "Saved PAAS Authentication Token (password) to paas.token" | echo "Saved PAAS Authentication Token (password) to paas.token" | ||||||
|  |  | ||||||
|   | |||||||
							
								
								
									
										69
									
								
								src/ldap.js
									
									
									
									
									
								
							
							
						
						
									
										69
									
								
								src/ldap.js
									
									
									
									
									
								
							| @@ -44,7 +44,26 @@ export default class LDAP { | |||||||
| 		return await this.#client.search(this.#peopledn, opts); | 		return await this.#client.search(this.#peopledn, opts); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	async modUser (bind, uid, attrs) { } | 	async modUser (bind, uid, newAttrs) { | ||||||
|  | 		const result = await this.#client.bind(bind.dn, bind.password); | ||||||
|  | 		if (!result.ok) { | ||||||
|  | 			return result; | ||||||
|  | 		} | ||||||
|  | 		const results = []; | ||||||
|  | 		for (const attr of ["cn", "sn", "userPassword"]) { | ||||||
|  | 			if (attr in newAttrs) { | ||||||
|  | 				const change = new ldap.Change({ | ||||||
|  | 					operation: "replace", | ||||||
|  | 					modification: { | ||||||
|  | 						type: attr, | ||||||
|  | 						values: [newAttrs[attr]] | ||||||
|  | 					} | ||||||
|  | 				}); | ||||||
|  | 				results.push(await this.#client.modify(`uid=${uid},${this.#peopledn}`, change)); | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
|  | 		return results; | ||||||
|  | 	} | ||||||
|  |  | ||||||
| 	async delUser (bind, uid) { | 	async delUser (bind, uid) { | ||||||
| 		const result = await this.#client.bind(bind.dn, bind.password); | 		const result = await this.#client.bind(bind.dn, bind.password); | ||||||
| @@ -63,7 +82,7 @@ export default class LDAP { | |||||||
| 		const groupDN = `cn=${gid},${this.#groupsdn}`; | 		const groupDN = `cn=${gid},${this.#groupsdn}`; | ||||||
| 		const entry = { | 		const entry = { | ||||||
| 			objectClass: "groupOfNames", | 			objectClass: "groupOfNames", | ||||||
| 			member: "", | 			member: attrs && attrs.member ? attrs.member : "", | ||||||
| 			cn: gid | 			cn: gid | ||||||
| 		}; | 		}; | ||||||
| 		return await this.#client.add(groupDN, entry); | 		return await this.#client.add(groupDN, entry); | ||||||
| @@ -79,10 +98,34 @@ export default class LDAP { | |||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	async addUserToGroup (bind, uid, gid) { | 	async addUserToGroup (bind, uid, gid) { | ||||||
|  | 		const result = await this.#client.bind(bind.dn, bind.password); | ||||||
|  | 		if (!result.ok) { | ||||||
|  | 			return result; | ||||||
|  | 		} | ||||||
|  | 		const change = new ldap.Change({ | ||||||
|  | 			operation: "add", | ||||||
|  | 			modification: { | ||||||
|  | 				type: "member", | ||||||
|  | 				values: [`uid=${uid},${this.#peopledn}`] | ||||||
|  | 			} | ||||||
|  | 		}); | ||||||
|  | 		return await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	async delUserFromGroup (bind, uid, gid) { } | 	async delUserFromGroup (bind, uid, gid) { | ||||||
|  | 		const result = await this.#client.bind(bind.dn, bind.password); | ||||||
|  | 		if (!result.ok) { | ||||||
|  | 			return result; | ||||||
|  | 		} | ||||||
|  | 		const change = new ldap.Change({ | ||||||
|  | 			operation: "delete", | ||||||
|  | 			modification: { | ||||||
|  | 				type: "member", | ||||||
|  | 				values: [`uid=${uid},${this.#peopledn}`] | ||||||
|  | 			} | ||||||
|  | 		}); | ||||||
|  | 		return await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change); | ||||||
|  | 	} | ||||||
| } | } | ||||||
|  |  | ||||||
| class LDAPJS_CLIENT_ASYNC_WRAPPER { | class LDAPJS_CLIENT_ASYNC_WRAPPER { | ||||||
| @@ -101,10 +144,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER { | |||||||
| 		return new Promise((resolve) => { | 		return new Promise((resolve) => { | ||||||
| 			this.#client.bind(dn, password, (err) => { | 			this.#client.bind(dn, password, (err) => { | ||||||
| 				if (err) { | 				if (err) { | ||||||
| 					resolve({ ok: false, error: err }); | 					resolve({ op: `bind ${dn}`, ok: false, error: err }); | ||||||
| 				} | 				} | ||||||
| 				else { | 				else { | ||||||
| 					resolve({ ok: true }); | 					resolve({ op: `bind ${dn}`, ok: true }); | ||||||
| 				} | 				} | ||||||
| 			}); | 			}); | ||||||
| 		}); | 		}); | ||||||
| @@ -114,10 +157,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER { | |||||||
| 		return new Promise((resolve) => { | 		return new Promise((resolve) => { | ||||||
| 			this.#client.add(dn, entry, (err) => { | 			this.#client.add(dn, entry, (err) => { | ||||||
| 				if (err) { | 				if (err) { | ||||||
| 					resolve({ ok: false, error: err }); | 					resolve({ op: `add ${dn}`, ok: false, error: err }); | ||||||
| 				} | 				} | ||||||
| 				else { | 				else { | ||||||
| 					resolve({ ok: true }); | 					resolve({ op: `add ${dn}`, ok: true }); | ||||||
| 				} | 				} | ||||||
| 			}); | 			}); | ||||||
| 		}); | 		}); | ||||||
| @@ -127,7 +170,7 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER { | |||||||
| 		return new Promise((resolve) => { | 		return new Promise((resolve) => { | ||||||
| 			this.#client.search(base, options, (err, res) => { | 			this.#client.search(base, options, (err, res) => { | ||||||
| 				if (err) { | 				if (err) { | ||||||
| 					return resolve({ ok: false, error: err }); | 					return resolve({ op: `search ${base}`, ok: false, error: err }); | ||||||
| 				} | 				} | ||||||
| 				const results = { ok: false, status: 1, message: "", entries: [] }; | 				const results = { ok: false, status: 1, message: "", entries: [] }; | ||||||
| 				res.on("searchRequest", (searchRequest) => { }); | 				res.on("searchRequest", (searchRequest) => { }); | ||||||
| @@ -155,10 +198,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER { | |||||||
| 		return new Promise((resolve) => { | 		return new Promise((resolve) => { | ||||||
| 			this.#client.modify(name, changes, (err) => { | 			this.#client.modify(name, changes, (err) => { | ||||||
| 				if (err) { | 				if (err) { | ||||||
| 					resolve({ ok: false, error: err }); | 					resolve({ op: `modify ${name}`, ok: false, error: err }); | ||||||
| 				} | 				} | ||||||
| 				else { | 				else { | ||||||
| 					resolve({ ok: true }); | 					resolve({ op: `modify ${name}`, ok: true }); | ||||||
| 				} | 				} | ||||||
| 			}); | 			}); | ||||||
| 		}); | 		}); | ||||||
| @@ -168,10 +211,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER { | |||||||
| 		return new Promise((resolve) => { | 		return new Promise((resolve) => { | ||||||
| 			this.#client.del(dn, (err) => { | 			this.#client.del(dn, (err) => { | ||||||
| 				if (err) { | 				if (err) { | ||||||
| 					resolve({ ok: false, error: err }); | 					resolve({ op: `del ${dn}`, ok: false, error: err }); | ||||||
| 				} | 				} | ||||||
| 				else { | 				else { | ||||||
| 					resolve({ ok: true }); | 					resolve({ op: `del ${dn}`, ok: true }); | ||||||
| 				} | 				} | ||||||
| 			}); | 			}); | ||||||
| 		}); | 		}); | ||||||
|   | |||||||
							
								
								
									
										33
									
								
								src/main.js
									
									
									
									
									
								
							
							
						
						
									
										33
									
								
								src/main.js
									
									
									
									
									
								
							| @@ -22,36 +22,3 @@ global.package = _package(global.argv.package); | |||||||
| global.config = _config(global.argv.configPath); | global.config = _config(global.argv.configPath); | ||||||
|  |  | ||||||
| const ldap = new LDAP(global.argv.ldapURL, global.config.basedn); | const ldap = new LDAP(global.argv.ldapURL, global.config.basedn); | ||||||
|  |  | ||||||
| /* import { readFileSync } from "fs"; |  | ||||||
| const paas = { |  | ||||||
| 	dn: `uid=paas,ou=people,${global.config.basedn}`, |  | ||||||
| 	password: readFileSync("paas.token").toString() |  | ||||||
| }; |  | ||||||
| console.log(await ldap.addUser(paas, "testuser", { cn: "test", sn: "test", userPassword: "test" })); |  | ||||||
| console.log((await ldap.getUser(paas, "testuser")).entries[0].attributes); |  | ||||||
| console.log(await ldap.delUser(paas, "testuser")); |  | ||||||
| console.log(await ldap.addGroup(paas, "testgroup")); |  | ||||||
| console.log(await ldap.delGroup(paas, "testgroup")); |  | ||||||
| exit(0); */ |  | ||||||
|  |  | ||||||
| const app = express(); |  | ||||||
| app.use(bodyParser.urlencoded({ extended: true })); |  | ||||||
| app.use(cookieParser()); |  | ||||||
| app.use(morgan("combined")); |  | ||||||
|  |  | ||||||
| app.listen(global.argv.listenPort, () => { |  | ||||||
| 	console.log(`proxmoxaas-ldap v${global.package.version} listening on port ${global.argv.listenPort}`); |  | ||||||
| }); |  | ||||||
|  |  | ||||||
| app.get("/:user", async (req, res) => { |  | ||||||
| }); |  | ||||||
|  |  | ||||||
| app.post("/:user", async (req, res) => { |  | ||||||
| }); |  | ||||||
|  |  | ||||||
| app.delete("/:user", async (req, res) => { |  | ||||||
| }); |  | ||||||
|  |  | ||||||
| app.post("/:user/password", async (req, res) => { |  | ||||||
| }); |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user