implement group methods,

implement modUser
This commit is contained in:
Arthur Lu 2023-11-28 00:20:54 +00:00
parent 10116da900
commit 91092d554c
3 changed files with 57 additions and 47 deletions

View File

@ -44,7 +44,26 @@ export default class LDAP {
return await this.#client.search(this.#peopledn, opts); return await this.#client.search(this.#peopledn, opts);
} }
async modUser (bind, uid, attrs) { } async modUser (bind, uid, newAttrs) {
const result = await this.#client.bind(bind.dn, bind.password);
if (!result.ok) {
return result;
}
const results = [];
for (const attr of ["cn", "sn", "userPassword"]) {
if (attr in newAttrs) {
const change = new ldap.Change({
operation: "replace",
modification: {
type: attr,
values: [newAttrs[attr]]
}
});
results.push(await this.#client.modify(`uid=${uid},${this.#peopledn}`, change));
}
}
return results;
}
async delUser (bind, uid) { async delUser (bind, uid) {
const result = await this.#client.bind(bind.dn, bind.password); const result = await this.#client.bind(bind.dn, bind.password);
@ -63,7 +82,7 @@ export default class LDAP {
const groupDN = `cn=${gid},${this.#groupsdn}`; const groupDN = `cn=${gid},${this.#groupsdn}`;
const entry = { const entry = {
objectClass: "groupOfNames", objectClass: "groupOfNames",
member: "", member: attrs && attrs.member ? attrs.member : "",
cn: gid cn: gid
}; };
return await this.#client.add(groupDN, entry); return await this.#client.add(groupDN, entry);
@ -79,10 +98,34 @@ export default class LDAP {
} }
async addUserToGroup (bind, uid, gid) { async addUserToGroup (bind, uid, gid) {
const result = await this.#client.bind(bind.dn, bind.password);
if (!result.ok) {
return result;
}
const change = new ldap.Change({
operation: "add",
modification: {
type: "member",
values: [`uid=${uid},${this.#peopledn}`]
}
});
return await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change);
} }
async delUserFromGroup (bind, uid, gid) { } async delUserFromGroup (bind, uid, gid) {
const result = await this.#client.bind(bind.dn, bind.password);
if (!result.ok) {
return result;
}
const change = new ldap.Change({
operation: "delete",
modification: {
type: "member",
values: [`uid=${uid},${this.#peopledn}`]
}
});
return await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change);
}
} }
class LDAPJS_CLIENT_ASYNC_WRAPPER { class LDAPJS_CLIENT_ASYNC_WRAPPER {
@ -101,10 +144,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
return new Promise((resolve) => { return new Promise((resolve) => {
this.#client.bind(dn, password, (err) => { this.#client.bind(dn, password, (err) => {
if (err) { if (err) {
resolve({ ok: false, error: err }); resolve({ op: `bind ${dn}`, ok: false, error: err });
} }
else { else {
resolve({ ok: true }); resolve({ op: `bind ${dn}`, ok: true });
} }
}); });
}); });
@ -114,10 +157,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
return new Promise((resolve) => { return new Promise((resolve) => {
this.#client.add(dn, entry, (err) => { this.#client.add(dn, entry, (err) => {
if (err) { if (err) {
resolve({ ok: false, error: err }); resolve({ op: `add ${dn}`, ok: false, error: err });
} }
else { else {
resolve({ ok: true }); resolve({ op: `add ${dn}`, ok: true });
} }
}); });
}); });
@ -127,7 +170,7 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
return new Promise((resolve) => { return new Promise((resolve) => {
this.#client.search(base, options, (err, res) => { this.#client.search(base, options, (err, res) => {
if (err) { if (err) {
return resolve({ ok: false, error: err }); return resolve({ op: `search ${base}`, ok: false, error: err });
} }
const results = { ok: false, status: 1, message: "", entries: [] }; const results = { ok: false, status: 1, message: "", entries: [] };
res.on("searchRequest", (searchRequest) => { }); res.on("searchRequest", (searchRequest) => { });
@ -155,10 +198,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
return new Promise((resolve) => { return new Promise((resolve) => {
this.#client.modify(name, changes, (err) => { this.#client.modify(name, changes, (err) => {
if (err) { if (err) {
resolve({ ok: false, error: err }); resolve({ op: `modify ${name}`, ok: false, error: err });
} }
else { else {
resolve({ ok: true }); resolve({ op: `modify ${name}`, ok: true });
} }
}); });
}); });
@ -168,10 +211,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
return new Promise((resolve) => { return new Promise((resolve) => {
this.#client.del(dn, (err) => { this.#client.del(dn, (err) => {
if (err) { if (err) {
resolve({ ok: false, error: err }); resolve({ op: `del ${dn}`, ok: false, error: err });
} }
else { else {
resolve({ ok: true }); resolve({ op: `del ${dn}`, ok: true });
} }
}); });
}); });

View File

@ -22,36 +22,3 @@ global.package = _package(global.argv.package);
global.config = _config(global.argv.configPath); global.config = _config(global.argv.configPath);
const ldap = new LDAP(global.argv.ldapURL, global.config.basedn); const ldap = new LDAP(global.argv.ldapURL, global.config.basedn);
/* import { readFileSync } from "fs";
const paas = {
dn: `uid=paas,ou=people,${global.config.basedn}`,
password: readFileSync("paas.token").toString()
};
console.log(await ldap.addUser(paas, "testuser", { cn: "test", sn: "test", userPassword: "test" }));
console.log((await ldap.getUser(paas, "testuser")).entries[0].attributes);
console.log(await ldap.delUser(paas, "testuser"));
console.log(await ldap.addGroup(paas, "testgroup"));
console.log(await ldap.delGroup(paas, "testgroup"));
exit(0); */
const app = express();
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(morgan("combined"));
app.listen(global.argv.listenPort, () => {
console.log(`proxmoxaas-ldap v${global.package.version} listening on port ${global.argv.listenPort}`);
});
app.get("/:user", async (req, res) => {
});
app.post("/:user", async (req, res) => {
});
app.delete("/:user", async (req, res) => {
});
app.post("/:user/password", async (req, res) => {
});