implement group member endpoints
This commit is contained in:
parent
2e0497f1c1
commit
ad271d010e
120
src/ldap.js
120
src/ldap.js
@ -25,9 +25,9 @@ export default class LDAP {
|
||||
|
||||
async addUser (bind, uid, attrs) {
|
||||
const logger = new LDAP_MULTIOP_LOGGER(`add ${uid}`);
|
||||
await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
const bindResult = await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
const userDN = `uid=${uid},${this.#peopledn}`;
|
||||
if (!attrs.cn || !attrs.sn || !attrs.userPassword) {
|
||||
@ -63,9 +63,9 @@ export default class LDAP {
|
||||
|
||||
async modUser (bind, uid, newAttrs) {
|
||||
const logger = new LDAP_MULTIOP_LOGGER(`modify ${uid}`);
|
||||
await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
const bindResult = await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
for (const attr of ["cn", "sn", "userPassword"]) {
|
||||
if (attr in newAttrs && newAttrs[attr]) { // attr should exist and not be undefined or null
|
||||
@ -84,9 +84,9 @@ export default class LDAP {
|
||||
|
||||
async delUser (bind, uid) {
|
||||
const logger = new LDAP_MULTIOP_LOGGER(`del ${uid}`);
|
||||
await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
const bindResult = await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
const userDN = `uid=${uid},${this.#peopledn}`;
|
||||
await this.#client.del(userDN, logger);
|
||||
@ -98,40 +98,28 @@ export default class LDAP {
|
||||
return logger;
|
||||
}
|
||||
for (const element of groups.entries) {
|
||||
let change = null;
|
||||
if (element.attributes.member.length === 1) {
|
||||
change = new ldap.Change({
|
||||
operation: "replace",
|
||||
modification: {
|
||||
type: "member",
|
||||
values: [""]
|
||||
}
|
||||
});
|
||||
}
|
||||
else {
|
||||
change = new ldap.Change({
|
||||
operation: "delete",
|
||||
modification: {
|
||||
type: "member",
|
||||
values: [`uid=${uid},${this.#peopledn}`]
|
||||
}
|
||||
});
|
||||
}
|
||||
const change = {
|
||||
operation: "delete",
|
||||
modification: {
|
||||
type: "member",
|
||||
values: [`uid=${uid},${this.#peopledn}`]
|
||||
}
|
||||
};
|
||||
await this.#client.modify(element.dn, change, logger);
|
||||
}
|
||||
return logger;
|
||||
}
|
||||
|
||||
async addGroup (bind, gid, attrs) {
|
||||
async addGroup (bind, gid) {
|
||||
const logger = new LDAP_MULTIOP_LOGGER(`add ${gid}`);
|
||||
await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
const bindResult = await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
const groupDN = `cn=${gid},${this.#groupsdn}`;
|
||||
const entry = {
|
||||
objectClass: "groupOfNames",
|
||||
member: attrs && attrs.member ? attrs.member : "",
|
||||
member: "",
|
||||
cn: gid
|
||||
};
|
||||
await this.#client.add(groupDN, entry, logger);
|
||||
@ -143,14 +131,16 @@ export default class LDAP {
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
return await this.#client.search(`cn=${gid},${this.#groupsdn}`, {});
|
||||
const result = await this.#client.search(`cn=${gid},${this.#groupsdn}`, {});
|
||||
result.group = result.entries[0]; // assume there should only be 1 entry
|
||||
return result;
|
||||
}
|
||||
|
||||
async delGroup (bind, gid) {
|
||||
const logger = new LDAP_MULTIOP_LOGGER(`del ${gid}`);
|
||||
await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
const bindResult = await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
const groupDN = `cn=${gid},${this.#groupsdn}`;
|
||||
await this.#client.del(groupDN, logger);
|
||||
@ -159,49 +149,27 @@ export default class LDAP {
|
||||
|
||||
async addUserToGroup (bind, uid, gid) {
|
||||
const logger = new LDAP_MULTIOP_LOGGER(`add ${uid} to ${gid}`);
|
||||
await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
const bindResult = await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
const checkGroupEntry = await this.#client.search(`cn=${gid},${this.#groupsdn}`, {}, logger);
|
||||
if (logger.ok) {
|
||||
// add the user
|
||||
const change = new ldap.Change({
|
||||
operation: "add",
|
||||
modification: {
|
||||
type: "member",
|
||||
values: [`uid=${uid},${this.#peopledn}`]
|
||||
}
|
||||
});
|
||||
await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
// add the user
|
||||
const change = new ldap.Change({
|
||||
operation: "add",
|
||||
modification: {
|
||||
type: "member",
|
||||
values: [`uid=${uid},${this.#peopledn}`]
|
||||
}
|
||||
// check if there is a blank entry in the group
|
||||
const groupEntry = checkGroupEntry.entries[0];
|
||||
if (groupEntry.attributes.member.includes("")) {
|
||||
// delete the blank user
|
||||
const change = new ldap.Change({
|
||||
operation: "delete",
|
||||
modification: {
|
||||
type: "member",
|
||||
values: [""]
|
||||
}
|
||||
});
|
||||
await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change, logger);
|
||||
}
|
||||
return logger;
|
||||
}
|
||||
else {
|
||||
return logger;
|
||||
}
|
||||
});
|
||||
await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change, logger);
|
||||
return logger;
|
||||
}
|
||||
|
||||
async delUserFromGroup (bind, uid, gid) {
|
||||
const logger = new LDAP_MULTIOP_LOGGER(`del ${uid} from ${gid}`);
|
||||
await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!logger.ok) {
|
||||
return logger;
|
||||
const bindResult = await this.#client.bind(bind.dn, bind.password, logger);
|
||||
if (!bindResult.ok) {
|
||||
return bindResult;
|
||||
}
|
||||
const change = new ldap.Change({
|
||||
operation: "delete",
|
||||
@ -213,10 +181,6 @@ export default class LDAP {
|
||||
await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change, logger);
|
||||
return logger;
|
||||
}
|
||||
|
||||
async search (branch, opts) {
|
||||
return await this.#client.search(`${branch},${this.#basedn}`, opts);
|
||||
}
|
||||
}
|
||||
|
||||
class LDAP_MULTIOP_LOGGER {
|
||||
|
||||
64
src/main.js
64
src/main.js
@ -151,12 +151,12 @@ app.post("/groups/:groupid", async (req, res) => {
|
||||
const params = {
|
||||
groupid: req.params.groupid,
|
||||
bind: ldap.createUserBind(req.body.binduser, req.body.bindpass)
|
||||
}
|
||||
const result = await ldap.addGroup(params.bind, groupid);
|
||||
};
|
||||
const result = await ldap.addGroup(params.bind, params.groupid);
|
||||
res.send({
|
||||
ok: result.ok,
|
||||
error: result.error
|
||||
})
|
||||
});
|
||||
});
|
||||
|
||||
/**
|
||||
@ -170,12 +170,21 @@ app.get("/groups/:groupid", async (req, res) => {
|
||||
const params = {
|
||||
groupid: req.params.groupid,
|
||||
bind: ldap.createUserBind(req.body.binduser, req.body.bindpass)
|
||||
};
|
||||
const result = await ldap.getGroup(params.bind, params.groupid);
|
||||
if (result.ok) {
|
||||
res.send({
|
||||
ok: result.ok,
|
||||
error: result.error,
|
||||
group: result.group
|
||||
});
|
||||
}
|
||||
else {
|
||||
res.send({
|
||||
ok: result.ok,
|
||||
error: result.error
|
||||
});
|
||||
}
|
||||
const result = await ldap.getGroup(params.bind, groupid);
|
||||
res.send({
|
||||
ok: result.ok,
|
||||
error: result.error
|
||||
})
|
||||
});
|
||||
|
||||
/**
|
||||
@ -189,28 +198,51 @@ app.delete("/groups/:groupid", async (req, res) => {
|
||||
const params = {
|
||||
groupid: req.params.groupid,
|
||||
bind: ldap.createUserBind(req.body.binduser, req.body.bindpass)
|
||||
}
|
||||
const result = await ldap.delGroup(params.bind, groupid);
|
||||
};
|
||||
const result = await ldap.delGroup(params.bind, params.groupid);
|
||||
res.send({
|
||||
ok: result.ok,
|
||||
error: result.error
|
||||
})
|
||||
});
|
||||
});
|
||||
|
||||
/**
|
||||
* GET - get group members only
|
||||
* POST - add a member to the group
|
||||
* request:
|
||||
* - groupid: group id
|
||||
* - userid: user id
|
||||
* - binduser: bind user id
|
||||
* - bindpass: bind user password
|
||||
*/
|
||||
app.get("/groups/:groupid/members", async (req, res) => {});
|
||||
app.post("/groups/:groupid/members/:userid", async (req, res) => {
|
||||
const params = {
|
||||
groupid: req.params.groupid,
|
||||
userid: req.params.userid,
|
||||
bind: ldap.createUserBind(req.body.binduser, req.body.bindpass)
|
||||
};
|
||||
const result = await ldap.addUserToGroup(params.bind, params.userid, params.groupid);
|
||||
res.send({
|
||||
ok: result.ok,
|
||||
error: result.error
|
||||
});
|
||||
});
|
||||
|
||||
/**
|
||||
* POST - add member(s) to group
|
||||
* DELETE - remove a member from the group
|
||||
* - groupid: group id
|
||||
* - members: new list of members
|
||||
* - userid: user id
|
||||
* - binduser: bind user id
|
||||
* - bindpass: bind user password
|
||||
*/
|
||||
app.post("/groups/:groupid/members", async (req, res) => {});
|
||||
app.delete("/groups/:groupid/members/:userid", async (req, res) => {
|
||||
const params = {
|
||||
groupid: req.params.groupid,
|
||||
userid: req.params.userid,
|
||||
bind: ldap.createUserBind(req.body.binduser, req.body.bindpass)
|
||||
};
|
||||
const result = await ldap.delUserFromGroup(params.bind, params.userid, params.groupid);
|
||||
res.send({
|
||||
ok: result.ok,
|
||||
error: result.error
|
||||
});
|
||||
});
|
||||
|
||||
Loading…
Reference in New Issue
Block a user