implement group methods,

implement modUser
2023-11-28 00:20:54 +00:00 · 2023-11-28 00:20:54 +00:00 · b4ee79589b
commit b4ee79589b
parent 9d6f62b4a3
3 changed files with 57 additions and 47 deletions
--- a/openldap/init.sh
+++ b/openldap/init.sh
@ -1,7 +1,7 @@
 export BASE_DN=''
 read -p "Base DN: " BASE_DN
-export PAAS_PASSWD=$(tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~' </dev/urandom | head -c 256; echo)
+export PAAS_PASSWD=$(tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~' < /dev/urandom | head -c 256; echo)
 echo "$PAAS_PASSWD" -n > paas.token
 echo "Saved PAAS Authentication Token (password) to paas.token"
--- a/src/ldap.js
+++ b/src/ldap.js
@ -44,7 +44,26 @@ export default class LDAP {
 		return await this.#client.search(this.#peopledn, opts);
 	}
-	async modUser (bind, uid, attrs) { }
+	async modUser (bind, uid, newAttrs) {
 		const result = await this.#client.bind(bind.dn, bind.password);
 		if (!result.ok) {
 			return result;
 		}
 		const results = [];
 		for (const attr of ["cn", "sn", "userPassword"]) {
 			if (attr in newAttrs) {
 				const change = new ldap.Change({
 					operation: "replace",
 					modification: {
 						type: attr,
 						values: [newAttrs[attr]]
 					}
 				});
 				results.push(await this.#client.modify(`uid=${uid},${this.#peopledn}`, change));
 			}
 		}
 		return results;
 	}
 	async delUser (bind, uid) {
 		const result = await this.#client.bind(bind.dn, bind.password);
@ -63,7 +82,7 @@ export default class LDAP {
 		const groupDN = `cn=${gid},${this.#groupsdn}`;
 		const entry = {
 			objectClass: "groupOfNames",
-			member: "",
+			member: attrs && attrs.member ? attrs.member : "",
 			cn: gid
 		};
 		return await this.#client.add(groupDN, entry);
@ -79,10 +98,34 @@ export default class LDAP {
 	}
 	async addUserToGroup (bind, uid, gid) {
-
+		const result = await this.#client.bind(bind.dn, bind.password);
 		if (!result.ok) {
 			return result;
 		}
 		const change = new ldap.Change({
 			operation: "add",
 			modification: {
 				type: "member",
 				values: [`uid=${uid},${this.#peopledn}`]
 			}
 		});
 		return await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change);
 	}
-	async delUserFromGroup (bind, uid, gid) { }
+	async delUserFromGroup (bind, uid, gid) {
 		const result = await this.#client.bind(bind.dn, bind.password);
 		if (!result.ok) {
 			return result;
 		}
 		const change = new ldap.Change({
 			operation: "delete",
 			modification: {
 				type: "member",
 				values: [`uid=${uid},${this.#peopledn}`]
 			}
 		});
 		return await this.#client.modify(`cn=${gid},${this.#groupsdn}`, change);
 	}
 }
 class LDAPJS_CLIENT_ASYNC_WRAPPER {
@ -101,10 +144,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
 		return new Promise((resolve) => {
 			this.#client.bind(dn, password, (err) => {
 				if (err) {
-					resolve({ ok: false, error: err });
+					resolve({ op: `bind ${dn}`, ok: false, error: err });
 				}
 				else {
-					resolve({ ok: true });
+					resolve({ op: `bind ${dn}`, ok: true });
 				}
 			});
 		});
@ -114,10 +157,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
 		return new Promise((resolve) => {
 			this.#client.add(dn, entry, (err) => {
 				if (err) {
-					resolve({ ok: false, error: err });
+					resolve({ op: `add ${dn}`, ok: false, error: err });
 				}
 				else {
-					resolve({ ok: true });
+					resolve({ op: `add ${dn}`, ok: true });
 				}
 			});
 		});
@ -127,7 +170,7 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
 		return new Promise((resolve) => {
 			this.#client.search(base, options, (err, res) => {
 				if (err) {
-					return resolve({ ok: false, error: err });
+					return resolve({ op: `search ${base}`, ok: false, error: err });
 				}
 				const results = { ok: false, status: 1, message: "", entries: [] };
 				res.on("searchRequest", (searchRequest) => { });
@ -155,10 +198,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
 		return new Promise((resolve) => {
 			this.#client.modify(name, changes, (err) => {
 				if (err) {
-					resolve({ ok: false, error: err });
+					resolve({ op: `modify ${name}`, ok: false, error: err });
 				}
 				else {
-					resolve({ ok: true });
+					resolve({ op: `modify ${name}`, ok: true });
 				}
 			});
 		});
@ -168,10 +211,10 @@ class LDAPJS_CLIENT_ASYNC_WRAPPER {
 		return new Promise((resolve) => {
 			this.#client.del(dn, (err) => {
 				if (err) {
-					resolve({ ok: false, error: err });
+					resolve({ op: `del ${dn}`, ok: false, error: err });
 				}
 				else {
-					resolve({ ok: true });
+					resolve({ op: `del ${dn}`, ok: true });
 				}
 			});
 		});
--- a/src/main.js
+++ b/src/main.js
@ -22,36 +22,3 @@ global.package = _package(global.argv.package);
 global.config = _config(global.argv.configPath);
 const ldap = new LDAP(global.argv.ldapURL, global.config.basedn);
 /* import { readFileSync } from "fs";
 const paas = {
 	dn: `uid=paas,ou=people,${global.config.basedn}`,
 	password: readFileSync("paas.token").toString()
 };
 console.log(await ldap.addUser(paas, "testuser", { cn: "test", sn: "test", userPassword: "test" }));
 console.log((await ldap.getUser(paas, "testuser")).entries[0].attributes);
 console.log(await ldap.delUser(paas, "testuser"));
 console.log(await ldap.addGroup(paas, "testgroup"));
 console.log(await ldap.delGroup(paas, "testgroup"));
 exit(0); */
 const app = express();
 app.use(bodyParser.urlencoded({ extended: true }));
 app.use(cookieParser());
 app.use(morgan("combined"));
 app.listen(global.argv.listenPort, () => {
 	console.log(`proxmoxaas-ldap v${global.package.version} listening on port ${global.argv.listenPort}`);
 });
 app.get("/:user", async (req, res) => {
 });
 app.post("/:user", async (req, res) => {
 });
 app.delete("/:user", async (req, res) => {
 });
 app.post("/:user/password", async (req, res) => {
 });