Merge pull request 'refs #2818 sincronización quitada en test' (!1120) from 2818-sincronizar-usuarios into dev
gitea/salix/pipeline/head This commit looks good
Details
gitea/salix/pipeline/head This commit looks good
Details
Reviewed-on: #1120 Reviewed-by: Juan Ferrer <juan@verdnatura.es>
This commit is contained in:
commit
06f9cf8a40
|
|
@ -5,6 +5,8 @@ const crypto = require('crypto');
|
||||||
const nthash = require('smbhash').nthash;
|
const nthash = require('smbhash').nthash;
|
||||||
|
|
||||||
module.exports = Self => {
|
module.exports = Self => {
|
||||||
|
const shouldSync = process.env.NODE_ENV !== 'test';
|
||||||
|
|
||||||
Self.getSynchronizer = async function() {
|
Self.getSynchronizer = async function() {
|
||||||
return await Self.findOne({
|
return await Self.findOne({
|
||||||
fields: [
|
fields: [
|
||||||
|
|
@ -30,6 +32,7 @@ module.exports = Self => {
|
||||||
},
|
},
|
||||||
|
|
||||||
async syncUser(userName, info, password) {
|
async syncUser(userName, info, password) {
|
||||||
|
|
||||||
let {
|
let {
|
||||||
client,
|
client,
|
||||||
accountConfig
|
accountConfig
|
||||||
|
|
@ -130,13 +133,14 @@ module.exports = Self => {
|
||||||
}));
|
}));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (changes.length)
|
if (shouldSync && changes.length)
|
||||||
await client.modify(dn, changes);
|
await client.modify(dn, changes);
|
||||||
} else
|
} else if (shouldSync)
|
||||||
await client.add(dn, newEntry);
|
await client.add(dn, newEntry);
|
||||||
} else {
|
} else {
|
||||||
try {
|
try {
|
||||||
await client.del(dn);
|
if (shouldSync)
|
||||||
|
await client.del(dn);
|
||||||
console.log(` -> User '${userName}' removed from LDAP`);
|
console.log(` -> User '${userName}' removed from LDAP`);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e.name !== 'NoSuchObjectError') throw e;
|
if (e.name !== 'NoSuchObjectError') throw e;
|
||||||
|
|
@ -196,17 +200,19 @@ module.exports = Self => {
|
||||||
for (let group of groups) {
|
for (let group of groups) {
|
||||||
try {
|
try {
|
||||||
let dn = `cn=${group},${groupDn}`;
|
let dn = `cn=${group},${groupDn}`;
|
||||||
await client.modify(dn, new ldap.Change({
|
if (shouldSync) {
|
||||||
operation,
|
await client.modify(dn, new ldap.Change({
|
||||||
modification: {memberUid: userName}
|
operation,
|
||||||
}));
|
modification: {memberUid: userName}
|
||||||
|
}));
|
||||||
|
}
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
if (err.name !== 'NoSuchObjectError')
|
if (err.name !== 'NoSuchObjectError')
|
||||||
throw err;
|
throw err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
await applyOperations(deleteGroups, 'delete');
|
await applyOperations(deleteGroups, 'delete');
|
||||||
await applyOperations(addGroups, 'add');
|
await applyOperations(addGroups, 'add');
|
||||||
},
|
},
|
||||||
|
|
@ -266,8 +272,10 @@ module.exports = Self => {
|
||||||
filter: 'objectClass=posixGroup'
|
filter: 'objectClass=posixGroup'
|
||||||
};
|
};
|
||||||
let reqs = [];
|
let reqs = [];
|
||||||
await client.searchForeach(this.groupDn, opts,
|
await client.searchForeach(this.groupDn, opts, object => {
|
||||||
o => reqs.push(client.del(o.dn)));
|
if (shouldSync)
|
||||||
|
reqs.push(client.del(object.dn));
|
||||||
|
});
|
||||||
await Promise.all(reqs);
|
await Promise.all(reqs);
|
||||||
|
|
||||||
// Recreate roles
|
// Recreate roles
|
||||||
|
|
@ -291,7 +299,8 @@ module.exports = Self => {
|
||||||
}
|
}
|
||||||
|
|
||||||
let dn = `cn=${role.name},${this.groupDn}`;
|
let dn = `cn=${role.name},${this.groupDn}`;
|
||||||
reqs.push(client.add(dn, newEntry));
|
if (shouldSync)
|
||||||
|
reqs.push(client.add(dn, newEntry));
|
||||||
}
|
}
|
||||||
await Promise.all(reqs);
|
await Promise.all(reqs);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -60,16 +60,19 @@ module.exports = Self => {
|
||||||
return `cn=Users,${dnBase}`;
|
return `cn=Users,${dnBase}`;
|
||||||
},
|
},
|
||||||
|
|
||||||
async syncUser(userName, info, password) {
|
async syncUser(userName, info, password) {
|
||||||
let {sshClient} = this;
|
let {sshClient} = this;
|
||||||
|
|
||||||
let sambaUser = await this.adClient.searchOne(this.usersDn(), {
|
let sambaUser = await this.adClient.searchOne(this.usersDn(), {
|
||||||
scope: 'sub',
|
scope: 'sub',
|
||||||
attributes: ['userAccountControl'],
|
attributes: ['userAccountControl'],
|
||||||
filter: `(&(objectClass=user)(sAMAccountName=${userName}))`
|
filter: `(&(objectClass=user)(sAMAccountName=${userName}))`
|
||||||
});
|
});
|
||||||
let isEnabled = sambaUser
|
let isEnabled = sambaUser
|
||||||
&& !(sambaUser.userAccountControl & UserAccountControlFlags.ACCOUNTDISABLE);
|
&& !(sambaUser.userAccountControl & UserAccountControlFlags.ACCOUNTDISABLE);
|
||||||
|
|
||||||
|
if (process.env.NODE_ENV === 'test')
|
||||||
|
return;
|
||||||
|
|
||||||
if (info.hasAccount) {
|
if (info.hasAccount) {
|
||||||
if (!sambaUser) {
|
if (!sambaUser) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue