diff --git a/modules/account/back/models/samba-config.js b/modules/account/back/models/samba-config.js index 047bedd4f..0344d467b 100644 --- a/modules/account/back/models/samba-config.js +++ b/modules/account/back/models/samba-config.js @@ -190,6 +190,41 @@ class SambaHelper { constructor(ctx) { Object.assign(this, ctx); } + async getRoles() { + this.roles = (await app.models.VnRole.find({ + fields: ['id', 'name', 'description'], + order: 'modified DESC', + limit: 2 + })).reduce((map, role) => { + map.set(`${ROLE_PREFIX}${role.name}`, role); + return map; + }, new Map()); + } + + async getUsers() { + this.users = await app.models.VnUser.find({ + include: { + relation: 'role', + scope: {fields: ['name'], + where: {'name': {nin: this.rolesToDelete}} + } + }, + fields: ['name', 'roleFk'], + // where: {'active': true} + }).reduce((map, user) => { + const role = user.role(); + map.set(`${ROLE_PREFIX}${role.name}`, user.name); + return map; + }, new Map()); + // this.usersMap = toMap(this.users, user => { + // let role = user.role(); + // if (!role) { + // console.info(`User ${user.name} has not valid role`); + // return; + // } + // return {key: `${ROLE_PREFIX}${role.name}`, val: user.name}; + // }); + } deleteRole(role) { return this.sambaTool('group', ['delete', role]); } @@ -247,18 +282,9 @@ class SambaHelper { } async syncFromDB() { - // const baseDN = 'cn=Users,dc=verdnatura,dc=es'; - const ldapMembersGroups = await this.getMembers(); // OBTENER ROLES - let roles = (await app.models.VnRole.find({ - fields: ['id', 'name', 'description'], - order: 'modified DESC', - limit: 2 - })).reduce((map, role) => { - map.set(`${ROLE_PREFIX}${role.name}`, role); - return map; - }, new Map()); - const rolesKeys = Array.from(roles.keys()); + await this.getRoles(); + const rolesKeys = Array.from(this.roles.keys()).sort(); // OBTENER LDAPSJS ROLES const ldapGroups = await this.adClient.searchAll(this.fullGroupsDn, { scope: 'sub', @@ -272,99 +298,91 @@ class SambaHelper { map.set(`${group.cn}`, group); return map; }, new Map()); - const sambaRolesKeys = Array.from(sambaCurrentGroups.keys());// .map(({cn}) => cn); + const sambaRolesKeys = Array.from(sambaCurrentGroups.keys()).sort();// .map(({cn}) => cn); // handleExecResponse(await this.sambaTool('group', ['list'])) // .filter(group => group.startsWith(ROLE_PREFIX)); - // Encontrar elementos a eliminar - const rolesToDelete = differences(sambaRolesKeys, rolesKeys); - // Encontrar elementos a insertar - const rolesToInsert = differences(rolesKeys, sambaRolesKeys); - + this.rolesToInsert = []; // Encontrar elementos a actualizar - const rolesToUpdate = differences(rolesKeys, [...rolesToDelete, ...rolesToInsert]); + this.rolesToUpdate = []; + for (const role of rolesKeys) { + const exists = sambaCurrentGroups.get(role); + if (!exists) + this.rolesToHandler.toInsert.push(role); + if (exists && exists.description !== this.roles.get(role).description) + this.rolesToHandler.toUpdate.push(role); + } + // Encontrar elementos a eliminar + this.rolesToDelete = differences(sambaRolesKeys, rolesKeys); - // OBTENER USUARIOS Y SUS ROLES - if ( - rolesToDelete.length > 0 || - rolesToInsert.length > 0 || - rolesToUpdate.length > 0) { - let users = await app.models.VnUser.find({ - include: { - relation: 'role', - scope: {fields: ['name'], - where: {'name': {nin: rolesToDelete}} - } - }, - fields: ['name', 'roleFk'], - // where: {'active': true} - }); - let usersMap = toMap(users, user => { - let role = user.role(); - if (!role) { - console.info(`User ${user.name} has not valid role`); - return; - } - return {key: `${ROLE_PREFIX}${role.name}`, val: user.name}; - }); - usersMap.set('group1', ['employee']); - if (rolesToDelete.length > 0) { - // PROCEDIMIENTO PARA ELIMINAR USUARIOS ASOCIADOS AL ROL - let usersToUngroup = rolesToDelete.flatMap(role => { - const exist = usersMap.get(role); + this.users.set('group1', ['employee']); + if (this.rolesToDelete.length > 0) { + // PROCEDIMIENTO PARA ELIMINAR ROLES + const resultsRoleDelete = await Promise.all( + this.rolesToDelete.map(this.deleteRole) + ); + printResults(resultsRoleDelete); + } - if (exist) { - return usersMap.get(role)?.map( - user => this.removeMembers(role, user) - ); - } else return []; - } - ); - const resultsUsersUngroup = await Promise.all(usersToUngroup); - printResults(resultsUsersUngroup); + if (this.rolesToInsert.length > 0) { + // PROCEDIMIENTO PARA INSERTAR ROLES + const resultsRoleInsert = await Promise.all( + this.rolesToInsert.map(role => this.addRole(this.roles.get(role)))); + printResults(resultsRoleInsert); + } - // PROCEDIMIENTO PARA ELIMINAR ROLES - const resultsRoleDelete = await Promise.all( - rolesToDelete.map(this.deleteRole) - ); - printResults(resultsRoleDelete); - } - - if (rolesToInsert.length > 0) { - // PROCEDIMIENTO PARA INSERTAR ROLES - const resultsRoleInsert = await Promise.all( - rolesToInsert.map(role => this.addRole(roles.get(role)))); - printResults(resultsRoleInsert); - - // PROCEDIMIENTO PARA INSERTAR USUARIOS ASOCIADOS AL ROL - let usersToGroup = rolesToInsert.flatMap(role => usersMap.get(role).map( - user => this.addMembers(role, user) - ) - ); - const resultsUserGroup = await Promise.all(usersToGroup); - printResults(resultsUserGroup); - } - - if (rolesToUpdate.length > 0) { - // OBTENER LDAPSJS MIEMBROS ROLES - - for await (const role of rolesToUpdate) { - // let roleHasUpdated = false; - if (roles.get(role).$description != sambaCurrentGroups.get(role).description) { - await this.deleteRole(role); - await this.addRole(roles.get(role)); - // roleHasUpdated = true; - } - const users = usersMap.get(role); - const currentUsers = this.handleRoleMembers(await this.getRoleMembers(role)); - if (currentUsers.length === 0 && users.length === 0) continue; - await this.handleUsersRole(role, currentUsers, users); - } + if (this.rolesToUpdate.length > 0) { + for await (const role of this.rolesToUpdate) { + await this.deleteRole(role); + await this.addRole(this.roles.get(role)); } } } - syncMembers() { + async syncMembers() { + // const baseDN = 'cn=Users,dc=verdnatura,dc=es'; + const ldapMembersGroups = await this.getMembers(); + // OBTENER USUARIOS Y SUS ROLES + if ( + this.rolesToDelete.length > 0 || + this.rolesToInsert.length > 0 || + this.rolesToUpdate.length > 0) + await this.getUsers(); + // PROCEDIMIENTO PARA ELIMINAR USUARIOS ASOCIADOS AL ROL + if (this.rolesToDelete.length > 0) { + let usersToUngroup = this.rolesToDelete.flatMap(role => { + const exist = this.users.get(role); + + if (exist) { + return this.users.get(role)?.map( + user => this.removeMembers(role, user) + ); + } else return []; + } + ); + const resultsUsersUngroup = await Promise.all(usersToUngroup); + printResults(resultsUsersUngroup); + } + if (this.rolesToInsert.length > 0) { + // PROCEDIMIENTO PARA INSERTAR USUARIOS ASOCIADOS AL ROL + let usersToGroup = this.rolesToInsert.flatMap(role => this.users.get(role).map( + user => this.addMembers(role, user) + ) + ); + const resultsUserGroup = await Promise.all(usersToGroup); + printResults(resultsUserGroup); + } + + if (this.rolesToUpdate.length > 0) { + // OBTENER LDAPSJS MIEMBROS ROLES + + for await (const role of this.rolesToUpdate) { + const users = users.get(role); + const currentUsers = this.handleRoleMembers(await this.getRoleMembers(role)); + if (currentUsers.length === 0 && users.length === 0) continue; + await this.handleUsersRole(role, currentUsers, users); + } + } } }