This commit is contained in:
parent
bb6f3b4cfd
commit
0a2fd9cf5d
|
|
@ -1,3 +1,4 @@
|
|||
const NotFoundError = require('vn-loopback/util/not-found-error');
|
||||
|
||||
module.exports = Self => {
|
||||
Self.remoteMethod('test', {
|
||||
|
|
@ -9,7 +10,8 @@ module.exports = Self => {
|
|||
});
|
||||
|
||||
Self.test = async function() {
|
||||
let connector = await Self.getSynchronizer();
|
||||
const connector = await Self.getLinker();
|
||||
if (!connector) throw new NotFoundError('Linker not configured');
|
||||
await connector.test();
|
||||
};
|
||||
};
|
||||
|
|
@ -3,14 +3,14 @@ const app = require('vn-loopback/server/server');
|
|||
const UserError = require('vn-loopback/util/user-error');
|
||||
|
||||
module.exports = function(Self, options) {
|
||||
require('../methods/account-synchronizer/test')(Self);
|
||||
require('../methods/account-linker/test')(Self);
|
||||
|
||||
Self.once('attached', function() {
|
||||
app.models.AccountConfig.addSynchronizer(Self);
|
||||
app.models.AccountConfig.addLinker(Self);
|
||||
});
|
||||
|
||||
/**
|
||||
* Mixin for user synchronizers.
|
||||
* Mixin for account linkers.
|
||||
*
|
||||
* @property {Array<Model>} $
|
||||
* @property {Object} accountConfig
|
||||
|
|
@ -18,12 +18,12 @@ module.exports = function(Self, options) {
|
|||
*/
|
||||
let Mixin = {
|
||||
/**
|
||||
* Initalizes the synchronizer.
|
||||
* Initalizes the linker.
|
||||
*/
|
||||
async init() {},
|
||||
|
||||
/**
|
||||
* Deinitalizes the synchronizer.
|
||||
* Deinitalizes the linker.
|
||||
*/
|
||||
async deinit() {},
|
||||
|
||||
|
|
@ -57,7 +57,7 @@ module.exports = function(Self, options) {
|
|||
async syncRoles() {},
|
||||
|
||||
/**
|
||||
* Tests synchronizer configuration.
|
||||
* Tests linker configuration.
|
||||
*/
|
||||
async test() {
|
||||
try {
|
||||
|
|
@ -3,94 +3,85 @@ const models = require('vn-loopback/server/server').models;
|
|||
|
||||
module.exports = Self => {
|
||||
Object.assign(Self, {
|
||||
synchronizers: [],
|
||||
linkers: [],
|
||||
|
||||
addSynchronizer(synchronizer) {
|
||||
this.synchronizers.push(synchronizer);
|
||||
addLinker(linker) {
|
||||
this.linkers.push(linker);
|
||||
},
|
||||
|
||||
async getInstance() {
|
||||
let instance = await Self.findOne({
|
||||
async initEngine() {
|
||||
const accountConfig = await Self.findOne({
|
||||
fields: ['homedir', 'shell', 'idBase']
|
||||
});
|
||||
await instance.synchronizerInit();
|
||||
return instance;
|
||||
const mailConfig = await models.MailConfig.findOne({
|
||||
fields: ['domain']
|
||||
});
|
||||
|
||||
const linkers = [];
|
||||
|
||||
for (const Linker of Self.linkers) {
|
||||
const linker = await Linker.getLinker();
|
||||
if (!linker) continue;
|
||||
Object.assign(linker, {accountConfig});
|
||||
await linker.init();
|
||||
linkers.push(linker);
|
||||
}
|
||||
|
||||
Object.assign(accountConfig, {
|
||||
linkers,
|
||||
domain: mailConfig.domain
|
||||
});
|
||||
|
||||
return {
|
||||
accountConfig,
|
||||
linkers
|
||||
};
|
||||
},
|
||||
|
||||
async deinitEngine(engine) {
|
||||
for (const linker of engine.linkers)
|
||||
await linker.deinit();
|
||||
},
|
||||
|
||||
async syncUser(userName, password) {
|
||||
const engine = await Self.initEngine();
|
||||
try {
|
||||
await Self.syncUserBase(engine, userName, password, true);
|
||||
} finally {
|
||||
await Self.deinitEngine(engine);
|
||||
}
|
||||
},
|
||||
|
||||
async syncUsers() {
|
||||
let instance = await Self.getInstance();
|
||||
const engine = await Self.initEngine();
|
||||
|
||||
let usersToSync = new Set();
|
||||
for (const linker of engine.linkers)
|
||||
await linker.getUsers(usersToSync);
|
||||
|
||||
let usersToSync = await instance.synchronizerGetUsers();
|
||||
usersToSync = Array.from(usersToSync.values())
|
||||
.sort((a, b) => a.localeCompare(b));
|
||||
|
||||
for (let userName of usersToSync) {
|
||||
try {
|
||||
// eslint-disable-next-line no-console
|
||||
console.log(`Synchronizing user '${userName}'`);
|
||||
await instance.synchronizerSyncUser(userName);
|
||||
|
||||
await Self.syncUserBase(engine, userName);
|
||||
|
||||
// eslint-disable-next-line no-console
|
||||
console.log(` -> User '${userName}' sinchronized`);
|
||||
} catch (err) {
|
||||
// eslint-disable-next-line no-console
|
||||
console.error(` -> User '${userName}' synchronization error:`, err.message);
|
||||
}
|
||||
}
|
||||
|
||||
await instance.synchronizerDeinit();
|
||||
await Self.deinitEngine(engine);
|
||||
await Self.syncRoles();
|
||||
},
|
||||
|
||||
async syncUser(userName, password) {
|
||||
let instance = await Self.getInstance();
|
||||
try {
|
||||
await instance.synchronizerSyncUser(userName, password, true);
|
||||
} finally {
|
||||
await instance.synchronizerDeinit();
|
||||
}
|
||||
},
|
||||
|
||||
async syncRoles() {
|
||||
let instance = await Self.getInstance();
|
||||
try {
|
||||
await instance.synchronizerSyncRoles();
|
||||
} finally {
|
||||
await instance.synchronizerDeinit();
|
||||
}
|
||||
},
|
||||
|
||||
async getSynchronizer() {
|
||||
return await Self.findOne();
|
||||
}
|
||||
});
|
||||
|
||||
Object.assign(Self.prototype, {
|
||||
async synchronizerInit() {
|
||||
let mailConfig = await models.MailConfig.findOne({
|
||||
fields: ['domain']
|
||||
});
|
||||
|
||||
let synchronizers = [];
|
||||
|
||||
for (let Synchronizer of Self.synchronizers) {
|
||||
let synchronizer = await Synchronizer.getSynchronizer();
|
||||
if (!synchronizer) continue;
|
||||
Object.assign(synchronizer, {
|
||||
accountConfig: this
|
||||
});
|
||||
await synchronizer.init();
|
||||
synchronizers.push(synchronizer);
|
||||
}
|
||||
|
||||
Object.assign(this, {
|
||||
synchronizers,
|
||||
domain: mailConfig.domain
|
||||
});
|
||||
},
|
||||
|
||||
async synchronizerDeinit() {
|
||||
for (let synchronizer of this.synchronizers)
|
||||
await synchronizer.deinit();
|
||||
},
|
||||
|
||||
async synchronizerSyncUser(userName, password, syncGroups) {
|
||||
async syncUserBase(engine, userName, password, syncGroups) {
|
||||
if (!userName) return;
|
||||
userName = userName.toLowerCase();
|
||||
|
||||
|
|
@ -98,7 +89,7 @@ module.exports = Self => {
|
|||
if (['administrator', 'root'].indexOf(userName) >= 0)
|
||||
return;
|
||||
|
||||
let user = await models.VnUser.findOne({
|
||||
const user = await models.VnUser.findOne({
|
||||
where: {name: userName},
|
||||
fields: [
|
||||
'id',
|
||||
|
|
@ -130,27 +121,28 @@ module.exports = Self => {
|
|||
]
|
||||
});
|
||||
|
||||
let info = {
|
||||
const info = {
|
||||
user,
|
||||
hasAccount: false
|
||||
};
|
||||
|
||||
if (user) {
|
||||
let exists = await models.Account.exists(user.id);
|
||||
const exists = await models.Account.exists(user.id);
|
||||
const {accountConfig} = engine;
|
||||
Object.assign(info, {
|
||||
hasAccount: user.active && exists,
|
||||
corporateMail: `${userName}@${this.domain}`,
|
||||
uidNumber: this.idBase + user.id
|
||||
corporateMail: `${userName}@${accountConfig.domain}`,
|
||||
uidNumber: accountConfig.idBase + user.id
|
||||
});
|
||||
}
|
||||
|
||||
let errs = [];
|
||||
const errs = [];
|
||||
|
||||
for (let synchronizer of this.synchronizers) {
|
||||
for (const linker of engine.linkers) {
|
||||
try {
|
||||
await synchronizer.syncUser(userName, info, password);
|
||||
await linker.syncUser(userName, info, password);
|
||||
if (syncGroups)
|
||||
await synchronizer.syncUserGroups(userName, info);
|
||||
await linker.syncUserGroups(userName, info);
|
||||
} catch (err) {
|
||||
errs.push(err);
|
||||
}
|
||||
|
|
@ -159,18 +151,16 @@ module.exports = Self => {
|
|||
if (errs.length) throw errs[0];
|
||||
},
|
||||
|
||||
async synchronizerGetUsers() {
|
||||
let usersToSync = new Set();
|
||||
async syncRoles() {
|
||||
const engine = await Self.initEngine();
|
||||
try {
|
||||
await Self.rawSql(`CALL account.role_sync`);
|
||||
|
||||
for (let synchronizer of this.synchronizers)
|
||||
await synchronizer.getUsers(usersToSync);
|
||||
|
||||
return usersToSync;
|
||||
},
|
||||
|
||||
async synchronizerSyncRoles() {
|
||||
for (let synchronizer of this.synchronizers)
|
||||
await synchronizer.syncRoles();
|
||||
for (const linker of engine.linkers)
|
||||
await linker.syncRoles();
|
||||
} finally {
|
||||
await Self.deinitEngine(engine);
|
||||
}
|
||||
}
|
||||
});
|
||||
};
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ const nthash = require('smbhash').nthash;
|
|||
module.exports = Self => {
|
||||
const shouldSync = process.env.NODE_ENV !== 'test';
|
||||
|
||||
Self.getSynchronizer = async function() {
|
||||
Self.getLinker = async function() {
|
||||
return await Self.findOne({
|
||||
fields: [
|
||||
'server',
|
||||
|
|
@ -24,6 +24,7 @@ module.exports = Self => {
|
|||
this.client = ldap.createClient({
|
||||
url: this.server
|
||||
});
|
||||
this.client.on('error', () => {});
|
||||
await this.client.bind(this.rdn, this.password);
|
||||
},
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
}
|
||||
},
|
||||
"mixins": {
|
||||
"AccountSynchronizer": {}
|
||||
"AccountLinker": {}
|
||||
},
|
||||
"properties": {
|
||||
"id": {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
|
||||
module.exports = Self => {
|
||||
Self.getSynchronizer = async function() {
|
||||
Self.getLinker = async function() {
|
||||
let NODE_ENV = process.env.NODE_ENV;
|
||||
if (!NODE_ENV || NODE_ENV == 'development')
|
||||
return null;
|
||||
|
|
@ -45,6 +45,7 @@ module.exports = Self => {
|
|||
}
|
||||
|
||||
if (!isUpdatable) {
|
||||
// eslint-disable-next-line no-console
|
||||
console.warn(`RoleConfig.syncUser(): User '${userName}' cannot be updated, not managed by me`);
|
||||
return;
|
||||
}
|
||||
|
|
@ -82,6 +83,7 @@ module.exports = Self => {
|
|||
[mysqlUser, this.userHost]);
|
||||
} catch (err) {
|
||||
if (err.code == 'ER_REVOKE_GRANTS')
|
||||
// eslint-disable-next-line no-console
|
||||
console.warn(`${err.code}: ${err.sqlMessage}: ${err.sql}`);
|
||||
else
|
||||
throw err;
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
}
|
||||
},
|
||||
"mixins": {
|
||||
"AccountSynchronizer": {}
|
||||
"AccountLinker": {}
|
||||
},
|
||||
"properties": {
|
||||
"id": {
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ const UserAccountControlFlags = {
|
|||
module.exports = Self => {
|
||||
const shouldSync = process.env.NODE_ENV !== 'test';
|
||||
|
||||
Self.getSynchronizer = async function() {
|
||||
Self.getLinker = async function() {
|
||||
return await Self.findOne({
|
||||
fields: [
|
||||
'host',
|
||||
|
|
@ -39,6 +39,7 @@ module.exports = Self => {
|
|||
url: `ldaps://${this.adController}:636`,
|
||||
tlsOptions: {rejectUnauthorized: this.verifyCert}
|
||||
});
|
||||
adClient.on('error', () => {});
|
||||
await adClient.bind(bindDn, this.adPassword);
|
||||
Object.assign(this, {
|
||||
adClient,
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
}
|
||||
},
|
||||
"mixins": {
|
||||
"AccountSynchronizer": {}
|
||||
"AccountLinker": {}
|
||||
},
|
||||
"properties": {
|
||||
"id": {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
const app = require('vn-loopback/server/server');
|
||||
|
||||
module.exports = Self => {
|
||||
Self.getSynchronizer = async function() {
|
||||
Self.getLinker = async function() {
|
||||
return await Self.findOne({fields: ['id']});
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
}
|
||||
},
|
||||
"mixins": {
|
||||
"AccountSynchronizer": {}
|
||||
"AccountLinker": {}
|
||||
},
|
||||
"properties": {
|
||||
"id": {
|
||||
|
|
@ -16,4 +16,3 @@
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -68,7 +68,6 @@
|
|||
Deactivate user
|
||||
</vn-item>
|
||||
<vn-item
|
||||
ng-if="$ctrl.user.active"
|
||||
ng-click="syncUser.show()"
|
||||
name="synchronizeUser"
|
||||
vn-acl="it"
|
||||
|
|
@ -166,7 +165,7 @@
|
|||
vn-id="syncUser"
|
||||
on-accept="$ctrl.onSync()"
|
||||
on-close="$ctrl.onSyncClose()">
|
||||
<tpl-title ng-translate>
|
||||
<tpl-title translate>
|
||||
Do you want to synchronize user?
|
||||
</tpl-title>
|
||||
<tpl-body>
|
||||
|
|
|
|||
Loading…
Reference in New Issue