Merge branch 'test' of https://gitea.verdnatura.es/verdnatura/salix into dev
gitea/salix/pipeline/head This commit looks good
Details
gitea/salix/pipeline/head This commit looks good
Details
This commit is contained in:
commit
33289b3ac1
|
@ -25,9 +25,11 @@ pipeline {
|
|||
switch (env.BRANCH_NAME) {
|
||||
case 'master':
|
||||
env.NODE_ENV = 'production'
|
||||
env.BACK_REPLICAS = 4
|
||||
break
|
||||
case 'test':
|
||||
env.NODE_ENV = 'test'
|
||||
env.BACK_REPLICAS = 2
|
||||
break
|
||||
}
|
||||
}
|
||||
|
|
|
@ -48,7 +48,7 @@ module.exports = Self => {
|
|||
throw new UserError(`You don't have enough privileges`);
|
||||
|
||||
if (process.env.NODE_ENV == 'test')
|
||||
throw new UserError(`You can't upload images on the test instance`);
|
||||
throw new UserError(`You can't upload images on the test environment`);
|
||||
|
||||
// Upload file to temporary path
|
||||
const tempContainer = await TempContainer.container(args.collection);
|
||||
|
|
|
@ -8,7 +8,7 @@ services:
|
|||
ports:
|
||||
- 80
|
||||
deploy:
|
||||
replicas: 3
|
||||
replicas: 2
|
||||
back:
|
||||
image: registry.verdnatura.es/salix-back:${BRANCH_NAME:?}
|
||||
build: .
|
||||
|
@ -30,7 +30,7 @@ services:
|
|||
- /mnt/storage/dms:/var/lib/salix/dms
|
||||
- /mnt/storage/image:/var/lib/salix/image
|
||||
deploy:
|
||||
replicas: 6
|
||||
replicas: ${BACK_REPLICAS:?}
|
||||
configs:
|
||||
datasources:
|
||||
external: true
|
||||
|
|
|
@ -35,14 +35,13 @@ module.exports = Self => {
|
|||
accountConfig
|
||||
} = this;
|
||||
|
||||
let newEntry;
|
||||
let dn = `uid=${userName},${this.userDn}`;
|
||||
|
||||
if (info.hasAccount) {
|
||||
let {user} = info;
|
||||
|
||||
let oldUser = await client.searchOne(this.userDn, {
|
||||
scope: 'sub',
|
||||
attributes: ['userPassword', 'sambaNTPassword'],
|
||||
filter: `&(uid=${userName})`
|
||||
});
|
||||
|
||||
|
@ -52,7 +51,7 @@ module.exports = Self => {
|
|||
? nameArgs.splice(1).join(' ')
|
||||
: '-';
|
||||
|
||||
newEntry = {
|
||||
let newEntry = {
|
||||
uid: userName,
|
||||
objectClass: [
|
||||
'inetOrgPerson',
|
||||
|
@ -101,62 +100,115 @@ module.exports = Self => {
|
|||
if (newEntry[prop] == null)
|
||||
delete newEntry[prop];
|
||||
}
|
||||
|
||||
if (oldUser) {
|
||||
let changes = [];
|
||||
let skipProps = new Set([
|
||||
'dn',
|
||||
'controls'
|
||||
]);
|
||||
|
||||
for (let prop in oldUser) {
|
||||
let deleteProp = !skipProps.has(prop)
|
||||
&& !newEntry.hasOwnProperty(prop);
|
||||
if (!deleteProp) continue;
|
||||
changes.push(new ldap.Change({
|
||||
operation: 'delete',
|
||||
modification: {
|
||||
[prop]: oldUser[prop]
|
||||
}
|
||||
}));
|
||||
}
|
||||
for (let prop in newEntry) {
|
||||
if (this.isEqual(oldUser[prop], newEntry[prop]))
|
||||
continue;
|
||||
changes.push(new ldap.Change({
|
||||
operation: 'replace',
|
||||
modification: {
|
||||
[prop]: newEntry[prop]
|
||||
}
|
||||
}));
|
||||
}
|
||||
|
||||
// Remove and recreate (if applicable) user
|
||||
|
||||
let dn = `uid=${userName},${this.userDn}`;
|
||||
let operation;
|
||||
|
||||
if (changes.length)
|
||||
await client.modify(dn, changes);
|
||||
} else
|
||||
await client.add(dn, newEntry);
|
||||
} else {
|
||||
try {
|
||||
await client.del(dn);
|
||||
operation = 'delete';
|
||||
console.log(` -> User '${userName}' removed from LDAP`);
|
||||
} catch (e) {
|
||||
if (e.name !== 'NoSuchObjectError') throw e;
|
||||
}
|
||||
|
||||
if (info.hasAccount) {
|
||||
await client.add(dn, newEntry);
|
||||
operation = 'add';
|
||||
}
|
||||
},
|
||||
|
||||
if (operation === 'delete')
|
||||
console.log(` -> User '${userName}' removed from LDAP`);
|
||||
isEqual(a, b) {
|
||||
if (Array.isArray(a) && Array.isArray(b)) {
|
||||
if (a.length !== b.length)
|
||||
return false;
|
||||
for (let element of a) {
|
||||
if (b.indexOf(element) === -1)
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
} else
|
||||
return a == b;
|
||||
},
|
||||
|
||||
async syncUserGroups(userName, info) {
|
||||
let {client} = this;
|
||||
let {user} = info;
|
||||
let groupDn = this.groupDn;
|
||||
|
||||
let opts = {
|
||||
scope: 'sub',
|
||||
attributes: ['dn'],
|
||||
attributes: ['dn', 'cn'],
|
||||
filter: `&(memberUid=${userName})(objectClass=posixGroup)`
|
||||
};
|
||||
let oldGroups = await client.searchAll(this.groupDn, opts);
|
||||
let oldGroups = await client.searchAll(groupDn, opts);
|
||||
|
||||
let reqs = [];
|
||||
for (let oldGroup of oldGroups) {
|
||||
let change = new ldap.Change({
|
||||
operation: 'delete',
|
||||
modification: {memberUid: userName}
|
||||
});
|
||||
reqs.push(client.modify(oldGroup.dn, change));
|
||||
let deleteGroups = [];
|
||||
let addGroups = [];
|
||||
|
||||
if (info.hasAccount) {
|
||||
let oldSet = new Set();
|
||||
oldGroups.forEach(e => oldSet.add(e.cn));
|
||||
|
||||
let newSet = new Set();
|
||||
user.roles().forEach(e => newSet.add(e.inherits().name));
|
||||
|
||||
for (let group of oldGroups) {
|
||||
if (!newSet.has(group.cn))
|
||||
deleteGroups.push(group.cn);
|
||||
}
|
||||
await Promise.all(reqs);
|
||||
|
||||
if (!info.hasAccount) return;
|
||||
|
||||
reqs = [];
|
||||
for (let role of info.user.roles()) {
|
||||
let change = new ldap.Change({
|
||||
operation: 'add',
|
||||
modification: {memberUid: userName}
|
||||
});
|
||||
let roleName = role.inherits().name;
|
||||
let dn = `cn=${roleName},${this.groupDn}`;
|
||||
reqs.push(client.modify(dn, change));
|
||||
for (let role of user.roles()) {
|
||||
if (!oldSet.has(role.inherits().name))
|
||||
addGroups.push(role.inherits().name);
|
||||
}
|
||||
await Promise.all(reqs);
|
||||
} else {
|
||||
for (let group of oldGroups)
|
||||
deleteGroups.push(group.cn);
|
||||
}
|
||||
|
||||
async function applyOperations(groups, operation) {
|
||||
for (let group of groups) {
|
||||
try {
|
||||
let dn = `cn=${group},${groupDn}`;
|
||||
await client.modify(dn, new ldap.Change({
|
||||
operation,
|
||||
modification: {memberUid: userName}
|
||||
}));
|
||||
} catch (err) {
|
||||
if (err.name !== 'NoSuchObjectError')
|
||||
throw err;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
await applyOperations(deleteGroups, 'delete');
|
||||
await applyOperations(addGroups, 'add');
|
||||
},
|
||||
|
||||
async getUsers(usersToSync) {
|
||||
|
|
|
@ -7,4 +7,4 @@ FROM client c
|
|||
JOIN company AS cny
|
||||
JOIN supplierAccount AS sa ON sa.id = cny.supplierAccountFk
|
||||
JOIN bankEntity be ON be.id = sa.bankEntityFk
|
||||
WHERE c.id = ? AND cny.id = ?`
|
||||
WHERE c.id = ? AND cny.id = ?
|
Loading…
Reference in New Issue