User sync fixes

2020-10-31 01:56:19 +01:00 · 2020-10-31 01:56:19 +01:00 · ba5a03c980
parent 15c39f93ca
commit ba5a03c980
2 changed files with 25 additions and 14 deletions
--- a/modules/account/back/methods/user-account/sync-all.js
+++ b/modules/account/back/methods/user-account/sync-all.js
@ -99,7 +99,7 @@ module.exports = Self => {
            try {
                await Self.doSync(sync, user);
            } catch (err) {
-                console.error(err);
+                console.error(`Cannot sync user '${user}':`, err);
            }
        }
        await Self.syncDeinit(sync);
--- a/modules/account/back/methods/user-account/sync.js
+++ b/modules/account/back/methods/user-account/sync.js
@ -119,6 +119,10 @@ module.exports = Self => {
            sambaClient
        } = sync;

+        // Avoid to change adminitration users
+        if (['administrator', 'root'].indexOf(userName.toLowerCase()) >= 0)
+            return;
+
        let user = await $.Account.findOne({
            where: {name: userName},
            fields: [
@ -169,14 +173,19 @@ module.exports = Self => {
            await $.Account.upsertWithWhere({id: user.id},
                {bcryptPassword}
            );
-            await $.user.upsert({
+
+            let appUser = {
                id: user.id,
                username: userName,
-                password: bcryptPassword,
                email: user.email,
                created: user.created,
                updated: user.updated
-            });
+            };
+
+            if (bcryptPassword)
+                appUser.password = bcryptPassword;
+
+            await $.user.upsert(appUser);
        }

        // SIP
@ -240,7 +249,8 @@ module.exports = Self => {
            if (hasAccount) {
                // Recreates user

-                let nameArgs = user.nickname.split(' ');
+                let nickname = user.nickname || userName;
+                let nameArgs = nickname.split(' ');
                let sn = nameArgs.length > 1
                    ? nameArgs.splice(1).join(' ')
                    : '-';
@ -253,8 +263,8 @@ module.exports = Self => {
                        'posixAccount',
                        'sambaSamAccount'
                    ],
-                    cn: user.nickname || userName,
-                    displayName: user.nickname,
+                    cn: nickname,
+                    displayName: nickname,
                    givenName: nameArgs[0],
                    sn,
                    mail: extraParams.corporateMail,
@ -266,7 +276,6 @@ module.exports = Self => {
                    sambaSID: '-'
                };

-                let passwords;
                if (password) {
                    let salt = crypto
                        .randomBytes(8)
@ -281,19 +290,21 @@ module.exports = Self => {
                        .from(digest + salt, 'binary')
                        .toString('base64');

-                    passwords = {
+                    Object.assign(newEntry, {
                        userPassword: `{SSHA}${ssha}`,
                        sambaNTPassword: nthash(password)
-                    };
+                    });
                } else if (oldUser) {
-                    passwords = {
+                    Object.assign(newEntry, {
                        userPassword: oldUser.userPassword,
                        sambaNTPassword: oldUser.sambaNTPassword
-                    };
+                    });
                }

-                if (passwords)
-                    Object.assign(newEntry, passwords);
+                for (let prop in newEntry) {
+                    if (newEntry[prop] == null)
+                        delete newEntry[prop];
+                }

                await ldapClient.add(dn, newEntry);