refs #2818 sincronización quitada en test #1120
|
@ -5,6 +5,8 @@ const crypto = require('crypto');
|
|||
const nthash = require('smbhash').nthash;
|
||||
|
||||
module.exports = Self => {
|
||||
const shouldSync = process.env.NODE_ENV !== 'test';
|
||||
|
||||
Self.getSynchronizer = async function() {
|
||||
return await Self.findOne({
|
||||
fields: [
|
||||
|
@ -30,6 +32,7 @@ module.exports = Self => {
|
|||
},
|
||||
|
||||
async syncUser(userName, info, password) {
|
||||
|
||||
let {
|
||||
client,
|
||||
accountConfig
|
||||
|
@ -130,13 +133,14 @@ module.exports = Self => {
|
|||
}));
|
||||
}
|
||||
|
||||
if (changes.length)
|
||||
if (shouldSync && changes.length)
|
||||
await client.modify(dn, changes);
|
||||
} else
|
||||
} else if (shouldSync)
|
||||
await client.add(dn, newEntry);
|
||||
} else {
|
||||
try {
|
||||
await client.del(dn);
|
||||
if (shouldSync)
|
||||
await client.del(dn);
|
||||
console.log(` -> User '${userName}' removed from LDAP`);
|
||||
} catch (e) {
|
||||
if (e.name !== 'NoSuchObjectError') throw e;
|
||||
|
@ -196,17 +200,19 @@ module.exports = Self => {
|
|||
for (let group of groups) {
|
||||
try {
|
||||
let dn = `cn=${group},${groupDn}`;
|
||||
await client.modify(dn, new ldap.Change({
|
||||
operation,
|
||||
modification: {memberUid: userName}
|
||||
}));
|
||||
if (shouldSync) {
|
||||
await client.modify(dn, new ldap.Change({
|
||||
operation,
|
||||
modification: {memberUid: userName}
|
||||
}));
|
||||
}
|
||||
} catch (err) {
|
||||
if (err.name !== 'NoSuchObjectError')
|
||||
throw err;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
await applyOperations(deleteGroups, 'delete');
|
||||
await applyOperations(addGroups, 'add');
|
||||
},
|
||||
|
@ -266,8 +272,10 @@ module.exports = Self => {
|
|||
filter: 'objectClass=posixGroup'
|
||||
};
|
||||
let reqs = [];
|
||||
await client.searchForeach(this.groupDn, opts,
|
||||
o => reqs.push(client.del(o.dn)));
|
||||
await client.searchForeach(this.groupDn, opts, object => {
|
||||
if (shouldSync)
|
||||
reqs.push(client.del(object.dn));
|
||||
});
|
||||
await Promise.all(reqs);
|
||||
|
||||
// Recreate roles
|
||||
|
@ -291,7 +299,8 @@ module.exports = Self => {
|
|||
}
|
||||
|
||||
let dn = `cn=${role.name},${this.groupDn}`;
|
||||
reqs.push(client.add(dn, newEntry));
|
||||
if (shouldSync)
|
||||
reqs.push(client.add(dn, newEntry));
|
||||
}
|
||||
await Promise.all(reqs);
|
||||
}
|
||||
|
|
|
@ -60,16 +60,19 @@ module.exports = Self => {
|
|||
return `cn=Users,${dnBase}`;
|
||||
},
|
||||
|
||||
async syncUser(userName, info, password) {
|
||||
async syncUser(userName, info, password) {
|
||||
let {sshClient} = this;
|
||||
|
||||
|
||||
let sambaUser = await this.adClient.searchOne(this.usersDn(), {
|
||||
scope: 'sub',
|
||||
attributes: ['userAccountControl'],
|
||||
filter: `(&(objectClass=user)(sAMAccountName=${userName}))`
|
||||
});
|
||||
let isEnabled = sambaUser
|
||||
&& !(sambaUser.userAccountControl & UserAccountControlFlags.ACCOUNTDISABLE);
|
||||
&& !(sambaUser.userAccountControl & UserAccountControlFlags.ACCOUNTDISABLE);
|
||||
|
||||
if (process.env.NODE_ENV === 'test')
|
||||
return;
|
||||
|
||||
if (info.hasAccount) {
|
||||
if (!sambaUser) {
|
||||
|
|
Loading…
Reference in New Issue