WIP: #5770 - Sync Groups Samba #1946
|
@ -190,6 +190,41 @@ class SambaHelper {
|
|||
constructor(ctx) {
|
||||
Object.assign(this, ctx);
|
||||
}
|
||||
async getRoles() {
|
||||
this.roles = (await app.models.VnRole.find({
|
||||
fields: ['id', 'name', 'description'],
|
||||
order: 'modified DESC',
|
||||
limit: 2
|
||||
})).reduce((map, role) => {
|
||||
map.set(`${ROLE_PREFIX}${role.name}`, role);
|
||||
return map;
|
||||
}, new Map());
|
||||
}
|
||||
|
||||
async getUsers() {
|
||||
this.users = await app.models.VnUser.find({
|
||||
include: {
|
||||
relation: 'role',
|
||||
scope: {fields: ['name'],
|
||||
where: {'name': {nin: this.rolesToDelete}}
|
||||
}
|
||||
},
|
||||
fields: ['name', 'roleFk'],
|
||||
// where: {'active': true}
|
||||
}).reduce((map, user) => {
|
||||
const role = user.role();
|
||||
map.set(`${ROLE_PREFIX}${role.name}`, user.name);
|
||||
return map;
|
||||
}, new Map());
|
||||
// this.usersMap = toMap(this.users, user => {
|
||||
// let role = user.role();
|
||||
// if (!role) {
|
||||
// console.info(`User ${user.name} has not valid role`);
|
||||
// return;
|
||||
// }
|
||||
// return {key: `${ROLE_PREFIX}${role.name}`, val: user.name};
|
||||
// });
|
||||
}
|
||||
deleteRole(role) {
|
||||
return this.sambaTool('group', ['delete', role]);
|
||||
}
|
||||
|
@ -247,18 +282,9 @@ class SambaHelper {
|
|||
}
|
||||
|
||||
async syncFromDB() {
|
||||
// const baseDN = 'cn=Users,dc=verdnatura,dc=es';
|
||||
const ldapMembersGroups = await this.getMembers();
|
||||
// OBTENER ROLES
|
||||
let roles = (await app.models.VnRole.find({
|
||||
fields: ['id', 'name', 'description'],
|
||||
order: 'modified DESC',
|
||||
limit: 2
|
||||
})).reduce((map, role) => {
|
||||
map.set(`${ROLE_PREFIX}${role.name}`, role);
|
||||
return map;
|
||||
}, new Map());
|
||||
const rolesKeys = Array.from(roles.keys());
|
||||
await this.getRoles();
|
||||
const rolesKeys = Array.from(this.roles.keys()).sort();
|
||||
// OBTENER LDAPSJS ROLES
|
||||
const ldapGroups = await this.adClient.searchAll(this.fullGroupsDn, {
|
||||
scope: 'sub',
|
||||
|
@ -272,99 +298,91 @@ class SambaHelper {
|
|||
map.set(`${group.cn}`, group);
|
||||
return map;
|
||||
}, new Map());
|
||||
const sambaRolesKeys = Array.from(sambaCurrentGroups.keys());// .map(({cn}) => cn);
|
||||
const sambaRolesKeys = Array.from(sambaCurrentGroups.keys()).sort();// .map(({cn}) => cn);
|
||||
// handleExecResponse(await this.sambaTool('group', ['list']))
|
||||
// .filter(group => group.startsWith(ROLE_PREFIX));
|
||||
|
||||
// Encontrar elementos a eliminar
|
||||
const rolesToDelete = differences(sambaRolesKeys, rolesKeys);
|
||||
|
||||
// Encontrar elementos a insertar
|
||||
const rolesToInsert = differences(rolesKeys, sambaRolesKeys);
|
||||
|
||||
this.rolesToInsert = [];
|
||||
// Encontrar elementos a actualizar
|
||||
const rolesToUpdate = differences(rolesKeys, [...rolesToDelete, ...rolesToInsert]);
|
||||
this.rolesToUpdate = [];
|
||||
for (const role of rolesKeys) {
|
||||
const exists = sambaCurrentGroups.get(role);
|
||||
if (!exists)
|
||||
this.rolesToHandler.toInsert.push(role);
|
||||
if (exists && exists.description !== this.roles.get(role).description)
|
||||
this.rolesToHandler.toUpdate.push(role);
|
||||
}
|
||||
// Encontrar elementos a eliminar
|
||||
this.rolesToDelete = differences(sambaRolesKeys, rolesKeys);
|
||||
|
||||
// OBTENER USUARIOS Y SUS ROLES
|
||||
if (
|
||||
rolesToDelete.length > 0 ||
|
||||
rolesToInsert.length > 0 ||
|
||||
rolesToUpdate.length > 0) {
|
||||
let users = await app.models.VnUser.find({
|
||||
include: {
|
||||
relation: 'role',
|
||||
scope: {fields: ['name'],
|
||||
where: {'name': {nin: rolesToDelete}}
|
||||
}
|
||||
},
|
||||
fields: ['name', 'roleFk'],
|
||||
// where: {'active': true}
|
||||
});
|
||||
let usersMap = toMap(users, user => {
|
||||
let role = user.role();
|
||||
if (!role) {
|
||||
console.info(`User ${user.name} has not valid role`);
|
||||
return;
|
||||
}
|
||||
return {key: `${ROLE_PREFIX}${role.name}`, val: user.name};
|
||||
});
|
||||
usersMap.set('group1', ['employee']);
|
||||
if (rolesToDelete.length > 0) {
|
||||
// PROCEDIMIENTO PARA ELIMINAR USUARIOS ASOCIADOS AL ROL
|
||||
let usersToUngroup = rolesToDelete.flatMap(role => {
|
||||
const exist = usersMap.get(role);
|
||||
this.users.set('group1', ['employee']);
|
||||
if (this.rolesToDelete.length > 0) {
|
||||
// PROCEDIMIENTO PARA ELIMINAR ROLES
|
||||
const resultsRoleDelete = await Promise.all(
|
||||
this.rolesToDelete.map(this.deleteRole)
|
||||
);
|
||||
printResults(resultsRoleDelete);
|
||||
}
|
||||
|
||||
if (exist) {
|
||||
return usersMap.get(role)?.map(
|
||||
user => this.removeMembers(role, user)
|
||||
);
|
||||
} else return [];
|
||||
}
|
||||
);
|
||||
const resultsUsersUngroup = await Promise.all(usersToUngroup);
|
||||
printResults(resultsUsersUngroup);
|
||||
if (this.rolesToInsert.length > 0) {
|
||||
// PROCEDIMIENTO PARA INSERTAR ROLES
|
||||
const resultsRoleInsert = await Promise.all(
|
||||
this.rolesToInsert.map(role => this.addRole(this.roles.get(role))));
|
||||
printResults(resultsRoleInsert);
|
||||
}
|
||||
|
||||
// PROCEDIMIENTO PARA ELIMINAR ROLES
|
||||
const resultsRoleDelete = await Promise.all(
|
||||
rolesToDelete.map(this.deleteRole)
|
||||
);
|
||||
printResults(resultsRoleDelete);
|
||||
}
|
||||
|
||||
if (rolesToInsert.length > 0) {
|
||||
// PROCEDIMIENTO PARA INSERTAR ROLES
|
||||
const resultsRoleInsert = await Promise.all(
|
||||
rolesToInsert.map(role => this.addRole(roles.get(role))));
|
||||
printResults(resultsRoleInsert);
|
||||
|
||||
// PROCEDIMIENTO PARA INSERTAR USUARIOS ASOCIADOS AL ROL
|
||||
let usersToGroup = rolesToInsert.flatMap(role => usersMap.get(role).map(
|
||||
user => this.addMembers(role, user)
|
||||
)
|
||||
);
|
||||
const resultsUserGroup = await Promise.all(usersToGroup);
|
||||
printResults(resultsUserGroup);
|
||||
}
|
||||
|
||||
if (rolesToUpdate.length > 0) {
|
||||
// OBTENER LDAPSJS MIEMBROS ROLES
|
||||
|
||||
for await (const role of rolesToUpdate) {
|
||||
// let roleHasUpdated = false;
|
||||
if (roles.get(role).$description != sambaCurrentGroups.get(role).description) {
|
||||
await this.deleteRole(role);
|
||||
await this.addRole(roles.get(role));
|
||||
// roleHasUpdated = true;
|
||||
}
|
||||
const users = usersMap.get(role);
|
||||
const currentUsers = this.handleRoleMembers(await this.getRoleMembers(role));
|
||||
if (currentUsers.length === 0 && users.length === 0) continue;
|
||||
await this.handleUsersRole(role, currentUsers, users);
|
||||
}
|
||||
if (this.rolesToUpdate.length > 0) {
|
||||
for await (const role of this.rolesToUpdate) {
|
||||
await this.deleteRole(role);
|
||||
await this.addRole(this.roles.get(role));
|
||||
}
|
||||
}
|
||||
}
|
||||
syncMembers() {
|
||||
async syncMembers() {
|
||||
// const baseDN = 'cn=Users,dc=verdnatura,dc=es';
|
||||
const ldapMembersGroups = await this.getMembers();
|
||||
// OBTENER USUARIOS Y SUS ROLES
|
||||
if (
|
||||
this.rolesToDelete.length > 0 ||
|
||||
this.rolesToInsert.length > 0 ||
|
||||
this.rolesToUpdate.length > 0)
|
||||
await this.getUsers();
|
||||
|
||||
// PROCEDIMIENTO PARA ELIMINAR USUARIOS ASOCIADOS AL ROL
|
||||
if (this.rolesToDelete.length > 0) {
|
||||
let usersToUngroup = this.rolesToDelete.flatMap(role => {
|
||||
const exist = this.users.get(role);
|
||||
|
||||
if (exist) {
|
||||
return this.users.get(role)?.map(
|
||||
user => this.removeMembers(role, user)
|
||||
);
|
||||
} else return [];
|
||||
}
|
||||
);
|
||||
const resultsUsersUngroup = await Promise.all(usersToUngroup);
|
||||
printResults(resultsUsersUngroup);
|
||||
}
|
||||
if (this.rolesToInsert.length > 0) {
|
||||
// PROCEDIMIENTO PARA INSERTAR USUARIOS ASOCIADOS AL ROL
|
||||
let usersToGroup = this.rolesToInsert.flatMap(role => this.users.get(role).map(
|
||||
user => this.addMembers(role, user)
|
||||
)
|
||||
);
|
||||
const resultsUserGroup = await Promise.all(usersToGroup);
|
||||
printResults(resultsUserGroup);
|
||||
}
|
||||
|
||||
if (this.rolesToUpdate.length > 0) {
|
||||
// OBTENER LDAPSJS MIEMBROS ROLES
|
||||
|
||||
for await (const role of this.rolesToUpdate) {
|
||||
const users = users.get(role);
|
||||
const currentUsers = this.handleRoleMembers(await this.getRoleMembers(role));
|
||||
if (currentUsers.length === 0 && users.length === 0) continue;
|
||||
await this.handleUsersRole(role, currentUsers, users);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue