WIP: #5770 - Sync Groups Samba #1946
|
@ -13,7 +13,6 @@ const UserAccountControlFlags = {
|
||||||
|
|
||||||
module.exports = Self => {
|
module.exports = Self => {
|
||||||
const shouldSync = process.env.NODE_ENV !== 'test';
|
const shouldSync = process.env.NODE_ENV !== 'test';
|
||||||
let sambaHandler = null;
|
|
||||||
|
|
||||||
Self.getLinker = async function() {
|
Self.getLinker = async function() {
|
||||||
return await Self.findOne({
|
return await Self.findOne({
|
||||||
|
@ -57,30 +56,6 @@ module.exports = Self => {
|
||||||
await this.adClient.unbind();
|
await this.adClient.unbind();
|
||||||
},
|
},
|
||||||
|
|
||||||
async sambaTool(command, args = []) {
|
|
||||||
let authArgs = [
|
|
||||||
'--URL', `ldaps://${this.adController}`,
|
|
||||||
'--simple-bind-dn', this.bindDn,
|
|
||||||
'--password', this.adPassword
|
|
||||||
];
|
|
||||||
if (!this.verifyCert)
|
|
||||||
authArgs.push('--option', 'tls verify peer = no_check');
|
|
||||||
|
|
||||||
const allArgs = [command].concat(
|
|
||||||
args, authArgs
|
|
||||||
);
|
|
||||||
|
|
||||||
if (!shouldSync) return;
|
|
||||||
return await new Promise((resolve, reject) => {
|
|
||||||
execFile('samba-tool', allArgs, (err, stdout, stderr) => {
|
|
||||||
if (err)
|
|
||||||
reject(err);
|
|
||||||
else
|
|
||||||
resolve({stdout, stderr});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
async getAdUser(userName) {
|
async getAdUser(userName) {
|
||||||
const sambaUser = await this.adClient.searchOne(this.fullUsersDn, {
|
const sambaUser = await this.adClient.searchOne(this.fullUsersDn, {
|
||||||
scope: 'sub',
|
scope: 'sub',
|
||||||
|
@ -108,7 +83,7 @@ module.exports = Self => {
|
||||||
|
|
||||||
if (info.hasAccount) {
|
if (info.hasAccount) {
|
||||||
if (!sambaUser) {
|
if (!sambaUser) {
|
||||||
await this.sambaTool('user', [
|
await this.sambaHandler.sambaTool('user', [
|
||||||
'create', userName,
|
'create', userName,
|
||||||
'--userou', this.userDn,
|
'--userou', this.userDn,
|
||||||
'--random-password'
|
'--random-password'
|
||||||
|
@ -116,7 +91,7 @@ module.exports = Self => {
|
||||||
sambaUser = await this.getAdUser(userName);
|
sambaUser = await this.getAdUser(userName);
|
||||||
}
|
}
|
||||||
if (password) {
|
if (password) {
|
||||||
await this.sambaTool('user', [
|
await this.sambaHandler.sambaTool('user', [
|
||||||
'setpassword', userName,
|
'setpassword', userName,
|
||||||
'--newpassword', password
|
'--newpassword', password
|
||||||
]);
|
]);
|
||||||
|
|
|
@ -6,9 +6,34 @@ const app = require('vn-loopback/server/server');
|
||||||
|
|
||||||
module.exports = class SambaHelper {
|
module.exports = class SambaHelper {
|
||||||
constructor(ctx) {
|
constructor(ctx) {
|
||||||
const {sambaTool, verifyCert, adPassword, adController, groupDn, userDn} = ctx;
|
const {verifyCert, adPassword, adController, groupDn, userDn} = ctx;
|
||||||
Object.assign(this, {...ctx, verifyCert, adPassword, adController, groupDn, userDn, sambaTool});
|
Object.assign(this, {...ctx, verifyCert, adPassword, adController, groupDn, userDn});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async sambaTool(command, args = []) {
|
||||||
|
let authArgs = [
|
||||||
|
'--URL', `ldaps://${this.adController}`,
|
||||||
|
'--simple-bind-dn', this.bindDn,
|
||||||
|
'--password', this.adPassword
|
||||||
|
];
|
||||||
|
if (!this.verifyCert)
|
||||||
|
authArgs.push('--option', 'tls verify peer = no_check');
|
||||||
|
|
||||||
|
const allArgs = [command].concat(
|
||||||
|
args, authArgs
|
||||||
|
);
|
||||||
|
|
||||||
|
if (!shouldSync) return;
|
||||||
|
return await new Promise((resolve, reject) => {
|
||||||
|
execFile('samba-tool', allArgs, (err, stdout, stderr) => {
|
||||||
|
if (err)
|
||||||
|
reject(err);
|
||||||
|
else
|
||||||
|
resolve({stdout, stderr});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
async getRoles() {
|
async getRoles() {
|
||||||
this.roles = (await app.models.VnRole.find({
|
this.roles = (await app.models.VnRole.find({
|
||||||
fields: ['id', 'name', 'description'],
|
fields: ['id', 'name', 'description'],
|
||||||
|
|
Loading…
Reference in New Issue