moparisthebest
/
kaiwa
mirror of https://github.com/moparisthebest/kaiwa
1
0
Fork 0
Code Issues Releases Wiki Activity

switch to node-ldapjs

This commit is contained in:
Sébastien Hut 2015-09-10 01:48:57 +02:00
parent 05c48cb74b
commit b5276418e2
4 changed files with 94 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Docker/Dockerfile
View File

@ -31,7 +31,7 @@ RUN sed -i 's/^#\s*\(deb.*universe\)$/\1/g' /etc/apt/sources.list && \
RUN locale-gen en_US && locale-gen en_US.UTF-8 && echo 'LANG="en_US.UTF-8"' > /etc/default/locale
RUN apt-get update && apt-get install -y --force-yes nodejs git-core libldap2-dev uuid-dev
RUN apt-get update && apt-get install -y --force-yes nodejs git-core uuid-dev
RUN apt-get remove -y --force-yes nodejs && apt-get install -y --force-yes nodejs-legacy npm

1
clientapp/models/ldapUsers.js
View File

@ -32,6 +32,7 @@ module.exports = BaseCollection.extend({
users = JSON.parse(users);
users.forEach(function(user) {
user.id = user.uid;
var existing = self.get(user.id);
if (!existing) {
self.add(user);

2
package.json
View File

@ -24,7 +24,7 @@
"human-view": "1.8.0",
"jade": "1.8.2",
"jxt": "^2.7.0",
"LDAP": "1.2.1",
"ldapjs": "0.7.1",
"moonboots-express": "2.x",
"node-uuid": "^1.4.1",
"notify.js": "0.0.3",

186
server.js
View File

@ -6,7 +6,7 @@ var Moonboots = require('moonboots-express');
var config = require('getconfig');
var templatizer = require('templatizer');
var async = require('async');
var LDAP = require('LDAP');
var LDAP = require('ldapjs');
String.prototype.capitalize = function() {
return this.charAt(0).toUpperCase() + this.slice(1);
@ -61,49 +61,41 @@ function connectLDAP(req, cb) {
var ldapDN = 'uid=' + req.body.uid + ',' + config.ldap.base;
var ldapPW = req.body.password;
var ldap = new LDAP({ uri: 'ldap://' + config.ldap.address, reconnect: false });
var client = LDAP.createClient({ url: 'ldap://' + config.ldap.address });
ldap.open(function(err) {
if (err) {
console.log("LDAP: Can not connect to server on ldap://" + config.ldap.address);
function closeCb(client) {
client.unbind();
console.log("LDAP: Disconnected");
};
client.bind(ldapDN, ldapPW, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + ldapDN);
closeCb(client);
cb(true);
return;
}
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + ldapDN);
if (req.body.uid == config.server.admin && config.ldap.user && config.ldap.password) {
console.log("LDAP: " + ldapDN + " is XMPP admin");
client.bind(config.ldap.user, config.ldap.password, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + config.ldap.user);
closeCb(client);
cb(true);
return;
}
function closeCb(ldap) {
ldap.close();
console.log("LDAP: Disconnected");
}
ldap.simplebind({ binddn: ldapDN, password: ldapPW }, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + ldapDN);
closeCb(ldap);
cb(true);
return;
}
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + ldapDN);
if (req.body.uid == config.server.admin && config.ldap.user && config.ldap.password) {
console.log("LDAP: " + ldapDN + " is XMPP admin");
ldap.simplebind({ binddn: config.ldap.user, password: config.ldap.password }, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + config.ldap.user);
closeCb(ldap);
cb(true);
return;
}
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + config.ldap.user);
cb(false, ldap, closeCb);
});
return;
}
cb(false, ldap, closeCb);
}
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + config.ldap.user);
cb(false, client, closeCb);
});
return;
}
cb(false, client, closeCb);
});
}
@ -111,24 +103,24 @@ app.post('/ldap/user/:id', function(req, res) {
var dn = 'uid=' + req.params.id.toLowerCase() + ',' + config.ldap.base;
console.log('LDAP: Save user informations (' + dn + ')');
connectLDAP(req, function (err, ldap, closeCb) {
connectLDAP(req, function (err, client, closeCb) {
if (err === false) {
var changes = [];
if (req.body.cn != undefined) changes.push({ op: 'replace', attr: 'cn', vals: [ req.body.cn ] });
if (req.body.sn != undefined) changes.push({ op: 'replace', attr: 'sn', vals: [ req.body.sn ] });
if (req.body.givenName != undefined) changes.push({ op: 'replace', attr: 'givenName', vals: [ req.body.givenName ] });
if (req.body.displayName != undefined) changes.push({ op: 'replace', attr: 'displayName', vals: [ req.body.displayName ] });
if (req.body.mail != undefined) changes.push({ op: 'replace', attr: 'mail', vals: [ req.body.mail ] });
if (req.body.cn != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {cn: req.body.cn}}));
if (req.body.sn != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {sn: req.body.sn}}));
if (req.body.givenName != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {givenName: req.body.givenName}}));
if (req.body.displayName != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {displayName: req.body.displayName}}));
if (req.body.mail != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {mail: req.body.mail}}));
ldap.modify(dn, changes, function (err) {
client.modify(dn, changes, function (err) {
if (err) {
console.log('LDAP: Impossible to change user informations (' + dn + ')');
console.log(err);
res.type('application/javascript');
res.send(false);
closeCb(ldap);
closeCb(client);
return;
}
@ -136,7 +128,7 @@ app.post('/ldap/user/:id', function(req, res) {
res.type('application/javascript');
res.send(true);
closeCb(ldap);
closeCb(client);
});
}
});
@ -147,19 +139,19 @@ app.post('/ldap/user/:id/password', function(req, res) {
var dn = 'uid=' + req.params.id.toLowerCase() + ',' + config.ldap.base;
console.log('LDAP: Change user password (' + dn + ')');
connectLDAP(req, function (err, ldap, closeCb) {
connectLDAP(req, function (err, client, closeCb) {
if (err === false) {
var changes = [{ op: 'replace', attr: 'userPassword', vals: [ req.body.newPassword ] }];
var changes = [new LDAP.Change({ operation: 'replace', modification: {userPassword: req.body.newPassword}})];
ldap.modify(dn, changes, function (err) {
client.modify(dn, changes, function (err) {
if (err) {
console.log('LDAP: Impossible to change user password (' + dn + ')');
console.log(err);
res.type('application/javascript');
res.send(false);
closeCb(ldap);
closeCb(client);
return;
}
@ -167,7 +159,7 @@ app.post('/ldap/user/:id/password', function(req, res) {
res.type('application/javascript');
res.send(true);
closeCb(ldap);
closeCb(client);
});
}
});
@ -176,37 +168,43 @@ app.post('/ldap/user/:id/password', function(req, res) {
app.post('/ldap/users', function (req, res) {
console.log('LDAP: Get users list');
connectLDAP(req, function (err, ldap, closeCb) {
connectLDAP(req, function (err, client, closeCb) {
if (err === false) {
var filter = config.ldap.filter;
if (req.body.uid != config.server.admin) {
var uid = 'uid=' + req.body.uid.toLowerCase();
filter = '(&(' + filter + ')(' + uid + '))';
}
ldap.search({ base: config.ldap.base, filter: filter }, function(err, data) {
var opts = {
filter: filter,
scope: 'sub',
attributes: ['uid', 'cn', 'sn', 'givenName', 'displayName', 'mail', 'objectClass'],
attrsOnly: true
};
client.search(config.ldap.base, opts, function(err, data) {
var users = new Array();
if (!err) {
data.forEach(function(el) {
var user = {
id: el.uid[0],
cn: el.cn ? el.cn[0] : '',
sn: el.sn ? el.sn[0] : '',
givenName: el.givenName ? el.givenName[0] : '',
displayName: el.displayName ? el.displayName[0] : '',
mail: el.mail ? el.mail[0] : '',
objectClass: el.objectClass
};
users.push(user);
data.on('searchEntry', function(entry) {
var user = {};
entry.attributes.forEach(function(attr) {
user[attr.type] = attr.vals;
if (attr.type !== 'objectClass') {
user[attr.type] = user[attr.type][0];
}
});
users.push(user);
});
data.on('end', function(result) {
res.type('application/javascript');
res.send(JSON.stringify(users));
console.log('LDAP: Users list sent');
closeCb(client);
});
}
else {
console.log(err);
}
res.type('application/javascript');
res.send(JSON.stringify(users));
console.log('LDAP: Users list sent');
closeCb(ldap);
});
}
});
@ -216,43 +214,42 @@ app.post('/ldap/users', function (req, res) {
app.post('/ldap/users/add', function (req, res) {
console.log('LDAP: Add a new user');
connectLDAP(req, function (err, ldap, closeCb) {
connectLDAP(req, function (err, client, closeCb) {
if (err === false || !req.body.newUid) {
var dn = 'uid=' + req.body.newUid.toLowerCase() + ',' + config.ldap.base;
var attrs = [
{ attr: 'objectClass', vals: [ 'organizationalPerson', 'person', 'inetOrgPerson'] },
{ attr: 'cn', vals: [ req.body.newUid.capitalize() ] },
{ attr: 'sn', vals: [ req.body.newUid.capitalize() ] },
{ attr: 'givenName', vals: [ req.body.newUid.capitalize() ] },
{ attr: 'displayName', vals: [ req.body.newUid.capitalize() ] },
{ attr: 'userPassword', vals: [ req.body.newUid.toLowerCase() ] }
];
ldap.add(dn, attrs, function (err) {
var entry = {
objectClass: [ 'organizationalPerson', 'person', 'inetOrgPerson'],
cn: req.body.newUid.capitalize(),
sn: req.body.newUid.capitalize(),
givenName: req.body.newUid.capitalize(),
displayName: req.body.newUid.capitalize(),
userPassword: req.body.newUid.toLowerCase()
};
client.add(dn, entry, function (err) {
if (err) {
console.log('LDAP: Impossible to add a new user (' + dn + ')');
console.log(err);
res.type('application/javascript');
res.send(false);
closeCb(ldap);
closeCb(client);
return;
}
if (config.ldap.group) {
var changes = [
{ op: 'add',
attr: 'member',
vals: [ dn ]
{ operation: 'add',
modification: {member: dn }
}
];
ldap.modify(config.ldap.group, changes, function (err) {
client.modify(config.ldap.group, changes, function (err) {
if (err) console.log(err);
console.log('LDAP: New user added (' + dn + ')');
res.type('application/javascript');
res.send(true);
closeCb(ldap);
closeCb(client);
});
}
@ -265,35 +262,34 @@ app.post('/ldap/users/add', function (req, res) {
app.post('/ldap/users/delete', function (req, res) {
console.log('LDAP: Remove a user');
connectLDAP(req, function (err, ldap, closeCb) {
connectLDAP(req, function (err, client, closeCb) {
if (err === false || !req.body.removeUid) {
var dn = 'uid=' + req.body.removeUid.toLowerCase() + ',' + config.ldap.base;
ldap.remove(dn, function (err) {
client.del(dn, function (err) {
if (err) {
console.log('LDAP: Impossible to remove this user (' + dn + ')');
console.log(err);
res.type('application/javascript');
res.send(false);
closeCb(ldap);
closeCb(client);
return;
}
if (config.ldap.group) {
var changes = [
{ op: 'delete',
attr: 'member',
vals: [ dn ]
{ operation: 'delete',
modification: {member: dn }
}
];
ldap.modify(config.ldap.group, changes, function (err) {
client.modify(config.ldap.group, changes, function (err) {
if (err) console.log(err);
console.log('LDAP: User removed (' + dn + ')');
res.type('application/javascript');
res.send(true);
closeCb(ldap);
closeCb(client);
});
}