moparisthebest
/
kaiwa
mirror of https://github.com/moparisthebest/kaiwa
1
0
Fork 0
Code Issues Releases Wiki Activity

switch to node-ldapjs

This commit is contained in:
Sébastien Hut 2015-09-10 01:48:57 +02:00
parent 05c48cb74b
commit b5276418e2
4 changed files with 94 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Docker/Dockerfile
View File

@ -31,7 +31,7 @@ RUN sed -i 's/^#\s*\(deb.*universe\)$/\1/g' /etc/apt/sources.list && \
RUN locale-gen en_US && locale-gen en_US.UTF-8 && echo 'LANG="en_US.UTF-8"' > /etc/default/locale RUN locale-gen en_US && locale-gen en_US.UTF-8 && echo 'LANG="en_US.UTF-8"' > /etc/default/locale
RUN apt-get update && apt-get install -y --force-yes nodejs git-core libldap2-dev uuid-dev RUN apt-get update && apt-get install -y --force-yes nodejs git-core uuid-dev
RUN apt-get remove -y --force-yes nodejs && apt-get install -y --force-yes nodejs-legacy npm RUN apt-get remove -y --force-yes nodejs && apt-get install -y --force-yes nodejs-legacy npm

1
clientapp/models/ldapUsers.js
View File

@ -32,6 +32,7 @@ module.exports = BaseCollection.extend({
users = JSON.parse(users); users = JSON.parse(users);
users.forEach(function(user) { users.forEach(function(user) {
user.id = user.uid;
var existing = self.get(user.id); var existing = self.get(user.id);
if (!existing) { if (!existing) {
self.add(user); self.add(user);

2
package.json
View File

@ -24,7 +24,7 @@
"human-view": "1.8.0", "human-view": "1.8.0",
"jade": "1.8.2", "jade": "1.8.2",
"jxt": "^2.7.0", "jxt": "^2.7.0",
"LDAP": "1.2.1", "ldapjs": "0.7.1",
"moonboots-express": "2.x", "moonboots-express": "2.x",
"node-uuid": "^1.4.1", "node-uuid": "^1.4.1",
"notify.js": "0.0.3", "notify.js": "0.0.3",

186
server.js
View File

@ -6,7 +6,7 @@ var Moonboots = require('moonboots-express');
var config = require('getconfig'); var config = require('getconfig');
var templatizer = require('templatizer'); var templatizer = require('templatizer');
var async = require('async'); var async = require('async');
var LDAP = require('LDAP'); var LDAP = require('ldapjs');
String.prototype.capitalize = function() { String.prototype.capitalize = function() {
return this.charAt(0).toUpperCase() + this.slice(1); return this.charAt(0).toUpperCase() + this.slice(1);
@ -61,49 +61,41 @@ function connectLDAP(req, cb) {
var ldapDN = 'uid=' + req.body.uid + ',' + config.ldap.base; var ldapDN = 'uid=' + req.body.uid + ',' + config.ldap.base;
var ldapPW = req.body.password; var ldapPW = req.body.password;
var ldap = new LDAP({ uri: 'ldap://' + config.ldap.address, reconnect: false }); var client = LDAP.createClient({ url: 'ldap://' + config.ldap.address });
ldap.open(function(err) { function closeCb(client) {
if (err) { client.unbind();
console.log("LDAP: Can not connect to server on ldap://" + config.ldap.address); console.log("LDAP: Disconnected");
};
client.bind(ldapDN, ldapPW, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + ldapDN);
closeCb(client);
cb(true);
return;
}
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + ldapDN);
if (req.body.uid == config.server.admin && config.ldap.user && config.ldap.password) {
console.log("LDAP: " + ldapDN + " is XMPP admin");
client.bind(config.ldap.user, config.ldap.password, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + config.ldap.user);
closeCb(client);
cb(true); cb(true);
return; return;
} }
function closeCb(ldap) {
ldap.close();
console.log("LDAP: Disconnected");
}
ldap.simplebind({ binddn: ldapDN, password: ldapPW }, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + ldapDN);
closeCb(ldap);
cb(true);
return;
}
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + ldapDN);
if (req.body.uid == config.server.admin && config.ldap.user && config.ldap.password) {
console.log("LDAP: " + ldapDN + " is XMPP admin");
ldap.simplebind({ binddn: config.ldap.user, password: config.ldap.password }, function(err) {
if (err) {
console.log("LDAP: Can not connect to server with " + config.ldap.user);
closeCb(ldap);
cb(true);
return;
}
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + config.ldap.user);
cb(false, ldap, closeCb);
});
return;
}
cb(false, ldap, closeCb);
console.log("LDAP: Connected on ldap://" + config.ldap.address + " with " + config.ldap.user);
cb(false, client, closeCb);
}); });
return;
}
cb(false, client, closeCb);
}); });
} }
@ -111,24 +103,24 @@ app.post('/ldap/user/:id', function(req, res) {
var dn = 'uid=' + req.params.id.toLowerCase() + ',' + config.ldap.base; var dn = 'uid=' + req.params.id.toLowerCase() + ',' + config.ldap.base;
console.log('LDAP: Save user informations (' + dn + ')'); console.log('LDAP: Save user informations (' + dn + ')');
connectLDAP(req, function (err, ldap, closeCb) { connectLDAP(req, function (err, client, closeCb) {
if (err === false) { if (err === false) {
var changes = []; var changes = [];
if (req.body.cn != undefined) changes.push({ op: 'replace', attr: 'cn', vals: [ req.body.cn ] }); if (req.body.cn != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {cn: req.body.cn}}));
if (req.body.sn != undefined) changes.push({ op: 'replace', attr: 'sn', vals: [ req.body.sn ] }); if (req.body.sn != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {sn: req.body.sn}}));
if (req.body.givenName != undefined) changes.push({ op: 'replace', attr: 'givenName', vals: [ req.body.givenName ] }); if (req.body.givenName != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {givenName: req.body.givenName}}));
if (req.body.displayName != undefined) changes.push({ op: 'replace', attr: 'displayName', vals: [ req.body.displayName ] }); if (req.body.displayName != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {displayName: req.body.displayName}}));
if (req.body.mail != undefined) changes.push({ op: 'replace', attr: 'mail', vals: [ req.body.mail ] }); if (req.body.mail != undefined) changes.push(new LDAP.Change({ operation: 'replace', modification: {mail: req.body.mail}}));
ldap.modify(dn, changes, function (err) { client.modify(dn, changes, function (err) {
if (err) { if (err) {
console.log('LDAP: Impossible to change user informations (' + dn + ')'); console.log('LDAP: Impossible to change user informations (' + dn + ')');
console.log(err); console.log(err);
res.type('application/javascript'); res.type('application/javascript');
res.send(false); res.send(false);
closeCb(ldap); closeCb(client);
return; return;
} }
@ -136,7 +128,7 @@ app.post('/ldap/user/:id', function(req, res) {
res.type('application/javascript'); res.type('application/javascript');
res.send(true); res.send(true);
closeCb(ldap); closeCb(client);
}); });
} }
}); });
@ -147,19 +139,19 @@ app.post('/ldap/user/:id/password', function(req, res) {
var dn = 'uid=' + req.params.id.toLowerCase() + ',' + config.ldap.base; var dn = 'uid=' + req.params.id.toLowerCase() + ',' + config.ldap.base;
console.log('LDAP: Change user password (' + dn + ')'); console.log('LDAP: Change user password (' + dn + ')');
connectLDAP(req, function (err, ldap, closeCb) { connectLDAP(req, function (err, client, closeCb) {
if (err === false) { if (err === false) {
var changes = [{ op: 'replace', attr: 'userPassword', vals: [ req.body.newPassword ] }]; var changes = [new LDAP.Change({ operation: 'replace', modification: {userPassword: req.body.newPassword}})];
ldap.modify(dn, changes, function (err) { client.modify(dn, changes, function (err) {
if (err) { if (err) {
console.log('LDAP: Impossible to change user password (' + dn + ')'); console.log('LDAP: Impossible to change user password (' + dn + ')');
console.log(err); console.log(err);
res.type('application/javascript'); res.type('application/javascript');
res.send(false); res.send(false);
closeCb(ldap); closeCb(client);
return; return;
} }
@ -167,7 +159,7 @@ app.post('/ldap/user/:id/password', function(req, res) {
res.type('application/javascript'); res.type('application/javascript');
res.send(true); res.send(true);
closeCb(ldap); closeCb(client);
}); });
} }
}); });
@ -176,37 +168,43 @@ app.post('/ldap/user/:id/password', function(req, res) {
app.post('/ldap/users', function (req, res) { app.post('/ldap/users', function (req, res) {
console.log('LDAP: Get users list'); console.log('LDAP: Get users list');
connectLDAP(req, function (err, ldap, closeCb) { connectLDAP(req, function (err, client, closeCb) {
if (err === false) { if (err === false) {
var filter = config.ldap.filter; var filter = config.ldap.filter;
if (req.body.uid != config.server.admin) { if (req.body.uid != config.server.admin) {
var uid = 'uid=' + req.body.uid.toLowerCase(); var uid = 'uid=' + req.body.uid.toLowerCase();
filter = '(&(' + filter + ')(' + uid + '))'; filter = '(&(' + filter + ')(' + uid + '))';
} }
ldap.search({ base: config.ldap.base, filter: filter }, function(err, data) { var opts = {
filter: filter,
scope: 'sub',
attributes: ['uid', 'cn', 'sn', 'givenName', 'displayName', 'mail', 'objectClass'],
attrsOnly: true
};
client.search(config.ldap.base, opts, function(err, data) {
var users = new Array(); var users = new Array();
if (!err) { if (!err) {
data.forEach(function(el) { data.on('searchEntry', function(entry) {
var user = { var user = {};
id: el.uid[0], entry.attributes.forEach(function(attr) {
cn: el.cn ? el.cn[0] : '', user[attr.type] = attr.vals;
sn: el.sn ? el.sn[0] : '', if (attr.type !== 'objectClass') {
givenName: el.givenName ? el.givenName[0] : '', user[attr.type] = user[attr.type][0];
displayName: el.displayName ? el.displayName[0] : '', }
mail: el.mail ? el.mail[0] : '', });
objectClass: el.objectClass users.push(user);
}; });
users.push(user); data.on('end', function(result) {
res.type('application/javascript');
res.send(JSON.stringify(users));
console.log('LDAP: Users list sent');
closeCb(client);
}); });
} }
else { else {
console.log(err); console.log(err);
} }
res.type('application/javascript');
res.send(JSON.stringify(users));
console.log('LDAP: Users list sent');
closeCb(ldap);
}); });
} }
}); });
@ -216,43 +214,42 @@ app.post('/ldap/users', function (req, res) {
app.post('/ldap/users/add', function (req, res) { app.post('/ldap/users/add', function (req, res) {
console.log('LDAP: Add a new user'); console.log('LDAP: Add a new user');
connectLDAP(req, function (err, ldap, closeCb) { connectLDAP(req, function (err, client, closeCb) {
if (err === false || !req.body.newUid) { if (err === false || !req.body.newUid) {
var dn = 'uid=' + req.body.newUid.toLowerCase() + ',' + config.ldap.base; var dn = 'uid=' + req.body.newUid.toLowerCase() + ',' + config.ldap.base;
var attrs = [ var entry = {
{ attr: 'objectClass', vals: [ 'organizationalPerson', 'person', 'inetOrgPerson'] }, objectClass: [ 'organizationalPerson', 'person', 'inetOrgPerson'],
{ attr: 'cn', vals: [ req.body.newUid.capitalize() ] }, cn: req.body.newUid.capitalize(),
{ attr: 'sn', vals: [ req.body.newUid.capitalize() ] }, sn: req.body.newUid.capitalize(),
{ attr: 'givenName', vals: [ req.body.newUid.capitalize() ] }, givenName: req.body.newUid.capitalize(),
{ attr: 'displayName', vals: [ req.body.newUid.capitalize() ] }, displayName: req.body.newUid.capitalize(),
{ attr: 'userPassword', vals: [ req.body.newUid.toLowerCase() ] } userPassword: req.body.newUid.toLowerCase()
]; };
ldap.add(dn, attrs, function (err) { client.add(dn, entry, function (err) {
if (err) { if (err) {
console.log('LDAP: Impossible to add a new user (' + dn + ')'); console.log('LDAP: Impossible to add a new user (' + dn + ')');
console.log(err); console.log(err);
res.type('application/javascript'); res.type('application/javascript');
res.send(false); res.send(false);
closeCb(ldap); closeCb(client);
return; return;
} }
if (config.ldap.group) { if (config.ldap.group) {
var changes = [ var changes = [
{ op: 'add', { operation: 'add',
attr: 'member', modification: {member: dn }
vals: [ dn ]
} }
]; ];
ldap.modify(config.ldap.group, changes, function (err) { client.modify(config.ldap.group, changes, function (err) {
if (err) console.log(err); if (err) console.log(err);
console.log('LDAP: New user added (' + dn + ')'); console.log('LDAP: New user added (' + dn + ')');
res.type('application/javascript'); res.type('application/javascript');
res.send(true); res.send(true);
closeCb(ldap); closeCb(client);
}); });
} }
@ -265,35 +262,34 @@ app.post('/ldap/users/add', function (req, res) {
app.post('/ldap/users/delete', function (req, res) { app.post('/ldap/users/delete', function (req, res) {
console.log('LDAP: Remove a user'); console.log('LDAP: Remove a user');
connectLDAP(req, function (err, ldap, closeCb) { connectLDAP(req, function (err, client, closeCb) {
if (err === false || !req.body.removeUid) { if (err === false || !req.body.removeUid) {
var dn = 'uid=' + req.body.removeUid.toLowerCase() + ',' + config.ldap.base; var dn = 'uid=' + req.body.removeUid.toLowerCase() + ',' + config.ldap.base;
ldap.remove(dn, function (err) { client.del(dn, function (err) {
if (err) { if (err) {
console.log('LDAP: Impossible to remove this user (' + dn + ')'); console.log('LDAP: Impossible to remove this user (' + dn + ')');
console.log(err); console.log(err);
res.type('application/javascript'); res.type('application/javascript');
res.send(false); res.send(false);
closeCb(ldap); closeCb(client);
return; return;
} }
if (config.ldap.group) { if (config.ldap.group) {
var changes = [ var changes = [
{ op: 'delete', { operation: 'delete',
attr: 'member', modification: {member: dn }
vals: [ dn ]
} }
]; ];
ldap.modify(config.ldap.group, changes, function (err) { client.modify(config.ldap.group, changes, function (err) {
if (err) console.log(err); if (err) console.log(err);
console.log('LDAP: User removed (' + dn + ')'); console.log('LDAP: User removed (' + dn + ')');
res.type('application/javascript'); res.type('application/javascript');
res.send(true); res.send(true);
closeCb(ldap); closeCb(client);
}); });
} }