better account creation

2020-09-24 16:14:54 -04:00 · 2020-09-24 16:14:54 -04:00 · f7e55b9ab1
commit f7e55b9ab1
parent be04dd6156
3 changed files with 70 additions and 1 deletions
--- a/config.go
+++ b/config.go
@ -2,6 +2,7 @@ package main

 import (
 	"log"
+	"sync"

 	"github.com/spf13/viper"
 )
@ -31,6 +32,8 @@ type Config struct {
 	Key     string
 	Cert    string
 	Port    string
+	MaxID   int
+	lock    sync.Mutex
 }

 func validateConfigEntry(entry string, name string) bool {
--- a/ldap.go
+++ b/ldap.go
@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"log"
+	"strconv"

 	"github.com/go-ldap/ldap"
 )
@ -30,6 +31,10 @@ func createLDAPAccount(uname string, pwd string, email string) error {
 	addReq.Attribute("cn", []string{uname})
 	addReq.Attribute("mail", []string{email})
 	addReq.Attribute("sn", []string{"The Nameless"})
+	addReq.Attribute("givenName", []string{uname})
+	addReq.Attribute("employeeType", []string{"default"})
+	addReq.Attribute("employeeNumber", []string{strconv.Itoa(getNextId())})
+	addReq.Attribute("displayName", []string{uname})

 	if err := l.Add(addReq); err != nil {
 		log.Printf("error adding service:", addReq, err)
@ -162,3 +167,56 @@ func findLDAPAccountByEmail(email string) (string, error) {

 	return entry.GetAttributeValue(Conf.Ldap.UserAttr), nil
 }
+
+func findLDAPMaxID() (int, error) {
+	url := Conf.Ldap.Url
+	binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc)
+	basedn := fmt.Sprintf("%v,%v", Conf.Ldap.UserOu, Conf.Ldap.LdapDc)
+
+	l, err := ldap.DialURL(url)
+	if err != nil {
+		return -1, err
+	}
+	defer l.Close()
+	err = l.Bind(binddn, Conf.Ldap.LdapPass)
+	if err != nil {
+		return -1, err
+	}
+	result, err := l.Search(ldap.NewSearchRequest(
+		basedn,
+		ldap.ScopeWholeSubtree,
+		ldap.NeverDerefAliases,
+		0,
+		0,
+		false,
+		fmt.Sprintf("(&(objectClass=organizationalPerson)(employeeNumber=*))"),
+		[]string{"employeeNumber"},
+		nil,
+	))
+	if err != nil {
+		return -1, err
+	}
+	maxId := 0
+	for _, entry := range result.Entries {
+		i, err := strconv.Atoi(entry.GetAttributeValue("employeeNumber"))
+		if err != nil {
+			return -1, err
+		}
+		if i > maxId {
+			maxId = i
+		}
+	}
+	return maxId + 1, nil
+
+}
+
+func getNextId() int {
+	if Conf.MaxID == 0 {
+		return -1
+	}
+	Conf.lock.Lock()
+	i := Conf.MaxID
+	Conf.MaxID = Conf.MaxID + 1
+	Conf.lock.Unlock()
+	return i
+}
--- a/main.go
+++ b/main.go
@ -34,8 +34,16 @@ func main() {
 	router.HandleFunc("/reseterror", resetErrorPage).Methods("GET")
 	log.Printf("Registering templates from %v/\n", Conf.TplPath)
 	tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*"))
+	log.Println("Performing LDAP checks")
+	log.Println("Loading max employeeNumber for account creation")
+	i, err := findLDAPMaxID()
+	if err != nil {
+		log.Printf("WARN: Unable to calculate max employeeNumber: %v\n", err)
+	} else {
+		Conf.MaxID = i
+		log.Printf("Max employeeNumber set to %v\n", Conf.MaxID)
+	}
 	log.Printf("Guildgate starting on %v\n", Conf.Port)
-	var err error
 	if Conf.Tls {
 		log.Printf("Starting TLS\n")
 		if Conf.Cert == "" {