From f7e55b9ab19d176952adbbe800479314855708d9 Mon Sep 17 00:00:00 2001 From: Steve Date: Thu, 24 Sep 2020 16:14:54 -0400 Subject: [PATCH] better account creation --- config.go | 3 +++ ldap.go | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ main.go | 10 +++++++++- 3 files changed, 70 insertions(+), 1 deletion(-) diff --git a/config.go b/config.go index 1b1a5f8..5c93eae 100644 --- a/config.go +++ b/config.go @@ -2,6 +2,7 @@ package main import ( "log" + "sync" "github.com/spf13/viper" ) @@ -31,6 +32,8 @@ type Config struct { Key string Cert string Port string + MaxID int + lock sync.Mutex } func validateConfigEntry(entry string, name string) bool { diff --git a/ldap.go b/ldap.go index 78ca3bb..1726be3 100644 --- a/ldap.go +++ b/ldap.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "log" + "strconv" "github.com/go-ldap/ldap" ) @@ -30,6 +31,10 @@ func createLDAPAccount(uname string, pwd string, email string) error { addReq.Attribute("cn", []string{uname}) addReq.Attribute("mail", []string{email}) addReq.Attribute("sn", []string{"The Nameless"}) + addReq.Attribute("givenName", []string{uname}) + addReq.Attribute("employeeType", []string{"default"}) + addReq.Attribute("employeeNumber", []string{strconv.Itoa(getNextId())}) + addReq.Attribute("displayName", []string{uname}) if err := l.Add(addReq); err != nil { log.Printf("error adding service:", addReq, err) @@ -162,3 +167,56 @@ func findLDAPAccountByEmail(email string) (string, error) { return entry.GetAttributeValue(Conf.Ldap.UserAttr), nil } + +func findLDAPMaxID() (int, error) { + url := Conf.Ldap.Url + binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc) + basedn := fmt.Sprintf("%v,%v", Conf.Ldap.UserOu, Conf.Ldap.LdapDc) + + l, err := ldap.DialURL(url) + if err != nil { + return -1, err + } + defer l.Close() + err = l.Bind(binddn, Conf.Ldap.LdapPass) + if err != nil { + return -1, err + } + result, err := l.Search(ldap.NewSearchRequest( + basedn, + ldap.ScopeWholeSubtree, + ldap.NeverDerefAliases, + 0, + 0, + false, + fmt.Sprintf("(&(objectClass=organizationalPerson)(employeeNumber=*))"), + []string{"employeeNumber"}, + nil, + )) + if err != nil { + return -1, err + } + maxId := 0 + for _, entry := range result.Entries { + i, err := strconv.Atoi(entry.GetAttributeValue("employeeNumber")) + if err != nil { + return -1, err + } + if i > maxId { + maxId = i + } + } + return maxId + 1, nil + +} + +func getNextId() int { + if Conf.MaxID == 0 { + return -1 + } + Conf.lock.Lock() + i := Conf.MaxID + Conf.MaxID = Conf.MaxID + 1 + Conf.lock.Unlock() + return i +} diff --git a/main.go b/main.go index f8d20a6..8728b9c 100644 --- a/main.go +++ b/main.go @@ -34,8 +34,16 @@ func main() { router.HandleFunc("/reseterror", resetErrorPage).Methods("GET") log.Printf("Registering templates from %v/\n", Conf.TplPath) tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*")) + log.Println("Performing LDAP checks") + log.Println("Loading max employeeNumber for account creation") + i, err := findLDAPMaxID() + if err != nil { + log.Printf("WARN: Unable to calculate max employeeNumber: %v\n", err) + } else { + Conf.MaxID = i + log.Printf("Max employeeNumber set to %v\n", Conf.MaxID) + } log.Printf("Guildgate starting on %v\n", Conf.Port) - var err error if Conf.Tls { log.Printf("Starting TLS\n") if Conf.Cert == "" {