better account creation

This commit is contained in:
stryan 2020-09-24 16:14:54 -04:00
parent be04dd6156
commit f7e55b9ab1
3 changed files with 70 additions and 1 deletions

View File

@ -2,6 +2,7 @@ package main
import ( import (
"log" "log"
"sync"
"github.com/spf13/viper" "github.com/spf13/viper"
) )
@ -31,6 +32,8 @@ type Config struct {
Key string Key string
Cert string Cert string
Port string Port string
MaxID int
lock sync.Mutex
} }
func validateConfigEntry(entry string, name string) bool { func validateConfigEntry(entry string, name string) bool {

58
ldap.go
View File

@ -4,6 +4,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"log" "log"
"strconv"
"github.com/go-ldap/ldap" "github.com/go-ldap/ldap"
) )
@ -30,6 +31,10 @@ func createLDAPAccount(uname string, pwd string, email string) error {
addReq.Attribute("cn", []string{uname}) addReq.Attribute("cn", []string{uname})
addReq.Attribute("mail", []string{email}) addReq.Attribute("mail", []string{email})
addReq.Attribute("sn", []string{"The Nameless"}) addReq.Attribute("sn", []string{"The Nameless"})
addReq.Attribute("givenName", []string{uname})
addReq.Attribute("employeeType", []string{"default"})
addReq.Attribute("employeeNumber", []string{strconv.Itoa(getNextId())})
addReq.Attribute("displayName", []string{uname})
if err := l.Add(addReq); err != nil { if err := l.Add(addReq); err != nil {
log.Printf("error adding service:", addReq, err) log.Printf("error adding service:", addReq, err)
@ -162,3 +167,56 @@ func findLDAPAccountByEmail(email string) (string, error) {
return entry.GetAttributeValue(Conf.Ldap.UserAttr), nil return entry.GetAttributeValue(Conf.Ldap.UserAttr), nil
} }
func findLDAPMaxID() (int, error) {
url := Conf.Ldap.Url
binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc)
basedn := fmt.Sprintf("%v,%v", Conf.Ldap.UserOu, Conf.Ldap.LdapDc)
l, err := ldap.DialURL(url)
if err != nil {
return -1, err
}
defer l.Close()
err = l.Bind(binddn, Conf.Ldap.LdapPass)
if err != nil {
return -1, err
}
result, err := l.Search(ldap.NewSearchRequest(
basedn,
ldap.ScopeWholeSubtree,
ldap.NeverDerefAliases,
0,
0,
false,
fmt.Sprintf("(&(objectClass=organizationalPerson)(employeeNumber=*))"),
[]string{"employeeNumber"},
nil,
))
if err != nil {
return -1, err
}
maxId := 0
for _, entry := range result.Entries {
i, err := strconv.Atoi(entry.GetAttributeValue("employeeNumber"))
if err != nil {
return -1, err
}
if i > maxId {
maxId = i
}
}
return maxId + 1, nil
}
func getNextId() int {
if Conf.MaxID == 0 {
return -1
}
Conf.lock.Lock()
i := Conf.MaxID
Conf.MaxID = Conf.MaxID + 1
Conf.lock.Unlock()
return i
}

10
main.go
View File

@ -34,8 +34,16 @@ func main() {
router.HandleFunc("/reseterror", resetErrorPage).Methods("GET") router.HandleFunc("/reseterror", resetErrorPage).Methods("GET")
log.Printf("Registering templates from %v/\n", Conf.TplPath) log.Printf("Registering templates from %v/\n", Conf.TplPath)
tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*")) tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*"))
log.Println("Performing LDAP checks")
log.Println("Loading max employeeNumber for account creation")
i, err := findLDAPMaxID()
if err != nil {
log.Printf("WARN: Unable to calculate max employeeNumber: %v\n", err)
} else {
Conf.MaxID = i
log.Printf("Max employeeNumber set to %v\n", Conf.MaxID)
}
log.Printf("Guildgate starting on %v\n", Conf.Port) log.Printf("Guildgate starting on %v\n", Conf.Port)
var err error
if Conf.Tls { if Conf.Tls {
log.Printf("Starting TLS\n") log.Printf("Starting TLS\n")
if Conf.Cert == "" { if Conf.Cert == "" {