better account creation
This commit is contained in:
parent
be04dd6156
commit
f7e55b9ab1
@ -2,6 +2,7 @@ package main
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"log"
|
"log"
|
||||||
|
"sync"
|
||||||
|
|
||||||
"github.com/spf13/viper"
|
"github.com/spf13/viper"
|
||||||
)
|
)
|
||||||
@ -31,6 +32,8 @@ type Config struct {
|
|||||||
Key string
|
Key string
|
||||||
Cert string
|
Cert string
|
||||||
Port string
|
Port string
|
||||||
|
MaxID int
|
||||||
|
lock sync.Mutex
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateConfigEntry(entry string, name string) bool {
|
func validateConfigEntry(entry string, name string) bool {
|
||||||
|
58
ldap.go
58
ldap.go
@ -4,6 +4,7 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
"github.com/go-ldap/ldap"
|
"github.com/go-ldap/ldap"
|
||||||
)
|
)
|
||||||
@ -30,6 +31,10 @@ func createLDAPAccount(uname string, pwd string, email string) error {
|
|||||||
addReq.Attribute("cn", []string{uname})
|
addReq.Attribute("cn", []string{uname})
|
||||||
addReq.Attribute("mail", []string{email})
|
addReq.Attribute("mail", []string{email})
|
||||||
addReq.Attribute("sn", []string{"The Nameless"})
|
addReq.Attribute("sn", []string{"The Nameless"})
|
||||||
|
addReq.Attribute("givenName", []string{uname})
|
||||||
|
addReq.Attribute("employeeType", []string{"default"})
|
||||||
|
addReq.Attribute("employeeNumber", []string{strconv.Itoa(getNextId())})
|
||||||
|
addReq.Attribute("displayName", []string{uname})
|
||||||
|
|
||||||
if err := l.Add(addReq); err != nil {
|
if err := l.Add(addReq); err != nil {
|
||||||
log.Printf("error adding service:", addReq, err)
|
log.Printf("error adding service:", addReq, err)
|
||||||
@ -162,3 +167,56 @@ func findLDAPAccountByEmail(email string) (string, error) {
|
|||||||
|
|
||||||
return entry.GetAttributeValue(Conf.Ldap.UserAttr), nil
|
return entry.GetAttributeValue(Conf.Ldap.UserAttr), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func findLDAPMaxID() (int, error) {
|
||||||
|
url := Conf.Ldap.Url
|
||||||
|
binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc)
|
||||||
|
basedn := fmt.Sprintf("%v,%v", Conf.Ldap.UserOu, Conf.Ldap.LdapDc)
|
||||||
|
|
||||||
|
l, err := ldap.DialURL(url)
|
||||||
|
if err != nil {
|
||||||
|
return -1, err
|
||||||
|
}
|
||||||
|
defer l.Close()
|
||||||
|
err = l.Bind(binddn, Conf.Ldap.LdapPass)
|
||||||
|
if err != nil {
|
||||||
|
return -1, err
|
||||||
|
}
|
||||||
|
result, err := l.Search(ldap.NewSearchRequest(
|
||||||
|
basedn,
|
||||||
|
ldap.ScopeWholeSubtree,
|
||||||
|
ldap.NeverDerefAliases,
|
||||||
|
0,
|
||||||
|
0,
|
||||||
|
false,
|
||||||
|
fmt.Sprintf("(&(objectClass=organizationalPerson)(employeeNumber=*))"),
|
||||||
|
[]string{"employeeNumber"},
|
||||||
|
nil,
|
||||||
|
))
|
||||||
|
if err != nil {
|
||||||
|
return -1, err
|
||||||
|
}
|
||||||
|
maxId := 0
|
||||||
|
for _, entry := range result.Entries {
|
||||||
|
i, err := strconv.Atoi(entry.GetAttributeValue("employeeNumber"))
|
||||||
|
if err != nil {
|
||||||
|
return -1, err
|
||||||
|
}
|
||||||
|
if i > maxId {
|
||||||
|
maxId = i
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return maxId + 1, nil
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func getNextId() int {
|
||||||
|
if Conf.MaxID == 0 {
|
||||||
|
return -1
|
||||||
|
}
|
||||||
|
Conf.lock.Lock()
|
||||||
|
i := Conf.MaxID
|
||||||
|
Conf.MaxID = Conf.MaxID + 1
|
||||||
|
Conf.lock.Unlock()
|
||||||
|
return i
|
||||||
|
}
|
||||||
|
10
main.go
10
main.go
@ -34,8 +34,16 @@ func main() {
|
|||||||
router.HandleFunc("/reseterror", resetErrorPage).Methods("GET")
|
router.HandleFunc("/reseterror", resetErrorPage).Methods("GET")
|
||||||
log.Printf("Registering templates from %v/\n", Conf.TplPath)
|
log.Printf("Registering templates from %v/\n", Conf.TplPath)
|
||||||
tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*"))
|
tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*"))
|
||||||
|
log.Println("Performing LDAP checks")
|
||||||
|
log.Println("Loading max employeeNumber for account creation")
|
||||||
|
i, err := findLDAPMaxID()
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("WARN: Unable to calculate max employeeNumber: %v\n", err)
|
||||||
|
} else {
|
||||||
|
Conf.MaxID = i
|
||||||
|
log.Printf("Max employeeNumber set to %v\n", Conf.MaxID)
|
||||||
|
}
|
||||||
log.Printf("Guildgate starting on %v\n", Conf.Port)
|
log.Printf("Guildgate starting on %v\n", Conf.Port)
|
||||||
var err error
|
|
||||||
if Conf.Tls {
|
if Conf.Tls {
|
||||||
log.Printf("Starting TLS\n")
|
log.Printf("Starting TLS\n")
|
||||||
if Conf.Cert == "" {
|
if Conf.Cert == "" {
|
||||||
|
Loading…
Reference in New Issue
Block a user