Skip LDAP user creation if not sync'ed

README.md

@@ -8,13 +8,13 @@ It's built with Golang + EmberJS and compiled down to a single executable binary
 
 All you need to provide is your database -- PostgreSQL, Microsoft SQL Server or any MySQL variant.
 
-![Documize Community](screenshot-1.png "Documize Community")
+![Documize Community](screenshot-1.png)
 
 ## Latest Release
 
-[Community edition: v4.2.0](https://github.com/documize/community/releases)
+[Community edition: v4.2.1](https://github.com/documize/community/releases)
 
-[Community+ edition: v4.2.0](https://www.documize.com/community/downloads)
+[Community+ edition: v4.2.1](https://www.documize.com/community/downloads)
 
 The Community+ edition is the "Enterprise" offering with advanced capabilities and customer support:
 

domain/auth/ldap/endpoint.go

@@ -327,21 +327,16 @@ func (h *Handler) Authenticate(w http.ResponseWriter, r *http.Request) {
 			h.Runtime.Log.Error(method, err)
 			return
 		}
-
-		// Create user account if not found
-		if err == sql.ErrNoRows {
-			h.Runtime.Log.Info("Adding new LDAP user " + lu.Email + " @ " + dom)
-
-			u = convertUser(lc, lu)
-			u.Salt = secrets.GenerateSalt()
-			u.Password = secrets.GeneratePassword(secrets.GenerateRandomPassword(), u.Salt)
-
-			u, err = auth.AddExternalUser(ctx, h.Runtime, h.Store, u, lc.DefaultPermissionAddSpace)
-			if err != nil {
-				response.WriteServerError(w, method, err)
-				h.Runtime.Log.Error(method, err)
+		if len(lu.Email) == 0 || len(u.Email) == 0 {
+			response.WriteUnauthorizedError(w)
+			h.Runtime.Log.Infof("LDAP user without email faild auth (%s)", username)
 			return
 		}
+
+		// If user authenticated BUT is not within Documize, we fail authentication.
+		// If dual auth is enabled, we can try regular email/password login (see next).
+		if err == sql.ErrNoRows {
+			ok = false
 		}
 	}
 

edition/community.go

@@ -40,8 +40,8 @@ func main() {
 	rt.Product = domain.Product{}
 	rt.Product.Major = "4"
 	rt.Product.Minor = "2"
-	rt.Product.Patch = "0"
-	rt.Product.Revision = "220111130925"
+	rt.Product.Patch = "1"
+	rt.Product.Revision = "220112135654"
 	rt.Product.Version = fmt.Sprintf("%s.%s.%s", rt.Product.Major, rt.Product.Minor, rt.Product.Patch)
 	rt.Product.Edition = domain.CommunityEdition
 	rt.Product.Title = "Community"

gui/.eslintrc.js

@@ -15,6 +15,16 @@ module.exports = {
     browser: true
   },
   rules: {
+    "ember/no-classic-classes": "off",
+    "ember/require-tagless-components": "off",
+    "ember/require-computed-property-dependencies": "off",
+    "ember/no-classic-components": "off",
+    "ember/no-assignment-of-untracked-properties-used-in-tracking-contexts": "off",
+    "ember/no-component-lifecycle-hooks": "off",
+    "ember/no-get": "off",
+    "ember/no-jquery": "off",
+    "ember/no-mixins": "off",
+    "ember/no-actions-hash": "off"
   },
   overrides: [
     // node files

gui/package.json

@@ -1,11 +1,11 @@
 {
   "name": "documize",
-  "version": "4.2.0",
+  "version": "4.2.1",
   "private": true,
-  "description": "Documize",
+  "description": "Documize Community",
   "repository": "",
   "license": "AGPL",
-  "author": "Documize",
+  "author": "Documize Inc.",
   "directories": {
     "doc": "doc",
     "test": "tests"

model/auth/ldap.go

@@ -100,7 +100,7 @@ func (c *LDAPConfig) Clean() {
 	if c.EncryptionType == "" {
 		c.EncryptionType = "none"
 	}
-	if c.EncryptionType != EncryptionTypeNone || c.EncryptionType != EncryptionTypeStartTLS {
+	if c.EncryptionType != EncryptionTypeNone && c.EncryptionType != EncryptionTypeStartTLS {
 		c.EncryptionType = EncryptionTypeNone
 	}