Improve LDAP tests and preview process

2025-07-24 23:59:47 +02:00 · 2018-09-05 15:54:00 +01:00 · 2018-09-05 15:54:00 +01:00 · ae084ae0bb
commit ae084ae0bb
parent 6e0958b3c3
4 changed files with 702 additions and 697 deletions
--- a/domain/auth/ldap/ad_test.go
+++ b/domain/auth/ldap/ad_test.go
@ -29,8 +29,8 @@ var testConfigPublicAD = lm.LDAPConfig{
 	ServerPort:               389,
 	EncryptionType:           lm.EncryptionTypeNone,
 	BaseDN:                   "DC=mycompany,DC=local",
-	BindDN:                   "CN=ad-admin,CN=Users,DC=mycompany,DC=local",
-	BindPassword:             "8B5tNRLvbk8K",
+	BindDN:                   "CN=Mr Manager,CN=Users,DC=mycompany,DC=local",
+	BindPassword:             "Pass@word1!",
 	UserFilter:               "(|(objectCategory=person)(objectClass=user)(objectClass=inetOrgPerson))",
 	GroupFilter:              "(|(cn=Accounting)(cn=IT))",
 	AttributeUserRDN:         "sAMAccountName",
--- a/domain/auth/ldap/endpoint.go
+++ b/domain/auth/ldap/endpoint.go
@ -54,6 +54,8 @@ func (h *Handler) Preview(w http.ResponseWriter, r *http.Request) {
 		Users   []user.User `json:"users"`
 		Count   int         `json:"count"`
 	}
+
+	result.IsError = true
 	result.Users = []user.User{}

 	// Read the request.
@ -78,6 +80,25 @@ func (h *Handler) Preview(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if c.ServerPort == 0 && len(c.ServerHost) == 0 {
+		result.Message = "Missing LDAP server details"
+		result.IsError = true
+		response.WriteJSON(w, result)
+		return
+	}
+	if len(c.BindDN) == 0 && len(c.BindPassword) == 0 {
+		result.Message = "Missing LDAP bind credentials"
+		result.IsError = true
+		response.WriteJSON(w, result)
+		return
+	}
+	if len(c.UserFilter) == 0 && len(c.GroupFilter) == 0 {
+		result.Message = "Missing LDAP search filters"
+		result.IsError = true
+		response.WriteJSON(w, result)
+		return
+	}
+
 	h.Runtime.Log.Info("Fetching LDAP users")

 	users, err := fetchUsers(c)
@ -90,7 +111,7 @@ func (h *Handler) Preview(w http.ResponseWriter, r *http.Request) {
 	}

 	result.IsError = false
-	result.Message = fmt.Sprintf("Sync'ed with LDAP, found %d users", len(users))
+	result.Message = fmt.Sprintf("Previewing LDAP, found %d users", len(users))
 	result.Count = len(users)
 	result.Users = users

@ -119,6 +140,9 @@ func (h *Handler) Sync(w http.ResponseWriter, r *http.Request) {
 		IsError bool   `json:"isError"`
 	}

+	result.IsError = true
+	result.Message = "Unable to connect to LDAP"
+
 	// Org contains raw auth provider config
 	org, err := h.Store.Organization.GetOrganization(ctx, ctx.OrgID)
 	if err != nil {
--- a/embed/bindata.go
+++ b/embed/bindata.go
--- a/gui/app/components/customize/auth-settings.js
+++ b/gui/app/components/customize/auth-settings.js
@ -57,12 +57,12 @@ export default Component.extend(ModalMixin, Notifier, {
 	ldapErrorAttributeGroupMember: computed('ldapConfig.{groupFilter,attributeGroupMember}', function() {
 		return is.not.empty(this.get('ldapConfig.groupFilter')) && is.empty(this.get('ldapConfig.attributeGroupMember'));
 	}),
+	ldapPreview: null,
+	ldapConfig: null,

 	init() {
 		this._super(...arguments);

-		let constants = this.get('constants');
-
 		this.keycloakConfig = {
 			url: '',
 			realm: '',
@ -74,27 +74,6 @@ export default Component.extend(ModalMixin, Notifier, {
 			disableLogout: false,
 			defaultPermissionAddSpace: false
 		};
-
-		this.ldapConfig =  {
-			serverType:               constants.AuthProvider.ServerTypeLDAP,
-			serverHost:               '',
-			serverPort:               389,
-			encryptionType:           constants.AuthProvider.EncryptionTypeStartTLS,
-			baseDN:                   "",
-			bindDN:                   "cn=admin,dc=planetexpress,dc=com",
-			bindPassword:             "GoodNewsEveryone",
-			userFilter:               "(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))",
-			groupFilter:              "(&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))",
-			attributeUserRDN:         "uid",
-			attributeUserFirstname:   "givenName",
-			attributeUserLastname:    "sn",
-			attributeUserEmail:       "mail",
-			attributeUserDisplayName: "",
-			attributeUserGroupName:   "",
-			attributeGroupMember:     "member",
-			disableLogout: false,
-			defaultPermissionAddSpace: false
-		};
 	},

 	didReceiveAttrs() {
@ -103,6 +82,8 @@ export default Component.extend(ModalMixin, Notifier, {
 		let provider = this.get('authProvider');
 		let constants = this.get('constants');

+		this.set('ldapPreview', {isError: true, message: 'Unable to connect'});
+
 		switch (provider) {
 			case constants.AuthProvider.Documize:
 				// nothing to do