diff --git a/src/bin/update_groups.rs b/src/bin/update_groups.rs index c81962f..e0c2004 100644 --- a/src/bin/update_groups.rs +++ b/src/bin/update_groups.rs @@ -1,10 +1,9 @@ use dotenv::dotenv; use ldap3::{LdapConn, Mod, Scope, SearchEntry}; use skynet_ldap_backend::{get_config, Config}; -use std::{env, io}; use std::collections::{HashMap, HashSet}; +use std::env; use std::error::Error; -use csv; #[async_std::main] async fn main() -> tide::Result<()> { @@ -18,21 +17,16 @@ async fn main() -> tide::Result<()> { } async fn update_users(config: &Config) -> tide::Result<()> { - let mut users_tmp = vec![ - // default user to ensure group is never empty - String::from("compsoc"), - ]; + let mut users_tmp = HashSet::new(); + // default user to ensure group is never empty + users_tmp.insert(String::from("compsoc")); - // add lifetime folks if let Ok(x) = env::var("USERS_LIFETIME") { for user in x.split(',').collect::>() { - users_tmp.push(user.to_string()); + users_tmp.insert(user.to_string()); } } - for user in from_csv(config).await.unwrap_or_default() { - users_tmp.push(user); - } /* pull in data from wolves (csv or api (hopefully api) pull entire ldap data @@ -40,16 +34,15 @@ async fn update_users(config: &Config) -> tide::Result<()> { for every valid user in wolves match to ldap add to users */ + // pull from wolves csv + for user in from_csv(config).await.unwrap_or_default() { + users_tmp.insert(user); + } // sorting makes it easier/faster - users_tmp.sort(); if let Ok(x) = env::var("USERS_BANNED") { for user in x.split(',').collect::>() { - // find its position - while let Ok(index) = users_tmp.binary_search(&user.to_string()) { - // in case it just so happens to be there multiple times - users_tmp.remove(index); - } + users_tmp.remove(user); } } @@ -132,8 +125,7 @@ async fn update_group(config: &Config, group: &str, users: &[&str], replace: boo Ok(()) } -async fn ldap_get_accounts(config: &Config) -> Result<(HashMap, HashMap), Box>{ - +async fn ldap_get_accounts(config: &Config) -> Result<(HashMap, HashMap), Box> { // connect to ldap let mut ldap = LdapConn::new(&config.ldap_host)?; ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw)?.success()?; @@ -141,31 +133,27 @@ async fn ldap_get_accounts(config: &Config) -> Result<(HashMap, let mut uid_idstudent: HashMap = HashMap::new(); let mut uid_email: HashMap = HashMap::new(); - let (rs, _res) = ldap.search( - "ou=users,dc=skynet,dc=ie", - Scope::OneLevel, - "(objectClass=*)", - vec!["uid", "mail", "skID", "skSecure"] - ) - .unwrap() - .success() - .unwrap(); + let (rs, _res) = ldap + .search("ou=users,dc=skynet,dc=ie", Scope::OneLevel, "(objectClass=*)", vec!["uid", "mail", "skID", "skSecure"]) + .unwrap() + .success() + .unwrap(); for entry in rs { - let tmp = SearchEntry::construct(entry); + let tmp = SearchEntry::construct(entry); // skSecure is a standin for teh password, only 1 if the password is SSHA512 - if !tmp.attrs.contains_key("skSecure"){ + if !tmp.attrs.contains_key("skSecure") { continue; } if tmp.attrs["skSecure"].is_empty() { continue; } - + // make sure there is an id; let uid = if !tmp.attrs["uid"].is_empty() { tmp.attrs["uid"][0].clone() - }else { + } else { continue; }; @@ -184,16 +172,16 @@ async fn ldap_get_accounts(config: &Config) -> Result<(HashMap, } } ldap.unbind()?; - + Ok((uid_idstudent, uid_email)) } -async fn from_csv(config: &Config) -> Result, Box>{ +async fn from_csv(config: &Config) -> Result, Box> { let mut uids = HashSet::new(); let (uid_idstudent, uid_email) = ldap_get_accounts(config).await?; let records = read_csv()?; - + for record in records { if let Some(uid) = uid_email.get(&record.email) { uids.insert(uid.clone()); @@ -202,15 +190,14 @@ async fn from_csv(config: &Config) -> Result, Box>{ uids.insert(uid.clone()); } } - + Ok(uids) } - #[derive(Debug, serde::Deserialize)] struct Record { - #[serde(rename = "MemID")] - id_wolves: String, + // #[serde(rename = "MemID")] + // id_wolves: String, #[serde(rename = "Student Num")] id_student: String, #[serde(rename = "Contact Email")] @@ -219,7 +206,7 @@ struct Record { fn read_csv() -> Result, Box> { let mut records: Vec = vec![]; - + if let Ok(mut rdr) = csv::Reader::from_path("tmp.csv") { for result in rdr.deserialize() { // Notice that we need to provide a type hint for automatic @@ -228,6 +215,6 @@ fn read_csv() -> Result, Box> { records.push(record); } } - + Ok(records) -} \ No newline at end of file +} diff --git a/src/methods/account_new.rs b/src/methods/account_new.rs index 31dca32..786a68e 100644 --- a/src/methods/account_new.rs +++ b/src/methods/account_new.rs @@ -296,7 +296,7 @@ async fn account_verification_new_account(ldap: &mut LdapConn, user_details: &Ac // need to get this from wolves //("skID", HashSet::from(["12345678"])), ("skCreated", HashSet::from([sk_created.as_str()])), - // 1 = secure, automatic since its a new account + // 1 = secure, automatic since its a new account ("skSecure", HashSet::from(["1"])), ], )? diff --git a/src/methods/account_update.rs b/src/methods/account_update.rs index cb092ca..977e625 100644 --- a/src/methods/account_update.rs +++ b/src/methods/account_update.rs @@ -54,12 +54,12 @@ pub async fn post_update_ldap(mut req: Request) -> tide::Result { // main value we are updating Mod::Replace(field, HashSet::from([value])), ]; - + // if teh password is changing then its inherentrly secure, same if its currently an empty field if !pw_keep_same || !pw_secure { mods.push(Mod::Replace(String::from("skSecure"), HashSet::from([String::from("1")]))); } - + ldap.modify(&dn, mods)?.success()?; // pass back the "old" and "new" passwords