Merge branch 'main' into #4-password-reset
# Conflicts: # src/lib.rs # src/methods/account_new.rs
This commit is contained in:
commit
b570ed9073
4 changed files with 61 additions and 63 deletions
|
|
@ -101,9 +101,11 @@
|
|||
|
||||
# modify these
|
||||
scripts = {
|
||||
# every 15 min
|
||||
"update_data" = "*:0,15,30,45";
|
||||
#"new_users" = "*:5,20,35,50";
|
||||
"update_groups" = "*:5,20,35,50";
|
||||
#"new_users" = "*:5,20,35,50";
|
||||
# groups are updated every 8 hours
|
||||
"update_groups" = "00,08,16:00:00";
|
||||
};
|
||||
|
||||
in {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
use ldap3::{LdapConn, Mod};
|
||||
use skynet_ldap_backend::{db_init, get_config, get_now_iso, get_wolves, Accounts, Config};
|
||||
use skynet_ldap_backend::{db_init, get_config, get_now_iso, get_wolves, update_group, Accounts, Config};
|
||||
use sqlx::{Pool, Sqlite};
|
||||
use std::{collections::HashSet, env, error::Error};
|
||||
|
||||
|
|
@ -68,49 +67,6 @@ async fn update(config: &Config) -> tide::Result<()> {
|
|||
Ok(())
|
||||
}
|
||||
|
||||
fn uid_to_dn(uid: &str) -> String {
|
||||
format!("uid={},ou=users,dc=skynet,dc=ie", uid)
|
||||
}
|
||||
|
||||
async fn update_group(config: &Config, group: &str, users: &Vec<String>, replace: bool) -> tide::Result<()> {
|
||||
if users.is_empty() {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
||||
|
||||
// use the admin account
|
||||
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw)?.success()?;
|
||||
|
||||
let dn = format!("cn={},ou=groups,dc=skynet,dc=ie", group);
|
||||
let members = users.iter().map(|uid| uid_to_dn(uid)).collect();
|
||||
let mods = if replace {
|
||||
vec![Mod::Replace("member".to_string(), members)]
|
||||
} else {
|
||||
vec![Mod::Add("member".to_string(), members)]
|
||||
};
|
||||
|
||||
if let Err(x) = ldap.modify(&dn, mods) {
|
||||
println!("{:?}", x);
|
||||
}
|
||||
|
||||
let dn_linux = format!("cn={}-linux,ou=groups,dc=skynet,dc=ie", group);
|
||||
let members_linux = users.iter().map(|uid| uid.to_string()).collect();
|
||||
let mods = if replace {
|
||||
vec![Mod::Replace("memberUid".to_string(), members_linux)]
|
||||
} else {
|
||||
vec![Mod::Add("memberUid".to_string(), members_linux)]
|
||||
};
|
||||
if let Err(x) = ldap.modify(&dn_linux, mods) {
|
||||
println!("{:?}", x);
|
||||
};
|
||||
|
||||
// tidy up
|
||||
ldap.unbind()?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn from_csv(config: &Config) -> Result<HashSet<String>, Box<dyn Error>> {
|
||||
let db = db_init(config).await.unwrap();
|
||||
|
||||
|
|
|
|||
64
src/lib.rs
64
src/lib.rs
|
|
@ -1,6 +1,7 @@
|
|||
pub mod methods;
|
||||
use chrono::{Datelike, SecondsFormat, Utc};
|
||||
use dotenvy::dotenv;
|
||||
use ldap3::{LdapConn, Mod};
|
||||
use rand::{distributions::Alphanumeric, thread_rng, Rng};
|
||||
use sqlx::{
|
||||
sqlite::{SqliteConnectOptions, SqlitePoolOptions},
|
||||
|
|
@ -87,12 +88,8 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
|
|||
.execute(&pool)
|
||||
.await?;
|
||||
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_new (auth_code)")
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_new (date_expiry)")
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_new (auth_code)").execute(&pool).await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_new (date_expiry)").execute(&pool).await?;
|
||||
|
||||
sqlx::query(
|
||||
"CREATE TABLE IF NOT EXISTS accounts_reset (
|
||||
|
|
@ -104,12 +101,8 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
|
|||
.execute(&pool)
|
||||
.await?;
|
||||
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_reset (auth_code)")
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_reset (date_expiry)")
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_reset (auth_code)").execute(&pool).await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_reset (date_expiry)").execute(&pool).await?;
|
||||
|
||||
// this is for active use
|
||||
sqlx::query(
|
||||
|
|
@ -128,9 +121,7 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
|
|||
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_uid_number ON accounts (uid)").execute(&pool).await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_mail ON accounts (mail)").execute(&pool).await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_student_id ON accounts (student_id)")
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
sqlx::query("CREATE INDEX IF NOT EXISTS index_student_id ON accounts (student_id)").execute(&pool).await?;
|
||||
|
||||
Ok(pool)
|
||||
}
|
||||
|
|
@ -243,3 +234,46 @@ pub async fn get_wolves(db: &Pool<Sqlite>) -> Vec<AccountWolves> {
|
|||
pub fn uid_to_dn(uid: &str) -> String {
|
||||
format!("uid={},ou=users,dc=skynet,dc=ie", uid)
|
||||
}
|
||||
|
||||
pub async fn update_group(config: &Config, group: &str, users: &Vec<String>, replace: bool) -> tide::Result<()> {
|
||||
if users.is_empty() {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
let mut ldap = LdapConn::new(&config.ldap_host)?;
|
||||
|
||||
// use the admin account
|
||||
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw)?.success()?;
|
||||
|
||||
let dn = format!("cn={},ou=groups,dc=skynet,dc=ie", group);
|
||||
let members = users.iter().map(|uid| uid_to_dn(uid)).collect();
|
||||
let mods = if replace {
|
||||
vec![Mod::Replace("member".to_string(), members)]
|
||||
} else {
|
||||
vec![Mod::Add("member".to_string(), members)]
|
||||
};
|
||||
|
||||
if let Err(x) = ldap.modify(&dn, mods) {
|
||||
println!("{:?}", x);
|
||||
}
|
||||
|
||||
let dn_linux = format!("cn={}-linux,ou=groups,dc=skynet,dc=ie", group);
|
||||
let members_linux = users.iter().map(|uid| uid.to_string()).collect();
|
||||
let mods = if replace {
|
||||
vec![Mod::Replace("memberUid".to_string(), members_linux)]
|
||||
} else {
|
||||
vec![Mod::Add("memberUid".to_string(), members_linux)]
|
||||
};
|
||||
if let Err(x) = ldap.modify(&dn_linux, mods) {
|
||||
println!("{:?}", x);
|
||||
};
|
||||
|
||||
// tidy up
|
||||
ldap.unbind()?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn uid_to_dn(uid: &str) -> String {
|
||||
format!("uid={},ou=users,dc=skynet,dc=ie", uid)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -232,6 +232,7 @@ pub mod email {
|
|||
|
||||
pub mod account {
|
||||
use super::*;
|
||||
use crate::update_group;
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
struct LdapNewUser {
|
||||
|
|
@ -408,7 +409,12 @@ pub mod account {
|
|||
|
||||
ldap.extended(tmp).unwrap();
|
||||
|
||||
ldap.unbind()?;
|
||||
// user is already verified by being an active member on wolves
|
||||
if let Err(e) = update_group(config, "skynet-users", &vec![username.to_string()], true).await {
|
||||
println!("Couldnt add {} to skynet-users: {:?}", username, e)
|
||||
}
|
||||
|
||||
ldap.unbind()?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue