Skynet/ldap_backend
7
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into #4-password-reset

Browse source 
# Conflicts:
#	src/lib.rs
#	src/methods/account_new.rs
This commit is contained in:
silver 2023-08-06 17:57:02 +01:00
commit b570ed9073
4 changed files with 61 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

64
src/lib.rs
View file

@ -1,6 +1,7 @@
pub mod methods;
use chrono::{Datelike, SecondsFormat, Utc};
use dotenvy::dotenv;
use ldap3::{LdapConn, Mod};
use rand::{distributions::Alphanumeric, thread_rng, Rng};
use sqlx::{
sqlite::{SqliteConnectOptions, SqlitePoolOptions},
@ -87,12 +88,8 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_new (auth_code)")
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_new (date_expiry)")
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_new (auth_code)").execute(&pool).await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_new (date_expiry)").execute(&pool).await?;
sqlx::query(
"CREATE TABLE IF NOT EXISTS accounts_reset (
@ -104,12 +101,8 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_reset (auth_code)")
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_reset (date_expiry)")
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_auth_code ON accounts_reset (auth_code)").execute(&pool).await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_date_expiry ON accounts_reset (date_expiry)").execute(&pool).await?;
// this is for active use
sqlx::query(
@ -128,9 +121,7 @@ pub async fn db_init(config: &Config) -> Result<Pool<Sqlite>, Error> {
sqlx::query("CREATE INDEX IF NOT EXISTS index_uid_number ON accounts (uid)").execute(&pool).await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_mail ON accounts (mail)").execute(&pool).await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_student_id ON accounts (student_id)")
.execute(&pool)
.await?;
sqlx::query("CREATE INDEX IF NOT EXISTS index_student_id ON accounts (student_id)").execute(&pool).await?;
Ok(pool)
}
@ -243,3 +234,46 @@ pub async fn get_wolves(db: &Pool<Sqlite>) -> Vec<AccountWolves> {
pub fn uid_to_dn(uid: &str) -> String {
format!("uid={},ou=users,dc=skynet,dc=ie", uid)
}
pub async fn update_group(config: &Config, group: &str, users: &Vec<String>, replace: bool) -> tide::Result<()> {
if users.is_empty() {
return Ok(());
}
let mut ldap = LdapConn::new(&config.ldap_host)?;
// use the admin account
ldap.simple_bind(&config.ldap_admin, &config.ldap_admin_pw)?.success()?;
let dn = format!("cn={},ou=groups,dc=skynet,dc=ie", group);
let members = users.iter().map(|uid| uid_to_dn(uid)).collect();
let mods = if replace {
vec![Mod::Replace("member".to_string(), members)]
} else {
vec![Mod::Add("member".to_string(), members)]
};
if let Err(x) = ldap.modify(&dn, mods) {
println!("{:?}", x);
}
let dn_linux = format!("cn={}-linux,ou=groups,dc=skynet,dc=ie", group);
let members_linux = users.iter().map(|uid| uid.to_string()).collect();
let mods = if replace {
vec![Mod::Replace("memberUid".to_string(), members_linux)]
} else {
vec![Mod::Add("memberUid".to_string(), members_linux)]
};
if let Err(x) = ldap.modify(&dn_linux, mods) {
println!("{:?}", x);
};
// tidy up
ldap.unbind()?;
Ok(())
}
pub fn uid_to_dn(uid: &str) -> String {
format!("uid={},ou=users,dc=skynet,dc=ie", uid)
}