kosmos/akkounts
8
1
Fork 0
Code Issues 22 Pull Requests 1 Actions Packages Releases 12 Activity

Add service attribute to LDAP user entry
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details

Browse Source
This commit is contained in:
Râu Cao
2023-02-25 21:35:38 +08:00
parent b84f9109f6
commit 75ffd4e2f1
7 changed files with 234 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
app/models/user.rb
View File

@@ -42,9 +42,9 @@ class User < ApplicationRecord
def ldap_before_save
self.email = Devise::LDAP::Adapter.get_ldap_param(self.cn, "mail").first
dn = Devise::LDAP::Adapter.get_ldap_param(self.cn, "dn")
self.ou = dn.split(',').select{|e| e[0..1] == "ou"}.first.delete_prefix("ou=")
self.ou = dn.split(',')
.select{|e| e[0..1] == "ou"}.first
.delete_prefix("ou=")
if self.confirmed_at.blank? && self.confirmation_token.blank?
# User had an account with a trusted email address before akkounts was a thing
@@ -52,6 +52,10 @@ class User < ApplicationRecord
end
end
def devise_after_confirmation
enable_service %w[discourse gitea wiki xmpp]
end
def reset_password(new_password, new_password_confirmation)
self.password = new_password
self.password_confirmation = new_password_confirmation
@@ -70,12 +74,6 @@ class User < ApplicationRecord
end
end
def ldap_entry
return @ldap_entry if defined?(@ldap_entry)
ldap = LdapService.new
@ldap_entry = ldap.fetch_users(uid: self.cn, ou: self.ou).first
end
def address
"#{self.cn}@#{self.ou}"
end
@@ -90,4 +88,42 @@ class User < ApplicationRecord
lndhub.authenticate self
lndhub.addinvoice payload
end
def dn
return @dn if defined?(@dn)
@dn = Devise::LDAP::Adapter.get_dn(self.cn)
end
def ldap_entry
ldap.fetch_users(uid: self.cn, ou: self.ou).first
end
def services_enabled
ldap_entry[:service] || []
end
def enable_service(service)
current_services = services_enabled
new_services = Array(service).map(&:to_s)
services = (current_services + new_services).uniq
ldap.replace_attribute(dn, :service, services)
end
def disable_service(service)
current_services = services_enabled
disabled_services = Array(service).map(&:to_s)
services = (current_services - disabled_services).uniq
ldap.replace_attribute(dn, :service, services)
end
def disable_all_services
ldap.delete_attribute(dn,:service)
end
private
def ldap
return @ldap_service if defined?(@ldap_service)
@ldap_service = LdapService.new
end
end