kosmos/akkounts
kosmos/akkounts
8
1
Fork 0
Code Issues 19 Pull Requests 1 Actions Packages Releases 12 Activity
akkounts/lib/tasks/ldap.rake
Râu Cao 393f85e45c
All checks were successful
continuous-integration/drone/push Build is passing
Details
WIP Add member/contributor status to users
2025-05-27 13:32:58 +04:00

65 lines
2.1 KiB
Ruby
Raw Blame History

namespace :ldap do
desc "Reset the LDAP directory and set up base entries and default org"
task setup: [:environment, :add_custom_attributes] do |t, args|
ldap = LdapService.new
ldap.delete_entry "cn=admin_role,ou=kosmos.org,cn=users,dc=kosmos,dc=org", true
# Delete all existing entries and re-add base entries
ldap.reset_directory!
ldap.add_organization "kosmos.org", "Kosmos", true
# add admin role
ldap.add_entry "cn=admin_role,ou=kosmos.org,cn=users,dc=kosmos,dc=org", {
objectClass: %w{top LDAPsubentry nsRoleDefinition nsComplexRoleDefinition nsFilteredRoleDefinition},
cn: "admin_role",
nsRoleFilter: "(&(objectclass=person)(admin=true))",
description: "filtered role for admins"
}, true
end
desc "Add custom attributes to schema"
task add_custom_attributes: :environment do |t, args|
%w[ admin service_enabled member_status nostr_key pgp_key ].each do |name|
Rake::Task["ldap:modify_ldap_schema"].invoke(name, "add")
Rake::Task['ldap:modify_ldap_schema'].reenable
end
end
desc "Delete custom attributes from schema"
task delete_custom_attributes: :environment do |t, args|
%w[ admin service_enabled member_status nostr_key pgp_key ].each do |name|
Rake::Task["ldap:modify_ldap_schema"].invoke(name, "delete")
Rake::Task['ldap:modify_ldap_schema'].reenable
end
end
desc "Modify LDAP schema"
task :modify_ldap_schema, [:name, :operation] => [:environment] do |t, args|
puts "Modify schema: #{args[:operation]} #{args[:name]}"
filename = "#{Rails.root}/schemas/ldap/#{args[:name]}.ldif"
ldif = YAML.safe_load(File.read(filename))
dn = ldif["dn"]
attribute = ldif["add"]
value = ldif[attribute]
operation = [ args[:operation].to_sym, attribute.to_sym, value ]
ldap = LdapService.new
res = ldap.modify dn, [ operation ]
if res != 0
puts "Result code: #{res}"
exit 1
end
end
desc "List user domains/organizations"
task list_organizations: :environment do |t, args|
ldap = LdapService.new
orgs = ldap.fetch_organizations
puts orgs.inspect
end
end
Reference in New Issue View Git Blame Copy Permalink