kosmos/akkounts
kosmos/akkounts
8
1
Fork 0
Code Issues 19 Pull Requests 1 Actions Packages Releases 12 Activity
akkounts/app/controllers/admin/ldap_users_controller.rb
Sebastian Kippe f0312cb8e7
Authorize access to admin panel, etc. 
Adds a separate admin namespace and base controller, with authorization
by looking up the admin property in the user's LDAP account.
2020-11-18 00:22:44 +01:00

42 lines
1.1 KiB
Ruby
Raw Blame History

class Admin::LdapUsersController < Admin::BaseController
def index
attributes = %w{dn cn uid mail admin}
filter = Net::LDAP::Filter.eq("uid", "*")
if params[:ou]
treebase = "ou=#{params[:ou]},cn=users,dc=kosmos,dc=org"
else
treebase = "ou=kosmos.org,cn=users,dc=kosmos,dc=org"
end
entries = ldap_client.search(base: treebase, filter: filter, attributes: attributes)
entries.sort_by! { |e| e.cn[0] }
@entries = entries.collect do |e|
{
uid: e.uid.first,
mail: e.try(:mail) ? e.mail.first : nil,
admin: e.try(:admin) ? 'admin' : nil
# password: e.userpassword.first
}
end
# ldap_client.get_operation_result
end
private
def ldap_client
ldap_client ||= Net::LDAP.new host: ENV['LDAP_HOST'],
port: ldap_config['port'],
encryption: ldap_config['ssl'],
auth: {
method: :simple,
username: ldap_config['admin_user'],
password: ldap_config['admin_password']
}
end
def ldap_config
ldap_config ||= YAML.load(ERB.new(File.read("#{Rails.root}/config/ldap.yml")).result)[Rails.env]
end
end
Reference in New Issue View Git Blame Copy Permalink