From efcb27b405fa97ceb0607146d0c853ebe3cfeb0b Mon Sep 17 00:00:00 2001 From: Anton Shepilov Date: Tue, 12 Sep 2023 23:02:46 +0200 Subject: [PATCH] =?UTF-8?q?*=20=F0=9F=9B=A0=EF=B8=8F=20Synchronization=20o?= =?UTF-8?q?f=20the=20user=20with=20LDAP?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * add configuration with LDAP attributes mappings * add defalut company and remove application check since it's not configurable * change error handling, now all the requests are independant --- tdrive/backend/node/config/default.json | 2 +- .../applications-api/web/controllers/index.ts | 36 ++++--------------- .../src/services/console/clients/remote.ts | 17 +++++---- tdrive/backend/utils/ldap-sync/src/index.ts | 12 +++---- 4 files changed, 24 insertions(+), 43 deletions(-) diff --git a/tdrive/backend/node/config/default.json b/tdrive/backend/node/config/default.json index 78da89771..33924c1b2 100644 --- a/tdrive/backend/node/config/default.json +++ b/tdrive/backend/node/config/default.json @@ -81,7 +81,7 @@ } }, "database":{ - "secret":"ab63bb3e90c0271c9a1c06651a7c0967eab8851a7a897766", + "secret":"", "type":"cassandra", "mongodb":{ "uri":"mongodb://mongo:27017", diff --git a/tdrive/backend/node/src/services/applications-api/web/controllers/index.ts b/tdrive/backend/node/src/services/applications-api/web/controllers/index.ts index 8bee2d58f..d014ae91b 100644 --- a/tdrive/backend/node/src/services/applications-api/web/controllers/index.ts +++ b/tdrive/backend/node/src/services/applications-api/web/controllers/index.ts @@ -8,7 +8,6 @@ import { RealtimeBaseBusEvent, } from "../../../../core/platform/services/realtime/types"; import { ResourceGetResponse } from "../../../../utils/types"; -import { getInstance } from "../../../user/entities/user"; import { ApplicationObject, getApplicationObject, @@ -21,6 +20,7 @@ import { ApplicationLoginResponse, ConfigureRequest, } from "../types"; +import { ConsoleHookUser } from "src/services/console/types"; export class ApplicationsApiController { async token( @@ -175,37 +175,15 @@ export class ApplicationsApiController { }; }>, ): Promise { - const email = request.body.email.trim().toLocaleLowerCase(); - - if (await gr.services.users.getByEmail(email)) { - throw new Error("This email is already used"); - } - try { - const newUser = getInstance({ - first_name: request.body.first_name, - last_name: request.body.last_name, - email_canonical: email, - username_canonical: (email.replace("@", ".") || "").toLocaleLowerCase(), - phone: "", - identity_provider: "console", - identity_provider_id: email, - mail_verified: true, - }); - const user = await gr.services.users.create(newUser); - - const company = await gr.services.companies.getCompany({ - id: "00000000-0000-4000-0000-000000000000", - }); - - await gr.services.companies.setUserRole(company.id, user.entity.id, "member"); - - await gr.services.users.save(user.entity, { - user: { id: user.entity.id, server_request: true }, - }); + await gr.services.console.getClient().updateLocalUserFromConsole({ + email: request.body.email.trim().toLocaleLowerCase(), + name: request.body.first_name, + surname: request.body.last_name, + } as ConsoleHookUser); } catch (err) { logger.error(err); - throw new Error("An unknown error occured"); + throw err; } return {}; } diff --git a/tdrive/backend/node/src/services/console/clients/remote.ts b/tdrive/backend/node/src/services/console/clients/remote.ts index 932dfeab8..b0e249424 100644 --- a/tdrive/backend/node/src/services/console/clients/remote.ts +++ b/tdrive/backend/node/src/services/console/clients/remote.ts @@ -99,12 +99,13 @@ export class ConsoleRemoteClient implements ConsoleServiceClient { throw CrudException.badRequest("User not found on Console"); } - const roles = userDTO.roles.filter( - role => role.applications === undefined || role.applications.find(a => a.code === "tdrive"), - ); - - //REMOVE LATER - logger.info(`Roles are: ${roles}.`); + if (userDTO.roles) { + const roles = userDTO.roles.filter( + role => role.applications === undefined || role.applications.find(a => a.code === "tdrive"), + ); + //REMOVE LATER + logger.info(`Roles are: ${roles}.`); + } let user = await gr.services.users.getByConsoleId(userDTO.email); @@ -151,7 +152,9 @@ export class ConsoleRemoteClient implements ConsoleServiceClient { user.preferences.timezone = coalesce(userDTO.preference.timeZone, user.preferences?.timezone); } - user.picture = userDTO.avatar.value; + if (userDTO.avatar) { + user.picture = userDTO.avatar.value; + } await gr.services.users.save(user); diff --git a/tdrive/backend/utils/ldap-sync/src/index.ts b/tdrive/backend/utils/ldap-sync/src/index.ts index d1582698e..12ea997ef 100644 --- a/tdrive/backend/utils/ldap-sync/src/index.ts +++ b/tdrive/backend/utils/ldap-sync/src/index.ts @@ -1,4 +1,4 @@ -import ldap from "ldapjs"; +import ldap, { SearchEntry } from "ldapjs"; import axios, { AxiosError } from "axios"; import dotenv from "dotenv"; @@ -119,14 +119,14 @@ client.bind(ldapConfig.bindDN, ldapConfig.bindCredentials, (err) => { const apiRequests: Promise[] = []; - searchRes.on("searchEntry", (entry: any) => { - console.log('Receive entry:: ' + JSON.stringify(entry.pojo)); + searchRes.on("searchEntry", (entry: SearchEntry) => { + console.log('Receive entry:: ' + JSON.stringify(entry.attributes)); // Handle each search result entry const userAttributes: UserAttributes = { - first_name: entry.attributes[0]?.values[0], - last_name: entry.attributes[1]?.values[0], - email: entry.attributes[2]?.values[0], + first_name: entry.attributes.find(a=> a.type == ldapConfig.mappings.firstName)?.vals[0]!, + last_name: entry.attributes.find(a=> a.type == ldapConfig.mappings.lastName)?.vals[0]!, + email: entry.attributes.find(a=> a.type == ldapConfig.mappings.email)?.vals[0]!, }; if (userAttributes.email) {