habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: add groups to users

Browse Source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
2021-04-26 19:51:24 +02:00
parent fae4d34131
commit 2a122845d9
4 changed files with 27 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
outpost/pkg/ldap/instance_search.go
View File

@ -50,11 +50,8 @@ func (pi *ProviderInstance) Search(bindDN string, searchReq ldap.SearchRequest,
},
}
attrs = append(attrs, AKAttrsToLDAP(g.Attributes)...)
// attrs = append(attrs, &ldap.EntryAttribute{Name: "description", Values: []string{fmt.Sprintf("%s", g.Name)}})
// attrs = append(attrs, &ldap.EntryAttribute{Name: "gidNumber", Values: []string{fmt.Sprintf("%d", g.UnixID)}})
// attrs = append(attrs, &ldap.EntryAttribute{Name: "uniqueMember", Values: h.getGroupMembers(g.UnixID)})
// attrs = append(attrs, &ldap.EntryAttribute{Name: "memberUid", Values: h.getGroupMemberIDs(g.UnixID)})
dn := fmt.Sprintf("cn=%s,%s", *g.Name, pi.GroupDN)
dn := pi.GetGroupDN(g)
entries = append(entries, &ldap.Entry{DN: dn, Attributes: attrs})
}
case UserObjectClass, "":
@ -102,7 +99,7 @@ func (pi *ProviderInstance) Search(bindDN string, searchReq ldap.SearchRequest,
attrs = append(attrs, &ldap.EntryAttribute{Name: "superuser", Values: []string{"active"}})
}
// attrs = append(attrs, &ldap.EntryAttribute{Name: "memberOf", Values: h.getGroupDNs(append(u.OtherGroups, u.PrimaryGroup))})
attrs = append(attrs, &ldap.EntryAttribute{Name: "memberOf", Values: pi.GroupsForUser(u)})
attrs = append(attrs, AKAttrsToLDAP(u.Attributes)...)

15
outpost/pkg/ldap/utils.go
View File

@ -1,7 +1,10 @@
package ldap
import (
"fmt"
"github.com/nmcclain/ldap"
"goauthentik.io/outpost/pkg/models"
)
func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute {
@ -18,3 +21,15 @@ func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute {
}
return attrList
}
func (pi *ProviderInstance) GroupsForUser(user *models.User) []string {
groups := make([]string, len(user.Groups))
for i, group := range user.Groups {
groups[i] = pi.GetGroupDN(group)
}
return groups
}
func (pi *ProviderInstance) GetGroupDN(group *models.Group) string {
return fmt.Sprintf("cn=%s,%s", *group.Name, pi.GroupDN)
}