aboutsummaryrefslogtreecommitdiffstats
path: root/models/login_source.go
diff options
context:
space:
mode:
authorLauris BH <lauris@nix.lv>2017-05-10 16:10:18 +0300
committerKim "BKC" Carlbäcker <kim.carlbacker@gmail.com>2017-05-10 15:10:18 +0200
commit524885dd6502570dddf5c83f171ee74890dba5c4 (patch)
tree6256ab65739e8b2b9f4d9b498e10526341c2493c /models/login_source.go
parentfd76f090a29b229b9e8e089e225f7ca012809090 (diff)
downloadgitea-524885dd6502570dddf5c83f171ee74890dba5c4.tar.gz
gitea-524885dd6502570dddf5c83f171ee74890dba5c4.zip
LDAP user synchronization (#1478)
Diffstat (limited to 'models/login_source.go')
-rw-r--r--models/login_source.go41
1 files changed, 23 insertions, 18 deletions
diff --git a/models/login_source.go b/models/login_source.go
index 3c7bff8cb8..60110708cb 100644
--- a/models/login_source.go
+++ b/models/login_source.go
@@ -140,11 +140,12 @@ func (cfg *OAuth2Config) ToDB() ([]byte, error) {
// LoginSource represents an external way for authorizing users.
type LoginSource struct {
- ID int64 `xorm:"pk autoincr"`
- Type LoginType
- Name string `xorm:"UNIQUE"`
- IsActived bool `xorm:"INDEX NOT NULL DEFAULT false"`
- Cfg core.Conversion `xorm:"TEXT"`
+ ID int64 `xorm:"pk autoincr"`
+ Type LoginType
+ Name string `xorm:"UNIQUE"`
+ IsActived bool `xorm:"INDEX NOT NULL DEFAULT false"`
+ IsSyncEnabled bool `xorm:"INDEX NOT NULL DEFAULT false"`
+ Cfg core.Conversion `xorm:"TEXT"`
Created time.Time `xorm:"-"`
CreatedUnix int64 `xorm:"INDEX"`
@@ -294,6 +295,10 @@ func CreateLoginSource(source *LoginSource) error {
} else if has {
return ErrLoginSourceAlreadyExist{source.Name}
}
+ // Synchronization is only aviable with LDAP for now
+ if !source.IsLDAP() {
+ source.IsSyncEnabled = false
+ }
_, err = x.Insert(source)
if err == nil && source.IsOAuth2() && source.IsActived {
@@ -405,8 +410,8 @@ func composeFullName(firstname, surname, username string) string {
// LoginViaLDAP queries if login/password is valid against the LDAP directory pool,
// and create a local user if success when enabled.
func LoginViaLDAP(user *User, login, password string, source *LoginSource, autoRegister bool) (*User, error) {
- username, fn, sn, mail, isAdmin, succeed := source.Cfg.(*LDAPConfig).SearchEntry(login, password, source.Type == LoginDLDAP)
- if !succeed {
+ sr := source.Cfg.(*LDAPConfig).SearchEntry(login, password, source.Type == LoginDLDAP)
+ if sr == nil {
// User not in LDAP, do nothing
return nil, ErrUserNotExist{0, login, 0}
}
@@ -416,28 +421,28 @@ func LoginViaLDAP(user *User, login, password string, source *LoginSource, autoR
}
// Fallback.
- if len(username) == 0 {
- username = login
+ if len(sr.Username) == 0 {
+ sr.Username = login
}
// Validate username make sure it satisfies requirement.
- if binding.AlphaDashDotPattern.MatchString(username) {
- return nil, fmt.Errorf("Invalid pattern for attribute 'username' [%s]: must be valid alpha or numeric or dash(-_) or dot characters", username)
+ if binding.AlphaDashDotPattern.MatchString(sr.Username) {
+ return nil, fmt.Errorf("Invalid pattern for attribute 'username' [%s]: must be valid alpha or numeric or dash(-_) or dot characters", sr.Username)
}
- if len(mail) == 0 {
- mail = fmt.Sprintf("%s@localhost", username)
+ if len(sr.Mail) == 0 {
+ sr.Mail = fmt.Sprintf("%s@localhost", sr.Username)
}
user = &User{
- LowerName: strings.ToLower(username),
- Name: username,
- FullName: composeFullName(fn, sn, username),
- Email: mail,
+ LowerName: strings.ToLower(sr.Username),
+ Name: sr.Username,
+ FullName: composeFullName(sr.Name, sr.Surname, sr.Username),
+ Email: sr.Mail,
LoginType: source.Type,
LoginSource: source.ID,
LoginName: login,
IsActive: true,
- IsAdmin: isAdmin,
+ IsAdmin: sr.IsAdmin,
}
return user, CreateUser(user)
}