diff options
| author | Lauris BH <lauris@nix.lv> | 2017-05-10 16:10:18 +0300 |
|---|---|---|
| committer | Kim "BKC" Carlbäcker <kim.carlbacker@gmail.com> | 2017-05-10 15:10:18 +0200 |
| commit | 524885dd6502570dddf5c83f171ee74890dba5c4 (patch) | |
| tree | 6256ab65739e8b2b9f4d9b498e10526341c2493c /models/login_source.go | |
| parent | fd76f090a29b229b9e8e089e225f7ca012809090 (diff) | |
| download | gitea-524885dd6502570dddf5c83f171ee74890dba5c4.tar.gz gitea-524885dd6502570dddf5c83f171ee74890dba5c4.zip | |
LDAP user synchronization (#1478)
Diffstat (limited to 'models/login_source.go')
| -rw-r--r-- | models/login_source.go | 41 |
1 files changed, 23 insertions, 18 deletions
diff --git a/models/login_source.go b/models/login_source.go index 3c7bff8cb8..60110708cb 100644 --- a/models/login_source.go +++ b/models/login_source.go @@ -140,11 +140,12 @@ func (cfg *OAuth2Config) ToDB() ([]byte, error) { // LoginSource represents an external way for authorizing users. type LoginSource struct { - ID int64 `xorm:"pk autoincr"` - Type LoginType - Name string `xorm:"UNIQUE"` - IsActived bool `xorm:"INDEX NOT NULL DEFAULT false"` - Cfg core.Conversion `xorm:"TEXT"` + ID int64 `xorm:"pk autoincr"` + Type LoginType + Name string `xorm:"UNIQUE"` + IsActived bool `xorm:"INDEX NOT NULL DEFAULT false"` + IsSyncEnabled bool `xorm:"INDEX NOT NULL DEFAULT false"` + Cfg core.Conversion `xorm:"TEXT"` Created time.Time `xorm:"-"` CreatedUnix int64 `xorm:"INDEX"` @@ -294,6 +295,10 @@ func CreateLoginSource(source *LoginSource) error { } else if has { return ErrLoginSourceAlreadyExist{source.Name} } + // Synchronization is only aviable with LDAP for now + if !source.IsLDAP() { + source.IsSyncEnabled = false + } _, err = x.Insert(source) if err == nil && source.IsOAuth2() && source.IsActived { @@ -405,8 +410,8 @@ func composeFullName(firstname, surname, username string) string { // LoginViaLDAP queries if login/password is valid against the LDAP directory pool, // and create a local user if success when enabled. func LoginViaLDAP(user *User, login, password string, source *LoginSource, autoRegister bool) (*User, error) { - username, fn, sn, mail, isAdmin, succeed := source.Cfg.(*LDAPConfig).SearchEntry(login, password, source.Type == LoginDLDAP) - if !succeed { + sr := source.Cfg.(*LDAPConfig).SearchEntry(login, password, source.Type == LoginDLDAP) + if sr == nil { // User not in LDAP, do nothing return nil, ErrUserNotExist{0, login, 0} } @@ -416,28 +421,28 @@ func LoginViaLDAP(user *User, login, password string, source *LoginSource, autoR } // Fallback. - if len(username) == 0 { - username = login + if len(sr.Username) == 0 { + sr.Username = login } // Validate username make sure it satisfies requirement. - if binding.AlphaDashDotPattern.MatchString(username) { - return nil, fmt.Errorf("Invalid pattern for attribute 'username' [%s]: must be valid alpha or numeric or dash(-_) or dot characters", username) + if binding.AlphaDashDotPattern.MatchString(sr.Username) { + return nil, fmt.Errorf("Invalid pattern for attribute 'username' [%s]: must be valid alpha or numeric or dash(-_) or dot characters", sr.Username) } - if len(mail) == 0 { - mail = fmt.Sprintf("%s@localhost", username) + if len(sr.Mail) == 0 { + sr.Mail = fmt.Sprintf("%s@localhost", sr.Username) } user = &User{ - LowerName: strings.ToLower(username), - Name: username, - FullName: composeFullName(fn, sn, username), - Email: mail, + LowerName: strings.ToLower(sr.Username), + Name: sr.Username, + FullName: composeFullName(sr.Name, sr.Surname, sr.Username), + Email: sr.Mail, LoginType: source.Type, LoginSource: source.ID, LoginName: login, IsActive: true, - IsAdmin: isAdmin, + IsAdmin: sr.IsAdmin, } return user, CreateUser(user) } |