From cdb9478774e6c5cebf5a75ff35bfa6d8a37bdbdb Mon Sep 17 00:00:00 2001
From: Magnus Lindvall <magnus@dnmgns.com>
Date: Thu, 24 May 2018 06:59:02 +0200
Subject: LDAP Public SSH Keys synchronization (#1844)

* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
---
 routers/admin/auths.go       | 37 +++++++++++++++++++------------------
 routers/api/v1/user/key.go   |  2 +-
 routers/user/setting/keys.go |  2 +-
 3 files changed, 21 insertions(+), 20 deletions(-)

(limited to 'routers')

diff --git a/routers/admin/auths.go b/routers/admin/auths.go
index 6f142d7975..40b7df108d 100644
--- a/routers/admin/auths.go
+++ b/routers/admin/auths.go
@@ -97,24 +97,25 @@ func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig {
 	}
 	return &models.LDAPConfig{
 		Source: &ldap.Source{
-			Name:              form.Name,
-			Host:              form.Host,
-			Port:              form.Port,
-			SecurityProtocol:  ldap.SecurityProtocol(form.SecurityProtocol),
-			SkipVerify:        form.SkipVerify,
-			BindDN:            form.BindDN,
-			UserDN:            form.UserDN,
-			BindPassword:      form.BindPassword,
-			UserBase:          form.UserBase,
-			AttributeUsername: form.AttributeUsername,
-			AttributeName:     form.AttributeName,
-			AttributeSurname:  form.AttributeSurname,
-			AttributeMail:     form.AttributeMail,
-			AttributesInBind:  form.AttributesInBind,
-			SearchPageSize:    pageSize,
-			Filter:            form.Filter,
-			AdminFilter:       form.AdminFilter,
-			Enabled:           true,
+			Name:                  form.Name,
+			Host:                  form.Host,
+			Port:                  form.Port,
+			SecurityProtocol:      ldap.SecurityProtocol(form.SecurityProtocol),
+			SkipVerify:            form.SkipVerify,
+			BindDN:                form.BindDN,
+			UserDN:                form.UserDN,
+			BindPassword:          form.BindPassword,
+			UserBase:              form.UserBase,
+			AttributeUsername:     form.AttributeUsername,
+			AttributeName:         form.AttributeName,
+			AttributeSurname:      form.AttributeSurname,
+			AttributeMail:         form.AttributeMail,
+			AttributesInBind:      form.AttributesInBind,
+			AttributeSSHPublicKey: form.AttributeSSHPublicKey,
+			SearchPageSize:        pageSize,
+			Filter:                form.Filter,
+			AdminFilter:           form.AdminFilter,
+			Enabled:               true,
 		},
 	}
 }
diff --git a/routers/api/v1/user/key.go b/routers/api/v1/user/key.go
index c36ef763dd..41a514af5e 100644
--- a/routers/api/v1/user/key.go
+++ b/routers/api/v1/user/key.go
@@ -129,7 +129,7 @@ func CreateUserPublicKey(ctx *context.APIContext, form api.CreateKeyOption, uid
 		return
 	}
 
-	key, err := models.AddPublicKey(uid, form.Title, content)
+	key, err := models.AddPublicKey(uid, form.Title, content, 0)
 	if err != nil {
 		repo.HandleAddKeyError(ctx, err)
 		return
diff --git a/routers/user/setting/keys.go b/routers/user/setting/keys.go
index 5c28fa6e6d..ef986ef8c9 100644
--- a/routers/user/setting/keys.go
+++ b/routers/user/setting/keys.go
@@ -99,7 +99,7 @@ func KeysPost(ctx *context.Context, form auth.AddKeyForm) {
 			return
 		}
 
-		if _, err = models.AddPublicKey(ctx.User.ID, form.Title, content); err != nil {
+		if _, err = models.AddPublicKey(ctx.User.ID, form.Title, content, 0); err != nil {
 			ctx.Data["HasSSHError"] = true
 			switch {
 			case models.IsErrKeyAlreadyExist(err):
-- 
cgit v1.2.3