diff --git a/src/externalldap.js b/src/externalldap.js index 2bc02e77b..791e5e940 100644 --- a/src/externalldap.js +++ b/src/externalldap.js @@ -50,7 +50,7 @@ function testConfig(config, callback) { assert.strictEqual(typeof config, 'object'); assert.strictEqual(typeof callback, 'function'); - if (!config.enabled) return callback(); + if (config.provider === 'noop') return callback(); if (!config.url) return callback(new BoxError(BoxError.BAD_FIELD, 'url must not be empty')); if (!config.baseDn) return callback(new BoxError(BoxError.BAD_FIELD, 'basedn must not be empty')); @@ -81,7 +81,7 @@ function verifyPassword(user, password, callback) { settings.getExternalLdapConfig(function (error, externalLdapConfig) { if (error) return callback(error); - if (!externalLdapConfig.enabled) return callback(new BoxError(BoxError.BAD_STATE, 'not enabled')); + if (externalLdapConfig.provider === 'noop') return callback(new BoxError(BoxError.BAD_STATE, 'not enabled')); getClient(externalLdapConfig, function (error, client) { if (error) return callback(error); @@ -103,7 +103,7 @@ function startSyncer(callback) { settings.getExternalLdapConfig(function (error, externalLdapConfig) { if (error) return callback(error); - if (!externalLdapConfig.enabled) return callback(new BoxError(BoxError.BAD_STATE, 'not enabled')); + if (externalLdapConfig.provider === 'noop') return callback(new BoxError(BoxError.BAD_STATE, 'not enabled')); tasks.add(tasks.TASK_SYNC_EXTERNAL_LDAP, [], function (error, taskId) { if (error) return callback(error); @@ -125,7 +125,7 @@ function sync(progressCallback, callback) { settings.getExternalLdapConfig(function (error, externalLdapConfig) { if (error) return callback(error); - if (!externalLdapConfig.enabled) return callback(new BoxError(BoxError.BAD_STATE, 'not enabled')); + if (externalLdapConfig.provider === 'noop') return callback(new BoxError(BoxError.BAD_STATE, 'not enabled')); getClient(externalLdapConfig, function (error, client) { if (error) return callback(error); @@ -157,15 +157,15 @@ function sync(progressCallback, callback) { debug(`Found ${ldapUsers.length} users`); // we ignore all errors here and just log them for now - async.eachSeries(ldapUsers, function (user, callback) { + async.eachSeries(ldapUsers, function (user, iteratorCallback) { // ignore the bindDn user if any - if (user.dn === externalLdapConfig.bindDn) return callback(); + if (user.dn === externalLdapConfig.bindDn) return iteratorCallback(); users.getByUsername(user.uid, function (error, result) { if (error && error.reason !== BoxError.NOT_FOUND) { console.error(error); - return callback(); + return iteratorCallback(); } if (error) { @@ -173,22 +173,22 @@ function sync(progressCallback, callback) { users.create(user.uid, null, user.mail, user.cn, { source: 'ldap' }, auditsource.EXTERNAL_LDAP_TASK, function (error) { if (error) console.error('Failed to create user', user, error); - callback(); + iteratorCallback(); }); } else if (result.source !== 'ldap') { debug('[conflicting user]', user.uid, user.mail, user.cn); - callback(); + iteratorCallback(); } else if (result.email !== user.mail || result.displayName !== user.cn) { debug('[updating user] ', user.uid, user.mail, user.cn); users.update(result.id, { email: user.mail, fallbackEmail: user.mail, displayName: user.cn }, auditsource.EXTERNAL_LDAP_TASK, function (error) { if (error) console.error('Failed to update user', user, error); - callback(); + iteratorCallback(); }); } else { // user known and up-to-date - callback(); + iteratorCallback(); } }); }, function () { diff --git a/src/routes/settings.js b/src/routes/settings.js index 9cc3d3bb1..4474b438a 100644 --- a/src/routes/settings.js +++ b/src/routes/settings.js @@ -198,7 +198,8 @@ function getExternalLdapConfig(req, res, next) { function setExternalLdapConfig(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - if (typeof req.body.enabled !== 'boolean') return next(new HttpError(400, 'enabled must be a boolean')); + if (!req.body.provider || typeof req.body.provider !== 'string') return next(new HttpError(400, 'provider must be a string')); + if (typeof req.body.provider !== 'string' || req.body.provider === '') return next(new HttpError(400, 'provider must be non-empty string')); if (typeof req.body.url !== 'string' || req.body.url === '') return next(new HttpError(400, 'url must be a non empty string')); if (typeof req.body.baseDn !== 'string' || req.body.baseDn === '') return next(new HttpError(400, 'baseDn must be a non empty string')); if (typeof req.body.filter !== 'string' || req.body.filter === '') return next(new HttpError(400, 'filter must be a non empty string')); diff --git a/src/settings.js b/src/settings.js index 031a85641..95cd2f36c 100644 --- a/src/settings.js +++ b/src/settings.js @@ -129,7 +129,9 @@ let gDefaults = (function () { intervalSecs: 24 * 60 * 60 // ~1 day }; result[exports.PLATFORM_CONFIG_KEY] = {}; - result[exports.EXTERNAL_LDAP_KEY] = {}; + result[exports.EXTERNAL_LDAP_KEY] = { + provider: 'noop' + }; result[exports.REGISTRY_CONFIG_KEY] = {}; result[exports.ADMIN_DOMAIN_KEY] = ''; result[exports.ADMIN_FQDN_KEY] = '';