diff --git a/dashboard/src/translation/en.json b/dashboard/src/translation/en.json index 318c1ce4a..5584324f5 100644 --- a/dashboard/src/translation/en.json +++ b/dashboard/src/translation/en.json @@ -221,7 +221,7 @@ }, "externalLdap": { "title": "Connect an External Directory", - "description": "Cloudron will synchronize users and groups from an external LDAP or ActiveDirectory server. Password verification for authenticating those users is done against the external server. The synchronization is not run automatically but needs to be triggered manually.", + "description": "This setting will synchronize and authenticate users and groups from an external LDAP or Active Directory server. The synchronization is run every 4 hours but can also be triggered manually.", "subscriptionRequired": "This feature is only available in the paid plans.", "subscriptionRequiredAction": "Set up Subscription Now", "noopInfo": "LDAP authentication is not configured.", diff --git a/src/cron.js b/src/cron.js index b78ac700c..a4c906ad1 100644 --- a/src/cron.js +++ b/src/cron.js @@ -15,6 +15,7 @@ exports = module.exports = { handleTimeZoneChanged, handleAutoupdatePatternChanged, handleDynamicDnsChanged, + handleExternalLdapChanged, DEFAULT_AUTOUPDATE_PATTERN, }; @@ -29,6 +30,7 @@ const appHealthMonitor = require('./apphealthmonitor.js'), CronJob = require('cron').CronJob, debug = require('debug')('box:cron'), dyndns = require('./dyndns.js'), + externalLdap = require('./externalldap.js'), eventlog = require('./eventlog.js'), janitor = require('./janitor.js'), mail = require('./mail.js'), @@ -57,7 +59,8 @@ const gJobs = { dynamicDns: null, schedulerSync: null, appHealthMonitor: null, - diskUsage: null + diskUsage: null, + externalLdapSyncer: null }; // cron format @@ -173,6 +176,7 @@ async function startJobs() { await handleBackupPolicyChanged(await backups.getPolicy()); await handleAutoupdatePatternChanged(await updater.getAutoupdatePattern()); await handleDynamicDnsChanged(await network.getDynamicDns()); + await handleExternalLdapChanged(await externalLdap.getConfig()); } async function handleBackupPolicyChanged(value) { @@ -257,6 +261,21 @@ function handleDynamicDnsChanged(enabled) { } } +async function handleExternalLdapChanged(config) { + assert.strictEqual(typeof config, 'object'); + + if (config.provider !== 'noop') { + gJobs.externalLdapSyncer = new CronJob({ + cronTime: '00 00 */4 * * *', // every 4 hours + onTick: async () => await safe(externalLdap.startSyncer(AuditSource.CRON), { debug }), + start: true + }); + } else { + if (gJobs.externalLdapSyncer) gJobs.externalLdapSyncer.stop(); + gJobs.externalLdapSyncer = null; + } +} + async function stopJobs() { for (const job in gJobs) { if (!gJobs[job]) continue; diff --git a/src/externalldap.js b/src/externalldap.js index 9522e8ec8..8882f9b36 100644 --- a/src/externalldap.js +++ b/src/externalldap.js @@ -18,6 +18,7 @@ const assert = require('assert'), AuditSource = require('./auditsource.js'), BoxError = require('./boxerror.js'), constants = require('./constants.js'), + cron = require('./cron.js'), debug = require('debug')('box:externalldap'), eventlog = require('./eventlog.js'), groups = require('./groups.js'), @@ -87,6 +88,8 @@ async function setConfig(newConfig, auditSource) { if (newConfig.provider === 'noop') await users.resetSource(); // otherwise, the owner could be 'ldap' source and lock themselves out await eventlog.add(eventlog.ACTION_EXTERNAL_LDAP_CONFIGURE, auditSource, { oldConfig: removePrivateFields(currentConfig), config: removePrivateFields(newConfig) }); + + await cron.handleExternalLdapChanged(); } // performs service bind if required