jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Also remove the virtual user and admin groups for userdirectory

Browse Source
This commit is contained in:
Johannes Zellner
2022-07-29 11:17:31 +02:00
parent b71254a0c3
commit 612b1d6030
1 changed files with 4 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/userdirectory.js
View File

@@ -32,8 +32,6 @@ let gServer = null;
const NOOP = function () {};
const GROUP_USERS_DN = 'cn=users,ou=groups,dc=cloudron';
const GROUP_ADMINS_DN = 'cn=admins,ou=groups,dc=cloudron';
const SET_LDAP_ALLOWLIST_CMD = path.join(__dirname, 'scripts/setldapallowlist.sh');
async function validateConfig(config) {
@@ -155,10 +153,7 @@ async function userSearch(req, res, next) {
// skip entries with empty username. Some apps like owncloud can't deal with this
if (!user.username) return;
const dn = ldap.parseDN('cn=' + user.id + ',ou=users,dc=cloudron');
const memberof = [ GROUP_USERS_DN ];
if (users.compareRoles(user.role, users.ROLE_ADMIN) >= 0) memberof.push(GROUP_ADMINS_DN);
const dn = ldap.parseDN(`cn=${user.id},ou=users,dc=cloudron`);
const displayName = user.displayName || user.username || ''; // displayName can be empty and username can be null
const nameParts = displayName.split(' ');
@@ -179,7 +174,7 @@ async function userSearch(req, res, next) {
givenName: firstName,
username: user.username,
samaccountname: user.username, // to support ActiveDirectory clients
memberof: memberof
// memberof: user.groupIds.map(function (gid) { return `cn=${gid},ou=groups,dc=cloudron`; }) <- use cn=group.name instead of id
}
};
@@ -211,7 +206,7 @@ async function groupSearch(req, res, next) {
if (errorGroups) return next(new ldap.OperationsError(errorGroups.toString()));
resultGroups.forEach(function (group) {
const dn = ldap.parseDN('cn=' + group.name + ',ou=groups,dc=cloudron');
const dn = ldap.parseDN(`cn=${group.name},ou=groups,dc=cloudron`);
const members = group.userIds.filter(function (uid) { return result.map(function (u) { return u.id; }).indexOf(uid) !== -1; });
const obj = {
@@ -219,6 +214,7 @@ async function groupSearch(req, res, next) {
attributes: {
objectclass: ['group'],
cn: group.name,
gidnumber: group.id,
memberuid: members
}
};