merge userdb.js into users.js
This commit is contained in:
Girish Ramakrishnan
+33
-35
@@ -3,7 +3,7 @@
|
||||
exports = module.exports = {
|
||||
search,
|
||||
verifyPassword,
|
||||
createAndVerifyUserIfNotExist,
|
||||
maybeCreateUser,
|
||||
|
||||
testConfig,
|
||||
startSyncer,
|
||||
@@ -292,61 +292,59 @@ function search(identifier, callback) {
|
||||
});
|
||||
}
|
||||
|
||||
function createAndVerifyUserIfNotExist(identifier, password, callback) {
|
||||
async function maybeCreateUser(identifier, password) {
|
||||
assert.strictEqual(typeof identifier, 'string');
|
||||
assert.strictEqual(typeof password, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
settings.getExternalLdapConfig(function (error, externalLdapConfig) {
|
||||
if (error) return callback(error);
|
||||
if (externalLdapConfig.provider === 'noop') return callback(new BoxError(BoxError.BAD_STATE, 'not enabled'));
|
||||
if (!externalLdapConfig.autoCreate) return callback(new BoxError(BoxError.BAD_STATE, 'auto create not enabled'));
|
||||
return new Promise((resolve, reject) => {
|
||||
settings.getExternalLdapConfig(function (error, externalLdapConfig) {
|
||||
if (error) return reject(error);
|
||||
if (externalLdapConfig.provider === 'noop') return reject(new BoxError(BoxError.BAD_STATE, 'not enabled'));
|
||||
if (!externalLdapConfig.autoCreate) return reject(new BoxError(BoxError.BAD_STATE, 'auto create not enabled'));
|
||||
|
||||
ldapUserSearch(externalLdapConfig, { filter: `${externalLdapConfig.usernameField}=${identifier}` }, function (error, ldapUsers) {
|
||||
if (error) return callback(error);
|
||||
if (ldapUsers.length === 0) return callback(new BoxError(BoxError.NOT_FOUND));
|
||||
if (ldapUsers.length > 1) return callback(new BoxError(BoxError.CONFLICT));
|
||||
ldapUserSearch(externalLdapConfig, { filter: `${externalLdapConfig.usernameField}=${identifier}` }, async function (error, ldapUsers) {
|
||||
if (error) return reject(error);
|
||||
if (ldapUsers.length === 0) return reject(new BoxError(BoxError.NOT_FOUND));
|
||||
if (ldapUsers.length > 1) return reject(new BoxError(BoxError.CONFLICT));
|
||||
|
||||
let user = translateUser(externalLdapConfig, ldapUsers[0]);
|
||||
if (!validUserRequirements(user)) return callback(new BoxError(BoxError.BAD_FIELD));
|
||||
const user = translateUser(externalLdapConfig, ldapUsers[0]);
|
||||
if (!validUserRequirements(user)) return reject(new BoxError(BoxError.BAD_FIELD));
|
||||
|
||||
users.create(user.username, null /* password */, user.email, user.displayName, { source: 'ldap' }, auditSource.EXTERNAL_LDAP_AUTO_CREATE, function (error, user) {
|
||||
[error] = await safe(users.add(user.email, { username: user.username, password: null, displayName: user.displayName, source: 'ldap' }, auditSource.EXTERNAL_LDAP_AUTO_CREATE));
|
||||
if (error) {
|
||||
debug(`createAndVerifyUserIfNotExist: Failed to auto create user ${user.username}`, error);
|
||||
return callback(new BoxError(BoxError.INTERNAL_ERROR));
|
||||
debug(`maybeCreateUser: failed to auto create user ${user.username}`, error);
|
||||
return reject(new BoxError(BoxError.INTERNAL_ERROR, error));
|
||||
}
|
||||
|
||||
verifyPassword(user, password, function (error) {
|
||||
if (error) return callback(error);
|
||||
callback(null, user);
|
||||
});
|
||||
resolve(user);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function verifyPassword(user, password, callback) {
|
||||
async function verifyPassword(user, password) {
|
||||
assert.strictEqual(typeof user, 'object');
|
||||
assert.strictEqual(typeof password, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
settings.getExternalLdapConfig(function (error, externalLdapConfig) {
|
||||
if (error) return callback(error);
|
||||
if (externalLdapConfig.provider === 'noop') return callback(new BoxError(BoxError.BAD_STATE, 'not enabled'));
|
||||
return new Promise((resolve, reject) => {
|
||||
settings.getExternalLdapConfig(function (error, externalLdapConfig) {
|
||||
if (error) return reject(error);
|
||||
if (externalLdapConfig.provider === 'noop') return reject(new BoxError(BoxError.BAD_STATE, 'not enabled'));
|
||||
|
||||
ldapUserSearch(externalLdapConfig, { filter: `${externalLdapConfig.usernameField}=${user.username}` }, function (error, ldapUsers) {
|
||||
if (error) return callback(error);
|
||||
if (ldapUsers.length === 0) return callback(new BoxError(BoxError.NOT_FOUND));
|
||||
if (ldapUsers.length > 1) return callback(new BoxError(BoxError.CONFLICT));
|
||||
ldapUserSearch(externalLdapConfig, { filter: `${externalLdapConfig.usernameField}=${user.username}` }, function (error, ldapUsers) {
|
||||
if (error) return reject(error);
|
||||
if (ldapUsers.length === 0) return reject(new BoxError(BoxError.NOT_FOUND));
|
||||
if (ldapUsers.length > 1) return reject(new BoxError(BoxError.CONFLICT));
|
||||
|
||||
getClient(externalLdapConfig, false, function (error, client) {
|
||||
if (error) return callback(error);
|
||||
getClient(externalLdapConfig, false, function (error, client) {
|
||||
if (error) return reject(error);
|
||||
|
||||
client.bind(ldapUsers[0].dn, password, function (error) {
|
||||
if (error instanceof ldap.InvalidCredentialsError) return callback(new BoxError(BoxError.INVALID_CREDENTIALS));
|
||||
if (error) return callback(new BoxError(BoxError.EXTERNAL_ERROR, error));
|
||||
client.bind(ldapUsers[0].dn, password, function (error) {
|
||||
if (error instanceof ldap.InvalidCredentialsError) return reject(new BoxError(BoxError.INVALID_CREDENTIALS));
|
||||
if (error) return reject(new BoxError(BoxError.EXTERNAL_ERROR, error));
|
||||
|
||||
callback(null, translateUser(externalLdapConfig, ldapUsers[0]));
|
||||
resolve(translateUser(externalLdapConfig, ldapUsers[0]));
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user