diff --git a/src/ldap.js b/src/ldap.js index cfc05ca71..ab341cfa9 100644 --- a/src/ldap.js +++ b/src/ldap.js @@ -76,22 +76,32 @@ function start(callback) { user.list(function (error, result){ if (error) return next(new ldap.OperationsError(error.toString())); - // we only have an admin group - var dn = ldap.parseDN('cn=admin,ou=groups,dc=cloudron'); + var groups = [{ + name: 'users', + admin: false + }, { + name: 'admins', + admin: true + }]; - var tmp = { - dn: dn.toString(), - attributes: { - objectclass: ['group'], - cn: 'admin', - memberuid: result.filter(function (entry) { return entry.admin; }).map(function(entry) { return entry.id; }) + groups.forEach(function (group) { + var dn = ldap.parseDN('cn=' + group.name + ',ou=groups,dc=cloudron'); + var members = group.admin ? result.filter(function (entry) { return entry.admin; }) : result; + + var tmp = { + dn: dn.toString(), + attributes: { + objectclass: ['group'], + cn: group.name, + memberuid: members.map(function(entry) { return entry.id; }) + } + }; + + if ((req.dn.equals(dn) || req.dn.parentOf(dn)) && req.filter.matches(tmp.attributes)) { + res.send(tmp); + debug('ldap group send:', tmp); } - }; - - if ((req.dn.equals(dn) || req.dn.parentOf(dn)) && req.filter.matches(tmp.attributes)) { - res.send(tmp); - debug('ldap group send:', tmp); - } + }); res.end(); }); diff --git a/src/test/ldap-test.js b/src/test/ldap-test.js index ab82d3ef7..6e8beaf2b 100644 --- a/src/test/ldap-test.js +++ b/src/test/ldap-test.js @@ -76,7 +76,7 @@ describe('Ldap', function () { }); }); - describe('search', function () { + describe('search users', function () { it ('fails for non existing tree', function (done) { var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') }); @@ -173,4 +173,91 @@ describe('Ldap', function () { }); }); }); + + describe('search groups', function () { + it ('succeeds with basic filter', function (done) { + var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') }); + + var opts = { + filter: 'objectclass=group' + }; + + client.search('ou=groups,dc=cloudron', opts, function (error, result) { + expect(error).to.be(null); + expect(result).to.be.an(EventEmitter); + + var entries = []; + + result.on('searchEntry', function (entry) { entries.push(entry.object); }); + result.on('error', done); + result.on('end', function (result) { + expect(result.status).to.equal(0); + expect(entries.length).to.equal(2); + expect(entries[0].cn).to.equal('users'); + expect(entries[0].memberuid.length).to.equal(2); + expect(entries[0].memberuid[0]).to.equal(USER_0.username); + expect(entries[0].memberuid[1]).to.equal(USER_1.username); + expect(entries[1].cn).to.equal('admins'); + // if only one entry, the array becomes a string :-/ + expect(entries[1].memberuid).to.equal(USER_0.username); + done(); + }); + }); + }); + + it ('succeeds with cn wildcard filter', function (done) { + var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') }); + + var opts = { + filter: '&(objectclass=group)(cn=*)' + }; + + client.search('ou=groups,dc=cloudron', opts, function (error, result) { + expect(error).to.be(null); + expect(result).to.be.an(EventEmitter); + + var entries = []; + + result.on('searchEntry', function (entry) { entries.push(entry.object); }); + result.on('error', done); + result.on('end', function (result) { + expect(result.status).to.equal(0); + expect(entries.length).to.equal(2); + expect(entries[0].cn).to.equal('users'); + expect(entries[0].memberuid.length).to.equal(2); + expect(entries[0].memberuid[0]).to.equal(USER_0.username); + expect(entries[0].memberuid[1]).to.equal(USER_1.username); + expect(entries[1].cn).to.equal('admins'); + // if only one entry, the array becomes a string :-/ + expect(entries[1].memberuid).to.equal(USER_0.username); + done(); + }); + }); + }); + + it('succeeds with memberuid filter', function (done) { + var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') }); + + var opts = { + filter: '&(objectclass=group)(memberuid=' + USER_1.username + ')' + }; + + client.search('ou=groups,dc=cloudron', opts, function (error, result) { + expect(error).to.be(null); + expect(result).to.be.an(EventEmitter); + + var entries = []; + + result.on('searchEntry', function (entry) { entries.push(entry.object); }); + result.on('error', done); + result.on('end', function (result) { + expect(result.status).to.equal(0); + expect(entries.length).to.equal(1); + expect(entries[0].cn).to.equal('users'); + expect(entries[0].memberuid.length).to.equal(2); + done(); + }); + }); + }); + }); });