diff --git a/box.js b/box.js index 5072daae1..4b30a85fc 100755 --- a/box.js +++ b/box.js @@ -9,7 +9,7 @@ const fs = require('fs'), safe = require('safetydance'), server = require('./src/server.js'), settings = require('./src/settings.js'), - userdirectory = require('./src/userdirectory.js'); + directoryServer = require('./src/directoryserver.js'); let logFd; @@ -39,7 +39,7 @@ async function startServers() { await ldap.start(); const conf = await settings.getUserDirectoryConfig(); - if (conf.enabled) await userdirectory.start(); + if (conf.enabled) await directoryServer.start(); } async function main() { @@ -54,7 +54,7 @@ async function main() { await proxyAuth.stop(); await server.stop(); - await userdirectory.stop(); + await directoryServer.stop(); await ldap.stop(); setTimeout(process.exit.bind(process), 3000); }); @@ -64,7 +64,7 @@ async function main() { await proxyAuth.stop(); await server.stop(); - await userdirectory.stop(); + await directoryServer.stop(); await ldap.stop(); setTimeout(process.exit.bind(process), 3000); }); diff --git a/src/cron.js b/src/cron.js index 40d8c3947..88ebacab7 100644 --- a/src/cron.js +++ b/src/cron.js @@ -25,6 +25,7 @@ const appHealthMonitor = require('./apphealthmonitor.js'), constants = require('./constants.js'), CronJob = require('cron').CronJob, debug = require('debug')('box:cron'), + directoryServer = require('./directoryserver.js'), dyndns = require('./dyndns.js'), eventlog = require('./eventlog.js'), janitor = require('./janitor.js'), @@ -35,7 +36,6 @@ const appHealthMonitor = require('./apphealthmonitor.js'), system = require('./system.js'), updater = require('./updater.js'), updateChecker = require('./updatechecker.js'), - userdirectory = require('./userdirectory.js'), _ = require('underscore'); const gJobs = { @@ -174,9 +174,9 @@ async function handleSettingsChanged(key, value) { await stopJobs(); await startJobs(); break; - case settings.USER_DIRECTORY_KEY: - if (value.enabled) await userdirectory.start(); - else await userdirectory.stop(); + case settings.DIRECTORY_SERVER_KEY: + if (value.enabled) await directoryServer.start(); + else await directoryServer.stop(); break; default: break; diff --git a/src/userdirectory.js b/src/directoryserver.js similarity index 97% rename from src/userdirectory.js rename to src/directoryserver.js index 46ec43e63..c2e311330 100644 --- a/src/userdirectory.js +++ b/src/directoryserver.js @@ -11,7 +11,7 @@ exports = module.exports = { const assert = require('assert'), BoxError = require('./boxerror.js'), constants = require('./constants.js'), - debug = require('debug')('box:userdirectory'), + debug = require('debug')('box:directoryserver'), dns = require('./dns.js'), domains = require('./domains.js'), eventlog = require('./eventlog.js'), @@ -304,12 +304,12 @@ async function start() { gServer.bind('ou=system,dc=cloudron', async function(req, res, next) { debug('system bind: %s (from %s)', req.dn.toString(), req.connection.ldap.id); - const tmp = await settings.getUserDirectoryConfig(); + const tmp = await settings.getDirectoryServerConfig(); if (!req.dn.equals(constants.USER_DIRECTORY_LDAP_DN)) return next(new ldap.InvalidCredentialsError(req.dn.toString())); if (req.credentials !== tmp.secret) return next(new ldap.InvalidCredentialsError(req.dn.toString())); - req.user = { user: 'userDirectoryAdmin' }; + req.user = { user: 'directoryServerAdmin' }; res.end(); @@ -322,7 +322,7 @@ async function start() { gServer.bind('ou=users,dc=cloudron', userAuth, async function (req, res) { assert.strictEqual(typeof req.user, 'object'); - await eventlog.upsertLoginEvent(req.user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, { authType: 'userdirectory', id: req.connection.ldap.id }, { userId: req.user.id, user: users.removePrivateFields(req.user) }); + await eventlog.upsertLoginEvent(req.user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, { authType: 'directoryserver', id: req.connection.ldap.id }, { userId: req.user.id, user: users.removePrivateFields(req.user) }); res.end(); }); diff --git a/src/routes/settings.js b/src/routes/settings.js index 80e4ff5ea..71d94a8a1 100644 --- a/src/routes/settings.js +++ b/src/routes/settings.js @@ -139,21 +139,21 @@ async function setExternalLdapConfig(req, res, next) { next(new HttpSuccess(200, {})); } -async function getUserDirectoryConfig(req, res, next) { - const [error, config] = await safe(settings.getUserDirectoryConfig()); +async function getDirectoryServerConfig(req, res, next) { + const [error, config] = await safe(settings.getDirectoryServerConfig()); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, config)); } -async function setUserDirectoryConfig(req, res, next) { +async function setDirectoryServerConfig(req, res, next) { assert.strictEqual(typeof req.body, 'object'); if (typeof req.body.enabled !== 'boolean') return next(new HttpError(400, 'enabled must be a boolean')); if (typeof req.body.secret !== 'string') return next(new HttpError(400, 'secret must be a string')); if ('allowlist' in req.body && typeof req.body.allowlist !== 'string') return next(new HttpError(400, 'allowlist must be a string')); - const [error] = await safe(settings.setUserDirectoryConfig(req.body)); + const [error] = await safe(settings.setDirectoryServerConfig(req.body)); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -300,7 +300,7 @@ function get(req, res, next) { case settings.IPV6_CONFIG_KEY: return getIPv6Config(req, res, next); case settings.BACKUP_CONFIG_KEY: return getBackupConfig(req, res, next); case settings.EXTERNAL_LDAP_KEY: return getExternalLdapConfig(req, res, next); - case settings.USER_DIRECTORY_KEY: return getUserDirectoryConfig(req, res, next); + case settings.DIRECTORY_SERVER_KEY: return getDirectoryServerConfig(req, res, next); case settings.UNSTABLE_APPS_KEY: return getUnstableAppsConfig(req, res, next); case settings.REGISTRY_CONFIG_KEY: return getRegistryConfig(req, res, next); case settings.SYSINFO_CONFIG_KEY: return getSysinfoConfig(req, res, next); @@ -323,7 +323,7 @@ function set(req, res, next) { case settings.DYNAMIC_DNS_KEY: return setDynamicDnsConfig(req, res, next); case settings.IPV6_CONFIG_KEY: return setIPv6Config(req, res, next); case settings.EXTERNAL_LDAP_KEY: return setExternalLdapConfig(req, res, next); - case settings.USER_DIRECTORY_KEY: return setUserDirectoryConfig(req, res, next); + case settings.DIRECTORY_SERVER_KEY: return setDirectoryServerConfig(req, res, next); case settings.UNSTABLE_APPS_KEY: return setUnstableAppsConfig(req, res, next); case settings.REGISTRY_CONFIG_KEY: return setRegistryConfig(req, res, next); case settings.SYSINFO_CONFIG_KEY: return setSysinfoConfig(req, res, next); diff --git a/src/settings.js b/src/settings.js index 32431b83c..4659adf74 100644 --- a/src/settings.js +++ b/src/settings.js @@ -34,8 +34,8 @@ exports = module.exports = { getExternalLdapConfig, setExternalLdapConfig, - getUserDirectoryConfig, - setUserDirectoryConfig, + getDirectoryServerConfig, + setDirectoryServerConfig, getRegistryConfig, setRegistryConfig, @@ -100,7 +100,7 @@ exports = module.exports = { BACKUP_CONFIG_KEY: 'backup_config', SERVICES_CONFIG_KEY: 'services_config', EXTERNAL_LDAP_KEY: 'external_ldap_config', - USER_DIRECTORY_KEY: 'user_directory_config', + DIRECTORY_SERVER_KEY: 'user_directory_config', REGISTRY_CONFIG_KEY: 'registry_config', SYSINFO_CONFIG_KEY: 'sysinfo_config', // misnomer: ipv4 config APPSTORE_LISTING_CONFIG_KEY: 'appstore_listing_config', @@ -148,6 +148,7 @@ const assert = require('assert'), CronJob = require('cron').CronJob, database = require('./database.js'), debug = require('debug')('box:settings'), + directoryServer = require('./directoryserver.js'), docker = require('./docker.js'), externalLdap = require('./externalldap.js'), moment = require('moment-timezone'), @@ -157,7 +158,6 @@ const assert = require('assert'), sysinfo = require('./sysinfo.js'), tokens = require('./tokens.js'), translation = require('./translation.js'), - userdirectory = require('./userdirectory.js'), users = require('./users.js'), _ = require('underscore'); @@ -194,7 +194,7 @@ const gDefaults = (function () { provider: 'noop', autoCreate: false }; - result[exports.USER_DIRECTORY_KEY] = { + result[exports.DIRECTORY_SERVER_KEY] = { enabled: false, secret: '', allowlist: '' // empty means allow all @@ -528,29 +528,29 @@ async function setExternalLdapConfig(externalLdapConfig) { notifyChange(exports.EXTERNAL_LDAP_KEY, externalLdapConfig); } -async function getUserDirectoryConfig() { - const value = await get(exports.USER_DIRECTORY_KEY); - if (value === null) return gDefaults[exports.USER_DIRECTORY_KEY]; +async function getDirectoryServerConfig() { + const value = await get(exports.DIRECTORY_SERVER_KEY); + if (value === null) return gDefaults[exports.DIRECTORY_SERVER_KEY]; return JSON.parse(value); } -async function setUserDirectoryConfig(userDirectoryConfig) { - assert.strictEqual(typeof userDirectoryConfig, 'object'); +async function setDirectoryServerConfig(directoryServerConfig) { + assert.strictEqual(typeof directoryServerConfig, 'object'); if (isDemo()) throw new BoxError(BoxError.BAD_FIELD, 'Not allowed in demo mode'); const config = { - enabled: userDirectoryConfig.enabled, - secret: userDirectoryConfig.secret, + enabled: directoryServerConfig.enabled, + secret: directoryServerConfig.secret, // if list is empty, we allow all IPs - allowlist: userDirectoryConfig.allowlist || '' + allowlist: directoryServerConfig.allowlist || '' }; - await userdirectory.validateConfig(config); - await set(exports.USER_DIRECTORY_KEY, JSON.stringify(config)); - await userdirectory.applyConfig(config); + await directoryServer.validateConfig(config); + await set(exports.DIRECTORY_SERVER_KEY, JSON.stringify(config)); + await directoryServer.applyConfig(config); - notifyChange(exports.USER_DIRECTORY_KEY, config); + notifyChange(exports.DIRECTORY_SERVER_KEY, config); } async function getRegistryConfig() { diff --git a/src/test/userdirectory-test.js b/src/test/directoryserver-test.js similarity index 97% rename from src/test/userdirectory-test.js rename to src/test/directoryserver-test.js index c6d0ed6ae..48468f480 100644 --- a/src/test/userdirectory-test.js +++ b/src/test/directoryserver-test.js @@ -9,12 +9,12 @@ const async = require('async'), common = require('./common.js'), constants = require('../constants.js'), + directoryServer = require('../directoryserver.js'), expect = require('expect.js'), groups = require('../groups.js'), ldap = require('ldapjs'), safe = require('safetydance'), - settings = require('../settings.js'), - userdirectory = require('../userdirectory.js'); + settings = require('../settings.js'); async function ldapBind(dn, password) { return new Promise((resolve, reject) => { @@ -80,8 +80,8 @@ describe('User Directory Ldap', function () { before(function (done) { async.series([ setup, - userdirectory.start.bind(null), - settings.setUserDirectoryConfig.bind(null, { enabled: true, secret: auth.secret, allowlist: '127.0.0.1' }), + directoryServer.start.bind(null), + settings.setDirectoryServerConfig.bind(null, { enabled: true, secret: auth.secret, allowlist: '127.0.0.1' }), async () => { group = await groups.add({ name: 'ldap-test-1' }); await groups.setMembers(group.id, [ admin.id, user.id ]); @@ -95,7 +95,7 @@ describe('User Directory Ldap', function () { after(function (done) { async.series([ - userdirectory.stop, + directoryServer.stop, cleanup ], done); });