Add mail to user records

5 years ago · 7a777f1962
11 changed files with 90 additions and 50 deletions
--- a/README.md
+++ b/README.md
@ -1,6 +1,7 @@
 Set up a testing environment:
 ```
 sudo apt install slapd
+sudo ldapadd -Y EXTERNAL -H ldapi:// -f /etc/ldap/schema/misc.ldif
 sudo slapadd -n 1 -l examples/data.ldif
 ```

--- a/examples/data.ldif
+++ b/examples/data.ldif
@ -5,24 +5,36 @@ ou: People
 dn: uid=user,ou=People,dc=nodomain
 uid: user
 cn: User
-objectClass: account
+objectClass: inetOrgPerson
 objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetLocalMailRecipient
+objectClass: top
 userPassword: {SSHA}FHqod3gytvH9MDGhpMV1DKjyU7eO1EDG
 loginShell: /bin/bash
 uidNumber: 1000
 gidNumber: 1000
 homeDirectory: /home/user
+mail: user@nodomain
+mailHost: mail.nodomain
+mailRoutingAddress: user@mail.nodomain

 dn: uid=superuser,ou=People,dc=nodomain
 uid: superuser
 cn: SuperUser
-objectClass: account
+objectClass: inetOrgPerson
 objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetLocalMailRecipient
+objectClass: top
 userPassword: {SSHA}FHqod3gytvH9MDGhpMV1DKjyU7eO1EDG
 loginShell: /bin/bash
 uidNumber: 1001
 gidNumber: 1001
 homeDirectory: /home/superuser
+mail: superuser@nodomain
+mailHost: mail.nodomain
+mailRoutingAddress: superuser@mail.nodomain

 dn: ou=Group,dc=nodomain
 objectClass: top
@ -41,3 +53,9 @@ objectClass: top
 objectClass: posixGroup
 cn: user
 gidNumber: 1000
+
+dn: cn=superuser,ou=Group,dc=nodomain
+objectClass: top
+objectClass: posixGroup
+cn: superuser
+gidNumber: 1001
--- a/examples/lowry.conf
+++ b/examples/lowry.conf
@ -1,4 +1,4 @@
 ldapaddr=localhost:389
-ldapdc=dc=nodomain
 ldappass=foobar
+domain=nodomain
 httpaddr=:8080
--- a/ldap/group_test.go
+++ b/ldap/group_test.go
@ -8,7 +8,7 @@ const (
 )

 func TestInGroup(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	if !l.InGroup(admin, group) {
 		t.Errorf("%s should be part of group %s", admin, group)
 	}
@ -23,7 +23,7 @@ func TestInGroup(t *testing.T) {
 }

 func TestGetGroup(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)

 	group, err := l.GetGroup("adm")
 	if err != nil {
@ -41,7 +41,7 @@ func TestGetGroup(t *testing.T) {
 }

 func TestListGroups(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)

 	groups, err := l.ListGroups()
 	if err != nil {
@ -56,7 +56,7 @@ func TestListGroups(t *testing.T) {
 }

 func TestUserGroups(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)

 	groups, err := l.UserGroups("user")
 	if err != nil {
@ -81,7 +81,7 @@ func TestUserGroups(t *testing.T) {
 func TestAddDelGroups(t *testing.T) {
 	const name = "test"

-	l := testLdap()
+	l := testLdap(t)

 	_, err := l.GetGroup(name)
 	if err == nil {
@ -103,7 +103,7 @@ func TestAddDelGroups(t *testing.T) {
 }

 func TestAddExistingGroup(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)

 	err := l.AddGroup("adm")
 	if err == nil {
@ -113,7 +113,7 @@ func TestAddExistingGroup(t *testing.T) {
 }

 func TestAddUserGroup(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	if l.InGroup(user, group) {
 		t.Errorf("%s should not be part of group %s", user, group)
 	}
--- a/ldap/ldap.go
+++ b/ldap/ldap.go
@ -3,21 +3,31 @@ package ldap
 import (
 	"fmt"
 	"strconv"
+	"strings"

 	"github.com/go-ldap/ldap"
 )

 // Ldap configuration
 type Ldap struct {
-	Addr     string
-	DC       string
-	Pass     string
-	HomePath string
-	RO       bool
+	Addr       string
+	Domain     string
+	Pass       string
+	HomePath   string
+	DC         string
+	MailDomain string
+	RO         bool
 }

-// Test that the Ldap is responsive
-func (l Ldap) Test() error {
+// Init the Ldap connection
+func (l *Ldap) Init() error {
+	if l.DC == "" {
+		l.DC = "dc=" + strings.Replace(l.Domain, ".", ",dc=", 0)
+	}
+	if l.MailDomain == "" {
+		l.MailDomain = l.Domain
+	}
+
 	conn, err := l.connect()
 	if err != nil {
 		return err
--- a/ldap/ldap_test.go
+++ b/ldap/ldap_test.go
@ -3,20 +3,26 @@ package ldap
 import "testing"

 const (
-	addr = "localhost:389"
-	dc   = "dc=nodomain"
-	pass = "foobar"
-	home = "/home/"
+	addr   = "localhost:389"
+	domain = "nodomain"
+	pass   = "foobar"
+	home   = "/home/"
 )

 func TestInit(t *testing.T) {
-	l := testLdap()
-	err := l.Test()
-	if err != nil {
-		t.Errorf("Error on Init(): %v", err)
-	}
+	testLdap(t)
 }

-func testLdap() *Ldap {
-	return &Ldap{addr, dc, pass, home, false}
+func testLdap(t *testing.T) *Ldap {
+	l := Ldap{
+		Addr:     addr,
+		Domain:   domain,
+		Pass:     pass,
+		HomePath: home,
+	}
+	err := l.Init()
+	if err != nil {
+		t.Fatalf("Error on Init(): %v", err)
+	}
+	return &l
 }
--- a/ldap/user.go
+++ b/ldap/user.go
@ -14,9 +14,10 @@ type User struct {
 	DN    string
 	Name  string
 	Shell string
+	Home  string
+	Mail  string
 	UID   int
 	GID   int
-	Home  string
 }

 // ValidateUser in the ldap
@ -90,7 +91,7 @@ func (l Ldap) ListUsers() ([]User, error) {
 		"ou=people,"+l.DC,
 		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
 		"(&(objectClass=posixAccount))",
-		[]string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory"},
+		[]string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory", "mail"},
 		nil,
 	)
 	sr, err := conn.Search(searchRequest)
@ -128,11 +129,15 @@ func (l *Ldap) AddUser(user string, pass string, gid int) error {
 	addRequest := ldap.NewAddRequest(dn)
 	addRequest.Attribute("uid", []string{ldap.EscapeFilter(user)})
 	addRequest.Attribute("cn", []string{ldap.EscapeFilter(user)})
-	addRequest.Attribute("objectClass", []string{"account", "posixAccount"})
-	addRequest.Attribute("loginShell", []string{"/bin/false"})
-	addRequest.Attribute("homeDirectory", []string{l.HomePath + user})
+	addRequest.Attribute("sn", []string{ldap.EscapeFilter(user)})
+	addRequest.Attribute("objectClass", []string{"inetOrgPerson", "posixAccount", "shadowAccount", "inetLocalMailRecipient", "top"})
 	addRequest.Attribute("uidNumber", []string{strconv.Itoa(uid)})
 	addRequest.Attribute("gidNumber", []string{strconv.Itoa(gid)})
+	addRequest.Attribute("loginShell", []string{"/bin/false"})
+	addRequest.Attribute("homeDirectory", []string{l.HomePath + user})
+	addRequest.Attribute("mail", []string{user + "@" + l.MailDomain})
+	addRequest.Attribute("mailHost", []string{"mail." + l.MailDomain})
+	addRequest.Attribute("mailRoutingAddress", []string{user + "@mail." + l.MailDomain})
 	err = conn.Add(addRequest)
 	if err != nil {
 		return err
@ -186,7 +191,7 @@ func (l Ldap) searchUser(user string, conn *ldap.Conn) (entry *ldap.Entry, err e
 		"ou=people,"+l.DC,
 		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
 		fmt.Sprintf("(&(objectClass=posixAccount)(uid=%s))", ldap.EscapeFilter(user)),
-		[]string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory"},
+		[]string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory", "mail"},
 		nil,
 	)
 	sr, err := conn.Search(searchRequest)
@ -212,8 +217,9 @@ func newUser(entry *ldap.Entry) User {
 		DN:    entry.DN,
 		Name:  entry.GetAttributeValue("uid"),
 		Shell: entry.GetAttributeValue("loginShell"),
+		Home:  entry.GetAttributeValue("homeDirectory"),
+		Mail:  entry.GetAttributeValue("mail"),
 		UID:   uid,
 		GID:   gid,
-		Home:  entry.GetAttributeValue("homeDirectory"),
 	}
 }
--- a/ldap/user_test.go
+++ b/ldap/user_test.go
@ -9,7 +9,7 @@ const (
 )

 func TestValidate(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	err := l.ValidateUser(user, userPass)
 	if err != nil {
 		t.Errorf("Error on ValidateUser(): %v", err)
@ -17,7 +17,7 @@ func TestValidate(t *testing.T) {
 }

 func TestValidateFails(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	err := l.ValidateUser(user, userPass+"bar")
 	if err == nil {
 		t.Errorf("ValidateUser() didn't fail to auth the user")
@ -25,7 +25,7 @@ func TestValidateFails(t *testing.T) {
 }

 func TestChangePass(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	err := l.ChangePass(user, userPass, newPass)
 	if err != nil {
 		t.Errorf("Error on ChangePass(): %v", err)
@ -43,7 +43,7 @@ func TestChangePass(t *testing.T) {
 }

 func TestChangePassRO(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	l.RO = true
 	err := l.ChangePass(user, userPass, newPass)
 	if err != nil {
@ -57,7 +57,7 @@ func TestChangePassRO(t *testing.T) {
 }

 func TestChangePassAdmin(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	err := l.ChangePassAdmin(user, newPass)
 	if err != nil {
 		t.Fatalf("Error on ChangePassAdmin(): %v", err)
@ -75,7 +75,7 @@ func TestChangePassAdmin(t *testing.T) {
 }

 func TestGetUser(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)

 	user, err := l.GetUser("user")
 	if err != nil {
@ -101,7 +101,7 @@ func TestGetUser(t *testing.T) {
 }

 func TestListUsers(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	userCount := 0
 	users, err := l.ListUsers()
 	if err != nil {
@ -134,7 +134,7 @@ func TestListUsers(t *testing.T) {

 func TestAddUser(t *testing.T) {
 	const newUser = "newUser"
-	l := testLdap()
+	l := testLdap(t)
 	err := l.AddUser(newUser, newPass, 0)
 	if err != nil {
 		t.Errorf("Error on AddUser(): %v", err)
@ -153,7 +153,7 @@ func TestAddUser(t *testing.T) {
 }

 func TestAddExistingUser(t *testing.T) {
-	l := testLdap()
+	l := testLdap(t)
 	err := l.AddUser(user, newPass, 0)
 	if err == nil {
 		t.Errorf("It was possible to create an already existing user")
@ -163,7 +163,7 @@ func TestAddExistingUser(t *testing.T) {

 func TestChangeShell(t *testing.T) {
 	const shell = "otherShell"
-	l := testLdap()
+	l := testLdap(t)

 	user, err := l.GetUser("user")
 	actualShell := user.Shell
--- a/main.go
+++ b/main.go
@ -11,7 +11,7 @@ import (
 func main() {
 	var (
 		ldapaddr = flag.String("ldapaddr", "localhost:389", "LDAP server address and port")
-		ldapdc   = flag.String("ldapdc", "", "LDAP domain components")
+		domain   = flag.String("domain", "", "LDAP domain components")
 		ldappass = flag.String("ldappass", "", "Password of the LDAP `admin' user")
 		homepath = flag.String("homepath", "/home/", "Path to the user homes")
 		httpaddr = flag.String("httpaddr", ":8080", "Web server address and port")
@ -22,12 +22,12 @@ func main() {

 	l := ldap.Ldap{
 		Addr:     *ldapaddr,
-		DC:       *ldapdc,
+		Domain:   *domain,
 		Pass:     *ldappass,
 		HomePath: *homepath,
 		RO:       *ro,
 	}
-	err := l.Test()
+	err := l.Init()
 	if err != nil {
 		log.Fatal(err)
 	}
--- a/server/admin.go
+++ b/server/admin.go
@ -168,9 +168,7 @@ func (s *server) shellHandler(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 	userName := vars["name"]
 	shell := r.FormValue("shell")
-	log.Println(userName)
 	err := s.ldap.ChangeShell(userName, shell)
-	log.Println(shell)
 	if err != nil {
 		log.Println("An error ocurred changing shell of '", userName, "': ", err)
 		s.errorHandler(w, r)
--- a/tmpl/user.html
+++ b/tmpl/user.html
@ -8,6 +8,7 @@
        <dt>Nombre</dt><dd>{{.User.Name}}</dd>
        <dt>Shell</dt><dd>{{.User.Shell}}</dd>
        <dt>Home</dt><dd>{{.User.Home}}</dd>
+        <dt>Mail</dt><dd>{{.User.Mail}}</dd>
 	{{if .Groups}}
        <dt>Grupos</dt><dd>
 	    {{range .Groups}}