add support for role and locked

merge-requests/4/head
meskio 4 years ago
parent 0484293d63
commit ce616bf5c5
Signed by: meskio
GPG Key ID: 52B8F5AC97A2DA86
  1. 37
      ldap/locked.go
  2. 36
      ldap/role.go
  3. 22
      ldap/user.go

@ -0,0 +1,37 @@
package ldap
import (
"log"
"strings"
)
type Locked int
const (
Unlocked Locked = iota
Unused
Unknown
)
func LockedFromString(s string) Locked {
switch strings.ToLower(s) {
case "":
return Unlocked
case "unused":
return Unused
default:
log.Printf("Not valid locked status: %s", s)
return Unknown
}
}
func (r Locked) String() string {
switch r {
case Unlocked:
return ""
case Unused:
return "unused"
default:
return "unknown"
}
}

@ -0,0 +1,36 @@
package ldap
import (
"log"
"strings"
)
type Role int
const (
Undefined Role = iota
Amiga
Sindominante
)
func RoleFromString(s string) Role {
switch strings.ToLower(s) {
case "amiga":
return Amiga
case "sindominante":
return Sindominante
default:
log.Printf("Not valid role: %s", s)
return Undefined
}
}
func (r Role) String() string {
switch r {
case Amiga:
return "amiga"
case Sindominante:
return "sindominante"
}
return ""
}

@ -10,7 +10,7 @@ import (
"github.com/go-ldap/ldap"
)
var searchAttributes = []string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory", "mail", "authTimestamp"}
var searchAttributes = []string{"dn", "uid", "uidNumber", "gidNumber", "loginShell", "homeDirectory", "mail", "authTimestamp", "sdRole", "sdLocked"}
//User has the ldap data of the user
type User struct {
@ -21,6 +21,8 @@ type User struct {
Mail string
UID int
GID int
Role Role
Locked Locked
LastLogin time.Time
}
@ -159,6 +161,20 @@ func (l Ldap) DelUser(user string) error {
// ChangeShell for the user
func (l Ldap) ChangeShell(user, shell string) error {
return l.changeUser(user, "loginShell", []string{shell})
}
// ChangeRole for the user
func (l Ldap) ChangeRole(user string, role Role) error {
return l.changeUser(user, "sdRole", []string{role.String()})
}
// ChangeLocked for the user
func (l Ldap) ChangeLocked(user string, locked Locked) error {
return l.changeUser(user, "sdLocked", []string{locked.String()})
}
func (l Ldap) changeUser(user, attribute string, value []string) error {
conn, err := l.connect()
if err != nil {
return err
@ -166,7 +182,7 @@ func (l Ldap) ChangeShell(user, shell string) error {
defer conn.Close()
modifyRequest := ldap.NewModifyRequest(l.userDN(user))
modifyRequest.Replace("loginShell", []string{shell})
modifyRequest.Replace(attribute, value)
return conn.Modify(modifyRequest)
}
@ -225,6 +241,8 @@ func newUser(entry *ldap.Entry) User {
Mail: entry.GetAttributeValue("mail"),
UID: uid,
GID: gid,
Role: RoleFromString(entry.GetAttributeValue("sdRole")),
Locked: LockedFromString(entry.GetAttributeValue("sdLocked")),
LastLogin: lastLogin,
}
}

Loading…
Cancel
Save