minor fixes

irc/ldap/config.go

@@ -4,7 +4,11 @@
 // Modification notice:
 // 1. All field names were changed from toml and snake case to yaml and kebab case,
 //    matching the Oragono project conventions
-// 2. Two fields were added: `Autocreate` and `Timeout`
+// 2. Four fields were added:
+//    2.1 `Enabled`
+//    2.2 `Autocreate`
+//    2.3 `Timeout`
+//    2.4 `RequireGroups`
 
 // XXX: none of AttributeMap does anything in oragono, except MemberOf,
 // which can be used to retrieve group memberships

irc/ldap/grafana.go

@@ -1,8 +1,9 @@
 // Copyright 2014-2018 Grafana Labs
 // Released under the Apache 2.0 license
 
-// Modification notice: these functions were altered by substituting
+// Modification notice:
-// `serverConn` for `Server`.
+// 1. `serverConn` was substituted for `Server` as the type of the server object
+// 2. Debug loglines were altered to work with Oragono's logging system
 
 package ldap
 
@@ -210,7 +211,7 @@ func (server *serverConn) requestMemberOf(entry *ldap.Entry) ([]string, error) {
 			-1,
 		)
 
-		server.log.Info("Searching for user's groups", "filter", filter)
+		server.logger.Debug("ldap", "Searching for groups with filter", filter)
 
 		// support old way of reading settings
 		groupIDAttribute := config.Attr.MemberOf

irc/ldap/login.go

@@ -43,10 +43,12 @@ var (
 )
 
 // equivalent of Grafana's `Server`, but unexported
+// also, `log` was renamed to `logger`, since the APIs are slightly different
+// and this way the compiler will catch any unchanged references to Grafana's `Server.log`
 type serverConn struct {
 	Config     *ServerConfig
 	Connection *ldap.Conn
-	log        *logger.Manager
+	logger     *logger.Manager
 }
 
 func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, log *logger.Manager) (err error) {
@@ -58,7 +60,7 @@ func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, lo
 
 	server := serverConn{
 		Config: &config,
-		log:    log,
+		logger: log,
 	}
 
 	err = server.Dial()
@@ -126,10 +128,10 @@ func (server *serverConn) validateGroupMembership(user *ldap.Entry) (err error)
 	var memberOf []string
 	memberOf, err = server.getMemberOf(user)
 	if err != nil {
-		server.log.Debug("ldap", "could not retrieve group memberships", err.Error())
+		server.logger.Debug("ldap", "could not retrieve group memberships", err.Error())
 		return
 	}
-	server.log.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf))
+	server.logger.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf))
 	foundGroup := false
 	for _, inGroup := range memberOf {
 		for _, acceptableGroup := range server.Config.RequireGroups {

oragono.yaml

@@ -392,6 +392,8 @@ accounts:
     #     enabled: true
     #     # should we automatically create users if their LDAP login succeeds?
     #     autocreate: true
+    #     # example configuration that works with Forum Systems's testing server:
+    #     # https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
     #     host: "ldap.forumsys.com"
     #     port: 389
     #     timeout: 30s
@@ -404,7 +406,8 @@ accounts:
     #     #bind-dn: "cn=read-only-admin,dc=example,dc=com"
     #     #bind-password: "password"
     #     #search-filter: "(uid=%s)"
-    #     # example of requiring that users be in a particular group:
+    #     # example of requiring that users be in a particular group
+    #     # (note that this is an OR over the listed groups, not an AND):
     #     #require-groups:
     #     #    - "ou=mathematicians,dc=example,dc=com"
     #     #group-search-filter-user-attribute: "dn"