GitHub
/
ergo
mirror of https://github.com/ergochat/ergo.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

minor fixes

This commit is contained in:
Shivaram Lingamneni 2020-02-11 22:08:41 -05:00
parent 0c2d8adeac
commit 306ca986a8
4 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
irc/ldap/config.go
View File

@ -4,7 +4,11 @@
// Modification notice: // Modification notice:
// 1. All field names were changed from toml and snake case to yaml and kebab case, // 1. All field names were changed from toml and snake case to yaml and kebab case,
// matching the Oragono project conventions // matching the Oragono project conventions
// 2. Two fields were added: `Autocreate` and `Timeout` // 2. Four fields were added:
// 2.1 `Enabled`
// 2.2 `Autocreate`
// 2.3 `Timeout`
// 2.4 `RequireGroups`
// XXX: none of AttributeMap does anything in oragono, except MemberOf, // XXX: none of AttributeMap does anything in oragono, except MemberOf,
// which can be used to retrieve group memberships // which can be used to retrieve group memberships

7
irc/ldap/grafana.go
View File

@ -1,8 +1,9 @@
// Copyright 2014-2018 Grafana Labs // Copyright 2014-2018 Grafana Labs
// Released under the Apache 2.0 license // Released under the Apache 2.0 license
// Modification notice: these functions were altered by substituting // Modification notice:
// `serverConn` for `Server`. // 1. `serverConn` was substituted for `Server` as the type of the server object
// 2. Debug loglines were altered to work with Oragono's logging system
package ldap package ldap
@ -210,7 +211,7 @@ func (server *serverConn) requestMemberOf(entry *ldap.Entry) ([]string, error) {
-1, -1,
) )
server.log.Info("Searching for user's groups", "filter", filter) server.logger.Debug("ldap", "Searching for groups with filter", filter)
// support old way of reading settings // support old way of reading settings
groupIDAttribute := config.Attr.MemberOf groupIDAttribute := config.Attr.MemberOf

10
irc/ldap/login.go
View File

@ -43,10 +43,12 @@ var (
) )
// equivalent of Grafana's `Server`, but unexported // equivalent of Grafana's `Server`, but unexported
// also, `log` was renamed to `logger`, since the APIs are slightly different
// and this way the compiler will catch any unchanged references to Grafana's `Server.log`
type serverConn struct { type serverConn struct {
Config *ServerConfig Config *ServerConfig
Connection *ldap.Conn Connection *ldap.Conn
log *logger.Manager logger *logger.Manager
} }
func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, log *logger.Manager) (err error) { func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, log *logger.Manager) (err error) {
@ -58,7 +60,7 @@ func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, lo
server := serverConn{ server := serverConn{
Config: &config, Config: &config,
log: log, logger: log,
} }
err = server.Dial() err = server.Dial()
@ -126,10 +128,10 @@ func (server *serverConn) validateGroupMembership(user *ldap.Entry) (err error)
var memberOf []string var memberOf []string
memberOf, err = server.getMemberOf(user) memberOf, err = server.getMemberOf(user)
if err != nil { if err != nil {
server.log.Debug("ldap", "could not retrieve group memberships", err.Error()) server.logger.Debug("ldap", "could not retrieve group memberships", err.Error())
return return
} }
server.log.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf)) server.logger.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf))
foundGroup := false foundGroup := false
for _, inGroup := range memberOf { for _, inGroup := range memberOf {
for _, acceptableGroup := range server.Config.RequireGroups { for _, acceptableGroup := range server.Config.RequireGroups {

5
oragono.yaml
View File

@ -392,6 +392,8 @@ accounts:
# enabled: true # enabled: true
# # should we automatically create users if their LDAP login succeeds? # # should we automatically create users if their LDAP login succeeds?
# autocreate: true # autocreate: true
# # example configuration that works with Forum Systems's testing server:
# # https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
# host: "ldap.forumsys.com" # host: "ldap.forumsys.com"
# port: 389 # port: 389
# timeout: 30s # timeout: 30s
@ -404,7 +406,8 @@ accounts:
# #bind-dn: "cn=read-only-admin,dc=example,dc=com" # #bind-dn: "cn=read-only-admin,dc=example,dc=com"
# #bind-password: "password" # #bind-password: "password"
# #search-filter: "(uid=%s)" # #search-filter: "(uid=%s)"
# # example of requiring that users be in a particular group: # # example of requiring that users be in a particular group
# # (note that this is an OR over the listed groups, not an AND):
# #require-groups: # #require-groups:
# # - "ou=mathematicians,dc=example,dc=com" # # - "ou=mathematicians,dc=example,dc=com"
# #group-search-filter-user-attribute: "dn" # #group-search-filter-user-attribute: "dn"