3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-25 13:29:27 +01:00

minor fixes

This commit is contained in:
Shivaram Lingamneni 2020-02-11 22:08:41 -05:00
parent 0c2d8adeac
commit 306ca986a8
4 changed files with 19 additions and 9 deletions

View File

@ -4,7 +4,11 @@
// Modification notice:
// 1. All field names were changed from toml and snake case to yaml and kebab case,
// matching the Oragono project conventions
// 2. Two fields were added: `Autocreate` and `Timeout`
// 2. Four fields were added:
// 2.1 `Enabled`
// 2.2 `Autocreate`
// 2.3 `Timeout`
// 2.4 `RequireGroups`
// XXX: none of AttributeMap does anything in oragono, except MemberOf,
// which can be used to retrieve group memberships

View File

@ -1,8 +1,9 @@
// Copyright 2014-2018 Grafana Labs
// Released under the Apache 2.0 license
// Modification notice: these functions were altered by substituting
// `serverConn` for `Server`.
// Modification notice:
// 1. `serverConn` was substituted for `Server` as the type of the server object
// 2. Debug loglines were altered to work with Oragono's logging system
package ldap
@ -210,7 +211,7 @@ func (server *serverConn) requestMemberOf(entry *ldap.Entry) ([]string, error) {
-1,
)
server.log.Info("Searching for user's groups", "filter", filter)
server.logger.Debug("ldap", "Searching for groups with filter", filter)
// support old way of reading settings
groupIDAttribute := config.Attr.MemberOf

View File

@ -43,10 +43,12 @@ var (
)
// equivalent of Grafana's `Server`, but unexported
// also, `log` was renamed to `logger`, since the APIs are slightly different
// and this way the compiler will catch any unchanged references to Grafana's `Server.log`
type serverConn struct {
Config *ServerConfig
Connection *ldap.Conn
log *logger.Manager
logger *logger.Manager
}
func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, log *logger.Manager) (err error) {
@ -58,7 +60,7 @@ func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, lo
server := serverConn{
Config: &config,
log: log,
logger: log,
}
err = server.Dial()
@ -126,10 +128,10 @@ func (server *serverConn) validateGroupMembership(user *ldap.Entry) (err error)
var memberOf []string
memberOf, err = server.getMemberOf(user)
if err != nil {
server.log.Debug("ldap", "could not retrieve group memberships", err.Error())
server.logger.Debug("ldap", "could not retrieve group memberships", err.Error())
return
}
server.log.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf))
server.logger.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf))
foundGroup := false
for _, inGroup := range memberOf {
for _, acceptableGroup := range server.Config.RequireGroups {

View File

@ -392,6 +392,8 @@ accounts:
# enabled: true
# # should we automatically create users if their LDAP login succeeds?
# autocreate: true
# # example configuration that works with Forum Systems's testing server:
# # https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
# host: "ldap.forumsys.com"
# port: 389
# timeout: 30s
@ -404,7 +406,8 @@ accounts:
# #bind-dn: "cn=read-only-admin,dc=example,dc=com"
# #bind-password: "password"
# #search-filter: "(uid=%s)"
# # example of requiring that users be in a particular group:
# # example of requiring that users be in a particular group
# # (note that this is an OR over the listed groups, not an AND):
# #require-groups:
# # - "ou=mathematicians,dc=example,dc=com"
# #group-search-filter-user-attribute: "dn"