minor fixes

2024-11-10 22:19:31 +01:00 · 2020-02-11 22:08:41 -05:00 · 2020-02-11 22:08:41 -05:00 · 306ca986a8
commit 306ca986a8
parent 0c2d8adeac
4 changed files with 19 additions and 9 deletions
--- a/irc/ldap/config.go
+++ b/irc/ldap/config.go
@ -4,7 +4,11 @@
 // Modification notice:
 // 1. All field names were changed from toml and snake case to yaml and kebab case,
 //    matching the Oragono project conventions
-// 2. Two fields were added: `Autocreate` and `Timeout`
+// 2. Four fields were added:
+//    2.1 `Enabled`
+//    2.2 `Autocreate`
+//    2.3 `Timeout`
+//    2.4 `RequireGroups`

 // XXX: none of AttributeMap does anything in oragono, except MemberOf,
 // which can be used to retrieve group memberships
--- a/irc/ldap/grafana.go
+++ b/irc/ldap/grafana.go
@ -1,8 +1,9 @@
 // Copyright 2014-2018 Grafana Labs
 // Released under the Apache 2.0 license

-// Modification notice: these functions were altered by substituting
-// `serverConn` for `Server`.
+// Modification notice:
+// 1. `serverConn` was substituted for `Server` as the type of the server object
+// 2. Debug loglines were altered to work with Oragono's logging system

 package ldap

@ -210,7 +211,7 @@ func (server *serverConn) requestMemberOf(entry *ldap.Entry) ([]string, error) {
 			-1,
 		)

-		server.log.Info("Searching for user's groups", "filter", filter)
+		server.logger.Debug("ldap", "Searching for groups with filter", filter)

 		// support old way of reading settings
 		groupIDAttribute := config.Attr.MemberOf
--- a/irc/ldap/login.go
+++ b/irc/ldap/login.go
@ -43,10 +43,12 @@ var (
 )

 // equivalent of Grafana's `Server`, but unexported
+// also, `log` was renamed to `logger`, since the APIs are slightly different
+// and this way the compiler will catch any unchanged references to Grafana's `Server.log`
 type serverConn struct {
 	Config     *ServerConfig
 	Connection *ldap.Conn
-	log        *logger.Manager
+	logger     *logger.Manager
 }

 func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, log *logger.Manager) (err error) {
@ -58,7 +60,7 @@ func CheckLDAPPassphrase(config ServerConfig, accountName, passphrase string, lo

 	server := serverConn{
 		Config: &config,
-		log:    log,
+		logger: log,
 	}

 	err = server.Dial()
@ -126,10 +128,10 @@ func (server *serverConn) validateGroupMembership(user *ldap.Entry) (err error)
 	var memberOf []string
 	memberOf, err = server.getMemberOf(user)
 	if err != nil {
-		server.log.Debug("ldap", "could not retrieve group memberships", err.Error())
+		server.logger.Debug("ldap", "could not retrieve group memberships", err.Error())
 		return
 	}
-	server.log.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf))
+	server.logger.Debug("ldap", fmt.Sprintf("found group memberships: %v", memberOf))
 	foundGroup := false
 	for _, inGroup := range memberOf {
 		for _, acceptableGroup := range server.Config.RequireGroups {
--- a/oragono.yaml
+++ b/oragono.yaml
@ -392,6 +392,8 @@ accounts:
    #     enabled: true
    #     # should we automatically create users if their LDAP login succeeds?
    #     autocreate: true
+    #     # example configuration that works with Forum Systems's testing server:
+    #     # https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
    #     host: "ldap.forumsys.com"
    #     port: 389
    #     timeout: 30s
@ -404,7 +406,8 @@ accounts:
    #     #bind-dn: "cn=read-only-admin,dc=example,dc=com"
    #     #bind-password: "password"
    #     #search-filter: "(uid=%s)"
-    #     # example of requiring that users be in a particular group:
+    #     # example of requiring that users be in a particular group
+    #     # (note that this is an OR over the listed groups, not an AND):
    #     #require-groups:
    #     #    - "ou=mathematicians,dc=example,dc=com"
    #     #group-search-filter-user-attribute: "dn"