TC
/
arozos


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175
							package ldap

import (
	"encoding/json"
	"log"
	"net/http"
	"strconv"

	auth "imuslab.com/arozos/mod/auth"
	"imuslab.com/arozos/mod/auth/ldap/ldapreader"
	reg "imuslab.com/arozos/mod/auth/register"
	"imuslab.com/arozos/mod/common"
	db "imuslab.com/arozos/mod/database"
)

type ldapHandler struct {
	ag         *auth.AuthAgent
	ldapreader *ldapreader.LdapReader
	reg        *reg.RegisterHandler
	coredb     *db.Database
}

type Config struct {
	Enabled      bool   `json:"enabled"`
	AutoRedirect bool   `json:"auto_redirect"`
	BindUsername string `json:"bind_username"`
	BindPassword string `json:"bind_password"`
	FQDN         string `json:"fqdn"`
	BaseDN       string `json:"base_dn"`
}

/*
const (
	BindUsername = "uid=root,cn=users,dc=dsm"
	BindPassword = "12345678"
	FQDN         = "192.168.1.147"
	BaseDN       = "cn=users,dc=dsm"
)
*/

/*
TODO: not sure why enabled will keep enable

*/

//NewLdapHandler xxx
func NewLdapHandler(authAgent *auth.AuthAgent, register *reg.RegisterHandler, coreDb *db.Database) *ldapHandler {
	//ldap handler init
	log.Println("Starting LDAP client...")
	err := coreDb.NewTable("ldap")
	if err != nil {
		log.Println("Failed to create LDAP database. Terminating.")
		panic(err)
	}

	//key value to be used for LDAP authentication
	BindUsername := readSingleConfig("BindUsername", coreDb)
	BindPassword := readSingleConfig("BindPassword", coreDb)
	FQDN := readSingleConfig("FQDN", coreDb)
	BaseDN := readSingleConfig("BaseDN", coreDb)

	LDAPHandler := ldapHandler{
		ag:         authAgent,
		ldapreader: ldapreader.NewLDAPReader(BindUsername, BindPassword, FQDN, BaseDN),
		reg:        register,
		coredb:     coreDb,
	}

	return &LDAPHandler
}

func (ldap *ldapHandler) ReadConfig(w http.ResponseWriter, r *http.Request) {
	//basic components
	enabled, err := strconv.ParseBool(ldap.readSingleConfig("enabled"))
	if err != nil {
		common.SendTextResponse(w, "Invalid config value [key=enabled].")
		return
	}
	autoredirect, err := strconv.ParseBool(ldap.readSingleConfig("autoredirect"))
	if err != nil {
		common.SendTextResponse(w, "Invalid config value [key=autoredirect].")
		return
	}
	//get the LDAP config from db
	BindUsername := ldap.readSingleConfig("BindUsername")
	BindPassword := ldap.readSingleConfig("BindPassword")
	FQDN := ldap.readSingleConfig("FQDN")
	BaseDN := ldap.readSingleConfig("BaseDN")

	//marshall it and return
	config, err := json.Marshal(Config{
		Enabled:      enabled,
		AutoRedirect: autoredirect,
		BindUsername: BindUsername,
		BindPassword: BindPassword,
		FQDN:         FQDN,
		BaseDN:       BaseDN,
	})
	if err != nil {
		empty, err := json.Marshal(Config{})
		if err != nil {
			common.SendErrorResponse(w, "Error while marshalling config")
		}
		common.SendJSONResponse(w, string(empty))
	}
	common.SendJSONResponse(w, string(config))
}

func (ldap *ldapHandler) WriteConfig(w http.ResponseWriter, r *http.Request) {
	enabled, err := common.Mv(r, "enabled", true)
	if err != nil {
		common.SendErrorResponse(w, "enabled field can't be empty")
		return
	}
	autoredirect, err := common.Mv(r, "autoredirect", true)
	if err != nil {
		common.SendErrorResponse(w, "enabled field can't be empty")
		return
	}

	//allow empty fields if enabled is false
	showError := true
	if enabled != "true" {
		showError = false
	}

	//four fields to store the LDAP authentication information
	BindUsername, err := common.Mv(r, "bind_username", true)
	if err != nil {
		if showError {
			common.SendErrorResponse(w, "bind_username field can't be empty")
			return
		}
	}
	BindPassword, err := common.Mv(r, "bind_password", true)
	if err != nil {
		if showError {
			common.SendErrorResponse(w, "bind_password field can't be empty")
			return
		}
	}
	FQDN, err := common.Mv(r, "fqdn", true)
	if err != nil {
		if showError {
			common.SendErrorResponse(w, "fqdn field can't be empty")
			return
		}
	}
	BaseDN, err := common.Mv(r, "base_dn", true)
	if err != nil {
		if showError {
			common.SendErrorResponse(w, "base_dn field can't be empty")
			return
		}
	}

	ldap.coredb.Write("ldap", "enabled", enabled)
	ldap.coredb.Write("ldap", "autoredirect", autoredirect)
	ldap.coredb.Write("ldap", "BindUsername", BindUsername)
	ldap.coredb.Write("ldap", "BindPassword", BindPassword)
	ldap.coredb.Write("ldap", "FQDN", FQDN)
	ldap.coredb.Write("ldap", "BaseDN", BaseDN)

	//update the new authencation infromation
	ldap.ldapreader = ldapreader.NewLDAPReader(BindUsername, BindPassword, FQDN, BaseDN)

	common.SendOK(w)
}

func (handler *ldapHandler) SyncInformation() {
	result, _ := handler.ldapreader.GetAllUser()
	for _, v := range result {
		v.PrettyPrint(4)
	}
}