Skip to content

GitLab

Commit a3f4990f authored by ale's avatar ale
Browse files
Options

Set ASPs on the user object directly

parent 8e05961d
Pipeline #1603 passed with stages
        in 1 minute and 41 seconds
        Hide whitespace changes
        Inline Side-by-side
        Showing with 9 additions and 29 deletions
        backend/model.go
        View file @ a3f4990f
        ......@@ -120,11 +120,11 @@ func newUser(entry *ldap.Entry) (*as.RawUser, error) {
        uidNumber, _ := strconv.Atoi(entry.GetAttributeValue(uidNumberLDAPAttr)) // nolint
        user := &as.RawUser{
        User: as.User{
        Name: entry.GetAttributeValue("uid"),
        Lang: entry.GetAttributeValue(preferredLanguageLDAPAttr),
        UID: uidNumber,
        Status: entry.GetAttributeValue("status"),
        Shard: entry.GetAttributeValue("host"),
        Name: entry.GetAttributeValue("uid"),
        Lang: entry.GetAttributeValue(preferredLanguageLDAPAttr),
        UID: uidNumber,
        Status: entry.GetAttributeValue("status"),
        Shard: entry.GetAttributeValue("host"),
        LastPasswordChangeStamp: decodeShadowTimestamp(entry.GetAttributeValue(passwordLastChangeLDAPAttr)),
        AccountRecoveryHint: entry.GetAttributeValue(recoveryHintLDAPAttr),
        U2FRegistrations: decodeU2FRegistrations(entry.GetAttributeValues(u2fRegistrationsLDAPAttr)),
        ......@@ -328,41 +328,21 @@ func excludeASPFromList(asps []*appSpecificPassword, id string) []*appSpecificPa
        return out
        }
        func (tx *backendTX) setASPOnResource(ctx context.Context, r *as.Resource, info *as.AppSpecificPasswordInfo, encryptedPassword string) {
        dn, err := tx.backend.resources.GetDN(r.ID)
        if err != nil {
        return
        }
        // Obtain the full list of ASPs from the backend and replace/append the new one.
        func (tx *backendTX) SetApplicationSpecificPassword(ctx context.Context, user *as.User, info *as.AppSpecificPasswordInfo, encryptedPassword string) error {
        dn := tx.getUserDN(user)
        asps := decodeAppSpecificPasswords(tx.readAttributeValues(ctx, dn, aspLDAPAttr))
        asps = append(excludeASPFromList(asps, info.ID), newAppSpecificPassword(*info, encryptedPassword))
        outASPs := encodeAppSpecificPasswords(asps)
        tx.setAttr(dn, aspLDAPAttr, outASPs...)
        }
        func (tx *backendTX) SetApplicationSpecificPassword(ctx context.Context, user *as.User, info *as.AppSpecificPasswordInfo, encryptedPassword string) error {
        for _, r := range user.GetResourcesByType(as.ResourceTypeEmail) {
        tx.setASPOnResource(ctx, r, info, encryptedPassword)
        }
        return nil
        }
        func (tx *backendTX) deleteASPOnResource(ctx context.Context, r *as.Resource, id string) {
        dn, err := tx.backend.resources.GetDN(r.ID)
        if err != nil {
        return
        }
        func (tx *backendTX) DeleteApplicationSpecificPassword(ctx context.Context, user *as.User, id string) error {
        dn := tx.getUserDN(user)
        asps := decodeAppSpecificPasswords(tx.readAttributeValues(ctx, dn, aspLDAPAttr))
        asps = excludeASPFromList(asps, id)
        outASPs := encodeAppSpecificPasswords(asps)
        tx.setAttr(dn, aspLDAPAttr, outASPs...)
        }
        func (tx *backendTX) DeleteApplicationSpecificPassword(ctx context.Context, user *as.User, id string) error {
        for _, r := range user.GetResourcesByType(as.ResourceTypeEmail) {
        tx.deleteASPOnResource(ctx, r, id)
        }
        return nil
        }
        ......
        Markdown is supported
        0% or .
        You are about to add 0 people to the discussion. Proceed with caution.
        Finish editing this message first!
        Please register or to comment