2017-04-19 10:09:54 +00:00
|
|
|
# Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
|
|
|
|
require 'ldap'
|
|
|
|
require 'ldap/user'
|
|
|
|
require 'ldap/group'
|
|
|
|
|
|
|
|
class Integration::LdapController < ApplicationController
|
2017-08-14 11:56:23 +00:00
|
|
|
include Integration::ImportJobBase
|
|
|
|
|
2017-04-19 10:09:54 +00:00
|
|
|
prepend_before_action { authentication_check(permission: 'admin.integration.ldap') }
|
|
|
|
|
|
|
|
def discover
|
2018-01-08 15:27:23 +00:00
|
|
|
answer_with do
|
|
|
|
begin
|
|
|
|
ldap = ::Ldap.new(params)
|
|
|
|
|
|
|
|
{
|
|
|
|
attributes: ldap.preferences
|
|
|
|
}
|
|
|
|
rescue => e
|
|
|
|
# workaround for issue #1114
|
|
|
|
raise if !e.message.end_with?(', 48, Inappropriate Authentication')
|
|
|
|
# return empty result
|
|
|
|
{}
|
|
|
|
end
|
2017-05-31 11:36:25 +00:00
|
|
|
end
|
2017-04-19 10:09:54 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def bind
|
2018-01-08 15:27:23 +00:00
|
|
|
answer_with do
|
|
|
|
# create single instance so
|
|
|
|
# User and Group don't have to
|
|
|
|
# open new connections
|
|
|
|
ldap = ::Ldap.new(params)
|
|
|
|
user = ::Ldap::User.new(params, ldap: ldap)
|
|
|
|
group = ::Ldap::Group.new(params, ldap: ldap)
|
|
|
|
|
|
|
|
{
|
|
|
|
# the order of these calls is relevant!
|
|
|
|
user_filter: user.filter,
|
|
|
|
user_attributes: user.attributes,
|
|
|
|
user_uid: user.uid_attribute,
|
|
|
|
|
|
|
|
# the order of these calls is relevant!
|
|
|
|
group_filter: group.filter,
|
|
|
|
groups: group.list,
|
|
|
|
group_uid: group.uid_attribute,
|
|
|
|
}
|
|
|
|
end
|
|
|
|
end
|
2017-04-19 10:09:54 +00:00
|
|
|
|
2018-01-08 15:27:23 +00:00
|
|
|
private
|
2017-04-19 10:09:54 +00:00
|
|
|
|
2018-01-08 15:27:23 +00:00
|
|
|
def payload_dry_run
|
|
|
|
{
|
|
|
|
ldap_config: super
|
2017-04-19 10:09:54 +00:00
|
|
|
}
|
|
|
|
end
|
|
|
|
end
|