112 lines
2.6 KiB
Ruby
112 lines
2.6 KiB
Ruby
class LdapConfigController < ApplicationController
|
|
layout 'admin'
|
|
before_action :require_admin
|
|
before_action :find_ldap, only: [:edit, :update, :destroy]
|
|
|
|
def index
|
|
@ldap_sources = AuthSourceLdap.all
|
|
@ldap = AuthSourceLdap.new
|
|
@presets = ldap_presets
|
|
end
|
|
|
|
def edit
|
|
@presets = ldap_presets
|
|
end
|
|
|
|
def create
|
|
@ldap = AuthSourceLdap.new(ldap_params)
|
|
if @ldap.save
|
|
flash[:notice] = l(:notice_successful_create)
|
|
redirect_to ldap_config_path
|
|
else
|
|
@ldap_sources = AuthSourceLdap.all
|
|
@presets = ldap_presets
|
|
render :index
|
|
end
|
|
end
|
|
|
|
def update
|
|
if @ldap.update(ldap_params)
|
|
flash[:notice] = l(:notice_successful_update)
|
|
else
|
|
flash[:error] = @ldap.errors.full_messages.join(', ')
|
|
end
|
|
redirect_to ldap_config_path
|
|
end
|
|
|
|
def destroy
|
|
@ldap.destroy
|
|
flash[:notice] = l(:notice_successful_delete)
|
|
redirect_to ldap_config_path
|
|
end
|
|
|
|
def test_connection
|
|
@ldap = AuthSourceLdap.new(ldap_params)
|
|
begin
|
|
@ldap.test_connection
|
|
render json: { success: true, message: 'Connection successful!' }
|
|
rescue => e
|
|
render json: { success: false, message: e.message }
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def find_ldap
|
|
@ldap = AuthSourceLdap.find(params[:id])
|
|
rescue ActiveRecord::RecordNotFound
|
|
render_404
|
|
end
|
|
|
|
def ldap_params
|
|
params.require(:auth_source_ldap).permit(
|
|
:name, :host, :port, :tls, :verify_peer,
|
|
:account, :account_password, :base_dn, :filter,
|
|
:onthefly_register, :attr_login, :attr_firstname,
|
|
:attr_lastname, :attr_mail, :timeout
|
|
)
|
|
end
|
|
|
|
def ldap_presets
|
|
{
|
|
'freeipa' => {
|
|
name: 'FreeIPA',
|
|
port: 389,
|
|
tls: false,
|
|
base_dn: 'cn=users,cn=accounts,dc=example,dc=com',
|
|
filter: '(objectClass=person)',
|
|
attr_login: 'uid',
|
|
attr_firstname: 'givenName',
|
|
attr_lastname: 'sn',
|
|
attr_mail: 'mail'
|
|
},
|
|
'active_directory' => {
|
|
name: 'Active Directory',
|
|
port: 389,
|
|
tls: false,
|
|
base_dn: 'CN=Users,DC=example,DC=com',
|
|
filter: '(&(objectClass=user)(!(objectClass=computer)))',
|
|
attr_login: 'sAMAccountName',
|
|
attr_firstname: 'givenName',
|
|
attr_lastname: 'sn',
|
|
attr_mail: 'mail'
|
|
},
|
|
'openldap' => {
|
|
name: 'OpenLDAP',
|
|
port: 389,
|
|
tls: false,
|
|
base_dn: 'ou=users,dc=example,dc=com',
|
|
filter: '(objectClass=inetOrgPerson)',
|
|
attr_login: 'uid',
|
|
attr_firstname: 'givenName',
|
|
attr_lastname: 'sn',
|
|
attr_mail: 'mail'
|
|
}
|
|
}
|
|
end
|
|
|
|
def ldap_config_path
|
|
{ controller: 'ldap_config', action: 'index' }
|
|
end
|
|
end
|