MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added LDAP debug improvements.

This commit is contained in:
Ylian Saint-Hilaire 2022-08-21 22:19:57 -07:00
parent 8dd07495f5
commit 6b4179c20c
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
webserver.js
View File

@ -483,7 +483,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Look for a matching LDAP user group // Look for a matching LDAP user group
var userMembershipMatch = false; var userMembershipMatch = false;
for (var i in domain.ldapuserrequiredgroupmembership) { if (userMemberships.indexOf(domain.ldapuserrequiredgroupmembership[i]) >= 0) { userMembershipMatch = true; } } for (var i in domain.ldapuserrequiredgroupmembership) { if (userMemberships.indexOf(domain.ldapuserrequiredgroupmembership[i]) >= 0) { userMembershipMatch = true; } }
if (userMembershipMatch === false) { fn('denied'); return; } // If there is no match, deny the login if (userMembershipMatch === false) { parent.debug('ldap', 'Denying login to a user that is not a member of a LDAP required group.'); fn('denied'); return; } // If there is no match, deny the login
} }
// Get the email address for this LDAP user // Get the email address for this LDAP user
@ -8716,6 +8716,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
var ugrp = obj.userGroups[ugrpid]; var ugrp = obj.userGroups[ugrpid];
if (ugrp == null) { if (ugrp == null) {
// This user group does not exist, create it // This user group does not exist, create it
parent.debug('ldap', 'Creating new LDAP user group ' + userMemberships[i] + '.');
ugrp = { type: 'ugrp', _id: ugrpid, name: membership, domain: domain.id, membershipType: userMembershipType, links: {} }; ugrp = { type: 'ugrp', _id: ugrpid, name: membership, domain: domain.id, membershipType: userMembershipType, links: {} };
// Save the new group // Save the new group
@ -8732,6 +8733,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (existingUserMemberships[ugrpid] == null) { if (existingUserMemberships[ugrpid] == null) {
// This user is not part of the user group, add it. // This user is not part of the user group, add it.
parent.debug('ldap', 'Adding ' + user.name + ' to LDAP user group ' + userMemberships[i] + '.');
if (user.links == null) { user.links = {}; } if (user.links == null) { user.links = {}; }
user.links[ugrp._id] = { rights: 1 }; user.links[ugrp._id] = { rights: 1 };
userChanged = true; userChanged = true;
@ -8761,6 +8763,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Remove the user from any memberships they don't belong to anymore // Remove the user from any memberships they don't belong to anymore
for (var ugrpid in existingUserMemberships) { for (var ugrpid in existingUserMemberships) {
var ugrp = obj.userGroups[ugrpid]; var ugrp = obj.userGroups[ugrpid];
parent.debug('ldap', 'Removing ' + user.name + ' from LDAP user group ' + ugrp.name + '.');
if ((user.links != null) && (user.links[ugrpid] != null)) { if ((user.links != null) && (user.links[ugrpid] != null)) {
delete user.links[ugrpid]; delete user.links[ugrpid];