Documentation à donf, RASification du ldap_config

ldap_config.json

 {
+	"COMMENT1": "Partie utilisée par ldap_auth",
 	"ldap": {
 		"server": "ldap://frankiz.eleves.polytechnique.fr:389",
 		"searchBase": "ou=eleves,dc=frankiz,dc=net",
 		"searchFilter": "(uid={{username}})"
 	},
+	
+	"COMMENT2": "Noms de domaines dans LDAP ; le niv d'après est en uid=, voir Wikipedia",
 	"dn_groups":"ou=groups,dc=frankiz,dc=net",
 	"dn_users": "ou=eleves,dc=frankiz,dc=net",
+	
+	"COMMENT3": "Anonymisation du champ id",
 	"key_id": "uid",
-	"lg": {
-		"filtre": "(uid=${id})",
-		"attributs": "brMemberOf"
-	},
-	"lm": {
-		"filtre": "(uid=${id})",
-		"attributs": "restrictedMemberUid"
-	},
-	"la": {
-		"filtre": "(uid=${id})",
-		"attributs": "memberUid"
-	},
+
+	"COMMENT4": "Anonymisation des attributs retournés par les différentes fonctions listerGroupes (lg), listerMembres (lm), etc...",
+	"lg": { "attributs": "brMemberOf" },
+	"lm": { "attributs": "restrictedMemberUid" },
+	"la": { "attributs": "memberUid" },
 	"rs": {
-		"filtre": "(uid=${id})",
 		"attributs": ["jpegPhoto","givenName", "sn", "brBirthdate", "brPromo","telephoneNumber","mail","brRoom","brIP","brMemberOf"]
 	},
 	"tgty": {
 		"filtre": "(brNS=${ty})",
 		"types": ["binet", "free"]
 	},
+	
 	"tolm": {
-		"input_names": ["givenName", "lastName", "nickname", "nationality", "promotion", "phone", "adress", "ip", "school", "groups","studies","sport","mail"],
+		"input_names": ["givenName", "lastName", "nickname", "nationality", "promotion", "phone", "adress", "ip", "school", "groups", "studies", "sport", "mail"],
 		"correspondance": {
 			"givenName": "givenName",
 			"lastName": "sn",
@@ -45,35 +43,60 @@
 	"tol": {
 		"attributes": ["jpegPhoto","givenName", "sn", "brBirthdate", "brPromo","telephoneNumber","mail","brRoom","brIP","brMemberOf"]
 	},
-	"cru": {
+
+	"cu": {
+		"COMMENT7": "Le détail des calculs des différents champs est ci-dessous",
 		"single_user_infos": ["uid","givenName","sn","displayName", "brBirthdate", "uidNumber","gidNumber", "homeDirectory", "userPassword","brPromo","brMemberOf","loginShell","email","telephoneNumber","jpegPhoto","brRoom","brNewsReadAccess","brNewsPostAccess","brAlias","brIP","cn","gecos"],
 		"expr_single_values_user": {
-			"uid": "data['hruid'];",
-			"givenName": "data['first_name'];",
-			"sn": "data['last_name'];",
-			"displayName": "data['nickname'];",
-			"brBirthdate": "data['birthdate'];",
-			"uidNumber": "(2*data['uid']+10000).toString();",
-			"gidNumber": "5000.toString();",
-			"homeDirectory": "'/hosting/users/' + data['hruid'];",
-			"userPassword": "data['password'];",
-			"brPromo": "data['promo'];",
-			"loginShell": "if (data['on_platal']==true) {'/bin/bash'; } else { '/sbin/nologin'; }",
-			"email": "data['email'];",
-			"telephoneNumber":"data['phone'];",
-			"jpegPhoto": "data['photo'];",
-			"brRoom": "data['room'];",
-			"brNewsReadAccess": "if (data['read_perm'].length>0) { 'br.*,public.*'; } else { 'br.*,public.*,'+data['read_perm']; }",
-			"brNewsPostAccess": "if (data['write_perm'].length>0) { 'br.*,!br.blague-du-jour,public.*,!br.campagnekes'; } else { 'br.*,!br.blague-du-jour,public.*,!br.campagnekes,'+data['read_perm']; }",
-			"brAlias": "data['forlifes'].split(' ');",
-			"brIP": "data['ips'].split(',');",
-			"cn": "data['first_name']+' '+data['last_name'].toUpperCase();",
-			"gecos": "btoa(data['first_name']+' '+data['last_name'].toUpperCase());"
+			"uid": "data['hruid']",
+			"givenName": "data['givenName']",
+			"sn": "data['lastName']",
+			"displayName": "data['nickname']",
+			"brBirthdate": "data['birthdate']",
+			"uidNumber": "(2*data['uid']+10000).toString()",
+			"gidNumber": "5000.toString()",
+			"homeDirectory": "'/hosting/users/' + data['hruid']",
+			"userPassword": "data['password']",
+			"brPromo": "data['promo']",
+			"loginShell": "if (data['onPlatal']==1) {'/bin/bash' } else { '/sbin/nologin' }",
+			"email": "data['email']",
+			"telephoneNumber":"data['phone']",
+			"jpegPhoto": "data['photo']",
+			"brRoom": "data['room']",
+			"brNewsReadAccess": "if (data['readPerm'].length>0) { 'br.*,public.*' } else { 'br.*,public.*,'+data['read_perm'] }",
+			"brNewsPostAccess": "if (data['writePerm'].length>0) { 'br.*,!br.blague-du-jour,public.*,!br.campagnekes' } else { 'br.*,!br.blague-du-jour,public.*,!br.campagnekes,'+data['read_perm'] }",
+			"brIP": "data['ips'].split(',')",
+			"cn": "data['givenName']+' '+data['sn'].toUpperCase()",
+			"gecos": "btoa(data['givenName']+' '+data['sn'].toUpperCase())"
 		},
-		"multiple_user_infos": ["objectClass", "brMemberOf"],
+		"multiple_user_infos": ["objectClass","brIP","brAlias"],
 		"expr_multiple_values_user": {
 			"objectClass": "['posixAccount', 'shadowAccount', 'inetOrgPerson', 'brAccount']",
-			"brMemberOf": "data['groups']"
+			"brIP": "data['ips']",
+			"brAlias": "data['forlifes']"
+		}
+	},
+	
+	"cg": {
+		"COMMENT10": "Détail des champs d'un groupe",
+		"single_user_infos": ["name","ns","gid","label"],
+		"expr_single_values_user": {
+			"uid": "btoa(data['name'].toLowerCase())",
+			"brAlias": "data['name']",
+			"brNS": "data['ns']",
+			"uidNumber": "(2*data['gid']+10001).toString()",
+			"gidNumber": "(2*data['gid']+10001).toString()",
+			"userPassword": "",
+			"loginShell": "/sbin/nologin",
+			"cn": "if (data['label']!= '') { data['label'] } else { data['name'] }",
+			"homeDirectory": "'/hosting/groups/'+btoa(data['name'].toLowerCase())",
+			"gecos": "btoa(data['name'].toLowerCase())",
+			"brNewsReadAccess": "!*",
+			"brNewsPostAccess": "!*"
+		},
+		"multiple_user_infos": ["objectClass"],
+		"expr_multiple_values_user": {
+			"objectClass": "[ 'posixGroup','posixAccount','brAccount' ]"
 		}
 	},
 	"sessionSecret":"change this"