From 8f591b5f9bece2fd8935ec59f95b3746272e1de6 Mon Sep 17 00:00:00 2001
From: Quentin CHEVALIER <quentin.chevalier@polytechnique.edu>
Date: Tue, 27 Feb 2018 15:16:24 +0100
Subject: [PATCH] =?UTF-8?q?Premi=C3=A8re=20tentative=20ldap?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
package-lock.json | 183 +++++++++++++++++++++++++++++++++++++++---
package.json | 1 +
src/ldap_data.js | 44 ++++++++++
src/talk_ldap_data.js | 161 -------------------------------------
4 files changed, 219 insertions(+), 170 deletions(-)
create mode 100644 src/ldap_data.js
delete mode 100644 src/talk_ldap_data.js
diff --git a/package-lock.json b/package-lock.json
index 0592d98..8cc8460 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -342,6 +342,11 @@
"integrity": "sha1-iYUI2iIm84DfkEcoRWhJwVAaSw0=",
"dev": true
},
+ "asn1": {
+ "version": "0.2.3",
+ "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz",
+ "integrity": "sha1-2sh4dxPJlmhJ/IGAd36+nB3fO4Y="
+ },
"asn1.js": {
"version": "4.10.1",
"resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.10.1.tgz",
@@ -360,6 +365,11 @@
"util": "0.10.3"
}
},
+ "assert-plus": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz",
+ "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU="
+ },
"assign-symbols": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz",
@@ -451,6 +461,14 @@
"integrity": "sha512-Vg0C9s/REX6/WIXN37UKpv5ZhRi6A4pjHlpkE34+8/a6c2W1Q692n3hmc+SZG5lKRnaExLUbxtJ1SVT+KaCQ/A==",
"dev": true
},
+ "backoff": {
+ "version": "2.5.0",
+ "resolved": "https://registry.npmjs.org/backoff/-/backoff-2.5.0.tgz",
+ "integrity": "sha1-9hbtqdPktmuMp/ynn2lXIsX44m8=",
+ "requires": {
+ "precond": "0.2.3"
+ }
+ },
"balanced-match": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
@@ -690,6 +708,17 @@
"resolved": "https://registry.npmjs.org/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz",
"integrity": "sha1-hZgoeOIbmOHGZCXgPQF0eI9Wnug="
},
+ "bunyan": {
+ "version": "1.8.12",
+ "resolved": "https://registry.npmjs.org/bunyan/-/bunyan-1.8.12.tgz",
+ "integrity": "sha1-8VDw9nSKvdcq6uhPBEA74u8RN5c=",
+ "requires": {
+ "dtrace-provider": "0.8.6",
+ "moment": "2.20.1",
+ "mv": "2.1.1",
+ "safe-json-stringify": "1.1.0"
+ }
+ },
"bytes": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz",
@@ -1140,6 +1169,14 @@
"es5-ext": "0.10.39"
}
},
+ "dashdash": {
+ "version": "1.14.1",
+ "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz",
+ "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=",
+ "requires": {
+ "assert-plus": "1.0.0"
+ }
+ },
"date-now": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/date-now/-/date-now-0.1.4.tgz",
@@ -1269,6 +1306,15 @@
"is-obj": "1.0.1"
}
},
+ "dtrace-provider": {
+ "version": "0.8.6",
+ "resolved": "https://registry.npmjs.org/dtrace-provider/-/dtrace-provider-0.8.6.tgz",
+ "integrity": "sha1-QooiOv4DQl0s1tY0f99AxmkDVj0=",
+ "optional": true,
+ "requires": {
+ "nan": "2.9.2"
+ }
+ },
"duplexer": {
"version": "0.1.1",
"resolved": "https://registry.npmjs.org/duplexer/-/duplexer-0.1.1.tgz",
@@ -1930,6 +1976,11 @@
}
}
},
+ "extsprintf": {
+ "version": "1.2.0",
+ "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.2.0.tgz",
+ "integrity": "sha1-WtlGwi9bMrp/jNdCZxHG6KP8JSk="
+ },
"fast-deep-equal": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.0.0.tgz",
@@ -2126,7 +2177,7 @@
"integrity": "sha512-WIr7iDkdmdbxu/Gh6eKEZJL6KPE74/5MEsf2whTOFNxbIoIixogroLdKYqB6FDav4Wavh/lZdzzd3b2KxIXC5Q==",
"optional": true,
"requires": {
- "nan": "2.9.1",
+ "nan": "2.9.2",
"node-pre-gyp": "0.6.39"
},
"dependencies": {
@@ -2660,7 +2711,6 @@
"os-tmpdir": {
"version": "1.0.2",
"bundled": true,
- "dev": true,
"optional": true
},
"osenv": {
@@ -3311,7 +3361,6 @@
"version": "1.0.6",
"resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
"integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=",
- "dev": true,
"requires": {
"once": "1.4.0",
"wrappy": "1.0.2"
@@ -3821,6 +3870,38 @@
"invert-kv": "1.0.0"
}
},
+ "ldap-filter": {
+ "version": "0.2.2",
+ "resolved": "https://registry.npmjs.org/ldap-filter/-/ldap-filter-0.2.2.tgz",
+ "integrity": "sha1-8rhCvguG2jNSeYUFsx68rlkNd9A=",
+ "requires": {
+ "assert-plus": "0.1.5"
+ },
+ "dependencies": {
+ "assert-plus": {
+ "version": "0.1.5",
+ "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-0.1.5.tgz",
+ "integrity": "sha1-7nQAlBMALYTOxyGcasgRgS5yMWA="
+ }
+ }
+ },
+ "ldapjs": {
+ "version": "1.0.2",
+ "resolved": "https://registry.npmjs.org/ldapjs/-/ldapjs-1.0.2.tgz",
+ "integrity": "sha1-VE/3Ayt7g8aPBwEyjZKXqmlDQPk=",
+ "requires": {
+ "asn1": "0.2.3",
+ "assert-plus": "1.0.0",
+ "backoff": "2.5.0",
+ "bunyan": "1.8.12",
+ "dashdash": "1.14.1",
+ "dtrace-provider": "0.8.6",
+ "ldap-filter": "0.2.2",
+ "once": "1.4.0",
+ "vasync": "1.6.4",
+ "verror": "1.10.0"
+ }
+ },
"levn": {
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz",
@@ -4157,6 +4238,12 @@
}
}
},
+ "moment": {
+ "version": "2.20.1",
+ "resolved": "https://registry.npmjs.org/moment/-/moment-2.20.1.tgz",
+ "integrity": "sha512-Yh9y73JRljxW5QxN08Fner68eFLxM5ynNOAw2LbIB1YAGeQzZT8QFSUvkAz609Zf+IHhhaUxqZK8dG3W/+HEvg==",
+ "optional": true
+ },
"morgan": {
"version": "1.9.0",
"resolved": "https://registry.npmjs.org/morgan/-/morgan-1.9.0.tgz",
@@ -4180,10 +4267,45 @@
"integrity": "sha1-MHXOk7whuPq0PhvE2n6BFe0ee6s=",
"dev": true
},
+ "mv": {
+ "version": "2.1.1",
+ "resolved": "https://registry.npmjs.org/mv/-/mv-2.1.1.tgz",
+ "integrity": "sha1-rmzg1vbV4KT32JN5jQPB6pVZtqI=",
+ "optional": true,
+ "requires": {
+ "mkdirp": "0.5.1",
+ "ncp": "2.0.0",
+ "rimraf": "2.4.5"
+ },
+ "dependencies": {
+ "glob": {
+ "version": "6.0.4",
+ "resolved": "https://registry.npmjs.org/glob/-/glob-6.0.4.tgz",
+ "integrity": "sha1-DwiGD2oVUSey+t1PnOJLGqtuTSI=",
+ "optional": true,
+ "requires": {
+ "inflight": "1.0.6",
+ "inherits": "2.0.3",
+ "minimatch": "3.0.4",
+ "once": "1.4.0",
+ "path-is-absolute": "1.0.1"
+ }
+ },
+ "rimraf": {
+ "version": "2.4.5",
+ "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.4.5.tgz",
+ "integrity": "sha1-7nEM5dk6j9uFb7Xqj/Di11k0sto=",
+ "optional": true,
+ "requires": {
+ "glob": "6.0.4"
+ }
+ }
+ }
+ },
"nan": {
- "version": "2.9.1",
- "resolved": "https://registry.npmjs.org/nan/-/nan-2.9.1.tgz",
- "integrity": "sha512-c609vVPyCEuuzqOjx3hwsSZMXLg5QTzbTfgBmEx6N444ymBt1+Yg/rTGr2+4S3VJ3btXI8m1TZ7nLcYcRTZYuQ==",
+ "version": "2.9.2",
+ "resolved": "https://registry.npmjs.org/nan/-/nan-2.9.2.tgz",
+ "integrity": "sha512-ltW65co7f3PQWBDbqVvaU1WtFJUsNW7sWWm4HINhbMQIyVyzIeyZ8toX5TC5eeooE6piZoaEh4cZkueSKG3KYw==",
"optional": true
},
"nanomatch": {
@@ -4211,6 +4333,12 @@
"integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=",
"dev": true
},
+ "ncp": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/ncp/-/ncp-2.0.0.tgz",
+ "integrity": "sha1-GVoh1sRuNh0vsSgbo4uR6d9727M=",
+ "optional": true
+ },
"negotiator": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz",
@@ -4463,7 +4591,6 @@
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
"integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=",
- "dev": true,
"requires": {
"wrappy": "1.0.2"
}
@@ -4856,6 +4983,11 @@
"xtend": "4.0.1"
}
},
+ "precond": {
+ "version": "0.2.3",
+ "resolved": "https://registry.npmjs.org/precond/-/precond-0.2.3.tgz",
+ "integrity": "sha1-qpWRvKokkj8eD0hJ0kD0fvwQdaw="
+ },
"prelude-ls": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz",
@@ -5275,6 +5407,12 @@
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz",
"integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg=="
},
+ "safe-json-stringify": {
+ "version": "1.1.0",
+ "resolved": "https://registry.npmjs.org/safe-json-stringify/-/safe-json-stringify-1.1.0.tgz",
+ "integrity": "sha512-EzBtUaFH9bHYPc69wqjp0efJI/DPNHdFbGE3uIMn4sVbO0zx8vZ8cG4WKxQfOpUOKsQyGBiT2mTqnCw+6nLswA==",
+ "optional": true
+ },
"safe-regex": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz",
@@ -6373,6 +6511,34 @@
"resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
"integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw="
},
+ "vasync": {
+ "version": "1.6.4",
+ "resolved": "https://registry.npmjs.org/vasync/-/vasync-1.6.4.tgz",
+ "integrity": "sha1-3+k2Fq0OeugBszKp2Iv8XNyOHR8=",
+ "requires": {
+ "verror": "1.6.0"
+ },
+ "dependencies": {
+ "verror": {
+ "version": "1.6.0",
+ "resolved": "https://registry.npmjs.org/verror/-/verror-1.6.0.tgz",
+ "integrity": "sha1-fROyex+swuLakEBetepuW90lLqU=",
+ "requires": {
+ "extsprintf": "1.2.0"
+ }
+ }
+ }
+ },
+ "verror": {
+ "version": "1.10.0",
+ "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz",
+ "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=",
+ "requires": {
+ "assert-plus": "1.0.0",
+ "core-util-is": "1.0.2",
+ "extsprintf": "1.2.0"
+ }
+ },
"vm-browserify": {
"version": "0.0.4",
"resolved": "https://registry.npmjs.org/vm-browserify/-/vm-browserify-0.0.4.tgz",
@@ -6664,8 +6830,7 @@
"wrappy": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
- "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=",
- "dev": true
+ "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
},
"write": {
"version": "0.2.1",
diff --git a/package.json b/package.json
index 37aa584..e4e0dde 100644
--- a/package.json
+++ b/package.json
@@ -15,6 +15,7 @@
"graphql-server-express": "^1.3.2",
"graphql-tools": "^2.21.0",
"knex": "^0.14.4",
+ "ldapjs": "^1.0.2",
"morgan": "^1.9.0",
"pg": "^7.4.1",
"serve-favicon": "^2.4.5",
diff --git a/src/ldap_data.js b/src/ldap_data.js
new file mode 100644
index 0000000..f0c194e
--- /dev/null
+++ b/src/ldap_data.js
@@ -0,0 +1,44 @@
+var ensureLoggedin = require('connect-ensure-login').ensureLoggedIn;
+var ldapescape = require("ldap-escape");
+//var Fuse = require("fuse.js");
+
+var ldap = require('ldapjs');
+
+var client = ldap.createClient({ url: "ldap://frankiz", timeout: 10000, idleTimeout: 10000});
+
+/**
+ * @summary Key function ; interrogates LDAP to get list of groups the person's in
+ * @arg {int} person_id
+ * @return {string} List of groups where the specified user is member
+ */
+function groupsUserIsMember(person_id) {
+ return client.search("ou=groups,dc=frankiz,dc=net", {
+ scope: "one",
+ filter: ldapescape.filter("(|(memberUid=${id})(restrictedMemberUid={$id}))",{id: person_id}),
+ attributes: "uid",
+ },
+ /**
+ * @summary Fonction gestion erreur ; sûrement un truc malin à faire
+ * @arg {Object} err - Code d'erreur
+ * @arg {Object} res - Résultat de la fonction
+ */
+ function(err, res) { return err;
+ /**
+ if (err) {
+ reject("LDAP ");
+ }
+ assert.ifError(err);
+
+ res.on('searchEntry', function(entry) {
+ console.log('entry: ' + JSON.stringify(entry.object));
+ });
+ res.on('searchReference', function(referral) {
+ console.log('referral: ' + referral.uris.join());
+ });
+ res.on('error', function(err) {
+ console.error('error: ' + err.message);
+ });
+ res.on('end', function(result) {
+ console.log('status: ' + result.status);}); */
+ });
+}
\ No newline at end of file
diff --git a/src/talk_ldap_data.js b/src/talk_ldap_data.js
deleted file mode 100644
index be10c96..0000000
--- a/src/talk_ldap_data.js
+++ /dev/null
@@ -1,161 +0,0 @@
-var ensureLoggedin = require('connect-ensure-login').ensureLoggedIn;
-var ldapescape = require("ldap-escape");
-var Fuse = require("fuse.js");
-
-/**
- * @summary Fonction de Toussaint
- * @arg {int} uid - L'id à tester
- * @arg {int} from - Le groupe à tester
- * @arg {string} client - Le serveur à tester
- */
-function checkGroupAdmin(uid, from, client){
- return new Promise(function(resolve, reject) {
- client.search("dc=frankiz,dc=net", {scope: "sub", attributes: ["cn", "uid", "mail", "memberUid", "objectClass"], filter: ldapescape.filter("(uid=${uid})", {uid: from})}, function(err, resldap){
- if (err) {
- reject("LDAP search error");
- } else {
- resldap.on('searchEntry', function(entry) {
- if (entry.object.objectClass.indexOf("inetOrgPerson") > -1) {
- if (entry.object.uid == uid) {
- resolve(entry.object.cn + " <" + entry.object.mail + ">");
- } else {
- reject("Cannot send as user which is not you");
- }
- } else {
- if (entry.object.memberUid.indexOf(uid) > -1) {
- resolve(entry.object.cn + " <" + from + "@eleves.polytechnique.fr>");
- } else {
- reject("You are not admin of this group");
- }
- }
- });
- }
- });
- });
-}
-
-module.exports = function(server, passport, ldap, mailqueue, config) {
- // Create Express API's here
-
- server.post('/api/auth', passport.authenticate('ldapauth', {failureRedirect: '/'}), function (req, res) {
- req.session.dn = req.user.dn;
- req.session.password = req.body.password;
-
- if (req.session.returnTo !== undefined) {
- res.redirect(req.session.returnTo);
- } else {
- res.redirect("/send");
- }
- });
-
- server.get('/api/logout', function(req, res){
- req.logout();
- res.redirect('/');
- });
-
- server.get('/api/listfrom', ensureLoggedin(), function(req, res){
- var client = ldap.createClient({
- url: config.ldap.server,
- });
- client.bind(req.session.dn, req.session.password, function(err){
- if (err) {
- console.error("Error binding", err);
- res.status(500).end("Unable to bind");
- } else {
- var out = [{name: req.user.cn, mail: req.user.mail, id: req.user.uid}];
- client.search("ou=groups,dc=frankiz,dc=net", {scope: "sub", attributes: ["cn", "uid"], filter: ldapescape.filter("(memberUid=${uid})", {uid: req.user.uid})}, function(err, resldap){
- if (err) {
- console.error(err);
- } else {
- resldap.on('error', function(err) {
- console.error('error: ' + err.message);
- });
-
- resldap.on('searchEntry', function(entry) {
- out.push({name: entry.object.cn, id: entry.object.uid, mail: entry.object.uid + "@eleves.polytechnique.fr"});
- });
-
- resldap.on('end', function(result) {
- res.json(out);
- });
- }
- });
- }
- });
-
- });
-
- server.get('/api/autocomplete/:query', ensureLoggedin(), function(req, res){
- var client = ldap.createClient({
- url: config.ldap.server
- });
- client.bind(req.session.dn, req.session.password, function(err){
- if (err) {
- console.error("Error binding", err);
- res.status(500).end("Unable to bind");
- } else {
- var out = [];
- client.search("ou=eleves,dc=frankiz,dc=net", {scope: "sub", attributes: ["cn", "uid", "mail"], filter: ldapescape.filter("(|(uid=*${uid}*)(cn=*${uid}*))", {uid: req.params.query})}, function(err, resldap){
- if (err) {
- console.error(err);
- } else {
- resldap.on('error', function(err) {
- console.error('error: ' + err.message);
- });
-
- resldap.on('searchEntry', function(entry) {
- out.push({label: entry.object.cn, id: entry.object.uid, value: entry.object.mail});
- });
-
- resldap.on('end', function(result) {
- var options = {
- shouldSort: true,
- threshold: 0.6,
- location: 0,
- distance: 100,
- maxPatternLength: 32,
- minMatchCharLength: 1,
- keys: ["label", "value"]
- };
-
- var fuse = new Fuse(out, options);
-
- res.json(fuse.search(req.params.query));
- });
- }
- });
- }
- });
- });
-
- server.post('/api/send', ensureLoggedin(), function(req, res){
- var client = ldap.createClient({
- url: config.ldap.server
- });
- client.bind(req.session.dn, req.session.password, function(err){
- if (err) {
- console.error("Error binding", err);
- res.status(500).end("Unable to bind");
- } else {
- checkGroupAdmin(req.user.uid, req.body.from, client).then(function(sender){
- var to = JSON.parse(req.body.to);
- console.log(to);
- for (var i = 0; i < to.length; i++) {
- message = {
- from: sender,
- to: to[i].value,
- subject: req.body.subject,
- html: req.body.content
- };
- mailqueue.push(message);
- }
-
- }, function(error){console.error(error);});
- res.redirect("/send");
- }
- });
-
- });
-
-
-};
--
GitLab