Browse Source

added variables LDAP_USER_IDENTITY_ATTRIBUTE and LDAP_USER_FULL_NAME

pull/4/head
Selukov Andrey 5 years ago
parent
commit
05a780be00
  1. 3
      docker-compose.yml
  2. 31
      gitea-group-sync.go
  3. 1
      run.sh

3
docker-compose.yml

@ -3,7 +3,7 @@ services:
group-sync: group-sync:
container_name: gitea-group-sync container_name: gitea-group-sync
build: . build: .
image: totalweb/gitea-group-sync:0.1 image: totalweb/gitea-group-sync:0.2
environment: environment:
GITEA_TOKEN: c00c810bb668c63ce7cd8057411d2f560eac469c GITEA_TOKEN: c00c810bb668c63ce7cd8057411d2f560eac469c
GITEA_URL: http://192.168.2.2:3000 GITEA_URL: http://192.168.2.2:3000
@ -13,5 +13,4 @@ services:
BIND_PASSWORD: GoodNewsEveryone BIND_PASSWORD: GoodNewsEveryone
LDAP_FILTER: (&(objectClass=person)(memberOf=cn=%s,ou=people,dc=planetexpress,dc=com)) LDAP_FILTER: (&(objectClass=person)(memberOf=cn=%s,ou=people,dc=planetexpress,dc=com))
LDAP_USER_SEARCH_BASE: 'ou=people,dc=planetexpress,dc=com' LDAP_USER_SEARCH_BASE: 'ou=people,dc=planetexpress,dc=com'
LDAP_USER_LOGIN_ATTRIBUTE: uid
REP_TIME: '@every 1m' REP_TIME: '@every 1m'

31
gitea-group-sync.go

@ -18,8 +18,8 @@ func AddUsersToTeam(apiKeys GiteaKeys, users []Account, team int) bool {


for i := 0; i < len(users); i++ { for i := 0; i < len(users); i++ {


userlogin := url.PathEscape(fmt.Sprintf("%s", users[i].Login)) fullusername := url.PathEscape(fmt.Sprintf("%s", users[i].Full_name))
apiKeys.Command = "/api/v1/users/search?q=" + userlogin + "&access_token=" apiKeys.Command = "/api/v1/users/search?q=" + fullusername + "&access_token="
foundUsers := RequestSearchResults(apiKeys) foundUsers := RequestSearchResults(apiKeys)


for j := 0; j < len(foundUsers.Data); j++ { for j := 0; j < len(foundUsers.Data); j++ {
@ -147,17 +147,26 @@ func mainJob() {
ldapUserSearchBase = os.Getenv("LDAP_USER_SEARCH_BASE") ldapUserSearchBase = os.Getenv("LDAP_USER_SEARCH_BASE")
} }


var ldapUserLoginAttribute string var ldapUserIdentityAttribute string
if len(os.Getenv("LDAP_USER_LOGIN_ATTRIBUTE")) == 0 { if len(os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")) == 0 {
log.Println("LDAP_USER_LOGIN_ATTRIBUTE is empty") ldapUserIdentityAttribute = "uid"
log.Println("By default LDAP_USER_IDENTITY_ATTRIBUTE = 'uid'")
} else { } else {
ldapUserLoginAttribute = os.Getenv("LDAP_USER_LOGIN_ATTRIBUTE") ldapUserIdentityAttribute = os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")
}

var ldapUserFullName string
if len(os.Getenv("LDAP_USER_FULL_NAME")) == 0 {
ldapUserFullName = "sn" //change to cn if you need it
log.Println("By default LDAP_USER_FULL_NAME = 'sn'")
} else {
ldapUserIdentityAttribute = os.Getenv("LDAP_USER_FULL_NAME")
} }


var l *ldap.Conn var l *ldap.Conn
var err error var err error
if ldapTls { if ldapTls {
l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort), &tls.Config{InsecureSkipVerify: true}) // TODO: move skip verify to environment variable l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort), &tls.Config{InsecureSkipVerify: true})
} else { } else {
l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort)) l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort))
} }
@ -202,7 +211,7 @@ func mainJob() {
ldapUserSearchBase, // The base dn to search ldapUserSearchBase, // The base dn to search
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
filter, // The filter to apply filter, // The filter to apply
[]string{"cn", "uid", "mailPrimaryAddress, sn", ldapUserLoginAttribute}, // A list attributes to retrieve []string{"cn", "uid", "mailPrimaryAddress, sn", ldapUserIdentityAttribute}, // A list attributes to retrieve
nil, nil,
) )
// make request to ldap server // make request to ldap server
@ -217,9 +226,9 @@ func mainJob() {
log.Printf("The LDAP %s has %d users corresponding to team %s", ldapUrl, len(sr.Entries), teamList[j].Name) log.Printf("The LDAP %s has %d users corresponding to team %s", ldapUrl, len(sr.Entries), teamList[j].Name)
for _, entry := range sr.Entries { for _, entry := range sr.Entries {


AccountsLdap[entry.GetAttributeValue(ldapUserLoginAttribute)] = Account{ AccountsLdap[entry.GetAttributeValue(ldapUserIdentityAttribute)] = Account{
Full_name: entry.GetAttributeValue("sn"), //change to cn if you need it Full_name: entry.GetAttributeValue(ldapUserFullName),
Login: entry.GetAttributeValue(ldapUserLoginAttribute), Login: entry.GetAttributeValue(ldapUserIdentityAttribute),
} }
} }



1
run.sh

@ -7,6 +7,5 @@ export BIND_DN='cn=admin,dc=planetexpress,dc=com'
export BIND_PASSWORD=GoodNewsEveryone export BIND_PASSWORD=GoodNewsEveryone
export LDAP_FILTER='(&(objectClass=person)(memberOf=cn=%s,ou=people,dc=planetexpress,dc=com))' export LDAP_FILTER='(&(objectClass=person)(memberOf=cn=%s,ou=people,dc=planetexpress,dc=com))'
export LDAP_USER_SEARCH_BASE='ou=people,dc=planetexpress,dc=com' export LDAP_USER_SEARCH_BASE='ou=people,dc=planetexpress,dc=com'
export LDAP_USER_LOGIN_ATTRIBUTE='uid'
export REP_TIME='@every 1m' export REP_TIME='@every 1m'
go run . go run .

Loading…
Cancel
Save