From f428ac2623754da97086e85ad978532401f24b71 Mon Sep 17 00:00:00 2001 From: localleon Date: Mon, 28 Sep 2020 16:01:20 +0200 Subject: [PATCH] Creating a Config Structure for better readability. --- gitea-group-sync.go | 256 ++++++++++++++++++++++++-------------------- 1 file changed, 138 insertions(+), 118 deletions(-) diff --git a/gitea-group-sync.go b/gitea-group-sync.go index f1e3919..f5545bb 100644 --- a/gitea-group-sync.go +++ b/gitea-group-sync.go @@ -9,10 +9,10 @@ import ( "strconv" "strings" "time" -) -import "gopkg.in/ldap.v3" -import "github.com/robfig/cron/v3" + "github.com/robfig/cron/v3" + "gopkg.in/ldap.v3" +) func AddUsersToTeam(apiKeys GiteaKeys, users []Account, team int) bool { @@ -66,109 +66,129 @@ func main() { c.Start() fmt.Println(c.Entries()) for true { - time.Sleep(100*time.Second) + time.Sleep(100 * time.Second) } } +// Config describes the settings of the application. This structure is used in the settings-import process +type Config struct { + apiKeys GiteaKeys + ldapUrl string + ldapPort int + ldapTls bool + ldapBindDN string + ldapBindPassword string + ldapFilter string + ldapUserSearchBase string + repTime string + ldapUserIdentityAttribute string + ldapUserFullName string +} + +// This Function parses the enviroment for application specific variables and returns a Config struct. +// Used for setting all required settings in the application +func importEnvVars() Config { + + // Create temporary structs for creating the final config + envConfig := Config{} + envConfig.apiKeys = GiteaKeys{} + + // Start parsing env. Variables + if len(os.Getenv("GITEA_TOKEN")) < 40 { // get on https://[web_site_url]/user/settings/applications + log.Println("GITEA_TOKEN is empty or invalid.") + } else { + envConfig.apiKeys.TokenKey = strings.Split(os.Getenv("GITEA_TOKEN"), ",") + } + + if len(os.Getenv("GITEA_URL")) == 0 { + log.Println("GITEA_URL is empty") + } else { + envConfig.apiKeys.BaseUrl = os.Getenv("GITEA_URL") + } + + if len(os.Getenv("LDAP_URL")) == 0 { + log.Println("LDAP_URL is empty") + } else { + envConfig.ldapUrl = os.Getenv("LDAP_URL") + } + + if len(os.Getenv("LDAP_TLS_PORT")) > 0 { + port, err := strconv.Atoi(os.Getenv("LDAP_TLS_PORT")) + envConfig.ldapPort = port + envConfig.ldapTls = true + log.Printf("DialTLS:=%v:%d", envConfig.ldapUrl, envConfig.ldapPort) + if err != nil { + log.Println("LDAP_TLS_PORT is invalid.") + } + } else { + if len(os.Getenv("LDAP_PORT")) > 0 { + port, err := strconv.Atoi(os.Getenv("LDAP_PORT")) + envConfig.ldapPort = port + envConfig.ldapTls = false + log.Printf("Dial:=%v:%d", envConfig.ldapUrl, envConfig.ldapPort) + if err != nil { + log.Println("LDAP_PORT is invalid.") + } + } + } + + if len(os.Getenv("BIND_DN")) == 0 { + log.Println("BIND_DN is empty") + } else { + envConfig.ldapBindDN = os.Getenv("BIND_DN") + } + + if len(os.Getenv("BIND_PASSWORD")) == 0 { + log.Println("BIND_PASSWORD is empty") + } else { + envConfig.ldapBindPassword = os.Getenv("BIND_PASSWORD") + } + + if len(os.Getenv("LDAP_FILTER")) == 0 { + log.Println("LDAP_FILTER is empty") + } else { + envConfig.ldapFilter = os.Getenv("LDAP_FILTER") + } + + if len(os.Getenv("LDAP_USER_SEARCH_BASE")) == 0 { + log.Println("LDAP_USER_SEARCH_BASE is empty") + } else { + envConfig.ldapUserSearchBase = os.Getenv("LDAP_USER_SEARCH_BASE") + } + + if len(os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")) == 0 { + envConfig.ldapUserIdentityAttribute = "uid" + log.Println("By default LDAP_USER_IDENTITY_ATTRIBUTE = 'uid'") + } else { + envConfig.ldapUserIdentityAttribute = os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE") + } + + if len(os.Getenv("LDAP_USER_FULL_NAME")) == 0 { + envConfig.ldapUserFullName = "sn" //change to cn if you need it + log.Println("By default LDAP_USER_FULL_NAME = 'sn'") + } else { + envConfig.ldapUserFullName = os.Getenv("LDAP_USER_FULL_NAME") + } + + return envConfig // return the config struct for use. +} + func mainJob() { //------------------------------ // Check and Set input settings //------------------------------ - var apiKeys GiteaKeys - - if len(os.Getenv("GITEA_TOKEN")) < 40 { // get on https://[web_site_url]/user/settings/applications - log.Println("GITEA_TOKEN is empty or invalid.") - } else { - apiKeys.TokenKey = strings.Split(os.Getenv("GITEA_TOKEN"), ",") - } - - if len(os.Getenv("GITEA_URL")) == 0 { - log.Println("GITEA_URL is empty") - } else { - apiKeys.BaseUrl = os.Getenv("GITEA_URL") - } - - var ldapUrl string = "ucs.totalwebservices.net" - if len(os.Getenv("LDAP_URL")) == 0 { - log.Println("LDAP_URL is empty") - } else { - ldapUrl = os.Getenv("LDAP_URL") - } - - var ldapPort int - var ldapTls bool - if len(os.Getenv("LDAP_TLS_PORT")) > 0 { - port, err := strconv.Atoi(os.Getenv("LDAP_TLS_PORT")) - ldapPort = port - ldapTls = true - log.Printf("DialTLS:=%v:%d", ldapUrl, ldapPort) - if err != nil { - log.Println("LDAP_TLS_PORT is invalid.") - } - } else { - if len(os.Getenv("LDAP_PORT")) > 0 { - port, err := strconv.Atoi(os.Getenv("LDAP_PORT")) - ldapPort = port - ldapTls = false - log.Printf("Dial:=%v:%d", ldapUrl, ldapPort) - if err != nil { - log.Println("LDAP_PORT is invalid.") - } - } -} - - var ldapbindDN string - if len(os.Getenv("BIND_DN")) == 0 { - log.Println("BIND_DN is empty") - } else { - ldapbindDN = os.Getenv("BIND_DN") - } - - var ldapbindPassword string - if len(os.Getenv("BIND_PASSWORD")) == 0 { - log.Println("BIND_PASSWORD is empty") - } else { - ldapbindPassword = os.Getenv("BIND_PASSWORD") - } - - var ldapUserFilter string - if len(os.Getenv("LDAP_FILTER")) == 0 { - log.Println("LDAP_FILTER is empty") - } else { - ldapUserFilter = os.Getenv("LDAP_FILTER") - } - - var ldapUserSearchBase string - if len(os.Getenv("LDAP_USER_SEARCH_BASE")) == 0 { - log.Println("LDAP_USER_SEARCH_BASE is empty") - } else { - ldapUserSearchBase = os.Getenv("LDAP_USER_SEARCH_BASE") - } - - var ldapUserIdentityAttribute string - if len(os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")) == 0 { - ldapUserIdentityAttribute = "uid" - log.Println("By default LDAP_USER_IDENTITY_ATTRIBUTE = 'uid'") - } else { - ldapUserIdentityAttribute = os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE") - } - - var ldapUserFullName string - if len(os.Getenv("LDAP_USER_FULL_NAME")) == 0 { - ldapUserFullName = "sn" //change to cn if you need it - log.Println("By default LDAP_USER_FULL_NAME = 'sn'") - } else { - ldapUserFullName = os.Getenv("LDAP_USER_FULL_NAME") - } + log.Println("Fallback: Importing Settings from Enviroment Variables ") + cfg := importEnvVars() + // Prepare LDAP Connection var l *ldap.Conn var err error - if ldapTls { - l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort), &tls.Config{InsecureSkipVerify: true}) + if cfg.ldapTls { + l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", cfg.ldapUrl, cfg.ldapPort), &tls.Config{InsecureSkipVerify: true}) } else { - l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort)) + l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", cfg.ldapUrl, cfg.ldapPort)) } if err != nil { @@ -178,16 +198,16 @@ func mainJob() { } defer l.Close() - err = l.Bind(ldapbindDN, ldapbindPassword) + err = l.Bind(cfg.ldapBindDN, cfg.ldapBindPassword) if err != nil { log.Fatal(err) } page := 1 - apiKeys.BruteforceTokenKey = 0 - apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations - organizationList := RequestOrganizationList(apiKeys) + cfg.apiKeys.BruteforceTokenKey = 0 + cfg.apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations + organizationList := RequestOrganizationList(cfg.apiKeys) - log.Printf("%d organizations were found on the server: %s", len(organizationList), apiKeys.BaseUrl) + log.Printf("%d organizations were found on the server: %s", len(organizationList), cfg.apiKeys.BaseUrl) for 1 < len(organizationList) { @@ -197,21 +217,21 @@ func mainJob() { log.Printf("Begin an organization review: OrganizationName= %v, OrganizationId= %d \n", organizationList[i].Name, organizationList[i].Id) - apiKeys.Command = "/api/v1/orgs/" + organizationList[i].Name + "/teams?access_token=" - teamList := RequestTeamList(apiKeys) + cfg.apiKeys.Command = "/api/v1/orgs/" + organizationList[i].Name + "/teams?access_token=" + teamList := RequestTeamList(cfg.apiKeys) log.Printf("%d teams were found in %s organization", len(teamList), organizationList[i].Name) log.Printf("Skip synchronization in the Owners team") - apiKeys.BruteforceTokenKey = 0 + cfg.apiKeys.BruteforceTokenKey = 0 for j := 1; j < len(teamList); j++ { // preparing request to ldap server - filter := fmt.Sprintf(ldapUserFilter, teamList[j].Name) + filter := fmt.Sprintf(cfg.ldapFilter, teamList[j].Name) searchRequest := ldap.NewSearchRequest( - ldapUserSearchBase, // The base dn to search + cfg.ldapUserSearchBase, // The base dn to search ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, filter, // The filter to apply - []string{"cn", "uid", "mailPrimaryAddress, sn", ldapUserIdentityAttribute}, // A list attributes to retrieve + []string{"cn", "uid", "mailPrimaryAddress, sn", cfg.ldapUserIdentityAttribute}, // A list attributes to retrieve nil, ) // make request to ldap server @@ -223,18 +243,18 @@ func mainJob() { AccountsGitea := make(map[string]Account) var addUserToTeamList, delUserToTeamlist []Account if len(sr.Entries) > 0 { - log.Printf("The LDAP %s has %d users corresponding to team %s", ldapUrl, len(sr.Entries), teamList[j].Name) + log.Printf("The LDAP %s has %d users corresponding to team %s", cfg.ldapUrl, len(sr.Entries), teamList[j].Name) for _, entry := range sr.Entries { - AccountsLdap[entry.GetAttributeValue(ldapUserIdentityAttribute)] = Account{ - Full_name: entry.GetAttributeValue(ldapUserFullName), - Login: entry.GetAttributeValue(ldapUserIdentityAttribute), + AccountsLdap[entry.GetAttributeValue(cfg.ldapUserIdentityAttribute)] = Account{ + Full_name: entry.GetAttributeValue(cfg.ldapUserFullName), + Login: entry.GetAttributeValue(cfg.ldapUserIdentityAttribute), } } - apiKeys.Command = "/api/v1/teams/" + fmt.Sprintf("%d", teamList[j].Id) + "/members?access_token=" - AccountsGitea, apiKeys.BruteforceTokenKey = RequestUsersList(apiKeys) - log.Printf("The gitea %s has %d users corresponding to team %s Teamid=%d", apiKeys.BaseUrl, len(AccountsGitea), teamList[j].Name, teamList[j].Id) + cfg.apiKeys.Command = "/api/v1/teams/" + fmt.Sprintf("%d", teamList[j].Id) + "/members?access_token=" + AccountsGitea, cfg.apiKeys.BruteforceTokenKey = RequestUsersList(cfg.apiKeys) + log.Printf("The gitea %s has %d users corresponding to team %s Teamid=%d", cfg.apiKeys.BaseUrl, len(AccountsGitea), teamList[j].Name, teamList[j].Id) for k, v := range AccountsLdap { if AccountsGitea[k].Login != v.Login { @@ -242,7 +262,7 @@ func mainJob() { } } log.Printf("can be added users list %v", addUserToTeamList) - AddUsersToTeam(apiKeys, addUserToTeamList, teamList[j].Id) + AddUsersToTeam(cfg.apiKeys, addUserToTeamList, teamList[j].Id) for k, v := range AccountsGitea { if AccountsLdap[k].Login != v.Login { @@ -250,18 +270,18 @@ func mainJob() { } } log.Printf("must be del users list %v", delUserToTeamlist) - DelUsersFromTeam(apiKeys, delUserToTeamlist, teamList[j].Id) + DelUsersFromTeam(cfg.apiKeys, delUserToTeamlist, teamList[j].Id) } else { - log.Printf("The LDAP %s not found users corresponding to team %s", ldapUrl, teamList[j].Name) + log.Printf("The LDAP %s not found users corresponding to team %s", cfg.ldapUrl, teamList[j].Name) } } } page++ - apiKeys.BruteforceTokenKey = 0 - apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations - organizationList = RequestOrganizationList(apiKeys) - log.Printf("%d organizations were found on the server: %s", len(organizationList), apiKeys.BaseUrl) + cfg.apiKeys.BruteforceTokenKey = 0 + cfg.apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations + organizationList = RequestOrganizationList(cfg.apiKeys) + log.Printf("%d organizations were found on the server: %s", len(organizationList), cfg.apiKeys.BaseUrl) } }