gitea
/
gitea-group-sync
mirror of https://github.com/gitea-group-sync/gitea-group-sync
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Creating a Config Structure for better readability.

pull/7/head
localleon 2020-09-28 16:01:20 +02:00
parent 92cd9ecb26
commit f428ac2623
1 changed files with 138 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

256
gitea-group-sync.go
View File

@ -9,10 +9,10 @@ import (
"strconv" "strconv"
"strings" "strings"
"time" "time"
)


import "gopkg.in/ldap.v3" "github.com/robfig/cron/v3"
import "github.com/robfig/cron/v3" "gopkg.in/ldap.v3"
)


func AddUsersToTeam(apiKeys GiteaKeys, users []Account, team int) bool { func AddUsersToTeam(apiKeys GiteaKeys, users []Account, team int) bool {


@ -66,109 +66,129 @@ func main() {
c.Start() c.Start()
fmt.Println(c.Entries()) fmt.Println(c.Entries())
for true { for true {
time.Sleep(100*time.Second) time.Sleep(100 * time.Second)
} }
} }


// Config describes the settings of the application. This structure is used in the settings-import process
type Config struct {
apiKeys GiteaKeys
ldapUrl string
ldapPort int
ldapTls bool
ldapBindDN string
ldapBindPassword string
ldapFilter string
ldapUserSearchBase string
repTime string
ldapUserIdentityAttribute string
ldapUserFullName string
}

// This Function parses the enviroment for application specific variables and returns a Config struct.
// Used for setting all required settings in the application
func importEnvVars() Config {

// Create temporary structs for creating the final config
envConfig := Config{}
envConfig.apiKeys = GiteaKeys{}

// Start parsing env. Variables
if len(os.Getenv("GITEA_TOKEN")) < 40 { // get on https://[web_site_url]/user/settings/applications
log.Println("GITEA_TOKEN is empty or invalid.")
} else {
envConfig.apiKeys.TokenKey = strings.Split(os.Getenv("GITEA_TOKEN"), ",")
}

if len(os.Getenv("GITEA_URL")) == 0 {
log.Println("GITEA_URL is empty")
} else {
envConfig.apiKeys.BaseUrl = os.Getenv("GITEA_URL")
}

if len(os.Getenv("LDAP_URL")) == 0 {
log.Println("LDAP_URL is empty")
} else {
envConfig.ldapUrl = os.Getenv("LDAP_URL")
}

if len(os.Getenv("LDAP_TLS_PORT")) > 0 {
port, err := strconv.Atoi(os.Getenv("LDAP_TLS_PORT"))
envConfig.ldapPort = port
envConfig.ldapTls = true
log.Printf("DialTLS:=%v:%d", envConfig.ldapUrl, envConfig.ldapPort)
if err != nil {
log.Println("LDAP_TLS_PORT is invalid.")
}
} else {
if len(os.Getenv("LDAP_PORT")) > 0 {
port, err := strconv.Atoi(os.Getenv("LDAP_PORT"))
envConfig.ldapPort = port
envConfig.ldapTls = false
log.Printf("Dial:=%v:%d", envConfig.ldapUrl, envConfig.ldapPort)
if err != nil {
log.Println("LDAP_PORT is invalid.")
}
}
}

if len(os.Getenv("BIND_DN")) == 0 {
log.Println("BIND_DN is empty")
} else {
envConfig.ldapBindDN = os.Getenv("BIND_DN")
}

if len(os.Getenv("BIND_PASSWORD")) == 0 {
log.Println("BIND_PASSWORD is empty")
} else {
envConfig.ldapBindPassword = os.Getenv("BIND_PASSWORD")
}

if len(os.Getenv("LDAP_FILTER")) == 0 {
log.Println("LDAP_FILTER is empty")
} else {
envConfig.ldapFilter = os.Getenv("LDAP_FILTER")
}

if len(os.Getenv("LDAP_USER_SEARCH_BASE")) == 0 {
log.Println("LDAP_USER_SEARCH_BASE is empty")
} else {
envConfig.ldapUserSearchBase = os.Getenv("LDAP_USER_SEARCH_BASE")
}

if len(os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")) == 0 {
envConfig.ldapUserIdentityAttribute = "uid"
log.Println("By default LDAP_USER_IDENTITY_ATTRIBUTE = 'uid'")
} else {
envConfig.ldapUserIdentityAttribute = os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")
}

if len(os.Getenv("LDAP_USER_FULL_NAME")) == 0 {
envConfig.ldapUserFullName = "sn" //change to cn if you need it
log.Println("By default LDAP_USER_FULL_NAME = 'sn'")
} else {
envConfig.ldapUserFullName = os.Getenv("LDAP_USER_FULL_NAME")
}

return envConfig // return the config struct for use.
}

func mainJob() { func mainJob() {


//------------------------------ //------------------------------
// Check and Set input settings // Check and Set input settings
//------------------------------ //------------------------------


var apiKeys GiteaKeys log.Println("Fallback: Importing Settings from Enviroment Variables ")

cfg := importEnvVars()
if len(os.Getenv("GITEA_TOKEN")) < 40 { // get on https://[web_site_url]/user/settings/applications
log.Println("GITEA_TOKEN is empty or invalid.")
} else {
apiKeys.TokenKey = strings.Split(os.Getenv("GITEA_TOKEN"), ",")
}

if len(os.Getenv("GITEA_URL")) == 0 {
log.Println("GITEA_URL is empty")
} else {
apiKeys.BaseUrl = os.Getenv("GITEA_URL")
}

var ldapUrl string = "ucs.totalwebservices.net"
if len(os.Getenv("LDAP_URL")) == 0 {
log.Println("LDAP_URL is empty")
} else {
ldapUrl = os.Getenv("LDAP_URL")
}

var ldapPort int
var ldapTls bool
if len(os.Getenv("LDAP_TLS_PORT")) > 0 {
port, err := strconv.Atoi(os.Getenv("LDAP_TLS_PORT"))
ldapPort = port
ldapTls = true
log.Printf("DialTLS:=%v:%d", ldapUrl, ldapPort)
if err != nil {
log.Println("LDAP_TLS_PORT is invalid.")
}
} else {
if len(os.Getenv("LDAP_PORT")) > 0 {
port, err := strconv.Atoi(os.Getenv("LDAP_PORT"))
ldapPort = port
ldapTls = false
log.Printf("Dial:=%v:%d", ldapUrl, ldapPort)
if err != nil {
log.Println("LDAP_PORT is invalid.")
}
}
}

var ldapbindDN string
if len(os.Getenv("BIND_DN")) == 0 {
log.Println("BIND_DN is empty")
} else {
ldapbindDN = os.Getenv("BIND_DN")
}

var ldapbindPassword string
if len(os.Getenv("BIND_PASSWORD")) == 0 {
log.Println("BIND_PASSWORD is empty")
} else {
ldapbindPassword = os.Getenv("BIND_PASSWORD")
}

var ldapUserFilter string
if len(os.Getenv("LDAP_FILTER")) == 0 {
log.Println("LDAP_FILTER is empty")
} else {
ldapUserFilter = os.Getenv("LDAP_FILTER")
}

var ldapUserSearchBase string
if len(os.Getenv("LDAP_USER_SEARCH_BASE")) == 0 {
log.Println("LDAP_USER_SEARCH_BASE is empty")
} else {
ldapUserSearchBase = os.Getenv("LDAP_USER_SEARCH_BASE")
}

var ldapUserIdentityAttribute string
if len(os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")) == 0 {
ldapUserIdentityAttribute = "uid"
log.Println("By default LDAP_USER_IDENTITY_ATTRIBUTE = 'uid'")
} else {
ldapUserIdentityAttribute = os.Getenv("LDAP_USER_IDENTITY_ATTRIBUTE")
}

var ldapUserFullName string
if len(os.Getenv("LDAP_USER_FULL_NAME")) == 0 {
ldapUserFullName = "sn" //change to cn if you need it
log.Println("By default LDAP_USER_FULL_NAME = 'sn'")
} else {
ldapUserFullName = os.Getenv("LDAP_USER_FULL_NAME")
}


// Prepare LDAP Connection
var l *ldap.Conn var l *ldap.Conn
var err error var err error
if ldapTls { if cfg.ldapTls {
l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort), &tls.Config{InsecureSkipVerify: true}) l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", cfg.ldapUrl, cfg.ldapPort), &tls.Config{InsecureSkipVerify: true})
} else { } else {
l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort)) l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", cfg.ldapUrl, cfg.ldapPort))
} }


if err != nil { if err != nil {
@ -178,16 +198,16 @@ func mainJob() {
} }
defer l.Close() defer l.Close()


err = l.Bind(ldapbindDN, ldapbindPassword) err = l.Bind(cfg.ldapBindDN, cfg.ldapBindPassword)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
page := 1 page := 1
apiKeys.BruteforceTokenKey = 0 cfg.apiKeys.BruteforceTokenKey = 0
apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations cfg.apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations
organizationList := RequestOrganizationList(apiKeys) organizationList := RequestOrganizationList(cfg.apiKeys)


log.Printf("%d organizations were found on the server: %s", len(organizationList), apiKeys.BaseUrl) log.Printf("%d organizations were found on the server: %s", len(organizationList), cfg.apiKeys.BaseUrl)


for 1 < len(organizationList) { for 1 < len(organizationList) {


@ -197,21 +217,21 @@ func mainJob() {


log.Printf("Begin an organization review: OrganizationName= %v, OrganizationId= %d \n", organizationList[i].Name, organizationList[i].Id) log.Printf("Begin an organization review: OrganizationName= %v, OrganizationId= %d \n", organizationList[i].Name, organizationList[i].Id)


apiKeys.Command = "/api/v1/orgs/" + organizationList[i].Name + "/teams?access_token=" cfg.apiKeys.Command = "/api/v1/orgs/" + organizationList[i].Name + "/teams?access_token="
teamList := RequestTeamList(apiKeys) teamList := RequestTeamList(cfg.apiKeys)
log.Printf("%d teams were found in %s organization", len(teamList), organizationList[i].Name) log.Printf("%d teams were found in %s organization", len(teamList), organizationList[i].Name)
log.Printf("Skip synchronization in the Owners team") log.Printf("Skip synchronization in the Owners team")
apiKeys.BruteforceTokenKey = 0 cfg.apiKeys.BruteforceTokenKey = 0


for j := 1; j < len(teamList); j++ { for j := 1; j < len(teamList); j++ {


// preparing request to ldap server // preparing request to ldap server
filter := fmt.Sprintf(ldapUserFilter, teamList[j].Name) filter := fmt.Sprintf(cfg.ldapFilter, teamList[j].Name)
searchRequest := ldap.NewSearchRequest( searchRequest := ldap.NewSearchRequest(
ldapUserSearchBase, // The base dn to search cfg.ldapUserSearchBase, // The base dn to search
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
filter, // The filter to apply filter, // The filter to apply
[]string{"cn", "uid", "mailPrimaryAddress, sn", ldapUserIdentityAttribute}, // A list attributes to retrieve []string{"cn", "uid", "mailPrimaryAddress, sn", cfg.ldapUserIdentityAttribute}, // A list attributes to retrieve
nil, nil,
) )
// make request to ldap server // make request to ldap server
@ -223,18 +243,18 @@ func mainJob() {
AccountsGitea := make(map[string]Account) AccountsGitea := make(map[string]Account)
var addUserToTeamList, delUserToTeamlist []Account var addUserToTeamList, delUserToTeamlist []Account
if len(sr.Entries) > 0 { if len(sr.Entries) > 0 {
log.Printf("The LDAP %s has %d users corresponding to team %s", ldapUrl, len(sr.Entries), teamList[j].Name) log.Printf("The LDAP %s has %d users corresponding to team %s", cfg.ldapUrl, len(sr.Entries), teamList[j].Name)
for _, entry := range sr.Entries { for _, entry := range sr.Entries {


AccountsLdap[entry.GetAttributeValue(ldapUserIdentityAttribute)] = Account{ AccountsLdap[entry.GetAttributeValue(cfg.ldapUserIdentityAttribute)] = Account{
Full_name: entry.GetAttributeValue(ldapUserFullName), Full_name: entry.GetAttributeValue(cfg.ldapUserFullName),
Login: entry.GetAttributeValue(ldapUserIdentityAttribute), Login: entry.GetAttributeValue(cfg.ldapUserIdentityAttribute),
} }
} }


apiKeys.Command = "/api/v1/teams/" + fmt.Sprintf("%d", teamList[j].Id) + "/members?access_token=" cfg.apiKeys.Command = "/api/v1/teams/" + fmt.Sprintf("%d", teamList[j].Id) + "/members?access_token="
AccountsGitea, apiKeys.BruteforceTokenKey = RequestUsersList(apiKeys) AccountsGitea, cfg.apiKeys.BruteforceTokenKey = RequestUsersList(cfg.apiKeys)
log.Printf("The gitea %s has %d users corresponding to team %s Teamid=%d", apiKeys.BaseUrl, len(AccountsGitea), teamList[j].Name, teamList[j].Id) log.Printf("The gitea %s has %d users corresponding to team %s Teamid=%d", cfg.apiKeys.BaseUrl, len(AccountsGitea), teamList[j].Name, teamList[j].Id)


for k, v := range AccountsLdap { for k, v := range AccountsLdap {
if AccountsGitea[k].Login != v.Login { if AccountsGitea[k].Login != v.Login {
@ -242,7 +262,7 @@ func mainJob() {
} }
} }
log.Printf("can be added users list %v", addUserToTeamList) log.Printf("can be added users list %v", addUserToTeamList)
AddUsersToTeam(apiKeys, addUserToTeamList, teamList[j].Id) AddUsersToTeam(cfg.apiKeys, addUserToTeamList, teamList[j].Id)


for k, v := range AccountsGitea { for k, v := range AccountsGitea {
if AccountsLdap[k].Login != v.Login { if AccountsLdap[k].Login != v.Login {
@ -250,18 +270,18 @@ func mainJob() {
} }
} }
log.Printf("must be del users list %v", delUserToTeamlist) log.Printf("must be del users list %v", delUserToTeamlist)
DelUsersFromTeam(apiKeys, delUserToTeamlist, teamList[j].Id) DelUsersFromTeam(cfg.apiKeys, delUserToTeamlist, teamList[j].Id)


} else { } else {
log.Printf("The LDAP %s not found users corresponding to team %s", ldapUrl, teamList[j].Name) log.Printf("The LDAP %s not found users corresponding to team %s", cfg.ldapUrl, teamList[j].Name)
} }
} }
} }


page++ page++
apiKeys.BruteforceTokenKey = 0 cfg.apiKeys.BruteforceTokenKey = 0
apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations cfg.apiKeys.Command = "/api/v1/admin/orgs?page=" + fmt.Sprintf("%d", page) + "&limit=20&access_token=" // List all organizations
organizationList = RequestOrganizationList(apiKeys) organizationList = RequestOrganizationList(cfg.apiKeys)
log.Printf("%d organizations were found on the server: %s", len(organizationList), apiKeys.BaseUrl) log.Printf("%d organizations were found on the server: %s", len(organizationList), cfg.apiKeys.BaseUrl)
} }
} }