Show iam filter for machines
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing

This commit is contained in:
Garrett Mills 2021-03-15 17:13:09 -05:00
parent 64ad8931f3
commit 0844da594e
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
4 changed files with 26 additions and 0 deletions

View File

@ -89,6 +89,7 @@ class AppResource extends CRUDBase {
field: 'id',
type: 'text',
readonly: true,
hidden: ['insert'],
help: `(LDAP use) Allows restricting users to only those that can access this application. (filter: iamTarget)`,
},
{

View File

@ -88,8 +88,17 @@ class MachineResource extends CRUDBase {
field: 'id',
type: 'text',
readonly: true,
hidden: ['insert'],
help: `(LDAP use) Allows restricting users to only those that can access this computer. (filter: iamTarget)`,
},
{
name: 'IAM Filter',
field: 'iam_filter',
type: 'text',
readonly: true,
hidden: ['insert'],
help: `(LDAP use) Use this filter to restrict access to only users granted IAM access to this computer.`,
},
],
}
}

View File

@ -76,6 +76,7 @@ class MachineGroupResource extends CRUDBase {
field: 'id',
type: 'text',
readonly: true,
hidden: ['insert'],
help: `(LDAP use) Allows restricting users to only those that can access this computer group. (filter: iamTarget)`,
},
{

View File

@ -20,6 +20,12 @@ class MachineModel extends Model {
}
async to_api() {
let iam_filter = `(|(iamTarget=${this.id})`
for ( const group of (await this.groups()) ) {
iam_filter += `(iamTarget=${group.id})`
}
iam_filter += ')'
return {
id: this.id,
name: this.name,
@ -27,9 +33,18 @@ class MachineModel extends Model {
host_name: this.host_name,
location: this.location,
ldap_visible: this.ldap_visible,
iam_filter,
}
}
async groups() {
const MachineGroup = this.models.get('ldap:MachineGroup')
return MachineGroup.find({
machine_ids: this.id,
active: true
})
}
async set_bind_password(password) {
this.bind_password = await bcrypt.hash(password, 10)
return this