From 20e723f39f987977011470ff83dabb7269868a68 Mon Sep 17 00:00:00 2001
From: garrettmills <shout@garrettmills.dev>
Date: Wed, 10 Mar 2021 15:48:27 -0600
Subject: [PATCH] LDAP - cast modifications to support posix logins

---
 app/models/auth/User.model.js | 22 +++++++++++++++++++++-
 config/ldap/server.config.js  |  3 ++-
 config/setting.config.js      |  1 +
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/app/models/auth/User.model.js b/app/models/auth/User.model.js
index 221bab3..32da3c0 100644
--- a/app/models/auth/User.model.js
+++ b/app/models/auth/User.model.js
@@ -38,9 +38,26 @@ class User extends AuthUser {
             photo_file_id: String,
             trap: String,
             notify_config: NotifyConfig,
+            uid_number: Number,
         }}
     }
 
+    async get_uid_number() {
+        if ( !this.uid_number ) {
+            const Setting = this.models.get('Setting')
+            let last_uid = await Setting.get('ldap.last_alloc_uid')
+            if ( last_uid < 1 ) {
+                last_uid = this.configs.get('ldap:server.schema.start_uid')
+            }
+
+            this.uid_number = last_uid + 1
+            await Setting.set('ldap.last_alloc_uid', this.uid_number)
+            await this.save()
+        }
+
+        return this.uid_number
+    }
+
     async photo() {
         const File = this.models.get('upload::File')
         return File.findById(this.photo_file_id)
@@ -179,10 +196,13 @@ class User extends AuthUser {
             sn: this.last_name,
             gecos: `${this.first_name} ${this.last_name}`,
             mail: this.email,
-            objectClass: ['inetOrgPerson', 'person'],
+            objectClass: ['inetOrgPerson', 'person', 'posixaccount'],
+            objectclass: ['inetOrgPerson', 'person', 'posixaccount'],
             entryuuid: this.uuid,
             entryUUID: this.uuid,
             objectGuid: this.uuid,
+            objectguid: this.uuid,
+            uidnumber: await this.get_uid_number(),
         }
 
         if ( this.tagline ) ldap_data.extras_tagline = this.tagline
diff --git a/config/ldap/server.config.js b/config/ldap/server.config.js
index bab3bd5..824a229 100644
--- a/config/ldap/server.config.js
+++ b/config/ldap/server.config.js
@@ -11,7 +11,8 @@ const ldap_server = {
         group_base: env('LDAP_GROUP_BASE', 'ou=groups'),
         auth: {
             user_id: 'uid',
-        }
+        },
+        start_uid: env('LDAP_START_UID', 80000),
     },
 
     format: {
diff --git a/config/setting.config.js b/config/setting.config.js
index ef49d6b..9457e21 100644
--- a/config/setting.config.js
+++ b/config/setting.config.js
@@ -4,6 +4,7 @@ const setting_config = {
         'auth.default_roles': [ 'base_user' ],
         'home.allow_landing': true,
         'home.redirect_authenticated': true,
+        'ldap.last_alloc_uid': -1,
     }
 }