Flesh out Cobalt, LDAP groups, &c.

2020-05-11 20:26:09 -05:00
parent c389e151b5
commit 6f621f5891
34 changed files with 1508 additions and 31 deletions
--- a/app/models/auth/User.model.js
+++ b/app/models/auth/User.model.js
@@ -34,6 +34,17 @@ class User extends AuthUser {
        }}
    }

+    async to_api() {
+        return {
+            id: this.id,
+            uid: this.uid,
+            first_name: this.first_name,
+            last_name: this.last_name,
+            email: this.email,
+            tagline: this.tagline,
+        }
+    }
+
    static scopes = [
        new ActiveScope({})
    ]
--- a/app/models/ldap/Client.model.js
+++ b/app/models/ldap/Client.model.js
@@ -0,0 +1,60 @@
+const { Model } = require('flitter-orm')
+
+class ClientModel extends Model {
+    static get services() {
+        return [...super.services, 'models', 'configs']
+    }
+
+    static get schema() {
+        return {
+            name: String,
+            user_id: String,
+            active: { type: Boolean, default: true },
+            last_invocation: Date,
+        }
+    }
+
+    static async create({ name, uid, password }) {
+        const User = this.prototype.models.get('auth:User')
+        const user = new User({
+            first_name: name,
+            last_name: '(LDAP Agent)',
+            uid,
+            roles: ['ldap_client'],
+        })
+
+        await user.reset_password(password, 'create')
+        await user.save()
+
+        const client = new this({
+            name,
+            user_id: user.id,
+        })
+
+        await client.save()
+        return client
+    }
+
+    async user() {
+        const User = this.models.get('auth:User')
+        return User.findById(this.user_id)
+    }
+
+    async to_api() {
+        const User = this.models.get('auth:User')
+        const user = await User.findById(this.user_id)
+
+        const role_permissions = user.roles.map(x => this.configs.get('auth.roles')[x])
+
+        return {
+            id: this.id,
+            name: this.name,
+            user_id: user.id,
+            uid: user.uid,
+            last_invocation: this.last_invocation,
+            permissions: [...user.permissions, ...role_permissions],
+        }
+    }
+}
+
+module.exports = exports = ClientModel
--- a/app/models/ldap/Group.model.js
+++ b/app/models/ldap/Group.model.js
@@ -11,10 +11,21 @@ class GroupModel extends LDAPBase {
            role: String,
            user_ids: [String],
            name: String,
+            active: {type: Boolean, default: true},
            ldap_visible: {type: Boolean, default: true},
        }
    }

+    async to_api() {
+        return {
+            id: this.id,
+            role: this.role,
+            user_ids: this.user_ids,
+            name: this.name,
+            ldap_visible: this.ldap_visible,
+        }
+    }
+
    get dn() {
        return LDAP.parseDN(`cn=${this.name},${this.ldap_server.group_dn().format(this.configs.get('ldap:server.format'))}`)
    }
--- a/app/models/saml/ServiceProvider.model.js
+++ b/app/models/saml/ServiceProvider.model.js
@@ -10,6 +10,16 @@ class ServiceProviderModel extends Model {
            slo_url: String,
        }
    }
+
+    to_api() {
+        return {
+            id: this.id,
+            name: this.name,
+            entity_id: this.entity_id,
+            acs_url: this.acs_url,
+            slo_url: this.slo_url,
+        }
+    }
 }

 module.exports = exports = ServiceProviderModel