LDAP - support posixGroups in group model

app/models/auth/Group.model.js

@@ -11,6 +11,8 @@ class GroupModel extends Model {
         return {
             name: String,
             user_ids: [String],
+            posix_user_id: String,
+            posix_group_id: Number,
             active: { type: Boolean, default: true },
             ldap_visible: { type: Boolean, default: true },
         }
@@ -31,16 +33,49 @@ class GroupModel extends Model {
 
     async to_ldap() {
         const users = await this.users()
-        return {
+        const data = {
             cn: this.name,
             dn: this.dn.format(this.configs.get('ldap:server.format')),
-            objectClass: 'groupOfNames',
+            objectClass: ['groupOfNames'],
             member: users.map(x => x.dn.format(this.configs.get('ldap:server.format'))),
         }
+
+        if ( this.posix_group_id ) {
+            data.objectClass.push('posixGroup')
+            data.gidNumber = this.posix_group_id
+        }
+
+        return data
     }
 
     static async ldap_directory() {
-        return this.find({ ldap_visible: true, active: true })
+        const User = this.prototype.models.get('auth:User')
+        const groups = await this.find({ ldap_visible: true, active: true })
+
+        const posix_user_ids = groups.map(group => group.posix_user_id)
+            .filter(Boolean)
+            .map(id => User.to_object_id(id))
+
+        const missing_posix_users = await User.find({
+            ldap_visible: true,
+            _id: {
+                $nin: posix_user_ids
+            }
+        })
+
+        for ( const user of missing_posix_users ) {
+            const group = new this({
+                name: `${user.uid} (posix)`,
+                user_ids: [user.id],
+                posix_user_id: user.id,
+                posix_group_id: await user.get_uid_number(),
+            })
+
+            await group.save()
+            groups.push(group)
+        }
+
+        return groups
     }
 
     async to_api() {