Disallow LDAP bind if trap is set; support setting trap from user form

2020-05-22 09:47:01 -05:00
parent 64356d42d0
commit decb83bdbb
9 changed files with 77 additions and 4 deletions
--- a/app/routing/Middleware.js
+++ b/app/routing/Middleware.js
@@ -10,8 +10,8 @@
 */
 const Middleware = [
    "auth:Utility",
-    "Traps",
    "auth:TrustTokenUtility",
+    "Traps",
    "SAMLUtility",

    // 'MiddlewareName',
--- a/app/routing/middleware/Traps.middleware.js
+++ b/app/routing/middleware/Traps.middleware.js
@@ -48,6 +48,10 @@ class TrapUtility {
        else if ( this.user ) return this.user.trap
    }

+    trap_exists(name) {
+        return !!this.configs[name]
+    }
+
    config() {
        return this.configs[this.get_trap()]
    }
--- a/app/routing/routers/api/v1/auth.routes.js
+++ b/app/routing/routers/api/v1/auth.routes.js
@@ -8,6 +8,12 @@ const auth_routes = {
    get: {
        '/mfa/enable/date': ['middleware::auth:UserOnly', 'controller::api:v1:Auth.get_mfa_enable_date'],

+        '/traps': [
+            'middleware::auth:APIRoute',
+            ['middleware::api:Permission', { check: 'v1:auth:traps:list'}],
+            'controller::api:v1:Auth.get_traps',
+        ],
+
        '/roles': [
            'middleware::auth:APIRoute',
            ['middleware::api:Permission', { check: 'v1:auth:roles:list' }],