Remove ldap:Group model

2020-05-20 20:35:17 -05:00
parent ea77402750
commit faab948a6b
7 changed files with 41 additions and 99 deletions
--- a/app/ldap/controllers/Groups.controller.js
+++ b/app/ldap/controllers/Groups.controller.js
@@ -14,7 +14,7 @@ class GroupsController extends LDAPController {

    constructor() {
        super()
-        this.Group = this.models.get('ldap:Group')
+        this.Group = this.models.get('auth:Group')
    }

    // TODO flitter-orm chunk query
@@ -106,7 +106,7 @@ class GroupsController extends LDAPController {
    async get_resource_from_dn(dn) {
        const cn = this.get_cn_from_dn(dn)
        if ( cn ) {
-            return this.Group.findOne({name: cn, ldap_visible: true})
+            return this.Group.findOne({name: cn, ldap_visible: true, active: true})
        }
    }
 }
--- a/app/ldap/controllers/Users.controller.js
+++ b/app/ldap/controllers/Users.controller.js
@@ -22,7 +22,13 @@ class UsersController extends LDAPController {
    // Might need to override compare to support special handling for userPassword

    // TODO generalize some of the addition logic
+    // TODO rework some of the registration and validation logic
    async add_people(req, res, next) {
+        const Setting = this.models.get('Setting')
+        if ( !(await Setting.get('auth.allow_registration')) ) {
+            return next(new LDAP.InsufficientAccessRightsError('Operation not enabled.'))
+        }
+
        if ( !req.user.can('ldap:add:users') ) {
            return next(new LDAP.InsufficientAccessRightsError())
        }
@@ -87,6 +93,7 @@ class UsersController extends LDAPController {
    }

    // TODO generalize some of the modification logic
+    // TODO rework validation
    async modify_people(req, res, next) {
        if ( !req.user.can('ldap:modify:users') ) {
            return next(new LDAP.InsufficientAccessRightsError())
--- a/app/ldap/routes/groups.routes.js
+++ b/app/ldap/routes/groups.routes.js
@@ -13,37 +13,15 @@ const groups_routes = {
        ],
    },

-    /*bind: {
-        'ou=groups': ['ldap_controller::Users.bind'],
-    },*/
+    bind: {},

-    /*add: {
-        'ou=groups': [
-            'ldap_middleware::BindUser',
-            'ldap_controller::Groups.add_group',
-        ],
-    },
+    add: {},

-    del: {
-        'ou=people': [
-            'ldap_middleware::BindUser',
-            'ldap_controller::Users.delete',
-        ],
-    },
+    del: {},

-    modify: {
-        'ou=people': [
-            'ldap_middleware::BindUser',
-            'ldap_controller::Users.modify_people',
-        ],
-    },
+    modify: {},

-    compare: {
-        'ou=people': [
-            'ldap_middleware::BindUser',
-            'ldap_controller::Users.compare',
-        ],
-    },*/
+    compare: {},

 }