Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-03-09 22:00:20 +01:00
Code Issues Packages Projects Releases Activity

add basic group support to the ldap plugin

Browse Source
This commit is contained in:
Stanisław Pitucha
2011-01-31 04:14:01 +00:00
parent 2e0d11d702
commit 927b6636db
3 changed files with 52 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPAuthenticationHandler.java
View File

@@ -49,6 +49,7 @@ import sonia.scm.user.User;
import sonia.scm.util.AssertUtil;
import sonia.scm.web.security.AuthenticationHandler;
import sonia.scm.web.security.AuthenticationResult;
import sonia.scm.web.security.AuthenticationState;
//~--- JDK imports ------------------------------------------------------------
@@ -56,11 +57,14 @@ import java.io.IOException;
import java.text.MessageFormat;
import java.util.HashSet;
import java.util.Properties;
import java.util.Set;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
@@ -133,7 +137,8 @@ public class LDAPAuthenticationHandler implements AuthenticationHandler
searchControls.setCountLimit(1);
searchControls.setReturningAttributes(new String[] {
config.getAttributeNameId(),
config.getAttributeNameFullname(), config.getAttributeNameMail() });
config.getAttributeNameFullname(), config.getAttributeNameMail(),
config.getAttributeNameGroup() });
String filter = MessageFormat.format(config.getSearchFilter(), username);
String baseDn = config.getUnitPeople() + "," + config.getBaseDn();
@@ -172,7 +177,10 @@ public class LDAPAuthenticationHandler implements AuthenticationHandler
(String) userAttributes.get(
config.getAttributeNameMail()).get());
user.setType(TYPE);
result = new AuthenticationResult(user);
Set<String> userGroups = getGroups(userAttributes);
user.setAdmin(isAdmin(userGroups, user));
result = new AuthenticationResult(user, userGroups);
}
catch (NamingException ex)
{
@@ -219,6 +227,35 @@ public class LDAPAuthenticationHandler implements AuthenticationHandler
return result;
}
private Set<String> getGroups(Attributes userAttributes) throws NamingException {
Set<String> groups = new HashSet<String>();
Attribute groupsAttribute = userAttributes.get(config.getAttributeNameGroup());
if (groupsAttribute != null) {
NamingEnumeration<?> userGroups = (NamingEnumeration<?>) groupsAttribute.getAll();
while (userGroups.hasMore())
groups.add((String) userGroups.next());
userGroups.close();
} else {
logger.info("user has no groups assigned");
}
return groups;
}
private boolean isAdmin(Set<String> userGroups, User user) throws NamingException {
Set<String> adminGroups = config.getAdminGroupSet();
for (String group : userGroups)
if (adminGroups.contains(group))
return true;
Set<String> adminUsers = config.getAdminUserSet();
if (adminUsers.contains(user.getName()))
return true;
return false;
}
/**
* Method description
*

7
plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfig.java
View File

@@ -118,6 +118,10 @@ public class LDAPConfig
return attributeNameMail;
}
public String getAttributeNameGroup() {
return attributeNameGroup;
}
/**
* Method description
*
@@ -306,6 +310,9 @@ public class LDAPConfig
/** Field description */
@XmlElement(name = "attribute-name-mail")
private String attributeNameMail = "mail";
@XmlElement(name = "attribute-name-group")
private String attributeNameGroup = "group";
/** Field description */
@XmlElement(name = "base-dn")

6
plugins/scm-auth-ldap-plugin/src/main/resources/sonia/scm/auth/ldap/sonia.ldap.js
View File

@@ -69,6 +69,12 @@ registerGeneralConfigPanel({
name : 'attribute-name-mail',
allowBlank : true
}
,{
xtype : 'textfield',
fieldLabel : 'Group Attribute Name',
name : 'attribute-name-group',
allowBlank : true
}
,{
xtype : 'textfield',
fieldLabel : 'Base DN',