nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

more checking when creating ldap group
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-11 18:00:41 +11:00
parent b65d1ef52e
commit 62606cbee5
2 changed files with 36 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
controllers/controlGroups.go
View File

@@ -59,29 +59,45 @@ func AddGroupHandler(c *gin.Context) {
//remove leading/trailing spaces in groupname //remove leading/trailing spaces in groupname
g.GroupName = html.EscapeString(strings.TrimSpace(g.GroupName)) g.GroupName = html.EscapeString(strings.TrimSpace(g.GroupName))
// Check if role already exists // Check if group already exists
testGroup, _ := models.GroupGetByName(g.GroupName) testGroup, _ := models.GroupGetByName(g.GroupName)
log.Printf("AddGroup checking if group '%s' already exists\n", g.GroupName) log.Printf("AddGroupHandler checking if group '%s' already exists\n", g.GroupName)
if (models.Group{} == testGroup) { if (models.Group{} == testGroup) {
log.Printf("AddGroup confirmed no existing group name\n") log.Printf("AddGroupHandler confirmed no existing group name\n")
} else { } else {
errorString := fmt.Sprintf("attempt to register conflicting groupname '%s'", g.GroupName) errorString := fmt.Sprintf("attempt to register conflicting groupname '%s'", g.GroupName)
log.Printf("Register error : '%s'\n", errorString) log.Printf("AddGroupHandler error : '%s'\n", errorString)
c.JSON(http.StatusBadRequest, gin.H{"error": errorString}) c.JSON(http.StatusBadRequest, gin.H{"error": errorString})
return return
} }
_, err := g.GroupAdd() // Check if there is already an LDAP group with the same Dn
if g.LdapGroup {
// TODO check for existing LDAP group
testLdapGroup, _ := models.GroupGetByLdapDn(g.LdapDn)
if (models.Group{} == testLdapGroup) {
log.Printf("AddGroupHandler confirmed no existing group for same LDAP DN\n")
} else {
errorString := fmt.Sprintf("attempt to register group with same ldap DN as existing group '%s'", g.GroupName)
log.Printf("AddGroupHandler error : '%s'\n", errorString)
c.JSON(http.StatusBadRequest, gin.H{"error": errorString})
return
}
}
// Verification checks passed, return group
group, err := g.GroupAdd()
if err != nil { if err != nil {
errString := fmt.Sprintf("error creating group : '%s'", err) errString := fmt.Sprintf("error creating group : '%s'", err)
log.Printf("AddGroup %s\n", errString) log.Printf("AddGroupHandler %s\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString}) c.JSON(http.StatusBadRequest, gin.H{"error": errString})
return return
} }
c.JSON(http.StatusOK, gin.H{"message": "group creation success", "data": g}) c.JSON(http.StatusOK, gin.H{"message": "group creation success", "data": group})
} }
func DeleteGroupHandler(c *gin.Context) { func DeleteGroupHandler(c *gin.Context) {

13
models/group.go
View File

@@ -26,6 +26,19 @@ func GroupGetByName(groupname string) (Group, error) {
return g, nil return g, nil
} }
// GroupGetByName queries the database for a group with the specified LDAP distinguishedName
func GroupGetByLdapDn(ldapDn string) (Group, error) {
var g Group
// Query database for matching group object
err := db.QueryRowx("SELECT * FROM groups WHERE LdapGroup = 1 AND LdapDn = ?", ldapDn).StructScan(&g)
if err != nil {
return g, errors.New("group not found")
}
return g, nil
}
// GroupList returns a list of all groups in database // GroupList returns a list of all groups in database
func GroupList() ([]Group, error) { func GroupList() ([]Group, error) {
var results []Group var results []Group