123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- class Integration::LdapController < ApplicationController
- include Integration::ImportJobBase
- prepend_before_action :authenticate_and_authorize!
- EXCEPTIONS_SPECIAL_TREATMENT = {
- '48, Inappropriate Authentication' => {},
- '50, Insufficient Access Rights' => { error: 'disallow-bind-anon' },
- '53, Unwilling to perform' => { error: 'disallow-bind-anon' },
- }.freeze
- def discover
- answer_with do
- ldap = ::Ldap.new(params)
- {
- attributes: ldap.preferences
- }
- rescue => e
- EXCEPTIONS_SPECIAL_TREATMENT.find { |msg, _| e.message.ends_with?(msg) }&.last || raise
- end
- end
- def bind
- answer_with do
-
-
-
- ldap = ::Ldap.new(params)
- user = ::Ldap::User.new(params, ldap: ldap)
- group = ::Ldap::Group.new(params, ldap: ldap)
- {
-
- user_filter: user.filter,
- user_attributes: user.attributes,
- user_uid: user.uid_attribute,
-
- group_filter: group.filter,
- groups: group.list,
- group_uid: group.uid_attribute,
- }
- end
- end
- private
- def payload_dry_run
- {
- ldap_config: super
- }
- end
- end
|