Refactor auth package (#17962)
This commit is contained in:
Lunny Xiao
GitHub
parent
e61b390d54
commit
de8e3948a5
87 changed files with 2880 additions and 2770 deletions
|
|
@ -19,22 +19,22 @@ import (
|
|||
|
||||
// Sync causes this ldap source to synchronize its users with the db
|
||||
func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
log.Trace("Doing: SyncExternalUsers[%s]", source.loginSource.Name)
|
||||
log.Trace("Doing: SyncExternalUsers[%s]", source.authSource.Name)
|
||||
|
||||
var existingUsers []int
|
||||
isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0
|
||||
var sshKeysNeedUpdate bool
|
||||
|
||||
// Find all users with this login type - FIXME: Should this be an iterator?
|
||||
users, err := user_model.GetUsersBySource(source.loginSource)
|
||||
users, err := user_model.GetUsersBySource(source.authSource)
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers: %v", err)
|
||||
return err
|
||||
}
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
log.Warn("SyncExternalUsers: Cancelled before update of %s", source.loginSource.Name)
|
||||
return db.ErrCancelledf("Before update of %s", source.loginSource.Name)
|
||||
log.Warn("SyncExternalUsers: Cancelled before update of %s", source.authSource.Name)
|
||||
return db.ErrCancelledf("Before update of %s", source.authSource.Name)
|
||||
default:
|
||||
}
|
||||
|
||||
|
|
@ -44,7 +44,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
|
||||
sr, err := source.SearchEntries()
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers LDAP source failure [%s], skipped", source.loginSource.Name)
|
||||
log.Error("SyncExternalUsers LDAP source failure [%s], skipped", source.authSource.Name)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -65,7 +65,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
for _, su := range sr {
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
log.Warn("SyncExternalUsers: Cancelled at update of %s before completed update of users", source.loginSource.Name)
|
||||
log.Warn("SyncExternalUsers: Cancelled at update of %s before completed update of users", source.authSource.Name)
|
||||
// Rewrite authorized_keys file if LDAP Public SSH Key attribute is set and any key was added or removed
|
||||
if sshKeysNeedUpdate {
|
||||
err = asymkey_model.RewriteAllPublicKeys()
|
||||
|
|
@ -73,7 +73,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
log.Error("RewriteAllPublicKeys: %v", err)
|
||||
}
|
||||
}
|
||||
return db.ErrCancelledf("During update of %s before completed update of users", source.loginSource.Name)
|
||||
return db.ErrCancelledf("During update of %s before completed update of users", source.authSource.Name)
|
||||
default:
|
||||
}
|
||||
if len(su.Username) == 0 {
|
||||
|
|
@ -96,14 +96,14 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
fullName := composeFullName(su.Name, su.Surname, su.Username)
|
||||
// If no existing user found, create one
|
||||
if usr == nil {
|
||||
log.Trace("SyncExternalUsers[%s]: Creating user %s", source.loginSource.Name, su.Username)
|
||||
log.Trace("SyncExternalUsers[%s]: Creating user %s", source.authSource.Name, su.Username)
|
||||
|
||||
usr = &user_model.User{
|
||||
LowerName: su.LowerName,
|
||||
Name: su.Username,
|
||||
FullName: fullName,
|
||||
LoginType: source.loginSource.Type,
|
||||
LoginSource: source.loginSource.ID,
|
||||
LoginType: source.authSource.Type,
|
||||
LoginSource: source.authSource.ID,
|
||||
LoginName: su.Username,
|
||||
Email: su.Mail,
|
||||
IsAdmin: su.IsAdmin,
|
||||
|
|
@ -114,12 +114,12 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
err = user_model.CreateUser(usr)
|
||||
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.loginSource.Name, su.Username, err)
|
||||
log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.authSource.Name, su.Username, err)
|
||||
}
|
||||
|
||||
if err == nil && isAttributeSSHPublicKeySet {
|
||||
log.Trace("SyncExternalUsers[%s]: Adding LDAP Public SSH Keys for user %s", source.loginSource.Name, usr.Name)
|
||||
if asymkey_model.AddPublicKeysBySource(usr, source.loginSource, su.SSHPublicKey) {
|
||||
log.Trace("SyncExternalUsers[%s]: Adding LDAP Public SSH Keys for user %s", source.authSource.Name, usr.Name)
|
||||
if asymkey_model.AddPublicKeysBySource(usr, source.authSource, su.SSHPublicKey) {
|
||||
sshKeysNeedUpdate = true
|
||||
}
|
||||
}
|
||||
|
|
@ -129,7 +129,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
}
|
||||
} else if updateExisting {
|
||||
// Synchronize SSH Public Key if that attribute is set
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(usr, source.loginSource, su.SSHPublicKey) {
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(usr, source.authSource, su.SSHPublicKey) {
|
||||
sshKeysNeedUpdate = true
|
||||
}
|
||||
|
||||
|
|
@ -140,7 +140,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
usr.FullName != fullName ||
|
||||
!usr.IsActive {
|
||||
|
||||
log.Trace("SyncExternalUsers[%s]: Updating user %s", source.loginSource.Name, usr.Name)
|
||||
log.Trace("SyncExternalUsers[%s]: Updating user %s", source.authSource.Name, usr.Name)
|
||||
|
||||
usr.FullName = fullName
|
||||
usr.Email = su.Mail
|
||||
|
|
@ -156,7 +156,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
|
||||
err = user_model.UpdateUserCols(db.DefaultContext, usr, "full_name", "email", "is_admin", "is_restricted", "is_active")
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.loginSource.Name, usr.Name, err)
|
||||
log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.authSource.Name, usr.Name, err)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -179,8 +179,8 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
log.Warn("SyncExternalUsers: Cancelled during update of %s before delete users", source.loginSource.Name)
|
||||
return db.ErrCancelledf("During update of %s before delete users", source.loginSource.Name)
|
||||
log.Warn("SyncExternalUsers: Cancelled during update of %s before delete users", source.authSource.Name)
|
||||
return db.ErrCancelledf("During update of %s before delete users", source.authSource.Name)
|
||||
default:
|
||||
}
|
||||
|
||||
|
|
@ -192,12 +192,12 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
existPos++
|
||||
}
|
||||
if usr.IsActive && (existPos >= len(existingUsers) || i < existingUsers[existPos]) {
|
||||
log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.loginSource.Name, usr.Name)
|
||||
log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.authSource.Name, usr.Name)
|
||||
|
||||
usr.IsActive = false
|
||||
err = user_model.UpdateUserCols(db.DefaultContext, usr, "is_active")
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.loginSource.Name, usr.Name, err)
|
||||
log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.authSource.Name, usr.Name, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue