From 6ec01de6828d0169b8e137784249d4da5b70c06c Mon Sep 17 00:00:00 2001 From: Aisha Tammy Date: Tue, 24 May 2022 17:35:02 +0000 Subject: [PATCH 1/2] feat: add LDAP import command to artisan Signed-off-by: Aisha Tammy --- app/Console/Commands/ImportAccounts.php | 130 ++++++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 app/Console/Commands/ImportAccounts.php diff --git a/app/Console/Commands/ImportAccounts.php b/app/Console/Commands/ImportAccounts.php new file mode 100644 index 00000000000..bdf211f6d00 --- /dev/null +++ b/app/Console/Commands/ImportAccounts.php @@ -0,0 +1,130 @@ +option('ldap_uri') ?? '127.0.0.1'; + $ldap_attr_mail = $this->option('ldap_attr_mail') ?? 'mail'; + $ldap_attr_firstname = $this->option('ldap_attr_firstname') ?? 'givenName'; + $ldap_attr_lastname = $this->option('ldap_attr_lastname') ?? 'sn'; + + $ldap_user = $this->option('ldap_user'); + if (empty($ldap_user)) { + $this->error($this::ERROR_MISSING_LDAP_USER); + } + + $ldap_pass = $this->option('ldap_pass'); + if (empty($ldap_pass)) { + $this->error($this::ERROR_MISSING_LDAP_PASS); + } + + $ldap_base = $this->option('ldap_base'); + if (empty($ldap_base)) { + $this->error($this::ERROR_MISSING_LDAP_BASE); + } + + $ldap_filter = $this->option('ldap_filter'); + if (empty($ldap_filter)) { + $this->error($this::ERROR_MISSING_LDAP_FILTER); + } + + if (empty($ldap_user) || empty($ldap_pass) || empty($ldap_base) || empty($ldap_filter)) { + return; + } + + $ldap_conn = ldap_connect($ldap_uri); + if(!$ldap_conn) { + $this->error('Could not connect to LDAP URI'); + return; + } + if(!ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3)) { + $this->error('Could not set LDAP protocol v3'); + return false; + } + + try { + $bind = ldap_bind($ldap_conn, $ldap_user, $ldap_pass); + if (!$bind) { + $this->error('Could not bind with given LDAP credentials'); + return; + } + } catch (\ErrorException $e) { + $this->error($e->getMessage()); + return; + } + + $ldap_res = []; + try { + $ldap_res = ldap_search($ldap_conn, $ldap_base, $ldap_filter, [$ldap_attr_mail, $ldap_attr_firstname, $ldap_attr_lastname]); + } catch (\ErrorException $e) { + $this->error($e->getMessage()); + return; + } + + $ldap_data = ldap_get_entries($ldap_conn, $ldap_res); + + for ($i = 0; $i < $ldap_data['count']; $i++) { + if (! (isset($ldap_data[$i][$ldap_attr_mail]) && $ldap_data[$i][$ldap_attr_mail]['count'] > 0)) { + continue; + } + $user_mail = $ldap_data[$i][$ldap_attr_mail][0]; + $user_firstname = 'John'; + $user_lastname = 'Doe'; + $user_password = bin2hex(random_bytes(64)); + if (isset($ldap_data[$i][$ldap_attr_firstname]) && $ldap_data[$i][$ldap_attr_firstname]['count'] > 0) { + $user_firstname = $ldap_data[$i][$ldap_attr_firstname][0]; + } + if (isset($ldap_data[$i][$ldap_attr_lastname]) && $ldap_data[$i][$ldap_attr_lastname]['count'] > 0) { + $user_lastname = $ldap_data[$i][$ldap_attr_lastname][0]; + } + $this->info('Importing user "' . $user_mail .'"'); + try { + Account::createDefault($user_firstname, $user_lastname, $user_mail, $user_password); + } catch(\Exception $import_error){ + $this->warn('Could not import user "' . $user_mail . '": ' . $import_error->getMessage()); + } + } + } +} From 64047da6919b382cb6a3828d4341b3d0e7c7c9cc Mon Sep 17 00:00:00 2001 From: Aisha Tammy Date: Tue, 24 May 2022 17:41:40 +0000 Subject: [PATCH 2/2] style: format ImportAccounts Signed-off-by: Aisha Tammy --- app/Console/Commands/ImportAccounts.php | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/app/Console/Commands/ImportAccounts.php b/app/Console/Commands/ImportAccounts.php index bdf211f6d00..286e3db7db8 100644 --- a/app/Console/Commands/ImportAccounts.php +++ b/app/Console/Commands/ImportAccounts.php @@ -4,7 +4,6 @@ use App\Models\Account\Account; use Illuminate\Console\Command; -use Illuminate\Console\ConfirmableTrait; class ImportAccounts extends Command { @@ -75,31 +74,36 @@ public function handle() } $ldap_conn = ldap_connect($ldap_uri); - if(!$ldap_conn) { + if (! $ldap_conn) { $this->error('Could not connect to LDAP URI'); + return; } - if(!ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3)) { + if (! ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3)) { $this->error('Could not set LDAP protocol v3'); + return false; } try { $bind = ldap_bind($ldap_conn, $ldap_user, $ldap_pass); - if (!$bind) { - $this->error('Could not bind with given LDAP credentials'); + if (! $bind) { + $this->error('Could not bind with given LDAP credentials'); + return; } - } catch (\ErrorException $e) { + } catch (\Exception $e) { $this->error($e->getMessage()); + return; } $ldap_res = []; try { $ldap_res = ldap_search($ldap_conn, $ldap_base, $ldap_filter, [$ldap_attr_mail, $ldap_attr_firstname, $ldap_attr_lastname]); - } catch (\ErrorException $e) { + } catch (\Exception $e) { $this->error($e->getMessage()); + return; } @@ -119,11 +123,11 @@ public function handle() if (isset($ldap_data[$i][$ldap_attr_lastname]) && $ldap_data[$i][$ldap_attr_lastname]['count'] > 0) { $user_lastname = $ldap_data[$i][$ldap_attr_lastname][0]; } - $this->info('Importing user "' . $user_mail .'"'); + $this->info('Importing user "'.$user_mail.'"'); try { Account::createDefault($user_firstname, $user_lastname, $user_mail, $user_password); - } catch(\Exception $import_error){ - $this->warn('Could not import user "' . $user_mail . '": ' . $import_error->getMessage()); + } catch (\Exception $import_error) { + $this->warn('Could not import user "'.$user_mail.'": '.$import_error->getMessage()); } } }