Browse Source

Add a function to resync member/memberOf values over the database

master
Alex 8 months ago
parent
commit
13d8cf028a
2 changed files with 97 additions and 1 deletions
  1. +9
    -1
      main.go
  2. +88
    -0
      memberof.go

+ 9
- 1
main.go View File

@@ -65,6 +65,7 @@ type State struct {
type Entry map[string][]string

var configFlag = flag.String("config", "./config.json", "Configuration file path")
var resyncFlag = flag.Bool("resync", false, "Check and re-synchronize memberOf values before launch")

func readConfig(logger *log.Logger) Config {
config_file := ConfigFile{
@@ -171,6 +172,13 @@ func main() {
logger.Fatal(err)
}

if *resyncFlag {
err = bottin.memberOfResync()
if err != nil {
logger.Fatal(err)
}
}

// Create routes
routes := ldap.NewRouteMux()

@@ -267,7 +275,7 @@ func (server *Server) init() error {

base_attributes := Entry{
"objectClass": []string{"top", "dcObject", "organization"},
"structuralObjectClass": []string{"Organization"},
"structuralObjectClass": []string{"organization"},
ATTR_CREATORSNAME: []string{server.config.Suffix},
ATTR_CREATETIMESTAMP: []string{genTimestamp()},
ATTR_ENTRYUUID: []string{genUuid()},


+ 88
- 0
memberof.go View File

@@ -1,5 +1,9 @@
package main

import (
"sort"
)

func (server *Server) memberOfAdd(member string, group string) {
// Retreive previous memberOf value
memberGroups, err := server.getAttribute(member, ATTR_MEMBEROF)
@@ -58,3 +62,87 @@ func (server *Server) memberOfRemove(member string, group string) {
server.logger.Warnf("Could not remove %s from memberOf of %s: %s", group, member, err)
}
}

func (server *Server) memberOfResync() error {
server.logger.Warnf("Starting resync of member/memberOf values")

// Load the whole LDAP database
basePath, err := dnToConsul(server.config.Suffix)
if err != nil {
return err
}

data, _, err := server.kv.List(basePath, nil)
if err != nil {
return err
}

entries, err := parseConsulResult(data)
if err != nil {
return err
}

// Check member values for all objects, and remove deleted objects
// Calculate new memberOf sets for all objects
newMemberOf := make(map[string][]string)
for dn := range entries {
newMemberOf[dn] = []string{}
}

for dn, entry := range entries {
member, ok := entry[ATTR_MEMBER]
if !ok {
continue
}
keepMember := []string{}
for _, mem := range member {
if _, exists := entries[mem]; exists {
keepMember = append(keepMember, mem)
newMemberOf[mem] = append(newMemberOf[mem], dn)
} else {
server.logger.Warnf("Fixing: %s had as member %s which doesn't exist", dn, mem)
}
}
if len(keepMember) != len(member) {
server.logger.Warnf("Writing new member list for %s", dn)
err = server.addElements(dn, Entry{
ATTR_MEMBER: keepMember,
})
if err != nil {
return err
}
}
}

// Write updated memberOf values
for dn, newMemberOfV := range newMemberOf {
prevMemberOf := []string{}
if v, ok := entries[dn][ATTR_MEMBEROF]; ok {
prevMemberOf = v
}
different := (len(prevMemberOf) != len(newMemberOfV))
if !different {
sort.Strings(newMemberOfV)
sort.Strings(prevMemberOf)
for i := range newMemberOfV {
if newMemberOfV[i] != prevMemberOf[i] {
different = true
break
}
}
}
if different {
server.logger.Warnf("Fixing memberOf for %s (%d -> %d)",
dn, len(prevMemberOf), len(newMemberOfV))
err = server.addElements(dn, Entry{
ATTR_MEMBEROF: newMemberOfV,
})
if err != nil {
return err
}
}
}

server.logger.Warnf("Done resyncing member/memberOf values")
return nil
}

Loading…
Cancel
Save