User list

Makefile

@@ -1,5 +1,5 @@
 all: guichet
 
-guichet: main.go
+guichet: main.go ssha.go profile.go admin.go
 	go get -v
 	go build -v

admin.go

@@ -0,0 +1,81 @@
+package main
+
+import (
+	"html/template"
+	"net/http"
+	"fmt"
+	"sort"
+
+	"github.com/go-ldap/ldap/v3"
+)
+
+func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
+	login := checkLogin(w, r)
+	if login == nil {
+		return nil
+	}
+
+	can_admin := false
+	for _, group := range login.UserEntry.GetAttributeValues("memberof") {
+		if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
+			can_admin = true
+		}
+	}
+
+	if !can_admin {
+		http.Redirect(w, r, "/", http.StatusFound)
+		return nil
+	}
+
+	return login
+}
+
+type AdminUsersTplData struct {
+	Login *LoginStatus
+	UserNameAttr string
+	Users []*ldap.Entry
+}
+
+func handleAdminUsers(w http.ResponseWriter, r *http.Request) {
+	templateAdminUsers := template.Must(template.ParseFiles("templates/layout.html", "templates/admin_users.html"))
+
+	login := checkLogin(w, r)
+	if login == nil {
+		return
+	}
+
+	searchRequest := ldap.NewSearchRequest(
+		config.UserBaseDN,
+		ldap.ScopeSingleLevel, ldap.NeverDerefAliases, 0, 0, false,
+		fmt.Sprintf("(&(objectClass=organizationalPerson))"),
+		[]string{config.UserNameAttr, "dn", "displayname", "givenname", "sn", "mail"},
+		nil)
+
+	sr, err := login.conn.Search(searchRequest)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := &AdminUsersTplData{
+		Login: login,
+		UserNameAttr: config.UserNameAttr,
+		Users: sr.Entries,
+	}
+	sort.Sort(data)
+
+	templateAdminUsers.Execute(w, data)
+}
+
+func (d *AdminUsersTplData) Len() int {
+	return len(d.Users)
+}
+
+func (d *AdminUsersTplData) Swap(i, j int) {
+	d.Users[i], d.Users[j] = d.Users[j], d.Users[i]
+}
+
+func (d *AdminUsersTplData) Less(i, j int) bool {
+	return d.Users[i].GetAttributeValue(config.UserNameAttr) <
+		d.Users[j].GetAttributeValue(config.UserNameAttr)
+}

main.go

@@ -108,6 +108,10 @@ func main() {
 	http.HandleFunc("/profile", handleProfile)
 	http.HandleFunc("/passwd", handlePasswd)
 
+	http.HandleFunc("/admin/users", handleAdminUsers)
+	//http.HandleFunc("/admin/groups", handleAdminGroups)
+	//http.HandleFunc("/admin/ldap", handleAdminLDAP)
+
 	staticfiles := http.FileServer(http.Dir("static"))
 	http.Handle("/static/", http.StripPrefix("/static/", staticfiles))
 

templates/admin_users.html

@@ -0,0 +1,27 @@
+{{define "title"}}Liste des utilisateurs |{{end}}
+
+{{define "body"}}
+<div class="d-flex">
+  <a class="ml-auto btn btn-info" href="/">Retour</a>
+</div>
+
+<table class="table mt-4">
+  <thead>
+    <th scope="col">{{ .UserNameAttr }}</th>
+    <th scope="col">Nom complet</th>
+    <th scope="col">Email</th>
+  </thead>
+  <tbody>
+    {{with $root := .}}
+      {{range $user := $root.Users}}
+        <tr>
+          <td>{{$user.GetAttributeValue $root.UserNameAttr}}</td>
+          <td>{{$user.GetAttributeValue "displayname"}}</td>
+          <td>{{$user.GetAttributeValue "mail"}}</td>
+        </tr>
+      {{end}}
+    {{end}}
+  </tbody>
+</table>
+
+{{end}}

templates/passwd.html

@@ -12,7 +12,7 @@
     <div class="alert alert-success">
        Nouveau mot de passe enregistré.
     </div>
-    <a class="ml-auto btn btn-info" href="/">Retour</a>
+    <a class="btn btn-info" href="/">Retour</a>
   {{else}}
     <form method="POST">
       <div class="form-group">

templates/profile.html

@@ -12,7 +12,7 @@
     <div class="alert alert-success">
         Profil enregistré.
     </div>
-    <a class="ml-auto btn btn-info" href="/">Retour</a>
+    <a class="btn btn-info" href="/">Retour</a>
   {{else}}
     <form method="POST">
       <div class="form-group">