Remember who invited who
This commit is contained in:
parent
d78ce5309a
commit
193e28cf00
2 changed files with 25 additions and 6 deletions
|
@ -12,7 +12,7 @@ job "guichet" {
|
||||||
task "server" {
|
task "server" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "lxpz/guichet_amd64:8"
|
image = "lxpz/guichet_amd64:9"
|
||||||
readonly_rootfs = true
|
readonly_rootfs = true
|
||||||
port_map {
|
port_map {
|
||||||
web_port = 9991
|
web_port = 9991
|
||||||
|
|
29
invite.go
29
invite.go
|
@ -43,7 +43,7 @@ func handleInviteNewAccount(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
handleNewAccount(w, r, login.conn)
|
handleNewAccount(w, r, login.conn, login.Info.DN)
|
||||||
}
|
}
|
||||||
|
|
||||||
// New account creation using code
|
// New account creation using code
|
||||||
|
@ -65,7 +65,25 @@ func handleInvitationCode(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if handleNewAccount(w, r, l) {
|
sReq := ldap.NewSearchRequest(
|
||||||
|
inviteDn,
|
||||||
|
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
||||||
|
fmt.Sprintf("(objectclass=*)"),
|
||||||
|
[]string{"dn", "creatorsname"},
|
||||||
|
nil)
|
||||||
|
sr, err := l.Search(sReq)
|
||||||
|
if err != nil {
|
||||||
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if len(sr.Entries) != 1 {
|
||||||
|
http.Error(w, fmt.Sprintf("Expected 1 entry, got %d", len(sr.Entries)), http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
invitedBy := sr.Entries[0].GetAttributeValue("creatorsname")
|
||||||
|
|
||||||
|
if handleNewAccount(w, r, l, invitedBy) {
|
||||||
del_req := ldap.NewDelRequest(inviteDn, nil)
|
del_req := ldap.NewDelRequest(inviteDn, nil)
|
||||||
err = l.Del(del_req)
|
err = l.Del(del_req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -91,7 +109,7 @@ type NewAccountData struct {
|
||||||
Success bool
|
Success bool
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn) bool {
|
func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invitedBy string) bool {
|
||||||
templateInviteNewAccount := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_new_account.html"))
|
templateInviteNewAccount := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_new_account.html"))
|
||||||
|
|
||||||
data := &NewAccountData{}
|
data := &NewAccountData{}
|
||||||
|
@ -107,14 +125,14 @@ func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn) bool
|
||||||
password1 := strings.Join(r.Form["password"], "")
|
password1 := strings.Join(r.Form["password"], "")
|
||||||
password2 := strings.Join(r.Form["password2"], "")
|
password2 := strings.Join(r.Form["password2"], "")
|
||||||
|
|
||||||
tryCreateAccount(l, data, password1, password2)
|
tryCreateAccount(l, data, password1, password2, invitedBy)
|
||||||
}
|
}
|
||||||
|
|
||||||
templateInviteNewAccount.Execute(w, data)
|
templateInviteNewAccount.Execute(w, data)
|
||||||
return data.Success
|
return data.Success
|
||||||
}
|
}
|
||||||
|
|
||||||
func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 string) {
|
func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 string, invitedBy string) {
|
||||||
// Check if username is correct
|
// Check if username is correct
|
||||||
if match, err := regexp.MatchString("^[a-zA-Z0-9._-]+$", data.Username); !(err == nil && match) {
|
if match, err := regexp.MatchString("^[a-zA-Z0-9._-]+$", data.Username); !(err == nil && match) {
|
||||||
data.ErrorInvalidUsername = true
|
data.ErrorInvalidUsername = true
|
||||||
|
@ -156,6 +174,7 @@ func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 st
|
||||||
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
|
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
|
||||||
req.Attribute("structuralobjectclass", []string{"inetOrgPerson"})
|
req.Attribute("structuralobjectclass", []string{"inetOrgPerson"})
|
||||||
req.Attribute("userpassword", []string{SSHAEncode([]byte(pass1))})
|
req.Attribute("userpassword", []string{SSHAEncode([]byte(pass1))})
|
||||||
|
req.Attribute("invitedby", []string{invitedBy})
|
||||||
if len(data.DisplayName) > 0 {
|
if len(data.DisplayName) > 0 {
|
||||||
req.Attribute("displayname", []string{data.DisplayName})
|
req.Attribute("displayname", []string{data.DisplayName})
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue