Do not always show invite and admin links
This commit is contained in:
parent
826a27854a
commit
edc75d18b7
2 changed files with 58 additions and 31 deletions
29
main.go
29
main.go
|
@ -1,12 +1,12 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"crypto/rand"
|
||||
"crypto/tls"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"flag"
|
||||
"fmt"
|
||||
"html/template"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
|
@ -24,6 +24,8 @@ type ConfigFile struct {
|
|||
LdapServerAddr string `json:"ldap_server_addr"`
|
||||
LdapTLS bool `json:"ldap_tls"`
|
||||
UserFormat string `json:"user_format"`
|
||||
GroupCanInvite string `json:"group_can_invite"`
|
||||
GroupCanAdmin string `json:"group_can_admin"`
|
||||
}
|
||||
|
||||
var configFlag = flag.String("config", "./config.json", "Configuration file path")
|
||||
|
@ -172,7 +174,7 @@ func checkLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
|||
login_info.DN,
|
||||
ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
|
||||
fmt.Sprintf("(&(objectClass=organizationalPerson))"),
|
||||
[]string{"dn", "displayname", "givenname", "sn", "mail"},
|
||||
[]string{"dn", "displayname", "givenname", "sn", "mail", "memberof"},
|
||||
nil)
|
||||
|
||||
sr, err := l.Search(searchRequest)
|
||||
|
@ -220,6 +222,12 @@ type LoginFormData struct {
|
|||
|
||||
// Page handlers ----
|
||||
|
||||
type HomePageData struct {
|
||||
Login *LoginStatus
|
||||
CanAdmin bool
|
||||
CanInvite bool
|
||||
}
|
||||
|
||||
func handleHome(w http.ResponseWriter, r *http.Request) {
|
||||
templateHome := template.Must(template.ParseFiles("templates/layout.html", "templates/home.html"))
|
||||
|
||||
|
@ -228,7 +236,22 @@ func handleHome(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
templateHome.Execute(w, login)
|
||||
can_admin := false
|
||||
can_invite := false
|
||||
for _, group := range login.UserEntry.GetAttributeValues("memberof") {
|
||||
if config.GroupCanInvite != "" && group == config.GroupCanInvite {
|
||||
can_invite = true
|
||||
}
|
||||
if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
|
||||
can_admin = true
|
||||
}
|
||||
}
|
||||
|
||||
templateHome.Execute(w, &HomePageData{
|
||||
Login: login,
|
||||
CanAdmin: can_admin,
|
||||
CanInvite: can_invite,
|
||||
})
|
||||
}
|
||||
|
||||
func handleLogout(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
{{define "body"}}
|
||||
<div class="alert alert-success">
|
||||
Bienvenue, <strong>{{ .UserEntry.GetAttributeValue "givenname" }}</strong> !
|
||||
Bienvenue, <strong>{{ .Login.UserEntry.GetAttributeValue "givenname" }}</strong> !
|
||||
</div>
|
||||
<div class="d-flex">
|
||||
<a class="ml-auto btn btn-sm btn-dark" href="/logout">Se déconnecter</a>
|
||||
|
@ -16,10 +16,13 @@
|
|||
<div class="list-group list-group-flush">
|
||||
<a class="list-group-item list-group-item-action" href="/profile">Modifier mon profil</a>
|
||||
<a class="list-group-item list-group-item-action" href="/passwd">Modifier mon mot de passe</a>
|
||||
{{if .CanInvite}}
|
||||
<a class="list-group-item list-group-item-action" href="/invite">Inviter quelqu'un</a>
|
||||
{{end}}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{if .CanAdmin}}
|
||||
<div class="card mt-3">
|
||||
<div class="card-header">
|
||||
Administration
|
||||
|
@ -30,5 +33,6 @@
|
|||
<a class="list-group-item list-group-item-action" href="/admin/ldap">Explorateur LDAP</a>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
|
||||
{{end}}
|
||||
|
|
Loading…
Reference in a new issue