pkg

package
v0.0.43 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 28, 2023 License: MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// MinUID for POSIX accounts
	MinUID = 2000
	// MinGID for POSIX accounts, reserved for the users group
	MinGID = 2000
)
View Source
const (
	// OpenLDAPPort is the OpenLDAP protocol port
	OpenLDAPPort = 389
)

Variables

This section is empty.

Functions

func BuildFilter

func BuildFilter(filters []string) string

BuildFilter escapes and concatenates multiple filter expressions

func Contains

func Contains[T comparable](s []T, e T) bool

Contains is a generic function that checks if a collection contains a value

func EqualProto

func EqualProto(a proto.Message, b proto.Message) (bool, string)

EqualProto checks if two proto messages are equal if they are not equal, a diff describes how they differ

func EscapeDN

func EscapeDN(dn string) string

EscapeDN escapes an LDAP DN to avoid LDAP injection attacks

source: https://github.com/go-ldap/ldap/blob/master/ldap.go Note: for the next ldap release, we can directly use `ldap.EscapeDN`

func EscapeFilter

func EscapeFilter(s string) string

EscapeFilter escapes an LDAP filter to avoid LDAP injection attacks

func PrettyPrint

func PrettyPrint(m interface{}) string

PrettyPrint formats an interface into a human readable string

func ValidateEmail

func ValidateEmail(email string) error

ValidateEmail validates an email

func ValidateFirstName

func ValidateFirstName(name string) error

ValidateFirstName validates a first name

func ValidateLastName

func ValidateLastName(name string) error

ValidateLastName validates a last name

func ValidatePassword

func ValidatePassword(password string) error

ValidatePassword validates a password

func ValidateUsername

func ValidateUsername(username string) error

ValidateUsername validates a username

Types

type Container

type Container struct {
	ldapconfig.Config
	Container testcontainers.Container
}

Container holds the LDAP container

func StartOpenLDAP

func StartOpenLDAP(ctx context.Context, options ContainerOptions) (Container, error)

StartOpenLDAP starts the OpenLDAP container

func (*Container) Terminate

func (c *Container) Terminate(ctx context.Context)

Terminate terminates the container

type ContainerOptions

type ContainerOptions struct {
	ldapconfig.Config
	ImageTag string
	Networks []string
}

ContainerOptions describes options for the container

type GroupAlreadyExistsError

type GroupAlreadyExistsError struct {
	ldaperror.ApplicationError
	Group string
}

GroupAlreadyExistsError is returned when a group already exists

func (*GroupAlreadyExistsError) Error

func (e *GroupAlreadyExistsError) Error() string

func (*GroupAlreadyExistsError) StatusError

func (e *GroupAlreadyExistsError) StatusError() error

StatusError returns the GRPC status error for this error

type InvalidUserError

type InvalidUserError struct {
	ldaperror.ApplicationError
	Invalid map[string]error
}

InvalidUserError is returned when the user contains invalid values

func ValidateNewUser

func ValidateNewUser(req *pb.NewUserRequest) *InvalidUserError

ValidateNewUser validates a new user request

func (*InvalidUserError) Error

func (e *InvalidUserError) Error() string

func (*InvalidUserError) StatusError

func (e *InvalidUserError) StatusError() error

StatusError returns the GRPC status error for this error

type LDAPManager

type LDAPManager struct {
	ldapconfig.Config
	Pool ldappool.Pool

	GroupsDN    string
	UserGroupDN string

	GroupsOU string
	UsersOU  string

	DefaultUserGroup  string
	DefaultAdminGroup string
	DefaultUserShell  string

	DefaultAdminUsername string
	DefaultAdminPassword string
	ForceCreateAdmin     bool

	GroupMembershipAttribute string
	AccountAttribute         string
	GroupAttribute           string

	GroupMembershipUsesUID bool
}

LDAPManager implements the LDAP manager functionality

func NewLDAPManager

func NewLDAPManager(config ldapconfig.Config) *LDAPManager

NewLDAPManager creates a new LDAPManager

func (*LDAPManager) AddGroupMember

func (m *LDAPManager) AddGroupMember(req *pb.GroupMember, allowNonExistent bool) error

AddGroupMember adds a user as a group member

func (*LDAPManager) AdminUserDN

func (m *LDAPManager) AdminUserDN() string

AdminUserDN gets the DN of the admin user

func (*LDAPManager) AuthenticateUser

func (m *LDAPManager) AuthenticateUser(req *pb.LoginRequest) (*pb.User, error)

AuthenticateUser authenticates a user

func (*LDAPManager) ChangePassword

func (m *LDAPManager) ChangePassword(req *pb.ChangePasswordRequest) error

ChangePassword changes the password of a user

func (*LDAPManager) CheckServerCapabilities added in v0.0.41

func (m *LDAPManager) CheckServerCapabilities() error

CheckServerCapabilities probes the LDAP server for sufficient capabilities.

func (*LDAPManager) Close

func (m *LDAPManager) Close()

Close closes the LDAP connection

func (*LDAPManager) Connect

func (m *LDAPManager) Connect() error

Connect sets up the connection pool to the LDAP server

func (*LDAPManager) DeleteGroup

func (m *LDAPManager) DeleteGroup(req *pb.DeleteGroupRequest) error

DeleteGroup deletes a group

func (*LDAPManager) DeleteUser

func (m *LDAPManager) DeleteUser(req *pb.DeleteUserRequest, keepGroups bool) error

DeleteUser deletes a user

func (*LDAPManager) GetGroupByGID

func (m *LDAPManager) GetGroupByGID(GID int) (*pb.Group, error)

GetGroupByGID gets a group by its GID

func (*LDAPManager) GetGroupByName

func (m *LDAPManager) GetGroupByName(name string) (*pb.Group, error)

GetGroupByName gets a group by its name

func (*LDAPManager) GetGroupList

func (m *LDAPManager) GetGroupList(req *pb.GetGroupListRequest) (*pb.GroupList, error)

GetGroupList gets a list of all groups

func (*LDAPManager) GetHighestGID

func (m *LDAPManager) GetHighestGID() (int, error)

GetHighestGID gets the highest GID

func (*LDAPManager) GetHighestUID

func (m *LDAPManager) GetHighestUID() (int, error)

GetHighestUID gets the highest UID

func (*LDAPManager) GetUser

func (m *LDAPManager) GetUser(username string) (*pb.User, error)

GetUser gets a user

func (*LDAPManager) GetUserGroups

func (m *LDAPManager) GetUserGroups(req *pb.GetUserGroupsRequest) (*pb.GroupList, error)

GetUserGroups gets the groups a user is member of

func (*LDAPManager) GetUserList

func (m *LDAPManager) GetUserList(req *pb.GetUserListRequest) (*pb.UserList, error)

GetUserList gets a list of all users

func (*LDAPManager) GroupDN

func (m *LDAPManager) GroupDN(name string) string

GroupDN returns the full group DN for a group name

func (*LDAPManager) GroupMemberDN

func (m *LDAPManager) GroupMemberDN(username string) string

GroupMemberDN gets the distinguished name of a group member

func (*LDAPManager) IsGroupMember

func (m *LDAPManager) IsGroupMember(req *pb.IsGroupMemberRequest) (*pb.GroupMemberStatus, error)

IsGroupMember checks if a user is member of a group

func (*LDAPManager) IsProtectedGroup

func (m *LDAPManager) IsProtectedGroup(group string) bool

IsProtectedGroup returns `true` if the group is the user or admin group

func (*LDAPManager) MigrateUserGroups

func (m *LDAPManager) MigrateUserGroups(username, newUsername string) error

MigrateUserGroups migrates a user in each group it is a member of

func (*LDAPManager) NewGroup

func (m *LDAPManager) NewGroup(req *pb.NewGroupRequest, strict bool) error

NewGroup creates a new group

func (*LDAPManager) NewUser

func (m *LDAPManager) NewUser(req *pb.NewUserRequest) error

NewUser adds a new user

func (*LDAPManager) ParseUser

func (m *LDAPManager) ParseUser(entry *ldap.Entry) *pb.User

ParseUser parses an ldap entry as a User

func (*LDAPManager) ReadOnlyUserDN

func (m *LDAPManager) ReadOnlyUserDN() string

ReadOnlyUserDN gets the DN of the read-only user

func (*LDAPManager) RemoveGroupMember

func (m *LDAPManager) RemoveGroupMember(req *pb.GroupMember, allowRemoveFromDefaultGroups bool) error

RemoveGroupMember removes a group member from a group

func (*LDAPManager) Setup

func (m *LDAPManager) Setup() error

Setup sets up the LDAP server

func (*LDAPManager) SetupLDAP

func (m *LDAPManager) SetupLDAP() error

SetupLDAP sets up the LDAP server

func (*LDAPManager) UpdateGroup

func (m *LDAPManager) UpdateGroup(req *pb.UpdateGroupRequest) error

UpdateGroup updates a group

func (*LDAPManager) UpdateUser

func (m *LDAPManager) UpdateUser(req *pb.UpdateUserRequest, isAdmin bool) (string, error)

UpdateUser updates a user

func (*LDAPManager) UserDN

func (m *LDAPManager) UserDN(name string) string

UserDN returns the full user DN for a user name

type MemberAlreadyExistsError

type MemberAlreadyExistsError struct {
	ldaperror.ApplicationError
	Group, Member string
}

MemberAlreadyExistsError is returned when a user is already a group member

func (*MemberAlreadyExistsError) Error

func (e *MemberAlreadyExistsError) Error() string

func (*MemberAlreadyExistsError) StatusError

func (e *MemberAlreadyExistsError) StatusError() error

StatusError returns the GRPC status error for this error

type NoSuchMemberError

type NoSuchMemberError struct {
	ldaperror.ApplicationError
	Group, Member string
}

A NoSuchMemberError is returned when the group does not contain the member

func (*NoSuchMemberError) Error

func (err *NoSuchMemberError) Error() string

Error ...

func (*NoSuchMemberError) StatusError

func (err *NoSuchMemberError) StatusError() error

StatusError ...

type RemoveLastGroupMemberError

type RemoveLastGroupMemberError struct {
	ldaperror.ApplicationError
	Group string
}

A RemoveLastGroupMemberError is returned when attempting to remove the only member of a group

func (*RemoveLastGroupMemberError) Error

func (err *RemoveLastGroupMemberError) Error() string

func (*RemoveLastGroupMemberError) StatusError

func (err *RemoveLastGroupMemberError) StatusError() error

StatusError returns the GRPC status error for this error

type Test

type Test struct {
	Container *Container
	Manager   *LDAPManager
}

Test wraps a pre-configured OpenLDAP container and Manager instance

func (*Test) Setup

func (test *Test) Setup(t *testing.T) *Test

Setup runs the setup of the manager

func (*Test) Start

func (test *Test) Start(t *testing.T) *Test

Start starts the container

func (*Test) Teardown

func (test *Test) Teardown()

Teardown stops the container

type UserAlreadyExistsError

type UserAlreadyExistsError struct {
	ldaperror.ApplicationError
	Username string
}

UserAlreadyExistsError is returned when a username already exists

func (*UserAlreadyExistsError) Error

func (e *UserAlreadyExistsError) Error() string

func (*UserAlreadyExistsError) StatusError

func (e *UserAlreadyExistsError) StatusError() error

StatusError returns the GRPC status error for this error

type ZeroOrMultipleGroupsError

type ZeroOrMultipleGroupsError struct {
	Group string
	GID   int
	Count int
}

A ZeroOrMultipleGroupsError is returned when zero or multiple groups are found

func (*ZeroOrMultipleGroupsError) Error

func (e *ZeroOrMultipleGroupsError) Error() string

func (*ZeroOrMultipleGroupsError) StatusError

func (e *ZeroOrMultipleGroupsError) StatusError() error

StatusError returns the GRPC status error for this error

type ZeroOrMultipleUsersError

type ZeroOrMultipleUsersError struct {
	ldaperror.ApplicationError
	Username string
	Count    int
}

A ZeroOrMultipleUsersError is returned when zero or multiple users are found

func (*ZeroOrMultipleUsersError) Error

func (e *ZeroOrMultipleUsersError) Error() string

func (*ZeroOrMultipleUsersError) StatusError

func (e *ZeroOrMultipleUsersError) StatusError() error

StatusError returns the GRPC status error for this error

Directories

Path Synopsis
grpc
gen
Package gen is a reverse proxy.
Package gen is a reverse proxy.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL