Started to build the cache - nonfuntional

ccfreiburg · Sep 20, 2022 · d18c1c9 · d18c1c9
1 parent f1101e7
commit d18c1c9
Show file tree

Hide file tree

Showing 6 changed files with 182 additions and 50 deletions.
diff --git a/config.example.yml b/config.example.yml
@@ -4,6 +4,7 @@ sites:
     user: username  // User needs rights to the api in CT
     password: secret
     url: https://sitename.church.tools/
+
     selectionGroupIds:  // ChurchTools Group Ids - only members of these groups will be served by ldap
       - gid 
       - gid

diff --git a/index.js b/index.js
@@ -2,6 +2,9 @@ const path = require("path");
 const ldap = require("ldapjs");
 const YAML = require('yamljs')
 const log = require('./src/logging')
+const transform = require('./src/transform')
+const ctservice = require('./src/ctservice')
+const ldapcache = require('./src/ldapcache')
 const c = require('./src/constants')
 
 log.loglevel = log.loglevels.debug
@@ -10,24 +13,47 @@ log.info("Starting up CCF Ldap wrapper for ChurchTools ....")
 const config = YAML.load(c.CONFIG_FILE);
 log.debug(JSON.stringify(config))
 
-var rootobj = {
-  dn: "dc=ccfreiburg,dc=de",
-  attributes: {
-    createtimestamp: "20200406114647Z",
-    creatorsname: "cn=admin,dc=ccfreiburg,dc=de",
-    dc: "ccfreiburg",
-    entrycsn: "20200406114647.018289Z#000000#000#000000",
-    entrydn: "dc=ccfreiburg,dc=de",
-    entryuuid: "0a0f7af6-0c48-103a-873b-5963809e173f",
-    hassubordinates: true,
-    modifiersname: "cn=admin,dc=ccfreiburg,dc=de",
-    modifytimestamp: "20200406114647Z",
-    o: "Calvary Chapel Freiburg",
-    objectclass: ["top", "organization"],
-    structuralobjectclass: "organization",
-    subschemasubentry: "cn=Subschema",
-  },
-};
+
+
+{
+  dn: site.compatTransform(site.fnUserDn({ cn: cn })),
+    attributes: {
+    cn: cn,
+      displayname: "Admin",
+        id: 0,
+          uid: "Admin",
+            bbbrole: "admin",
+              entryUUID: ,
+    givenname: "Administrator",
+      objectclass: [c.LDAP_OBJCLASS_USER, "simpleSecurityObject", "organizationalRole"],
+    }
+
+
+  for (var site in config.sites) {
+    const siteCacheFunctions = ldapcache.init(site.name, transform.getRootObj(site.ldap.dn, site.ldap.admin, site.ldap.o))
+    const siteTramsforms = transform.getSiteTransforms(site)
+
+    const configGroupIds = site.selectionGroupIds.map((id) => id)
+    const ctPersonIds = await ctservice.getPersonsInGroups(configGroupIds, site.site)
+
+    site.tranformedGroups.forEach(element => {
+      if (!configGroupIds.includes(element.gid))
+        configGroupIds.push(element.guid)
+    });
+    const ctGroups = await ctservice.getGroups(configGroupIds, site.site)
+
+    const ctPersons = []
+    for await (const id of ctPersonIds) {
+      ctPersons.push(
+        await ctservice.getPersonRecordForId(id, site.site)
+      )
+    }
+    const ctGroupMembership = ctservice.getGroupMemberships(configGroupIds, site.site)
+
+    siteTramsforms
+
+  }
+
 
 // LdapCache.init( Root Object )
 // LdapCache.addGroups( transform( read ) )

diff --git a/src/constants.js b/src/constants.js
@@ -7,4 +7,9 @@ exports.INFO_AP = "/info"
 exports.GROUPMEMBERS_AP = "/groups/members?with_deleted=false"
 exports.IDS = "&ids[]="
 exports.PERSONS_AP = "/persons"
+exports.GROUPS_AP = "/groups"
 exports.LDAPID_FIELD = "ncuid"
+exports.LDAP_OU_USERS = "users"
+exports.LDAP_OU_GROUPS = "groups"
+exports.LDAP_OBJCLASS_USER = "CTPerson";
+exports.LDAP_OBJCLASS_GROUP = "group";
diff --git a/src/ctservice.js b/src/ctservice.js
@@ -3,12 +3,15 @@ const c = require("./constants");
 const t = require("./transform");
 const ctconn = require("./ctconnection");
 
-exports.getPersonsInGroups = async (groupIds, site) => {
+gettehgroups = async (groupIds, site) => {
   var url = site.url + c.API_SLUG + c.GROUPMEMBERS_AP
   groupIds.forEach(id => {
     url = url + c.IDS + id
   });
-  const result = await ctconn.get(url, site)
+  return await ctconn.get(url, site)
+}
+exports.getPersonsInGroups = async (groupIds, site) => {
+  const result = await gettehgroups(groupIds, site)
   const personIds = []
   result.data.forEach((el) => {
     if (!personIds.includes(el.personId))
@@ -17,6 +20,36 @@ exports.getPersonsInGroups = async (groupIds, site) => {
   return personIds
 }
 
+exports.getGroupMemberships = async (groupIds, site) => {
+  const result = await gettehgroups(groupIds, site)
+  const members = []
+  result.data.forEach((el) => {
+    members.push({
+      personId: el.personId,
+      groupId: el.groupId
+    })
+  })
+  return members
+}
+
+
+exports.getGroups = async (groupIds, site) => {
+  var url = site.url + c.API_SLUG + c.GROUPS_AP
+  groupIds.forEach(id => {
+    url = url + c.IDS + id
+  });
+  const result = await ctconn.get(url, site)
+  const groups = []
+  result.data.forEach((el) => {
+    groups.push({
+      id: el.id,
+      guid: el.guid,
+      name: el.name
+    })
+  })
+  return groups
+}
+
 exports.getUid = (data) => {
   if (data[c.LDAPID_FIELD] && data[c.LDAPID_FIELD].length > 0)
     return data[c.LDAPID_FIELD];

diff --git a/src/ldapcache.js b/src/ldapcache.js
@@ -1,6 +1,66 @@
+const c = require('./constants')
+var ldapEsc = require('ldap-escape');
+
 //site.adminDn = site.fnUserDn({ cn: config.ldap_user });
 //site.CACHE = {};
 
+ldapcache = []
+
+exports.init = (sitename, rootObj) => {
+  ldapcache[sitename].rootObj = rootObj
+  ldapcache[sitename].users = {
+    "o": sitename,
+    "ou": c.LDAP_OU_USERS,
+    "cn": "ou=" + c.LDAP_OU_USERS + ",o=" + sitename,
+    "elements": []
+  }
+  ldapcache[sitename].groups = {
+    "o": sitename,
+    "ou": c.LDAP_OU_GROUPS,
+    "cn": "ou=" + c.LDAP_OU_USERS + ",o=" + sitename,
+    "elements": []
+  }
+  return {
+    addUser: (userdata) => addUSer(sitename, userdata, memberships),
+    addGroup: (groupdata) => addUSer(sitename, groupdata),
+    getGroups: () => getGroups(sitename),
+    getUsers: () => getUsers(sitename)
+  }
+}
+
+
+addUser = (sitename, userdata, memberships) => {
+  ldapcache[sitename].users.push({
+    dn: ldapEsc.dn("cn=${cn},ou=" + c.LDAP_OU_USERS + ",o=" + sitename, { cn: userdata.cn });
+
+
+    cn: 
+  })
+}
+
+site.fnUserDn = ldapEsc.dn("cn=${cn},ou=" + USERS_KEY + ",o=" + sitename);
+site.fnGroupDn = ldapEsc.dn("cn=${cn},ou=" + GROUPS_KEY + ",o=" + sitename);
+site.adminDn = site.fnUserDn({ cn: config.ldap_user });
+
+
+exports.addAdmin = () => {
+  var cn = config.ldap_user;
+  newCache.push({
+    dn: site.compatTransform(site.fnUserDn({ cn: cn })),
+    attributes: {
+      cn: cn,
+      displayname: "Admin",
+      id: 0,
+      uid: "Admin",
+      bbbrole: "admin",
+      entryUUID: ,
+      givenname: "Administrator",
+      objectclass: [c.LDAP_OBJCLASS_USER, "simpleSecurityObject", "organizationalRole"],
+    }
+  });
+}
+
+
 exports.checkPlainPassword = function (password, siteconfig, callback) {
   if (siteconfig.loginBlockedDate) {
     var now = new Date();
@@ -25,4 +85,4 @@ exports.checkPlainPassword = function (password, siteconfig, callback) {
   callback(valid);
 };
 
-exports.checkPassword = () => {};
+exports.checkPassword = () => { };
diff --git a/src/transform.js b/src/transform.js
@@ -1,4 +1,5 @@
 var ldapEsc = require("ldap-escape");
+const crypto = require('crypto');
 
 class DataFormatError extends Error {
   constructor(message) {
@@ -8,8 +9,6 @@ class DataFormatError extends Error {
 }
 exports.lowercase = (s) => (typeof s === "string" ? s.toLowerCase() : s);
 exports.identity = (s) => s;
-exports.getCompatStringFunc = (isLowercase) =>
-  isLowercase ? this.lowercase : this.identity;
 exports.uniqueEmails = (users) => {
   var mails = {};
   return users.filter((user) => {
@@ -29,6 +28,9 @@ exports.stringConvLowercaseUmlaut = (str) => {
     .replace("ü", "ue")
     .replace("ß", "ss");
 }
+exports.generateUUID = () => {
+  return crypto.randomUUID()
+}
 
 function groupFilter(v) {
   return v.id == 30 || v.id == 148;
@@ -44,15 +46,12 @@ function objectClassesUsr(defaultObjClassUsr) {
 
 exports.getSiteTransforms = (siteconfig) => {
   var sitetransform = {};
-  sitetransform.compat = this.getCompatStringFunc(siteconfig.dn_lower_case);
+  sitetransform.compatDn = this.lowercase;
+  sitetransform.compatEmail = this.lowercase;
+  sitetransform.uniqueEmails = this.uniqueEmails
+  sitetransform.setObjClassUsr = objectClassesUsr(siteconfig.objclassUsr);
   sitetransform.userDn = (cn) =>
-    ldapEsc.dn([
-      "cn=",
-      cn,
-      ",ou=",
-      siteconfig.userskey,
-      ",o=",
-      siteconfig.sitename,
+    ldapEsc.dn(["cn=", cn, ",ou=", siteconfig.userskey, ",o=", siteconfig.sitename,
     ]);
   sitetransform.groupDn = (cn) =>
     ldapEsc.dn([
@@ -63,38 +62,46 @@ exports.getSiteTransforms = (siteconfig) => {
       ",o=",
       siteconfig.sitename,
     ]);
-  sitetransform.compatEmail = this.getCompatStringFunc(
-    siteconfig.email_lower_case
-  );
-  sitetransform.uniqueEmails = siteconfig.emails_unique
-    ? this.uniqueEmails
-    : this.identity;
-  sitetransform.setObjClassUsr = objectClassesUsr(siteconfig.objclassUsr);
+
   return sitetransform;
 };
 
+
+exports.getRootObj = (dn, admin, o) => {
+  return {
+    dn: dn,
+    attributes: {
+      creatorsname: admin,
+      entrydn: dn,
+      entryuuid: transform.generateUUID(),
+      o: o,
+      objectclass: ["top", "organization"],
+      structuralobjectclass: "organization",
+      subschemasubentry: "cn=Subschema",
+    },
+  };
+}
+
 exports.transformUser = (ctUsr, ctUsrGroups, sitetransform) => {
   result = {};
   if (!ctUsr) throw new DataFormatError("Empty user object");
-
   var cn = ctUsr.cmsuserid;
-  console.log(cn);
   result = {
     dn: sitetransform.compat(sitetransform.userDn(cn)),
     attributes: {
       cn: cn,
       id: ctUsr.id,
-      displayname: ctUsr.vorname + " " + ctUsr.name,
-      uid: this.stringConvLowercaseUmlaut(ctUsr.vorname + "." + ctUsr.name),
-      entryUUID: "u" + ctUsr.id,
+      displayname: ctUsr.firstName + " " + ctUsr.lastName,
+      uid: this.stringConvLowercaseUmlaut(ctUsr.firstName + "." + ctUsr.lastName),
+      entryUUID: ctUsr.guid,
       bbbrole: cn === "aröhm" ? "admin" : "user",
-      givenname: ctUsr.vorname,
-      street: ctUsr.strasse,
-      telephoneMobile: ctUsr.telefonhandy,
-      telephoneHome: ctUsr.telefonprivat,
-      postalCode: ctUsr.plz,
-      l: ctUsr.ort,
-      sn: ctUsr.name,
+      givenname: ctUsr.firstName,
+      street: ctUsr.lastName,
+      telephoneMobile: ctUsr.mobile,
+      telephoneHome: ctUsr.phonePrivate,
+      postalCode: ctUsr.zip,
+      l: ctUsr.city,
+      sn: ctUsr.lastName,
       email: sitetransform.compatEmail(ctUsr.email),
       mail: sitetransform.compatEmail(ctUsr.email),
       objectclass: sitetransform.setObjClassUsr(ctUsr, ctUsrGroups),