IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

feat(ldap): began work on org role sync

Browse Source
This commit is contained in:
Torkel Ödegaard 2015-07-14 14:29:07 +02:00
parent a7b1df34c5
commit fe41a4e6fa
3 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
conf/defaults.ini
View File

@ -128,7 +128,7 @@ allow_org_create = true
# Set to true to automatically assign new users to the default organization (id 1) # Set to true to automatically assign new users to the default organization (id 1)
auto_assign_org = true auto_assign_org = true
# Default role new users will be automatically assigned (if disabled above is set to true) # Default role new users will be automatically assigned (if auto_assign_org above is set to true)
auto_assign_org_role = Viewer auto_assign_org_role = Viewer
#################################### Anonymous Auth ########################## #################################### Anonymous Auth ##########################

11
pkg/auth/ldap.go
View File

@ -27,7 +27,7 @@ func init() {
SearchFilter: "(cn=%s)", SearchFilter: "(cn=%s)",
SearchBaseDNs: []string{"dc=grafana,dc=org"}, SearchBaseDNs: []string{"dc=grafana,dc=org"},
LdapGroups: []*LdapGroupToOrgRole{ LdapGroups: []*LdapGroupToOrgRole{
{GroupDN: "cn=users,dc=grafana,dc=org", OrgName: "Main Org.", OrgRole: "Editor"}, {GroupDN: "cn=users,dc=grafana,dc=org", OrgRole: "Editor"},
}, },
}, },
} }
@ -77,6 +77,10 @@ func (a *ldapAuther) login(query *AuthenticateUserQuery) error {
if grafanaUser, err := a.getGrafanaUserFor(ldapUser); err != nil { if grafanaUser, err := a.getGrafanaUserFor(ldapUser); err != nil {
return err return err
} else { } else {
// sync org roles
if err := a.syncOrgRoles(grafanaUser, ldapUser); err != nil {
return err
}
query.User = grafanaUser query.User = grafanaUser
return nil return nil
} }
@ -111,7 +115,6 @@ func (a *ldapAuther) getGrafanaUserFor(ldapUser *ldapUserInfo) (*m.User, error)
} }
func (a *ldapAuther) createGrafanaUser(ldapUser *ldapUserInfo) (*m.User, error) { func (a *ldapAuther) createGrafanaUser(ldapUser *ldapUserInfo) (*m.User, error) {
cmd := m.CreateUserCommand{ cmd := m.CreateUserCommand{
Login: ldapUser.Username, Login: ldapUser.Username,
Email: ldapUser.Email, Email: ldapUser.Email,
@ -125,6 +128,10 @@ func (a *ldapAuther) createGrafanaUser(ldapUser *ldapUserInfo) (*m.User, error)
return &cmd.Result, nil return &cmd.Result, nil
} }
func (a *ldapAuther) syncOrgRoles(user *m.User, ldapUser *ldapUserInfo) error {
return nil
}
func (a *ldapAuther) initialBind(username, userPassword string) error { func (a *ldapAuther) initialBind(username, userPassword string) error {
if a.server.BindPassword != "" { if a.server.BindPassword != "" {
userPassword = a.server.BindPassword userPassword = a.server.BindPassword

1
pkg/auth/settings.go
View File

@ -3,7 +3,6 @@ package auth
type LdapGroupToOrgRole struct { type LdapGroupToOrgRole struct {
GroupDN string GroupDN string
OrgId int OrgId int
OrgName string
OrgRole string OrgRole string
} }