mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
Implement admin LDAP endpoints for APIv4 (#5720)
This commit is contained in:
Joram Wilander
GitHub
@@ -67,6 +67,8 @@ type Routes struct {
|
||||
Compliance *mux.Router // 'api/v4/compliance'
|
||||
Cluster *mux.Router // 'api/v4/cluster'
|
||||
|
||||
LDAP *mux.Router // 'api/v4/ldap'
|
||||
|
||||
System *mux.Router // 'api/v4/system'
|
||||
|
||||
Preferences *mux.Router // 'api/v4/preferences'
|
||||
@@ -139,6 +141,7 @@ func InitApi(full bool) {
|
||||
BaseRoutes.Admin = BaseRoutes.ApiRoot.PathPrefix("/admin").Subrouter()
|
||||
BaseRoutes.Compliance = BaseRoutes.ApiRoot.PathPrefix("/compliance").Subrouter()
|
||||
BaseRoutes.Cluster = BaseRoutes.ApiRoot.PathPrefix("/cluster").Subrouter()
|
||||
BaseRoutes.LDAP = BaseRoutes.ApiRoot.PathPrefix("/ldap").Subrouter()
|
||||
BaseRoutes.System = BaseRoutes.ApiRoot.PathPrefix("/system").Subrouter()
|
||||
BaseRoutes.Preferences = BaseRoutes.User.PathPrefix("/preferences").Subrouter()
|
||||
BaseRoutes.License = BaseRoutes.ApiRoot.PathPrefix("/license").Subrouter()
|
||||
@@ -160,6 +163,7 @@ func InitApi(full bool) {
|
||||
InitSaml()
|
||||
InitCompliance()
|
||||
InitCluster()
|
||||
InitLdap()
|
||||
|
||||
app.Srv.Router.Handle("/api/v4/{anything:.*}", http.HandlerFunc(Handle404))
|
||||
|
||||
|
||||
45
api4/ldap.go
Normal file
45
api4/ldap.go
Normal file
@@ -0,0 +1,45 @@
|
||||
// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved.
|
||||
// See License.txt for license information.
|
||||
|
||||
package api4
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
l4g "github.com/alecthomas/log4go"
|
||||
"github.com/mattermost/platform/app"
|
||||
"github.com/mattermost/platform/model"
|
||||
"github.com/mattermost/platform/utils"
|
||||
)
|
||||
|
||||
func InitLdap() {
|
||||
l4g.Debug(utils.T("api.ldap.init.debug"))
|
||||
|
||||
BaseRoutes.LDAP.Handle("/sync", ApiSessionRequired(syncLdap)).Methods("POST")
|
||||
BaseRoutes.LDAP.Handle("/test", ApiSessionRequired(testLdap)).Methods("POST")
|
||||
}
|
||||
|
||||
func syncLdap(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
return
|
||||
}
|
||||
|
||||
app.SyncLdap()
|
||||
|
||||
ReturnStatusOK(w)
|
||||
}
|
||||
|
||||
func testLdap(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
return
|
||||
}
|
||||
|
||||
if err := app.TestLdap(); err != nil {
|
||||
c.Err = err
|
||||
return
|
||||
}
|
||||
|
||||
ReturnStatusOK(w)
|
||||
}
|
||||
30
api4/ldap_test.go
Normal file
30
api4/ldap_test.go
Normal file
@@ -0,0 +1,30 @@
|
||||
// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved.
|
||||
// See License.txt for license information.
|
||||
|
||||
package api4
|
||||
|
||||
import (
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestLdapTest(t *testing.T) {
|
||||
th := Setup().InitBasic().InitSystemAdmin()
|
||||
defer TearDown()
|
||||
|
||||
_, resp := th.Client.TestLdap()
|
||||
CheckForbiddenStatus(t, resp)
|
||||
|
||||
_, resp = th.SystemAdminClient.TestLdap()
|
||||
CheckNotImplementedStatus(t, resp)
|
||||
}
|
||||
|
||||
func TestLdapSync(t *testing.T) {
|
||||
th := Setup().InitBasic().InitSystemAdmin()
|
||||
defer TearDown()
|
||||
|
||||
_, resp := th.SystemAdminClient.SyncLdap()
|
||||
CheckNoError(t, resp)
|
||||
|
||||
_, resp = th.Client.SyncLdap()
|
||||
CheckForbiddenStatus(t, resp)
|
||||
}
|
||||
@@ -83,6 +83,10 @@
|
||||
"id": "api.admin.get_brand_image.storage.app_error",
|
||||
"translation": "Image storage is not configured."
|
||||
},
|
||||
{
|
||||
"id": "api.ldap.init.debug",
|
||||
"translation": "Initializing LDAP API routes"
|
||||
},
|
||||
{
|
||||
"id": "api.admin.init.debug",
|
||||
"translation": "Initializing admin API routes"
|
||||
|
||||
@@ -186,6 +186,10 @@ func (c *Client4) GetSamlRoute() string {
|
||||
return fmt.Sprintf("/saml")
|
||||
}
|
||||
|
||||
func (c *Client4) GetLdapRoute() string {
|
||||
return fmt.Sprintf("/ldap")
|
||||
}
|
||||
|
||||
func (c *Client4) DoApiGet(url string, etag string) (*http.Response, *AppError) {
|
||||
return c.DoApiRequest(http.MethodGet, url, "", etag)
|
||||
}
|
||||
@@ -1461,3 +1465,26 @@ func (c *Client4) GetClusterStatus() ([]*ClusterInfo, *Response) {
|
||||
return ClusterInfosFromJson(r.Body), BuildResponse(r)
|
||||
}
|
||||
}
|
||||
|
||||
// LDAP Section
|
||||
|
||||
// SyncLdap will force a sync with the configured LDAP server.
|
||||
func (c *Client4) SyncLdap() (bool, *Response) {
|
||||
if r, err := c.DoApiPost(c.GetLdapRoute()+"/sync", ""); err != nil {
|
||||
return false, &Response{StatusCode: r.StatusCode, Error: err}
|
||||
} else {
|
||||
defer closeBody(r)
|
||||
return CheckStatusOK(r), BuildResponse(r)
|
||||
}
|
||||
}
|
||||
|
||||
// TestLdap will attempt to connect to the configured LDAP server and return OK if configured
|
||||
// correctly.
|
||||
func (c *Client4) TestLdap() (bool, *Response) {
|
||||
if r, err := c.DoApiPost(c.GetLdapRoute()+"/test", ""); err != nil {
|
||||
return false, &Response{StatusCode: r.StatusCode, Error: err}
|
||||
} else {
|
||||
defer closeBody(r)
|
||||
return CheckStatusOK(r), BuildResponse(r)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user