fix: LDAP sync interval (#304)

Configurable LDAP sync interval for each LDAP provider
2025-09-14 15:01:14 +00:00 · 2024-09-22 11:49:23 +02:00
parent a46dabc1d3
commit 605841f2a0
4 changed files with 33 additions and 32 deletions
--- a/internal/app/users/user_manager.go
+++ b/internal/app/users/user_manager.go
@@ -26,9 +26,8 @@ type Manager struct {
 	cfg *config.Config
 	bus evbus.MessageBus

-	syncInterval time.Duration
-	users        UserDatabaseRepo
-	peers        PeerDatabaseRepo
+	users UserDatabaseRepo
+	peers PeerDatabaseRepo
 }

 func NewUserManager(cfg *config.Config, bus evbus.MessageBus, users UserDatabaseRepo, peers PeerDatabaseRepo) (*Manager, error) {
@@ -36,9 +35,8 @@ func NewUserManager(cfg *config.Config, bus evbus.MessageBus, users UserDatabase
 		cfg: cfg,
 		bus: bus,

-		syncInterval: 10 * time.Second,
-		users:        users,
-		peers:        peers,
+		users: users,
+		peers: peers,
 	}
 	return m, nil
 }
@@ -311,26 +309,29 @@ func (m Manager) validateDeletion(ctx context.Context, del *domain.User) error {
 }

 func (m Manager) runLdapSynchronizationService(ctx context.Context) {
-	running := true
-	for running {
-		select {
-		case <-ctx.Done():
-			running = false
-			continue
-		case <-time.After(m.syncInterval):
-			// select blocks until one of the cases evaluate to true
-		}
+	for _, ldapCfg := range m.cfg.Auth.Ldap { // LDAP Auth providers
+		go func(cfg config.LdapProvider) {
+			syncInterval := cfg.SyncInterval
+			if syncInterval == 0 {
+				logrus.Debugf("sync disabled for LDAP server: %s", cfg.ProviderName)
+				return
+			}
+			running := true
+			for running {
+				select {
+				case <-ctx.Done():
+					running = false
+					continue
+				case <-time.After(syncInterval * time.Second):
+					// select blocks until one of the cases evaluate to true
+				}

-		for _, ldapCfg := range m.cfg.Auth.Ldap { // LDAP Auth providers
-			if !ldapCfg.Synchronize {
-				continue // sync disabled
+				err := m.synchronizeLdapUsers(ctx, &cfg)
+				if err != nil {
+					logrus.Errorf("failed to synchronize LDAP users for %s: %v", cfg.ProviderName, err)
+				}
 			}
-			//logrus.Tracef(&ldapCfg)
-			err := m.synchronizeLdapUsers(ctx, &ldapCfg)
-			if err != nil {
-				logrus.Errorf("failed to synchronize LDAP users for %s: %v", ldapCfg.ProviderName, err)
-			}
-		}
+		}(ldapCfg)
 	}
 }

@@ -388,7 +389,7 @@ func (m Manager) updateLdapUsers(ctx context.Context, providerName string, rawUs
 		tctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
 		defer cancel()
 		tctx = domain.SetUserInfo(tctx, domain.SystemAdminContextUserInfo())
-		
+
 		if existingUser == nil {
 			err := m.NewUser(tctx, user)
 			if err != nil {
@@ -397,7 +398,7 @@ func (m Manager) updateLdapUsers(ctx context.Context, providerName string, rawUs
 		}

 		if existingUser != nil && existingUser.Source == domain.UserSourceLdap && userChangedInLdap(existingUser, user) {
-		
+
 			err := m.users.SaveUser(tctx, user.Identifier, func(u *domain.User) (*domain.User, error) {
 				u.UpdatedAt = time.Now()
 				u.UpdatedBy = "ldap_sync"
--- a/internal/config/auth.go
+++ b/internal/config/auth.go
@@ -1,6 +1,8 @@
 package config

 import (
+	"time"
+
 	"github.com/go-ldap/ldap/v3"
 )

@@ -50,10 +52,10 @@ type LdapProvider struct {
 	AdminGroupDN       string   `yaml:"admin_group"`  // Members of this group receive admin rights in WG-Portal
 	ParsedAdminGroupDN *ldap.DN `yaml:"-"`

-	Synchronize bool `yaml:"synchronize"`
 	// If DisableMissing is true, missing users will be deactivated
-	DisableMissing bool   `yaml:"disable_missing"`
-	SyncFilter     string `yaml:"sync_filter"`
+	DisableMissing bool          `yaml:"disable_missing"`
+	SyncFilter     string        `yaml:"sync_filter"`
+	SyncInterval   time.Duration `yaml:"sync_interval"`

 	// If RegistrationEnabled is set to true, wg-portal will create new users that do not exist in the database.
 	RegistrationEnabled bool `yaml:"registration_enabled"`
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -27,7 +27,6 @@ type Config struct {
 		LogLevel            string        `yaml:"log_level"`
 		LogPretty           bool          `yaml:"log_pretty"`
 		LogJson             bool          `yaml:"log_json"`
-		LdapSyncInterval    time.Duration `yaml:"ldap_sync_interval"`
 		StartListenPort     int           `yaml:"start_listen_port"`
 		StartCidrV4         string        `yaml:"start_cidr_v4"`
 		StartCidrV6         string        `yaml:"start_cidr_v6"`