V2 alpha - initial version (#172)

Initial alpha codebase for version 2 of WireGuard Portal. This version is considered unstable and incomplete (for example, no public REST API)! Use with care! Fixes/Implements the following issues: - OAuth support #154, #1 - New Web UI with internationalisation support #98, #107, #89, #62 - Postgres Support #49 - Improved Email handling #47, #119 - DNS Search Domain support #46 - Bugfixes #94, #48 --------- Co-authored-by: Fabian Wechselberger <wechselbergerf@hotmail.com>
2025-09-15 07:11:15 +00:00 · 2023-08-04 13:34:18 +02:00
parent b3a5f2ac60
commit 8b820a5adf
788 changed files with 46139 additions and 11281 deletions
--- a/internal/app/users/ldap_helper.go
+++ b/internal/app/users/ldap_helper.go
@@ -0,0 +1,69 @@
+package users
+
+import (
+	"fmt"
+	"github.com/go-ldap/ldap/v3"
+	"github.com/h44z/wg-portal/internal"
+	"github.com/h44z/wg-portal/internal/config"
+	"github.com/h44z/wg-portal/internal/domain"
+	"strings"
+	"time"
+)
+
+func convertRawLdapUser(providerName string, rawUser map[string]any, fields *config.LdapFields, adminGroupDN *ldap.DN) (*domain.User, error) {
+	now := time.Now()
+
+	isAdmin, err := internal.LdapIsMemberOf(rawUser[fields.GroupMembership].([][]byte), adminGroupDN)
+	if err != nil {
+		return nil, fmt.Errorf("failed to check admin group: %w", err)
+	}
+
+	return &domain.User{
+		BaseModel: domain.BaseModel{
+			CreatedBy: "ldap_sync",
+			UpdatedBy: "ldap_sync",
+			CreatedAt: now,
+			UpdatedAt: now,
+		},
+		Identifier:   domain.UserIdentifier(internal.MapDefaultString(rawUser, fields.UserIdentifier, "")),
+		Email:        strings.ToLower(internal.MapDefaultString(rawUser, fields.Email, "")),
+		Source:       domain.UserSourceLdap,
+		ProviderName: providerName,
+		IsAdmin:      isAdmin,
+		Firstname:    internal.MapDefaultString(rawUser, fields.Firstname, ""),
+		Lastname:     internal.MapDefaultString(rawUser, fields.Lastname, ""),
+		Phone:        internal.MapDefaultString(rawUser, fields.Phone, ""),
+		Department:   internal.MapDefaultString(rawUser, fields.Department, ""),
+		Notes:        "",
+		Password:     "",
+		Disabled:     nil,
+	}, nil
+}
+
+func userChangedInLdap(dbUser, ldapUser *domain.User) bool {
+	if dbUser.Firstname != ldapUser.Firstname {
+		return true
+	}
+	if dbUser.Lastname != ldapUser.Lastname {
+		return true
+	}
+	if dbUser.Email != ldapUser.Email {
+		return true
+	}
+	if dbUser.Phone != ldapUser.Phone {
+		return true
+	}
+	if dbUser.Department != ldapUser.Department {
+		return true
+	}
+
+	if dbUser.IsDisabled() != ldapUser.IsDisabled() {
+		return true
+	}
+
+	if dbUser.IsAdmin != ldapUser.IsAdmin {
+		return true
+	}
+
+	return false
+}