Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add LDAP sync #106

Merged
merged 59 commits into from
Jan 19, 2025
Merged

feat: add LDAP sync #106

merged 59 commits into from
Jan 19, 2025

Conversation

kmendell
Copy link
Contributor

@kmendell kmendell commented Jan 12, 2025
edited by stonith404
Loading

PoC of users from ldap so far, Drafting this PR for code review first, and we can continue on from there.

TODO

  • If a user is removed from LDAP the user does not get deleted in pocket-id dbc8e38
  • Add a LDAP Claim for Admin Rights in Pocket ID 3443d4a
  • Admins Shouldn't be able to Delete users synced from LDAP in the UI? Maybe they should?
  • We need to create the Postgres migration for the LDAP ID and GROUP ID value in the DB. f3cc45d
  • Fix the initial setup because it doesn't work anymore.
    • This should be fixed now that ldap is not enabled by ENV Variables, so no users will get synced on launch.
  • Add and edit e2e tests
  • Merge and Bump version and Release

kmendell and others added 28 commits January 11, 2025 11:42
@kmendell
feat: ldap sync begin work
ad4356b
@kmendell
feat(ldap-sync): add go-ldap
965191c
@kmendell
feat(ldap-sync): add env varibles for ldap
b6c4c0d
@kmendell
feat(ldap-sync): add env varibles for ldap
9eccfa3
@kmendell
feat(ldap-sync): updated .env.example with ldap config
324d83b
@kmendell
feat(ldap-sync): added basic ldapInit() function
a4f281e
@kmendell
feat(ldap-sync): added query function
577de76
@kmendell
feat(ldap-sync): added a few error checks for my testing
6fda6f4
@kmendell
feat(ldap-sync): updated .env.example
c019676
@kmendell
feat(ldap-sync): updated readme with the ldap env vars so far
0dda254
@kmendell
feat(ldap-sync): added a comment in main.go
839ff71
@kmendell
feat(ldap-sync): fixed main.go to restore normal functionality
09f4c17
@kmendell
feat(ldap-sync): Merge Result into UserObject model
72b269e
@kmendell
feat(ldap-sync): added new env var for user attribute, need better lo…
16dceef 
…gic on how to use that though
@kmendell
feat(ldap-sync): fixed the issue with username attributes, will map d…
8d480dc 
…irectly to the model.User struct now
@kmendell
feat(ldap-sync): removed unneeded ldap_types.go
710b793
@kmendell
feat(ldap-sync): restored main.go functionality
1e3b050
@kmendell
feat(ldap-sync): add initial group logic
0d552a1
@kmendell
feat(ldap-sync): added friendly name for group model
224c2ab
@kmendell
feat(ldap-sync): updated readme with env vars
ba6355a
@kmendell
feat(ldap-sync): updated .env.examples
a7d1e79
@kmendell
feat(ldap-sync): added skel for ldap_service and ldap_job
085a6f5
@kmendell
feat(ldap-sync): first draft of the ldap_service.go
7daf16d
@kmendell
feat(ldap-sync): fix import issue
7ddcb62
@kmendell
feat(ldap-sync): fixed return statment for else clause
b4818d2
@kmendell
feat(ldap-sync): fixed userService to use depend injection
27d441c
@kmendell
feat(ldap-sync): added ldapService to router bootstrap
7e546c8
@kmendell
Merge branch 'stonith404:main' into ldap-sync
7025e91
@kmendell
Copy link
Contributor Author

Current State of this PR as of commit: 7025e91 is users only in the ldap service, waiting for testing to confirm functionality, and then we can continue on with groups.

@kmendell kmendell changed the title WIP: feat(ldap-sync) feat(ldap-sync) Jan 15, 2025
@kmendell
Copy link
Contributor Author

Functionality for Sync is all working.
Few Issues/Notes:

  • If a user is removed from LDAP the user does not get deleted in pocket-id
    • I compared that to other services and it seems to be the same the users don't get deleted, that is more of SCIM territory.
  • We need to create the Postgres migration for the LDAP ID value in the DB.
  • Complete the Frontend UI Tweaks to not allow editing of LDAP Users or LDAP Groups

stonith404 and others added 17 commits January 16, 2025 14:59
@stonith404
undo type assertion changes in package.json
2116ef7
@stonith404
replace env configuration with UI configuration and disable LDAP user…
8e6c54f 
… edit
@stonith404
fix sqlite migration
d497f3d
@kmendell
remove users that no longer exsist in LDAP from the pocket-id database
59bf762
@kmendell
remove users that no longer exsist in LDAP from the pocket-id databas…
dbc8e38 
…e (fix pointer mismatch)
@kmendell
remove ldap values from .env.example
cc579c5
@kmendell
remove ldap env values from readme.md
fc0239f
@kmendell
add admin group claim ui elements
957af5b
@kmendell
add admin group claim backend logic
3443d4a
@kmendell
ldap users can not be deleted from the UI
04222f7
@kmendell
ldap users can not be deleted from the UI
f5197d3
@kmendell
Reverted ldap users can not be deleted from the UI
8187e28
@kmendell
add postgresql migration for ldap sync
f3cc45d
@kmendell
remove .zed
fafe88f
@stonith404
clean up ldap service
ba88754
@stonith404
improve disabled ldap state in UI
4d72018
@stonith404
fix existing tests
1871ad2
@stonith404 stonith404 marked this pull request as ready for review January 18, 2025 22:04
@stonith404 stonith404 changed the title feat(ldap-sync) feat: add LDAP sync Jan 18, 2025
@stonith404 stonith404 merged commit 5101b14 into stonith404:main Jan 19, 2025
3 checks passed
@kmendell kmendell deleted the ldap-sync branch January 23, 2025 20:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kmendell @stonith404