From e2042c4b6579aa367bdf764ddecbca4e1bd38772 Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Fri, 1 Sep 2017 14:28:15 -0400
Subject: Add built-in plugin for getting LDAP attributes (#7317)

---
 app/plugin/ldapextras/configuration.go |  9 +++++
 app/plugin/ldapextras/plugin.go        | 73 ++++++++++++++++++++++++++++++++++
 2 files changed, 82 insertions(+)
 create mode 100644 app/plugin/ldapextras/configuration.go
 create mode 100644 app/plugin/ldapextras/plugin.go

(limited to 'app/plugin/ldapextras')

diff --git a/app/plugin/ldapextras/configuration.go b/app/plugin/ldapextras/configuration.go
new file mode 100644
index 000000000..078c29925
--- /dev/null
+++ b/app/plugin/ldapextras/configuration.go
@@ -0,0 +1,9 @@
+// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
+// See License.txt for license information.
+
+package ldapextras
+
+type Configuration struct {
+	Enabled    bool
+	Attributes []string
+}
diff --git a/app/plugin/ldapextras/plugin.go b/app/plugin/ldapextras/plugin.go
new file mode 100644
index 000000000..3198125aa
--- /dev/null
+++ b/app/plugin/ldapextras/plugin.go
@@ -0,0 +1,73 @@
+// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
+// See License.txt for license information.
+
+package ldapextras
+
+import (
+	"fmt"
+	"net/http"
+	"sync/atomic"
+
+	l4g "github.com/alecthomas/log4go"
+	"github.com/gorilla/mux"
+
+	"github.com/mattermost/platform/app/plugin"
+	"github.com/mattermost/platform/model"
+	"github.com/mattermost/platform/utils"
+)
+
+type Plugin struct {
+	plugin.Base
+	api           plugin.API
+	configuration atomic.Value
+}
+
+func (p *Plugin) Initialize(api plugin.API) {
+	p.api = api
+	p.OnConfigurationChange()
+	api.PluginRouter().HandleFunc("/users/{user_id:[A-Za-z0-9]+}/attributes", p.handleGetAttributes).Methods("GET")
+}
+
+func (p *Plugin) config() *Configuration {
+	return p.configuration.Load().(*Configuration)
+}
+
+func (p *Plugin) OnConfigurationChange() {
+	var configuration Configuration
+	if err := p.api.LoadPluginConfiguration(&configuration); err != nil {
+		l4g.Error(err.Error())
+	}
+	p.configuration.Store(&configuration)
+}
+
+func (p *Plugin) handleGetAttributes(w http.ResponseWriter, r *http.Request) {
+	config := p.config()
+	if !config.Enabled || len(config.Attributes) == 0 {
+		http.Error(w, "This plugin is not configured", http.StatusNotImplemented)
+		return
+	}
+
+	session, err := p.api.GetSessionFromRequest(r)
+
+	if session == nil || err != nil {
+		http.Error(w, "Invalid session", http.StatusUnauthorized)
+		return
+	}
+
+	// Only requires a valid session, no other permission checks required
+
+	params := mux.Vars(r)
+	id := params["user_id"]
+
+	if len(id) != 26 {
+		http.Error(w, "Invalid user id", http.StatusUnauthorized)
+	}
+
+	attributes, err := p.api.GetLdapUserAttributes(id, config.Attributes)
+	if err != nil {
+		err.Translate(utils.T)
+		http.Error(w, fmt.Sprintf("Errored getting attributes: %v", err.Error()), http.StatusInternalServerError)
+	}
+
+	w.Write([]byte(model.MapToJson(attributes)))
+}
-- 
cgit v1.2.3-1-g7c22