diff options
| author | Lauri Ojansivu <x@xet7.org> | 2018-10-03 11:50:52 +0300 |
|---|---|---|
| committer | Lauri Ojansivu <x@xet7.org> | 2018-10-03 11:50:52 +0300 |
| commit | 288800eafc91d07f859c4f59588e0b646137ccb9 (patch) | |
| tree | 063166a4d05c48bf388f6836defc930e37e4e97f /models | |
| parent | 18a1d4c5c63bb8264dee15432e3c4d88d54d51b1 (diff) | |
| download | wekan-288800eafc91d07f859c4f59588e0b646137ccb9.tar.gz wekan-288800eafc91d07f859c4f59588e0b646137ccb9.tar.bz2 wekan-288800eafc91d07f859c4f59588e0b646137ccb9.zip | |
- Add LDAP. In progress.
Thanks to maximest-pierre, Akuket and xet.
Related #119
Diffstat (limited to 'models')
| -rw-r--r-- | models/settings.js | 33 | ||||
| -rw-r--r-- | models/users.js | 15 |
2 files changed, 45 insertions, 3 deletions
diff --git a/models/settings.js b/models/settings.js index 3b9b4eae..f7c4c85d 100644 --- a/models/settings.js +++ b/models/settings.js @@ -128,6 +128,18 @@ if (Meteor.isServer) { } } + function isLdapEnabled() { + return process.env.LDAP_ENABLE === 'true'; + } + + function isOauth2Enabled() { + return process.env.OAUTH2_ENABLED === 'true'; + } + + function isCasEnabled() { + return process.env.CAS_ENABLED === 'true'; + } + Meteor.methods({ sendInvitation(emails, boards) { check(emails, [String]); @@ -197,5 +209,26 @@ if (Meteor.isServer) { withUserName: process.env.MATOMO_WITH_USERNAME || false, }; }, + + _isLdapEnabled() { + return isLdapEnabled(); + }, + + _isOauth2Enabled() { + return isOauth2Enabled(); + }, + + _isCasEnabled() { + return isCasEnabled(); + }, + + // Gets all connection methods to use it in the Template + getConnectionsEnabled() { + return { + ldap: isLdapEnabled(), + oauth2: isOauth2Enabled(), + cas: isCasEnabled(), + }; + }, }); } diff --git a/models/users.js b/models/users.js index 60e9e759..27d3e9fa 100644 --- a/models/users.js +++ b/models/users.js @@ -127,6 +127,11 @@ Users.attachSchema(new SimpleSchema({ type: Boolean, optional: true, }, + // TODO : write a migration and check if using a ldap parameter is better than a connection_type parameter + ldap: { + type: Boolean, + optional: true, + }, })); Users.allow({ @@ -490,7 +495,6 @@ if (Meteor.isServer) { if (user.services.oidc) { const email = user.services.oidc.email.toLowerCase(); - user.username = user.services.oidc.username; user.emails = [{ address: email, verified: true }]; const initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase(); @@ -518,7 +522,10 @@ if (Meteor.isServer) { } const disableRegistration = Settings.findOne().disableRegistration; - if (!disableRegistration) { + // If ldap, bypass the inviation code if the self registration isn't allowed. + // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type + if (options.ldap || !disableRegistration) { + user.ldap = true; return user; } @@ -636,7 +643,9 @@ if (Meteor.isServer) { //invite user to corresponding boards const disableRegistration = Settings.findOne().disableRegistration; - if (disableRegistration) { + // If ldap, bypass the inviation code if the self registration isn't allowed. + // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type + if (!doc.ldap && disableRegistration) { const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true}); if (!invitationCode) { throw new Meteor.Error('error-invitation-code-not-exist'); |