2023-10-26 20:34:59 +00:00
package ldapSync
/ *
this file contains the code for creating the ldapUsers and ldapGroups tables
* /
import (
"github.com/pocketbase/pocketbase"
"github.com/pocketbase/pocketbase/forms"
"github.com/pocketbase/pocketbase/models"
"github.com/pocketbase/pocketbase/models/schema"
"github.com/pocketbase/pocketbase/tools/types"
)
const ldapUsersTableName string = "ldap_users"
const ldapGroupsTableName string = "ldap_groups"
const ldapSyncLogsTableName string = "ldap_sync_logs"
// createLDAPGroupsTable creates ldapGroups table
//
// the function does not check if the ldapGroups table already exists
// returns error
func createLDAPGroupsTable ( app * pocketbase . PocketBase ) error {
collection := & models . Collection { }
form := forms . NewCollectionUpsert ( app , collection )
form . Name = ldapGroupsTableName
form . Type = models . CollectionTypeBase
form . ListRule = types . Pointer ( "@request.auth.id != ''" )
form . ViewRule = types . Pointer ( "@request.auth.id != ''" )
form . CreateRule = nil
form . UpdateRule = nil
form . DeleteRule = nil
// add description field
form . Schema . AddField ( & schema . SchemaField {
Name : "description" ,
Type : schema . FieldTypeText ,
Required : false ,
} )
// add common name field
form . Schema . AddField ( & schema . SchemaField {
Name : "cn" ,
Type : schema . FieldTypeText ,
Required : true ,
Presentable : true ,
} )
// add distinguished name field
form . Schema . AddField ( & schema . SchemaField {
Name : "dn" ,
Type : schema . FieldTypeText ,
Required : true ,
} )
// create index on cn
form . Indexes = types . JsonArray [ string ] {
2024-03-27 14:36:45 +00:00
"CREATE UNIQUE INDEX idx_ldapGroups ON " + ldapGroupsTableName + " (cn, dn)" ,
2023-10-26 20:34:59 +00:00
}
// validate and submit (internally it calls app.Dao().SaveCollection(collection) in a transaction)
if err := form . Submit ( ) ; err != nil {
return err
}
// find the ldapGroups collection by name
collection , err := app . Dao ( ) . FindCollectionByNameOrId ( ldapGroupsTableName )
if err != nil {
return err
}
// create form for collection update
form = forms . NewCollectionUpsert ( app , collection )
// add groups field - we cant add this field in the first form because the collection (and the ID) does not exist yet
form . Schema . AddField ( & schema . SchemaField {
Name : "memberOf" ,
Type : schema . FieldTypeRelation ,
Required : false ,
Options : & schema . RelationOptions {
CollectionId : collection . Id ,
CascadeDelete : false ,
} ,
} )
// validate and submit (internally it calls app.Dao().SaveCollection(collection) in a transaction)
if err := form . Submit ( ) ; err != nil {
return err
}
// return collection id and nil error
return nil
}
// createLDAPUsersTable creates ldapUsers table
//
// the function does not check if the ldapUsers table already exists
// returns error
func createLDAPUsersTable ( app * pocketbase . PocketBase ) error {
// find the ldapGroups collection by name
groupsCollection , err := app . Dao ( ) . FindCollectionByNameOrId ( ldapGroupsTableName )
if err != nil {
return err
}
// create ldapUsers table
collection := & models . Collection { }
// because this is an auth collection, the system will automatically create a username field, a password field, verified field, an email field and an emailVisibility field
// create form for collection creation
form := forms . NewCollectionUpsert ( app , collection )
form . Name = ldapUsersTableName // collection name
form . Type = models . CollectionTypeAuth // collection type set to auth, otherwise login will not work
2024-03-28 13:32:33 +00:00
form . ListRule = types . Pointer ( "@request.auth.id != id" ) // list rule (only user self can list their own data
form . ViewRule = types . Pointer ( "@request.auth.id != id" ) // view rule (only user self can view their own data)
2023-10-26 20:34:59 +00:00
form . CreateRule = nil // create rule (anyone can create)
form . UpdateRule = nil // update rule (anyone can update)
form . DeleteRule = nil // delete rule (anyone can delete)
// add common name field, the collection will also have a field named "username" which is the username field. this field is added automatically by the forms.NewCollectionUpsert() function
form . Schema . AddField ( & schema . SchemaField {
Name : "cn" ,
Type : schema . FieldTypeText ,
Required : true ,
Presentable : true ,
} )
// add distinguished name field
form . Schema . AddField ( & schema . SchemaField {
Name : "dn" ,
Type : schema . FieldTypeText ,
Required : true ,
} )
// add surname field
form . Schema . AddField ( & schema . SchemaField {
Name : "sn" ,
Type : schema . FieldTypeText ,
Required : true ,
} )
// add given name field
form . Schema . AddField ( & schema . SchemaField {
Name : "givenName" ,
Type : schema . FieldTypeText ,
Required : true ,
} )
// add account expires field
form . Schema . AddField ( & schema . SchemaField {
Name : "accountExpires" ,
Type : schema . FieldTypeDate ,
Required : false ,
} )
// add groups field
form . Schema . AddField ( & schema . SchemaField {
Name : "memberOf" ,
Type : schema . FieldTypeRelation ,
Required : false ,
Options : & schema . RelationOptions {
CollectionId : groupsCollection . Id ,
CascadeDelete : false ,
} ,
} )
// create index on username
form . Indexes = types . JsonArray [ string ] {
2024-03-27 14:36:45 +00:00
"CREATE UNIQUE INDEX idx_ldapUsers ON " + ldapGroupsTableName + " (cn, dn)" ,
2023-10-26 20:34:59 +00:00
}
return form . Submit ( )
}
// createLDAPSyncLogsTable creates ldapSyncLogs table
func createLDAPSyncLogsTable ( app * pocketbase . PocketBase ) error {
// create ldapSyncs table
collection := & models . Collection { }
// create form for collection creation
form := forms . NewCollectionUpsert ( app , collection )
form . Name = ldapSyncLogsTableName // collection name
form . Type = models . CollectionTypeBase // collection type set to auth, otherwise login will not work
form . Schema . AddField ( & schema . SchemaField {
Name : "usersFound" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "usersSynced" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "usersRemoved" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "userSyncErrors" ,
Type : schema . FieldTypeJson ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupsFound" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupsSynced" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupsRemoved" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupSyncErrors" ,
Type : schema . FieldTypeJson ,
} )
// create index
form . Indexes = types . JsonArray [ string ] {
"CREATE UNIQUE INDEX idx_ldapSyncs ON " + ldapSyncLogsTableName + " (created)" ,
}
return form . Submit ( )
}