2023-10-26 20:34:59 +00:00
package ldapSync
/ *
this file contains the code for creating the ldapUsers and ldapGroups tables
* /
import (
"github.com/pocketbase/pocketbase"
"github.com/pocketbase/pocketbase/forms"
"github.com/pocketbase/pocketbase/models"
"github.com/pocketbase/pocketbase/models/schema"
"github.com/pocketbase/pocketbase/tools/types"
)
2024-05-14 12:18:20 +00:00
const ldapUsersTableName string = "users"
2023-10-26 20:34:59 +00:00
const ldapGroupsTableName string = "ldap_groups"
const ldapSyncLogsTableName string = "ldap_sync_logs"
// createLDAPGroupsTable creates ldapGroups table
//
// the function does not check if the ldapGroups table already exists
// returns error
func createLDAPGroupsTable ( app * pocketbase . PocketBase ) error {
collection := & models . Collection { }
form := forms . NewCollectionUpsert ( app , collection )
form . Name = ldapGroupsTableName
form . Type = models . CollectionTypeBase
2024-04-22 19:52:56 +00:00
form . ListRule = nil
form . ViewRule = nil
2023-10-26 20:34:59 +00:00
form . CreateRule = nil
form . UpdateRule = nil
form . DeleteRule = nil
// add description field
form . Schema . AddField ( & schema . SchemaField {
Name : "description" ,
Type : schema . FieldTypeText ,
Required : false ,
} )
// add common name field
form . Schema . AddField ( & schema . SchemaField {
Name : "cn" ,
Type : schema . FieldTypeText ,
Required : true ,
Presentable : true ,
} )
// add distinguished name field
form . Schema . AddField ( & schema . SchemaField {
Name : "dn" ,
Type : schema . FieldTypeText ,
Required : true ,
} )
2024-05-11 11:29:56 +00:00
// add objectGUID field
form . Schema . AddField ( & schema . SchemaField {
Name : "objectGUID" ,
Type : schema . FieldTypeText ,
Required : true ,
} )
2023-10-26 20:34:59 +00:00
// create index on cn
form . Indexes = types . JsonArray [ string ] {
2024-05-11 11:29:56 +00:00
"CREATE UNIQUE INDEX idx_ldapGroups_cn ON " + ldapGroupsTableName + " (cn)" ,
"CREATE UNIQUE INDEX idx_ldapGroups_objectGUID ON " + ldapSyncLogsTableName + " (objectGUID)" ,
2023-10-26 20:34:59 +00:00
}
// validate and submit (internally it calls app.Dao().SaveCollection(collection) in a transaction)
if err := form . Submit ( ) ; err != nil {
return err
}
// find the ldapGroups collection by name
collection , err := app . Dao ( ) . FindCollectionByNameOrId ( ldapGroupsTableName )
if err != nil {
return err
}
// create form for collection update
form = forms . NewCollectionUpsert ( app , collection )
// add groups field - we cant add this field in the first form because the collection (and the ID) does not exist yet
form . Schema . AddField ( & schema . SchemaField {
Name : "memberOf" ,
Type : schema . FieldTypeRelation ,
Required : false ,
Options : & schema . RelationOptions {
CollectionId : collection . Id ,
CascadeDelete : false ,
} ,
} )
// validate and submit (internally it calls app.Dao().SaveCollection(collection) in a transaction)
if err := form . Submit ( ) ; err != nil {
return err
}
// return collection id and nil error
return nil
}
// createLDAPUsersTable creates ldapUsers table
//
// the function does not check if the ldapUsers table already exists
// returns error
func createLDAPUsersTable ( app * pocketbase . PocketBase ) error {
// find the ldapGroups collection by name
groupsCollection , err := app . Dao ( ) . FindCollectionByNameOrId ( ldapGroupsTableName )
if err != nil {
return err
}
// create ldapUsers table
collection := & models . Collection { }
// because this is an auth collection, the system will automatically create a username field, a password field, verified field, an email field and an emailVisibility field
// create form for collection creation
form := forms . NewCollectionUpsert ( app , collection )
2024-04-22 19:52:56 +00:00
form . Name = ldapUsersTableName // collection name
form . Type = models . CollectionTypeAuth // collection type set to auth, otherwise login will not work
2024-05-14 12:18:20 +00:00
form . ListRule = nil // list rule (only admins can list)
form . ViewRule = nil // view rule (only admins can view)
form . CreateRule = nil // create rule (only admins can create)
form . UpdateRule = nil // update rule (only admins can update)
form . DeleteRule = nil // delete rule (only admins can delete)
2023-10-26 20:34:59 +00:00
// add common name field, the collection will also have a field named "username" which is the username field. this field is added automatically by the forms.NewCollectionUpsert() function
form . Schema . AddField ( & schema . SchemaField {
Name : "cn" ,
Type : schema . FieldTypeText ,
2024-05-14 12:18:20 +00:00
Required : false ,
2023-10-26 20:34:59 +00:00
Presentable : true ,
} )
2024-05-11 11:29:56 +00:00
// add objectGUID field
form . Schema . AddField ( & schema . SchemaField {
Name : "objectGUID" ,
Type : schema . FieldTypeText ,
2024-05-14 12:18:20 +00:00
Required : false ,
2024-05-11 11:29:56 +00:00
} )
2023-10-26 20:34:59 +00:00
// add distinguished name field
form . Schema . AddField ( & schema . SchemaField {
Name : "dn" ,
Type : schema . FieldTypeText ,
2024-05-14 12:18:20 +00:00
Required : false ,
2023-10-26 20:34:59 +00:00
} )
// add surname field
form . Schema . AddField ( & schema . SchemaField {
Name : "sn" ,
Type : schema . FieldTypeText ,
2024-05-14 12:18:20 +00:00
Required : false ,
2023-10-26 20:34:59 +00:00
} )
// add given name field
form . Schema . AddField ( & schema . SchemaField {
Name : "givenName" ,
Type : schema . FieldTypeText ,
2024-05-14 12:18:20 +00:00
Required : false ,
2023-10-26 20:34:59 +00:00
} )
// add account expires field
form . Schema . AddField ( & schema . SchemaField {
Name : "accountExpires" ,
Type : schema . FieldTypeDate ,
Required : false ,
} )
2024-05-14 12:18:20 +00:00
// add account expires field
form . Schema . AddField ( & schema . SchemaField {
Name : "REALM" ,
Type : schema . FieldTypeDate ,
Required : true ,
} )
2023-10-26 20:34:59 +00:00
// add groups field
form . Schema . AddField ( & schema . SchemaField {
Name : "memberOf" ,
Type : schema . FieldTypeRelation ,
Required : false ,
Options : & schema . RelationOptions {
CollectionId : groupsCollection . Id ,
CascadeDelete : false ,
} ,
} )
// create index on username
form . Indexes = types . JsonArray [ string ] {
2024-05-14 12:18:20 +00:00
"CREATE UNIQUE INDEX idx_users_username ON " + ldapGroupsTableName + " (username, REALM)" , // username must be unique for each realm
"CREATE UNIQUE INDEX idx_users_cn ON " + ldapGroupsTableName + " (cn)" ,
"CREATE UNIQUE INDEX idx_users_objectGUID ON " + ldapSyncLogsTableName + " (objectGUID)" ,
2023-10-26 20:34:59 +00:00
}
return form . Submit ( )
}
// createLDAPSyncLogsTable creates ldapSyncLogs table
func createLDAPSyncLogsTable ( app * pocketbase . PocketBase ) error {
2024-10-24 17:05:17 +00:00
2023-10-26 20:34:59 +00:00
// create ldapSyncs table
collection := & models . Collection { }
// create form for collection creation
form := forms . NewCollectionUpsert ( app , collection )
form . Name = ldapSyncLogsTableName // collection name
form . Type = models . CollectionTypeBase // collection type set to auth, otherwise login will not work
form . Schema . AddField ( & schema . SchemaField {
Name : "usersFound" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "usersSynced" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "usersRemoved" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "userSyncErrors" ,
2024-10-24 17:05:17 +00:00
Options : & schema . JsonOptions {
MaxSize : 2000000 ,
} ,
2023-10-26 20:34:59 +00:00
Type : schema . FieldTypeJson ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupsFound" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupsSynced" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupsRemoved" ,
Type : schema . FieldTypeNumber ,
} )
form . Schema . AddField ( & schema . SchemaField {
Name : "groupSyncErrors" ,
2024-10-24 17:05:17 +00:00
Options : & schema . JsonOptions {
MaxSize : 2000000 ,
} ,
2023-10-26 20:34:59 +00:00
Type : schema . FieldTypeJson ,
} )
// create index
form . Indexes = types . JsonArray [ string ] {
"CREATE UNIQUE INDEX idx_ldapSyncs ON " + ldapSyncLogsTableName + " (created)" ,
}
return form . Submit ( )
}