feat(ldapSync): added support for isAdmin field

ldapSync/db.go

@@ -11,6 +11,8 @@ import (
 	"github.com/pocketbase/pocketbase"
 	"github.com/pocketbase/pocketbase/forms"
 	"github.com/pocketbase/pocketbase/models"
+	"os"
+	"strings"
 )
 
 // upsertLDAPGroup This function creates / updates a record in the ldap groups table
@@ -97,20 +99,34 @@ func upsertLDAPUser(app *pocketbase.PocketBase, ldapUser *LDAPUser) error {
 		}
 	}
 
+	// calculate accountExpires
 	accountExpires, _ := ldapTimeToUnixTime(ldapUser.accountExpires)
 
 	var memberOfGroupIds []string
+	var isAdmin bool
 
 	// get group ids from group dns
 	for _, groupDn := range ldapUser.memberOf {
+
+		// get group by dn
 		group, err := GetLdapGroupByDN(app, groupDn)
-		if err == nil {
+
-			memberOfGroupIds = append(memberOfGroupIds, group.Id)
+		// check if error
-		} else {
+		if err != nil {
 			logger.LogErrorF("unable to find %s.memberOf: %s", ldapUser.cn, groupDn)
+			continue
 		}
+
+		// check if user is in admin group
+		if strings.ToLower(group.Get("dn").(string)) == strings.ToLower(os.Getenv("LDAP_ADMIN_GROUP_DN")) {
+			isAdmin = true
+		}
+
+		// add group id to memberOfGroupIds
+		memberOfGroupIds = append(memberOfGroupIds, group.Id)
 	}
 
+	// set data
 	record.Set("objectGUID", ldapUser.objectGUID)
 	record.Set("givenName", ldapUser.givenName)
 	record.Set("sn", ldapUser.sn)
@@ -123,6 +139,7 @@ func upsertLDAPUser(app *pocketbase.PocketBase, ldapUser *LDAPUser) error {
 	record.Set("cn", ldapUser.cn)
 	record.Set("memberOf", memberOfGroupIds)
 	record.Set("REALM", ldapUser.REALM)
+	record.Set("isAdmin", isAdmin)
 
 	if err := app.Dao().SaveRecord(record); err != nil {
 		return fmt.Errorf("failed to upsert user with dn: %s - %w", ldapUser.dn, err)