dergrimm/mentorenwahl
dergrimm/mentorenwahl
2
1
Fork 0
Code Issues 6 Pull requests Projects 3 Releases Wiki Activity

Move LDAP user data in user API model #91

Merged
dergrimm merged 3 commits from ldap-manager-move-to-api into main 2022-03-08 07:59:29 +00:00
Conversation 0 Commits 3 Files changed 17 +91 -96
17 changed files with 91 additions and 96 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docker/backend/shard.lock
View file

@ -62,7 +62,7 @@ shards:
mosquito:
git: https://github.com/mosquito-cr/mosquito.git
version: 0.11.2
version: 1.0.0.rc1+git.commit.afd53dd241447b60ece9232b6c71669b192baaa4
openssl_ext:
git: https://github.com/spider-gazelle/openssl_ext.git

1
docker/backend/shard.yml
View file

@ -46,6 +46,7 @@ dependencies:
github: juanedi/micrate
mosquito:
github: mosquito-cr/mosquito
branch: master
quartz_mailer:
github: amberframework/quartz-mailer
kilt:

44
docker/backend/src/backend/api/schema/helpers.cr
View file

@ -19,39 +19,33 @@ module Backend
module Schema
# Schema helper macros
module Helpers
# Object helpers
module ObjectMacros
# Defines field property and GraphQL specific getter
macro field(type)
property {{ type.var }} {% if type.value %} = {{ type.value }}{% end %}
# Defines field property and GraphQL specific getter
macro field(type)
property {{ type.var }} {% if type.value %} = {{ type.value }}{% end %}
@[GraphQL::Field]
def {{ type.var }} : {{ type.type }}
@{{ type.var }}
end
@[GraphQL::Field]
def {{ type.var }} : {{ type.type }}
@{{ type.var }}
end
end
# DB model field helpers
module DbObject
# Defines DB model field helper functions
macro db_object(type)
private property model
# Defines DB model field helper functions
macro db_object(type)
private property model
def initialize(@model : {{ type }})
end
def initialize(@model : {{ type }})
end
def initialize(id : Int32)
@model = {{ type }}.find!(id)
end
def initialize(id : Int32)
@model = {{ type }}.find!(id)
end
{% space_name = type.names.last.underscore.gsub(/_/, " ").capitalize %}
{% space_name = type.names.last.underscore.gsub(/_/, " ").capitalize %}
@[GraphQL::Field]
# {{ space_name }}'s ID
def id : Int32
@model.id.not_nil!.to_i
end
@[GraphQL::Field]
# {{ space_name }}'s ID
def id : Int32
@model.id.not_nil!.to_i
end
end
end

8
docker/backend/src/backend/api/schema/mutation.cr
View file

@ -44,16 +44,12 @@ module Backend
context.admin!
raise "LDAP user does not exist" if check_ldap && begin
!Ldap.user(Ldap::Constructor.uid(input.username))
!Ldap::User.from_username(input.username)
rescue LDAP::Client::AuthError
true
end
user = Db::User.create!(username: input.username, role: input.role.to_s, admin: input.admin)
Redis::CLIENT.set(
"ldap:user:#{user.id.not_nil!}",
Ldap.user(Ldap::Constructor.uid(user.username)).to_json,
(Backend.config.ldap.cache_refresh_interval * 2).minutes.to_i
)
Worker::Jobs::CacheLdapUserJob.new(user.id.not_nil!.to_i).enqueue
User.new(user)
end

2
docker/backend/src/backend/api/schema/student.cr
View file

@ -20,7 +20,7 @@ module Backend
@[GraphQL::Object]
# Student model
class Student < GraphQL::BaseObject
include Helpers::DbObject
include Helpers
db_object Db::Student

2
docker/backend/src/backend/api/schema/teacher.cr
View file

@ -20,7 +20,7 @@ module Backend
@[GraphQL::Object]
# Teacher model
class Teacher < GraphQL::BaseObject
include Helpers::DbObject
include Helpers
db_object Db::Teacher

2
docker/backend/src/backend/api/schema/teacher_vote.cr
View file

@ -20,7 +20,7 @@ module Backend
@[GraphQL::Object]
# Teacher vote model
class TeacherVote < GraphQL::BaseObject
include Helpers::DbObject
include Helpers
db_object Db::TeacherVote

18
docker/backend/src/backend/api/schema/user.cr
View file

@ -20,26 +20,34 @@ module Backend
@[GraphQL::Object]
# User model
class User < GraphQL::BaseObject
include Helpers::DbObject
include Helpers
db_object Db::User
# LDAP user data
getter ldap : Ldap::User?
# Refreshes LDAP user data
def refresh_ldap : Ldap::User
(@ldap ||= Ldap::User.from_json(Redis::CLIENT.get("ldap:user:#{id}").as(String))).not_nil!
end
@[GraphQL::Field]
# User's first name
def first_name : String
@model.first_name
refresh_ldap.first_name
end
@[GraphQL::Field]
# User's last name
def last_name : String
@model.last_name
refresh_ldap.last_name
end
@[GraphQL::Field]
# User's full name
def name : String
@model.name
refresh_ldap.name
end
@[GraphQL::Field]
@ -51,7 +59,7 @@ module Backend
@[GraphQL::Field]
# User's email
def email : String
@model.email
refresh_ldap.email
end
@[GraphQL::Field]

2
docker/backend/src/backend/api/schema/vote.cr
View file

@ -20,7 +20,7 @@ module Backend
@[GraphQL::Object]
# Vote model
class Vote < GraphQL::BaseObject
include Helpers::DbObject
include Helpers
db_object Db::Vote

28
docker/backend/src/backend/db/user.cr
View file

@ -20,9 +20,6 @@ module Backend
class User < Granite::Base
table users
# LDAP user data
getter ldap : Ldap::User?
has_one :teacher
has_one :student
@ -38,31 +35,6 @@ module Backend
# User is admin
column admin : Bool = false
# User's first name
def first_name : String
refresh_ldap.first_name
end
# User's last name
def last_name : String
refresh_ldap.last_name
end
# User's full name
def name : String
"#{first_name} #{last_name}"
end
# User's email
def email : String
refresh_ldap.email
end
# Refreshes LDAP user data
def refresh_ldap : Ldap::User
(@ldap ||= Ldap::User.from_json(Redis::CLIENT.get("ldap:user:#{@id}").as(String))).not_nil!
end
validate :role, "needs to be a valid role" do |user|
UserRole.parse(user.role).in?(UserRole.values)
end

17
docker/backend/src/backend/ldap.cr
View file

@ -35,23 +35,6 @@ module Backend
LDAP::Client.new(TCPSocket.new(Backend.config.ldap.host, Backend.config.ldap.port))
end
# Queries the LDAP server for a user
#
# NOTE: Returns raw LDAP data
def raw_user(dn : String) : User::Raw
CLIENT.connection do |client|
client
.authenticate(Backend.config.ldap.bind_dn, Backend.config.ldap.bind_password)
.search(base: dn)
.first
end
end
# Queries the LDAP server for a user
def user(dn : String) : User
User.from_raw(raw_user(dn))
end
# Checks if credentials are valid
def authenticate?(dn : String, password : String) : Bool
!!CLIENT.connection(&.authenticate(dn, password))

32
docker/backend/src/backend/ldap/user.cr
View file

@ -39,6 +39,11 @@ module Backend
def initialize(@first_name : String, @last_name : String, @email : String)
end
# Name
def name : String
"#{first_name} #{last_name}"
end
# Creates user data from LDAP entry
def self.from_raw(raw : Raw) : self
self.new(
@ -47,6 +52,33 @@ module Backend
email: raw["mail"].first
)
end
# Creates user data from LDAP DN entry
def self.from_dn(dn : String) : self
from_raw(
CLIENT.connection do |client|
client
.authenticate(Backend.config.ldap.bind_dn, Backend.config.ldap.bind_password)
.search(base: dn, attributes: %w(givenName sn mail))
.first
end
)
end
# Creates user data from LDAP username
def self.from_username(username : String) : self
from_dn(Ldap::Constructor.uid(username))
end
# Creates user data from DB entry
def self.from_db(user : Db::User) : self
from_username(user.username)
end
# Creates user data from DB entry index
def self.from_index(id : Int32) : self
from_db(Db::User.find!(id))
end
end
end
end

2
docker/backend/src/backend/mailers/teacher_registration_mailer.cr
View file

@ -22,7 +22,7 @@ module Backend
address email: Backend.config.smtp.username, name: Backend.config.smtp.name
end
def initialize(user : Db::User)
def initialize(user : Ldap::User)
to name: user.name, email: user.email
subject "Mentorenwahl Lehrer Registrierung"
text Kilt.render("#{__DIR__}/templates/teacher_registration_mailer.txt.ecr")

8
docker/backend/src/backend/worker/jobs/cache_ldap_user_job.cr
View file

@ -19,16 +19,18 @@ module Backend
module Jobs
# Caches user data in redis cache
class CacheLdapUserJob < Mosquito::QueuedJob
params id : Int64
params id : Int32
# :ditto:
def perform : Nil
key = "ldap:user:#{id}"
user = Db::User.find(id)
if user
ldap_user = Ldap.user(Ldap::Constructor.uid(user.username))
Redis::CLIENT.set(key, ldap_user.to_json, (Backend.config.ldap.cache_refresh_interval * 2).minutes.to_i)
log "Caching user ##{id}..."
ldap_user = Ldap::User.from_username(user.username)
Redis::CLIENT.set(key, ldap_user.to_json)
else
log "User ##{id} not found. Deleting cache..."
Redis::CLIENT.del(key)
end
end

12
docker/backend/src/backend/worker/jobs/cache_ldap_users_job.cr
View file

@ -24,10 +24,16 @@ module Backend
# :ditto:
def perform : Nil
Redis::CLIENT.keys("ldap:user:*")
.map(&.as(String).split(":")[2].to_i64)
.concat(Db::User.all.map(&.id.not_nil!))
.map(&.as(String).split(":")[2].to_i)
.concat(Db::User.all.map(&.id.not_nil!.to_i))
.uniq!
.each { |id| CacheLdapUserJob.new(id).enqueue }
.each do |id|
spawn do
CacheLdapUserJob.new(id).enqueue
end
end
Fiber.yield
end
end
end

5
docker/backend/src/backend/worker/jobs/send_teachers_registration_email_job.cr
View file

@ -32,8 +32,9 @@ module Backend
fail
end
log "Sending teacher registration email to #{user.email} (#{user.id})"
Mailers::TeacherRegistrationMailer.new(user).deliver
ldap_user = Ldap::User.from_username(user.username)
log "Sending teacher registration email to #{ldap_user.email} ##{user.id}"
Mailers::TeacherRegistrationMailer.new(ldap_user).deliver
channel.send(nil)
end

2
docker/backend/src/cli/backend.cr
View file

@ -84,7 +84,7 @@ cli = Commander::Command.new do |cmd|
abort unless (gets(chomp: true) || "").strip.downcase == "y"
user = Backend::Db::User.create!(username: username, role: role.to_s, admin: opts.bool["admin"])
Backend::Worker::Jobs::CacheLdapUserJob.new(user.id.not_nil!).enqueue
Backend::Worker::Jobs::CacheLdapUserJob.new(user.id.not_nil!.to_i).enqueue
puts "Done!"