Move LDAP user data in user API model #91
|
@ -62,7 +62,7 @@ shards:
|
|||
|
||||
mosquito:
|
||||
git: https://github.com/mosquito-cr/mosquito.git
|
||||
version: 0.11.2
|
||||
version: 1.0.0.rc1+git.commit.afd53dd241447b60ece9232b6c71669b192baaa4
|
||||
|
||||
openssl_ext:
|
||||
git: https://github.com/spider-gazelle/openssl_ext.git
|
||||
|
|
|
@ -46,6 +46,7 @@ dependencies:
|
|||
github: juanedi/micrate
|
||||
mosquito:
|
||||
github: mosquito-cr/mosquito
|
||||
branch: master
|
||||
quartz_mailer:
|
||||
github: amberframework/quartz-mailer
|
||||
kilt:
|
||||
|
|
|
@ -19,39 +19,33 @@ module Backend
|
|||
module Schema
|
||||
# Schema helper macros
|
||||
module Helpers
|
||||
# Object helpers
|
||||
module ObjectMacros
|
||||
# Defines field property and GraphQL specific getter
|
||||
macro field(type)
|
||||
property {{ type.var }} {% if type.value %} = {{ type.value }}{% end %}
|
||||
# Defines field property and GraphQL specific getter
|
||||
macro field(type)
|
||||
property {{ type.var }} {% if type.value %} = {{ type.value }}{% end %}
|
||||
|
||||
@[GraphQL::Field]
|
||||
def {{ type.var }} : {{ type.type }}
|
||||
@{{ type.var }}
|
||||
end
|
||||
@[GraphQL::Field]
|
||||
def {{ type.var }} : {{ type.type }}
|
||||
@{{ type.var }}
|
||||
end
|
||||
end
|
||||
|
||||
# DB model field helpers
|
||||
module DbObject
|
||||
# Defines DB model field helper functions
|
||||
macro db_object(type)
|
||||
private property model
|
||||
# Defines DB model field helper functions
|
||||
macro db_object(type)
|
||||
private property model
|
||||
|
||||
def initialize(@model : {{ type }})
|
||||
end
|
||||
def initialize(@model : {{ type }})
|
||||
end
|
||||
|
||||
def initialize(id : Int32)
|
||||
@model = {{ type }}.find!(id)
|
||||
end
|
||||
def initialize(id : Int32)
|
||||
@model = {{ type }}.find!(id)
|
||||
end
|
||||
|
||||
{% space_name = type.names.last.underscore.gsub(/_/, " ").capitalize %}
|
||||
{% space_name = type.names.last.underscore.gsub(/_/, " ").capitalize %}
|
||||
|
||||
@[GraphQL::Field]
|
||||
# {{ space_name }}'s ID
|
||||
def id : Int32
|
||||
@model.id.not_nil!.to_i
|
||||
end
|
||||
@[GraphQL::Field]
|
||||
# {{ space_name }}'s ID
|
||||
def id : Int32
|
||||
@model.id.not_nil!.to_i
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -44,16 +44,12 @@ module Backend
|
|||
context.admin!
|
||||
|
||||
raise "LDAP user does not exist" if check_ldap && begin
|
||||
!Ldap.user(Ldap::Constructor.uid(input.username))
|
||||
!Ldap::User.from_username(input.username)
|
||||
rescue LDAP::Client::AuthError
|
||||
true
|
||||
end
|
||||
user = Db::User.create!(username: input.username, role: input.role.to_s, admin: input.admin)
|
||||
Redis::CLIENT.set(
|
||||
"ldap:user:#{user.id.not_nil!}",
|
||||
Ldap.user(Ldap::Constructor.uid(user.username)).to_json,
|
||||
(Backend.config.ldap.cache_refresh_interval * 2).minutes.to_i
|
||||
)
|
||||
Worker::Jobs::CacheLdapUserJob.new(user.id.not_nil!.to_i).enqueue
|
||||
|
||||
User.new(user)
|
||||
end
|
||||
|
|
|
@ -20,7 +20,7 @@ module Backend
|
|||
@[GraphQL::Object]
|
||||
# Student model
|
||||
class Student < GraphQL::BaseObject
|
||||
include Helpers::DbObject
|
||||
include Helpers
|
||||
|
||||
db_object Db::Student
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ module Backend
|
|||
@[GraphQL::Object]
|
||||
# Teacher model
|
||||
class Teacher < GraphQL::BaseObject
|
||||
include Helpers::DbObject
|
||||
include Helpers
|
||||
|
||||
db_object Db::Teacher
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ module Backend
|
|||
@[GraphQL::Object]
|
||||
# Teacher vote model
|
||||
class TeacherVote < GraphQL::BaseObject
|
||||
include Helpers::DbObject
|
||||
include Helpers
|
||||
|
||||
db_object Db::TeacherVote
|
||||
|
||||
|
|
|
@ -20,26 +20,34 @@ module Backend
|
|||
@[GraphQL::Object]
|
||||
# User model
|
||||
class User < GraphQL::BaseObject
|
||||
include Helpers::DbObject
|
||||
include Helpers
|
||||
|
||||
db_object Db::User
|
||||
|
||||
# LDAP user data
|
||||
getter ldap : Ldap::User?
|
||||
|
||||
# Refreshes LDAP user data
|
||||
def refresh_ldap : Ldap::User
|
||||
(@ldap ||= Ldap::User.from_json(Redis::CLIENT.get("ldap:user:#{id}").as(String))).not_nil!
|
||||
end
|
||||
|
||||
@[GraphQL::Field]
|
||||
# User's first name
|
||||
def first_name : String
|
||||
@model.first_name
|
||||
refresh_ldap.first_name
|
||||
end
|
||||
|
||||
@[GraphQL::Field]
|
||||
# User's last name
|
||||
def last_name : String
|
||||
@model.last_name
|
||||
refresh_ldap.last_name
|
||||
end
|
||||
|
||||
@[GraphQL::Field]
|
||||
# User's full name
|
||||
def name : String
|
||||
@model.name
|
||||
refresh_ldap.name
|
||||
end
|
||||
|
||||
@[GraphQL::Field]
|
||||
|
@ -51,7 +59,7 @@ module Backend
|
|||
@[GraphQL::Field]
|
||||
# User's email
|
||||
def email : String
|
||||
@model.email
|
||||
refresh_ldap.email
|
||||
end
|
||||
|
||||
@[GraphQL::Field]
|
||||
|
|
|
@ -20,7 +20,7 @@ module Backend
|
|||
@[GraphQL::Object]
|
||||
# Vote model
|
||||
class Vote < GraphQL::BaseObject
|
||||
include Helpers::DbObject
|
||||
include Helpers
|
||||
|
||||
db_object Db::Vote
|
||||
|
||||
|
|
|
@ -20,9 +20,6 @@ module Backend
|
|||
class User < Granite::Base
|
||||
table users
|
||||
|
||||
# LDAP user data
|
||||
getter ldap : Ldap::User?
|
||||
|
||||
has_one :teacher
|
||||
has_one :student
|
||||
|
||||
|
@ -38,31 +35,6 @@ module Backend
|
|||
# User is admin
|
||||
column admin : Bool = false
|
||||
|
||||
# User's first name
|
||||
def first_name : String
|
||||
refresh_ldap.first_name
|
||||
end
|
||||
|
||||
# User's last name
|
||||
def last_name : String
|
||||
refresh_ldap.last_name
|
||||
end
|
||||
|
||||
# User's full name
|
||||
def name : String
|
||||
"#{first_name} #{last_name}"
|
||||
end
|
||||
|
||||
# User's email
|
||||
def email : String
|
||||
refresh_ldap.email
|
||||
end
|
||||
|
||||
# Refreshes LDAP user data
|
||||
def refresh_ldap : Ldap::User
|
||||
(@ldap ||= Ldap::User.from_json(Redis::CLIENT.get("ldap:user:#{@id}").as(String))).not_nil!
|
||||
end
|
||||
|
||||
validate :role, "needs to be a valid role" do |user|
|
||||
UserRole.parse(user.role).in?(UserRole.values)
|
||||
end
|
||||
|
|
|
@ -35,23 +35,6 @@ module Backend
|
|||
LDAP::Client.new(TCPSocket.new(Backend.config.ldap.host, Backend.config.ldap.port))
|
||||
end
|
||||
|
||||
# Queries the LDAP server for a user
|
||||
#
|
||||
# NOTE: Returns raw LDAP data
|
||||
def raw_user(dn : String) : User::Raw
|
||||
CLIENT.connection do |client|
|
||||
client
|
||||
.authenticate(Backend.config.ldap.bind_dn, Backend.config.ldap.bind_password)
|
||||
.search(base: dn)
|
||||
.first
|
||||
end
|
||||
end
|
||||
|
||||
# Queries the LDAP server for a user
|
||||
def user(dn : String) : User
|
||||
User.from_raw(raw_user(dn))
|
||||
end
|
||||
|
||||
# Checks if credentials are valid
|
||||
def authenticate?(dn : String, password : String) : Bool
|
||||
!!CLIENT.connection(&.authenticate(dn, password))
|
||||
|
|
|
@ -39,6 +39,11 @@ module Backend
|
|||
def initialize(@first_name : String, @last_name : String, @email : String)
|
||||
end
|
||||
|
||||
# Name
|
||||
def name : String
|
||||
"#{first_name} #{last_name}"
|
||||
end
|
||||
|
||||
# Creates user data from LDAP entry
|
||||
def self.from_raw(raw : Raw) : self
|
||||
self.new(
|
||||
|
@ -47,6 +52,33 @@ module Backend
|
|||
email: raw["mail"].first
|
||||
)
|
||||
end
|
||||
|
||||
# Creates user data from LDAP DN entry
|
||||
def self.from_dn(dn : String) : self
|
||||
from_raw(
|
||||
CLIENT.connection do |client|
|
||||
client
|
||||
.authenticate(Backend.config.ldap.bind_dn, Backend.config.ldap.bind_password)
|
||||
.search(base: dn, attributes: %w(givenName sn mail))
|
||||
.first
|
||||
end
|
||||
)
|
||||
end
|
||||
|
||||
# Creates user data from LDAP username
|
||||
def self.from_username(username : String) : self
|
||||
from_dn(Ldap::Constructor.uid(username))
|
||||
end
|
||||
|
||||
# Creates user data from DB entry
|
||||
def self.from_db(user : Db::User) : self
|
||||
from_username(user.username)
|
||||
end
|
||||
|
||||
# Creates user data from DB entry index
|
||||
def self.from_index(id : Int32) : self
|
||||
from_db(Db::User.find!(id))
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -22,7 +22,7 @@ module Backend
|
|||
address email: Backend.config.smtp.username, name: Backend.config.smtp.name
|
||||
end
|
||||
|
||||
def initialize(user : Db::User)
|
||||
def initialize(user : Ldap::User)
|
||||
to name: user.name, email: user.email
|
||||
subject "Mentorenwahl Lehrer Registrierung"
|
||||
text Kilt.render("#{__DIR__}/templates/teacher_registration_mailer.txt.ecr")
|
||||
|
|
|
@ -19,16 +19,18 @@ module Backend
|
|||
module Jobs
|
||||
# Caches user data in redis cache
|
||||
class CacheLdapUserJob < Mosquito::QueuedJob
|
||||
params id : Int64
|
||||
params id : Int32
|
||||
|
||||
# :ditto:
|
||||
def perform : Nil
|
||||
key = "ldap:user:#{id}"
|
||||
user = Db::User.find(id)
|
||||
if user
|
||||
ldap_user = Ldap.user(Ldap::Constructor.uid(user.username))
|
||||
Redis::CLIENT.set(key, ldap_user.to_json, (Backend.config.ldap.cache_refresh_interval * 2).minutes.to_i)
|
||||
log "Caching user ##{id}..."
|
||||
ldap_user = Ldap::User.from_username(user.username)
|
||||
Redis::CLIENT.set(key, ldap_user.to_json)
|
||||
else
|
||||
log "User ##{id} not found. Deleting cache..."
|
||||
Redis::CLIENT.del(key)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -24,10 +24,16 @@ module Backend
|
|||
# :ditto:
|
||||
def perform : Nil
|
||||
Redis::CLIENT.keys("ldap:user:*")
|
||||
.map(&.as(String).split(":")[2].to_i64)
|
||||
.concat(Db::User.all.map(&.id.not_nil!))
|
||||
.map(&.as(String).split(":")[2].to_i)
|
||||
.concat(Db::User.all.map(&.id.not_nil!.to_i))
|
||||
.uniq!
|
||||
.each { |id| CacheLdapUserJob.new(id).enqueue }
|
||||
.each do |id|
|
||||
spawn do
|
||||
CacheLdapUserJob.new(id).enqueue
|
||||
end
|
||||
end
|
||||
|
||||
Fiber.yield
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -32,8 +32,9 @@ module Backend
|
|||
fail
|
||||
end
|
||||
|
||||
log "Sending teacher registration email to #{user.email} (#{user.id})"
|
||||
Mailers::TeacherRegistrationMailer.new(user).deliver
|
||||
ldap_user = Ldap::User.from_username(user.username)
|
||||
log "Sending teacher registration email to #{ldap_user.email} ##{user.id}"
|
||||
Mailers::TeacherRegistrationMailer.new(ldap_user).deliver
|
||||
|
||||
channel.send(nil)
|
||||
end
|
||||
|
|
|
@ -84,7 +84,7 @@ cli = Commander::Command.new do |cmd|
|
|||
abort unless (gets(chomp: true) || "").strip.downcase == "y"
|
||||
|
||||
user = Backend::Db::User.create!(username: username, role: role.to_s, admin: opts.bool["admin"])
|
||||
Backend::Worker::Jobs::CacheLdapUserJob.new(user.id.not_nil!).enqueue
|
||||
Backend::Worker::Jobs::CacheLdapUserJob.new(user.id.not_nil!.to_i).enqueue
|
||||
|
||||
puts "Done!"
|
||||
|
||||
|
|
Loading…
Reference in a new issue