1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package ldapextras
import (
"fmt"
"net/http"
"sync/atomic"
l4g "github.com/alecthomas/log4go"
"github.com/gorilla/mux"
"github.com/mattermost/mattermost-server/app/plugin"
"github.com/mattermost/mattermost-server/model"
"github.com/mattermost/mattermost-server/utils"
)
type Plugin struct {
plugin.Base
api plugin.API
configuration atomic.Value
}
func (p *Plugin) Initialize(api plugin.API) {
p.api = api
p.OnConfigurationChange()
api.PluginRouter().HandleFunc("/users/{user_id:[A-Za-z0-9]+}/attributes", p.handleGetAttributes).Methods("GET")
}
func (p *Plugin) config() *Configuration {
return p.configuration.Load().(*Configuration)
}
func (p *Plugin) OnConfigurationChange() {
var configuration Configuration
if err := p.api.LoadPluginConfiguration(&configuration); err != nil {
l4g.Error(err.Error())
}
p.configuration.Store(&configuration)
}
func (p *Plugin) handleGetAttributes(w http.ResponseWriter, r *http.Request) {
config := p.config()
if !config.Enabled || len(config.Attributes) == 0 {
http.Error(w, "This plugin is not configured", http.StatusNotImplemented)
return
}
session, err := p.api.GetSessionFromRequest(r)
if session == nil || err != nil {
http.Error(w, "Invalid session", http.StatusUnauthorized)
return
}
// Only requires a valid session, no other permission checks required
params := mux.Vars(r)
id := params["user_id"]
if len(id) != 26 {
http.Error(w, "Invalid user id", http.StatusUnauthorized)
}
attributes, err := p.api.GetLdapUserAttributes(id, config.Attributes)
if err != nil {
err.Translate(utils.T)
http.Error(w, fmt.Sprintf("Errored getting attributes: %v", err.Error()), http.StatusInternalServerError)
}
w.Write([]byte(model.MapToJson(attributes)))
}
|