summaryrefslogtreecommitdiffstats
path: root/app/plugin/ldapextras/plugin.go
blob: 473ec6393aa45b23329e6b2d4aa28a80b0bc5f0f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.

package ldapextras

import (
	"fmt"
	"net/http"
	"sync/atomic"

	l4g "github.com/alecthomas/log4go"
	"github.com/gorilla/mux"

	"github.com/mattermost/mattermost-server/app/plugin"
	"github.com/mattermost/mattermost-server/model"
	"github.com/mattermost/mattermost-server/utils"
)

type Plugin struct {
	plugin.Base
	api           plugin.API
	configuration atomic.Value
}

func (p *Plugin) Initialize(api plugin.API) {
	p.api = api
	p.OnConfigurationChange()
	api.PluginRouter().HandleFunc("/users/{user_id:[A-Za-z0-9]+}/attributes", p.handleGetAttributes).Methods("GET")
}

func (p *Plugin) config() *Configuration {
	return p.configuration.Load().(*Configuration)
}

func (p *Plugin) OnConfigurationChange() {
	var configuration Configuration
	if err := p.api.LoadPluginConfiguration(&configuration); err != nil {
		l4g.Error(err.Error())
	}
	p.configuration.Store(&configuration)
}

func (p *Plugin) handleGetAttributes(w http.ResponseWriter, r *http.Request) {
	config := p.config()
	if !config.Enabled || len(config.Attributes) == 0 {
		http.Error(w, "This plugin is not configured", http.StatusNotImplemented)
		return
	}

	session, err := p.api.GetSessionFromRequest(r)

	if session == nil || err != nil {
		http.Error(w, "Invalid session", http.StatusUnauthorized)
		return
	}

	// Only requires a valid session, no other permission checks required

	params := mux.Vars(r)
	id := params["user_id"]

	if len(id) != 26 {
		http.Error(w, "Invalid user id", http.StatusUnauthorized)
	}

	attributes, err := p.api.GetLdapUserAttributes(id, config.Attributes)
	if err != nil {
		err.Translate(utils.T)
		http.Error(w, fmt.Sprintf("Errored getting attributes: %v", err.Error()), http.StatusInternalServerError)
	}

	w.Write([]byte(model.MapToJson(attributes)))
}