From 288800eafc91d07f859c4f59588e0b646137ccb9 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Wed, 3 Oct 2018 11:50:52 +0300
Subject: - Add LDAP. In progress.

Thanks to maximest-pierre, Akuket and xet.

Related #119
---
 models/settings.js | 33 +++++++++++++++++++++++++++++++++
 models/users.js    | 15 ++++++++++++---
 2 files changed, 45 insertions(+), 3 deletions(-)

(limited to 'models')

diff --git a/models/settings.js b/models/settings.js
index 3b9b4eae..f7c4c85d 100644
--- a/models/settings.js
+++ b/models/settings.js
@@ -128,6 +128,18 @@ if (Meteor.isServer) {
     }
   }
 
+  function isLdapEnabled() {
+    return process.env.LDAP_ENABLE === 'true';
+  }
+
+  function isOauth2Enabled() {
+    return process.env.OAUTH2_ENABLED === 'true';
+  }
+
+  function isCasEnabled() {
+    return process.env.CAS_ENABLED === 'true';
+  }
+
   Meteor.methods({
     sendInvitation(emails, boards) {
       check(emails, [String]);
@@ -197,5 +209,26 @@ if (Meteor.isServer) {
         withUserName: process.env.MATOMO_WITH_USERNAME || false,
       };
     },
+
+    _isLdapEnabled() {
+      return isLdapEnabled();
+    },
+
+    _isOauth2Enabled() {
+      return isOauth2Enabled();
+    },
+
+    _isCasEnabled() {
+      return isCasEnabled();
+    },
+
+    // Gets all connection methods to use it in the Template
+    getConnectionsEnabled() {
+      return {
+        ldap: isLdapEnabled(),
+        oauth2: isOauth2Enabled(),
+        cas: isCasEnabled(),
+      };
+    },
   });
 }
diff --git a/models/users.js b/models/users.js
index 60e9e759..27d3e9fa 100644
--- a/models/users.js
+++ b/models/users.js
@@ -127,6 +127,11 @@ Users.attachSchema(new SimpleSchema({
     type: Boolean,
     optional: true,
   },
+  // TODO : write a migration and check if using a ldap parameter is better than a connection_type parameter
+  ldap: {
+    type: Boolean,
+    optional: true,
+  },
 }));
 
 Users.allow({
@@ -490,7 +495,6 @@ if (Meteor.isServer) {
 
     if (user.services.oidc) {
       const email = user.services.oidc.email.toLowerCase();
-
       user.username = user.services.oidc.username;
       user.emails = [{ address: email, verified: true }];
       const initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase();
@@ -518,7 +522,10 @@ if (Meteor.isServer) {
     }
 
     const disableRegistration = Settings.findOne().disableRegistration;
-    if (!disableRegistration) {
+    // If ldap, bypass the inviation code if the self registration isn't allowed.
+    // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type
+    if (options.ldap || !disableRegistration) {
+      user.ldap = true;
       return user;
     }
 
@@ -636,7 +643,9 @@ if (Meteor.isServer) {
 
     //invite user to corresponding boards
     const disableRegistration = Settings.findOne().disableRegistration;
-    if (disableRegistration) {
+    // If ldap, bypass the inviation code if the self registration isn't allowed.
+    // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type
+    if (!doc.ldap && disableRegistration) {
       const invitationCode = InvitationCodes.findOne({code: doc.profile.icode, valid: true});
       if (!invitationCode) {
         throw new Meteor.Error('error-invitation-code-not-exist');
-- 
cgit v1.2.3-1-g7c22