/
ldap.ts
71 lines (59 loc) · 1.47 KB
/
ldap.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
import { Match, check } from 'meteor/check';
import { LDAP } from '@rocket.chat/core-services';
import { hasPermission } from '../../../authorization/server';
import { settings } from '../../../settings/server';
import { API } from '../api';
import { SystemLogger } from '../../../../server/lib/logger/system';
API.v1.addRoute(
'ldap.testConnection',
{ authRequired: true },
{
async post() {
if (!this.userId) {
throw new Error('error-invalid-user');
}
if (!hasPermission(this.userId, 'test-admin-options')) {
throw new Error('error-not-authorized');
}
if (settings.get<boolean>('LDAP_Enable') !== true) {
throw new Error('LDAP_disabled');
}
try {
await LDAP.testConnection();
} catch (error) {
SystemLogger.error(error);
throw new Error('Connection_failed');
}
return API.v1.success({
message: 'Connection_success' as const,
});
},
},
);
API.v1.addRoute(
'ldap.testSearch',
{ authRequired: true },
{
async post() {
check(
this.bodyParams,
Match.ObjectIncluding({
username: String,
}),
);
if (!this.userId) {
throw new Error('error-invalid-user');
}
if (!hasPermission(this.userId, 'test-admin-options')) {
throw new Error('error-not-authorized');
}
if (settings.get('LDAP_Enable') !== true) {
throw new Error('LDAP_disabled');
}
await LDAP.testSearch(this.bodyParams.username);
return API.v1.success({
message: 'LDAP_User_Found' as const,
});
},
},
);