getuser / deleteEntry

wstrange · Sep 29, 2021 · 6231203 · 6231203
1 parent c3aae57
commit 6231203
Show file tree

Hide file tree

Showing 2 changed files with 71 additions and 27 deletions.
diff --git a/pkg/ldap/client.go b/pkg/ldap/client.go
@@ -23,16 +23,15 @@ type DSConnection struct {
 }
 
 type User struct {
-	DN              string
-	CN              string
-	SN              string
-	UID             string
-	Password        string
-	Mail            string
-	TelephoneNumber string
-	Description     string
-	GivenName       string
-	DisplayName     string
+	DN          string
+	CN          string
+	SN          string
+	UID         string
+	Password    string
+	Mail        string
+	Description string
+	GivenName   string
+	DisplayName string
 }
 
 // Connect to LDAP server via admin credentials
@@ -56,19 +55,23 @@ func (ds *DSConnection) Connect() error {
 
 // GetEntry get an ldap entry.
 // This doesn't do much right now ... just searches for an entry. Just for testing and to provide an example
-func (ds *DSConnection) getEntry(dn string) (*ldap.Entry, error) {
+func (ds *DSConnection) getEntry(uid string) (*ldap.Entry, error) {
 
-	req := ldap.NewSearchRequest("ou=admins,ou=identities",
+	req := ldap.NewSearchRequest("ou=identities",
 		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
-		"(uid="+dn+")",
-		[]string{"dn", "cn", "uid"}, // A list attributes to retrieve
+		"(uid="+uid+")",
+		[]string{"dn", "cn", "uid", "mail", "displayName", "givenName", "sn", "description"}, // A list attributes to retrieve
 		nil)
 
 	res, err := ds.ldap.Search(req)
 	if err != nil {
 		return nil, err
 	}
 
+	if len(res.Entries) != 1 {
+		return nil, fmt.Errorf("User not found or more than one entry matched")
+	}
+
 	// just for info...
 	for _, entry := range res.Entries {
 		fmt.Printf("%s: %v cn=%s\n", entry.DN, entry.GetAttributeValue("uid"), entry.GetAttributeValue("cn"))
@@ -80,7 +83,7 @@ func (ds *DSConnection) getEntry(dn string) (*ldap.Entry, error) {
 // BindPassword tries to bind as the DN with the password. This is used to test the password to see if we need to change it.
 // Return nil if the password is OK, err otherwise
 func (ds *DSConnection) BindPassword(DN, password string) error {
-	ds.Log.V(2).Info("ldap client - BIND", "DN", DN)
+	//ds.Log.V(2).Info("ldap client - BIND", "DN", DN)
 	// get a new connection. We cant do this with th existing connection as it would unbind us from the admin account..
 	tldap, err := ldap.DialURL(ds.URL, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: true}))
 	defer tldap.Close()
@@ -108,7 +111,6 @@ func (ds *DSConnection) AddUser(user *User) error {
 	req.Attribute("uid", []string{user.UID})
 	req.Attribute("userPassword", []string{user.Password})
 	req.Attribute("mail", []string{user.Mail})
-	req.Attribute("telephoneNumber", []string{user.TelephoneNumber})
 	req.Attribute("description", []string{user.Description})
 	req.Attribute("givenName", []string{user.GivenName})
 	req.Attribute("displayName", []string{user.DisplayName})
@@ -117,6 +119,32 @@ func (ds *DSConnection) AddUser(user *User) error {
 	return err
 }
 
+// GetUser returns a user object for the given DN.
+func (ds *DSConnection) GetUser(uid string) (*User, error) {
+	// ds.Log.V(2).Info("ldap client - get user", "uid", uid)
+	entry, err := ds.getEntry(uid)
+	if err != nil {
+		return nil, err
+	}
+	// todo:
+	user := &User{
+		UID:         uid,
+		DN:          entry.DN,
+		Mail:        entry.GetAttributeValue("mail"),
+		CN:          entry.GetAttributeValue("cn"),
+		SN:          entry.GetAttributeValue("sn"),
+		GivenName:   entry.GetAttributeValue("givenName"),
+		DisplayName: entry.GetAttributeValue("displayName"),
+		Description: entry.GetAttributeValue("description"),
+	}
+	return user, nil
+}
+
+func (ds *DSConnection) DeleteEntry(dn string) error {
+	dr := ldap.DelRequest{DN: dn}
+	return ds.ldap.Del(&dr)
+}
+
 func purgeTaskDN(id string) string {
 	return "ds-recurring-task-id=" + id + "-purge,cn=Recurring Tasks,cn=Tasks"
 }

diff --git a/tests/ldap-test.go b/tests/ldap-test.go
@@ -1,6 +1,10 @@
 package main
 
-import ldap "github.com/ForgeRock/ds-operator/pkg/ldap"
+import (
+	"fmt"
+
+	ldap "github.com/ForgeRock/ds-operator/pkg/ldap"
+)
 
 func main() {
 	l := ldap.DSConnection{
@@ -14,20 +18,32 @@ func main() {
 	defer l.Close()
 
 	user := ldap.User{
-		DN:              "uid=testuser,ou=people,ou=identities",
-		UID:             "testuser",
-		CN:              "Test User",
-		SN:              "User",
-		Mail:            "test@test.com",
-		Password:        "Passw0rd!123",
-		Description:     "Test User",
-		DisplayName:     "Test User",
-		GivenName:       "Test",
-		TelephoneNumber: "1234567890",
+		DN:          "uid=testuser,ou=people,ou=identities",
+		UID:         "testuser",
+		CN:          "Test User",
+		SN:          "User",
+		Mail:        "test@test.com",
+		Password:    "Passw0rd!123",
+		Description: "Test User",
+		DisplayName: "Test User",
+		GivenName:   "Test",
 	}
 
 	if err := l.AddUser(&user); err != nil {
 		panic(err)
 	}
 
+	// read the user back
+	u, err := l.GetUser(user.UID)
+
+	if err != nil {
+		panic(err)
+	}
+	fmt.Printf("%+v\n", u)
+
+	// Delete the user
+	if err := l.DeleteEntry(u.DN); err != nil {
+		panic(err)
+	}
+
 }