siwatsystem-public/satitm-sso-node
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity
satitm-sso-node/directory.js

142 lines
No EOL
3.9 KiB
JavaScript
Raw Blame History

let satitm_directory = require('./config/ldap.js');
let ldap = require('ldapjs');
// Search for a user in the directory
async function queryUser(upn, attributes) {
return new Promise((resolve, reject) => {
let opts = {
filter: `(userPrincipalName=${upn})`,
scope: 'sub',
attributes: attributes
};
satitm_directory.search('DC=ad,DC=satitm,DC=chula,DC=ac,DC=th', opts, function(err, ldapRes) {
ldapRes.on('searchEntry', function(entry) {
console.log('entry: ' + JSON.stringify(entry.object));
resolve(entry.object);
});
ldapRes.on('error', function(err) {
console.error('error: ' + err.message);
reject(err);
});
ldapRes.on('end', function(result) {
console.log('status: ' + result.status);
});
});
});
}
async function setPrimaryParent(student_upn, parent_upn) {
try {
// Query the student's LDAP entry
let studentAttributes = ['primaryParent'];
let student = await queryUser(student_upn, studentAttributes);
let primaryParent = student.primaryParent;
// If the primary parent is not set, set it to the parent's UPN
if (!primaryParent) {
let change = new ldap.Change({
operation: 'add',
modification: {
primaryParent: parent_upn
}
});
let dn = student.dn;
satitm_directory.modify(dn, change, function(err) {
if (err) {
console.error(err);
throw err;
}
});
}
// If the primary parent is already set, return an error
else {
throw new Error('Primary parent already set');
}
} catch (err) {
console.error(err);
throw err;
}
}
// 0: Unkown, 1: Student, 2: Parent
const USER_TYPE = {
UNKNOWN: 0,
STUDENT: 1,
PARENT: 2
};
// Determine the type of user
// Student is in OU=Students,OU=Users,DC=ad,DC=satitm,DC=chula,DC=ac,DC=th
// Parent is in OU=Parents,OU=Users,DC=ad,DC=satitm,DC=chula,DC=ac,DC=th
function getUserType(req) {
// The user's DN is present in the session as req.user.dn
if (req.user) {
return getUserTypeFromDN(req.user.dn);
}
else {
return USER_TYPE.UNKNOWN;
}
}
function getUserTypeFromDN(dn) {
// To convert DN to OU, remove from first CN= to first ,
let ou = dn.substring(dn.indexOf(',') + 1);
console.log('OU:', ou);
if (ou === 'OU=Students,DC=ad,DC=satitm,DC=chula,DC=ac,DC=th') {
return USER_TYPE.STUDENT;
}
else if (ou === 'OU=Parents,DC=ad,DC=satitm,DC=chula,DC=ac,DC=th') {
return USER_TYPE.PARENT;
}
else {
return USER_TYPE.UNKNOWN;
}
}
async function getPrimaryParent(student_upn) {
try {
// Query primaryParent attribute in the student's LDAP entry
let attributes = ['primaryParent'];
let student = await queryUser(student_upn, attributes);
let primaryParent = student.primaryParent;
return primaryParent;
} catch (err) {
console.error(err);
throw err;
}
}
async function listStudents(upn) {
// Search for students with the parent's UPN in their primaryParent attribute
let opts = {
filter: `(primaryParent=${upn})`,
scope: 'sub',
attributes: ['userPrincipalName']
};
let students = [];
return new Promise((resolve, reject) => {
satitm_directory.search('DC=ad,DC=satitm,DC=chula,DC=ac,DC=th', opts, function(err, ldapRes) {
ldapRes.on('searchEntry', function(entry) {
console.log('entry: ' + JSON.stringify(entry.object));
students.push(entry.object.userPrincipalName);
});
ldapRes.on('error', function(err) {
console.error('error: ' + err.message);
reject(err);
});
ldapRes.on('end', function(result) {
console.log('status: ' + result.status);
resolve(students);
});
});
});
}
module.exports = {
queryUser: queryUser,
getUserType: getUserType,
getUserTypeFromDN: getUserTypeFromDN,
setPrimaryParent: setPrimaryParent,
listStudents: listStudents,
getPrimaryParent: getPrimaryParent,
USER_TYPE: USER_TYPE
};
Reference in a new issue View git blame Copy permalink