diff --git a/app/Http/Controllers/Api/SettingsController.php b/app/Http/Controllers/Api/SettingsController.php index deb14fb5ff..7c499b7397 100644 --- a/app/Http/Controllers/Api/SettingsController.php +++ b/app/Http/Controllers/Api/SettingsController.php @@ -15,6 +15,7 @@ use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Notification; use GuzzleHttp\Client; use Illuminate\Support\Facades\Storage; +use Illuminate\Support\Facades\Validator; class SettingsController extends Controller { @@ -93,6 +94,51 @@ class SettingsController extends Controller return response()->json($message, 200); } + public function ldaptestlogin(Request $request, LdapAd $ldap) + { + + if (Setting::getSettings()->ldap_enabled!='1') { + \Log::debug('LDAP is not enabled. Cannot test.'); + return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400); + } + + + $rules = array( + 'ldaptest_user' => 'required', + 'ldaptest_password' => 'required' + ); + + $validator = Validator::make($request->all(), $rules); + if ($validator->fails()) { + \Log::debug('LDAP Validation test failed.'); + $validation_errors = implode(' ',$validator->errors()->all()); + return response()->json(['message' => $validator->errors()->all()], 400); + } + + + \Log::debug('Preparing to test LDAP login'); + try { + DB::beginTransaction(); //this was the easiest way to invoke a full test of an LDAP login without adding new users to the DB (which may not be desired) + + // $results = $ldap->ldap->auth()->attempt($request->input('ldaptest_username'), $request->input('ldaptest_password'), true); + // can't do this because that's a protected property. + + $results = $ldap->ldapLogin($request->input('ldaptest_user'), $request->input('ldaptest_password')); // this would normally create a user on success (if they didn't already exist), but for the transaction + if($results) { + return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200); + } else { + return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400); + } + } catch (\Exception $e) { + \Log::debug('Connection failed'); + return response()->json(['message' => $e->getMessage()], 400); + } finally { + DB::rollBack(); // ALWAYS rollback, whether success or failure + } + + + } + public function slacktest(Request $request) { diff --git a/app/Http/Requests/AssetFileRequest.php b/app/Http/Requests/AssetFileRequest.php index 74dfde3ab4..c74753fcc9 100644 --- a/app/Http/Requests/AssetFileRequest.php +++ b/app/Http/Requests/AssetFileRequest.php @@ -24,7 +24,7 @@ class AssetFileRequest extends Request { $max_file_size = \App\Helpers\Helper::file_upload_max_size(); return [ - 'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,lic,xml,rtf|max:'.$max_file_size, + 'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,xlsx,lic,xml,rtf|max:'.$max_file_size, ]; } } diff --git a/app/Services/LdapAd.php b/app/Services/LdapAd.php index 5f68c83549..414331cdd1 100644 --- a/app/Services/LdapAd.php +++ b/app/Services/LdapAd.php @@ -446,7 +446,7 @@ class LdapAd extends LdapAdConfiguration public function testLdapAdUserConnection(): void { try { - $this->ldap->connect(); //uh, this doesn't seem to exist :/ + $this->ldap->connect(); } catch (\Adldap\Auth\BindException $e) { Log::error($e); throw new Exception('Unable to connect to LDAP directory!'); diff --git a/resources/views/settings/ldap.blade.php b/resources/views/settings/ldap.blade.php index 4139f60926..1dd684ca31 100644 --- a/resources/views/settings/ldap.blade.php +++ b/resources/views/settings/ldap.blade.php @@ -379,6 +379,38 @@ + +
+
+ {{ Form::label('test_ldap_login', 'Test LDAP Login') }} +
+
+
+
+ +
+
+ +
+
+ Test LDAP +
+ + +
+
+
+ + + +
+
+

{{ trans('admin/settings/general.ldap_login_test_help') }}

+
+ +
+ + @endif @@ -527,5 +559,76 @@ body += "" return body; } + + $("#ldaptestlogin").click(function(){ + $("#ldaptestloginrow").removeClass('text-success'); + $("#ldaptestloginrow").removeClass('text-danger'); + $("#ldaptestloginstatus").removeClass('text-danger'); + $("#ldaptestloginstatus").html(''); + $("#ldaptestloginicon").html(' Testing LDAP Authentication...'); + $.ajax({ + url: '{{ route('api.settings.ldaptestlogin') }}', + type: 'POST', + headers: { + "X-Requested-With": 'XMLHttpRequest', + "X-CSRF-TOKEN": $('meta[name="csrf-token"]').attr('content') + }, + data: { + 'ldaptest_user': $('#ldaptest_user').val(), + 'ldaptest_password': $('#ldaptest_password').val() + }, + + dataType: 'json', + + success: function (data) { + $("#ldaptestloginicon").html(''); + $("#ldaptestloginrow").addClass('text-success'); + $("#ldaptestloginstatus").addClass('text-success'); + $("#ldaptestloginstatus").html(' User authenticated against LDAP successfully!'); + }, + + error: function (data) { + + if (data.responseJSON) { + var errors = data.responseJSON.message; + } else { + var errors; + } + + var error_text = ''; + + $("#ldaptestloginicon").html(''); + $("#ldaptestloginstatus").addClass('text-danger'); + $("#ldaptestloginicon").html(''); + + if (data.status == 500) { + $('#ldaptestloginstatus').html('500 Server Error'); + } else if (data.status == 400) { + + if (typeof errors !='string') { + + for (i = 0; i < errors.length; i++) { + if (errors[i]) { + error_text += '
  • Error: ' + errors[i]; + } + + } + + } else { + error_text = errors; + } + + $('#ldaptestloginstatus').html(error_text); + + } else { + $('#ldaptestloginstatus').html(data.responseText.message); + } + } + + + + + }); + }); @endpush