mirror of
https://github.com/snipe/snipe-it.git
synced 2025-01-12 06:17:28 -08:00
* Start work on re-adding back the "Test LDAP logins" feature to develop * Add back-end method to allow LDAP test users to try to log in.
This commit is contained in:
Brady Wetherington
GitHub
parent
8504c9e8b9
commit
a97b15ec96
|
|
@ -15,6 +15,7 @@ use Illuminate\Support\Facades\Log;
|
||||||
use Illuminate\Support\Facades\Notification;
|
use Illuminate\Support\Facades\Notification;
|
||||||
use GuzzleHttp\Client;
|
use GuzzleHttp\Client;
|
||||||
use Illuminate\Support\Facades\Storage;
|
use Illuminate\Support\Facades\Storage;
|
||||||
|
use Illuminate\Support\Facades\Validator;
|
||||||
|
|
||||||
class SettingsController extends Controller
|
class SettingsController extends Controller
|
||||||
{
|
{
|
||||||
|
|
@ -93,6 +94,51 @@ class SettingsController extends Controller
|
||||||
return response()->json($message, 200);
|
return response()->json($message, 200);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function ldaptestlogin(Request $request, LdapAd $ldap)
|
||||||
|
{
|
||||||
|
|
||||||
|
if (Setting::getSettings()->ldap_enabled!='1') {
|
||||||
|
\Log::debug('LDAP is not enabled. Cannot test.');
|
||||||
|
return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$rules = array(
|
||||||
|
'ldaptest_user' => 'required',
|
||||||
|
'ldaptest_password' => 'required'
|
||||||
|
);
|
||||||
|
|
||||||
|
$validator = Validator::make($request->all(), $rules);
|
||||||
|
if ($validator->fails()) {
|
||||||
|
\Log::debug('LDAP Validation test failed.');
|
||||||
|
$validation_errors = implode(' ',$validator->errors()->all());
|
||||||
|
return response()->json(['message' => $validator->errors()->all()], 400);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
\Log::debug('Preparing to test LDAP login');
|
||||||
|
try {
|
||||||
|
DB::beginTransaction(); //this was the easiest way to invoke a full test of an LDAP login without adding new users to the DB (which may not be desired)
|
||||||
|
|
||||||
|
// $results = $ldap->ldap->auth()->attempt($request->input('ldaptest_username'), $request->input('ldaptest_password'), true);
|
||||||
|
// can't do this because that's a protected property.
|
||||||
|
|
||||||
|
$results = $ldap->ldapLogin($request->input('ldaptest_user'), $request->input('ldaptest_password')); // this would normally create a user on success (if they didn't already exist), but for the transaction
|
||||||
|
if($results) {
|
||||||
|
return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
|
||||||
|
} else {
|
||||||
|
return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
|
||||||
|
}
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
\Log::debug('Connection failed');
|
||||||
|
return response()->json(['message' => $e->getMessage()], 400);
|
||||||
|
} finally {
|
||||||
|
DB::rollBack(); // ALWAYS rollback, whether success or failure
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
public function slacktest(Request $request)
|
public function slacktest(Request $request)
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -446,7 +446,7 @@ class LdapAd extends LdapAdConfiguration
|
||||||
public function testLdapAdUserConnection(): void
|
public function testLdapAdUserConnection(): void
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
$this->ldap->connect(); //uh, this doesn't seem to exist :/
|
$this->ldap->connect();
|
||||||
} catch (\Adldap\Auth\BindException $e) {
|
} catch (\Adldap\Auth\BindException $e) {
|
||||||
Log::error($e);
|
Log::error($e);
|
||||||
throw new Exception('Unable to connect to LDAP directory!');
|
throw new Exception('Unable to connect to LDAP directory!');
|
||||||
|
|
|
||||||
|
|
@ -379,6 +379,38 @@
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<!-- LDAP Login test -->
|
||||||
|
<div class="form-group">
|
||||||
|
<div class="col-md-3">
|
||||||
|
{{ Form::label('test_ldap_login', 'Test LDAP Login') }}
|
||||||
|
</div>
|
||||||
|
<div class="col-md-9">
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-4">
|
||||||
|
<input type="text" name="ldaptest_user" id="ldaptest_user" class="form-control" placeholder="LDAP username">
|
||||||
|
</div>
|
||||||
|
<div class="col-md-4">
|
||||||
|
<input type="password" name="ldaptest_password" id="ldaptest_password" class="form-control" placeholder="LDAP password">
|
||||||
|
</div>
|
||||||
|
<div class="col-md-3">
|
||||||
|
<a class="btn btn-default btn-sm" id="ldaptestlogin" style="margin-right: 10px;">Test LDAP</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-9 col-md-offset-3">
|
||||||
|
<span id="ldaptestloginicon"></span>
|
||||||
|
<span id="ldaptestloginresult"></span>
|
||||||
|
<span id="ldaptestloginstatus"></span>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-9 col-md-offset-3">
|
||||||
|
<p class="help-block">{{ trans('admin/settings/general.ldap_login_test_help') }}</p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
@endif
|
@endif
|
||||||
|
|
||||||
<!-- LDAP Forgotten password -->
|
<!-- LDAP Forgotten password -->
|
||||||
|
|
@ -527,5 +559,76 @@
|
||||||
body += "</tbody>"
|
body += "</tbody>"
|
||||||
return body;
|
return body;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$("#ldaptestlogin").click(function(){
|
||||||
|
$("#ldaptestloginrow").removeClass('text-success');
|
||||||
|
$("#ldaptestloginrow").removeClass('text-danger');
|
||||||
|
$("#ldaptestloginstatus").removeClass('text-danger');
|
||||||
|
$("#ldaptestloginstatus").html('');
|
||||||
|
$("#ldaptestloginicon").html('<i class="fa fa-spinner spin"></i> Testing LDAP Authentication...');
|
||||||
|
$.ajax({
|
||||||
|
url: '{{ route('api.settings.ldaptestlogin') }}',
|
||||||
|
type: 'POST',
|
||||||
|
headers: {
|
||||||
|
"X-Requested-With": 'XMLHttpRequest',
|
||||||
|
"X-CSRF-TOKEN": $('meta[name="csrf-token"]').attr('content')
|
||||||
|
},
|
||||||
|
data: {
|
||||||
|
'ldaptest_user': $('#ldaptest_user').val(),
|
||||||
|
'ldaptest_password': $('#ldaptest_password').val()
|
||||||
|
},
|
||||||
|
|
||||||
|
dataType: 'json',
|
||||||
|
|
||||||
|
success: function (data) {
|
||||||
|
$("#ldaptestloginicon").html('');
|
||||||
|
$("#ldaptestloginrow").addClass('text-success');
|
||||||
|
$("#ldaptestloginstatus").addClass('text-success');
|
||||||
|
$("#ldaptestloginstatus").html('<i class="fa fa-check text-success"></i> User authenticated against LDAP successfully!');
|
||||||
|
},
|
||||||
|
|
||||||
|
error: function (data) {
|
||||||
|
|
||||||
|
if (data.responseJSON) {
|
||||||
|
var errors = data.responseJSON.message;
|
||||||
|
} else {
|
||||||
|
var errors;
|
||||||
|
}
|
||||||
|
|
||||||
|
var error_text = '';
|
||||||
|
|
||||||
|
$("#ldaptestloginicon").html('');
|
||||||
|
$("#ldaptestloginstatus").addClass('text-danger');
|
||||||
|
$("#ldaptestloginicon").html('<i class="fa fa-exclamation-triangle text-danger"></i>');
|
||||||
|
|
||||||
|
if (data.status == 500) {
|
||||||
|
$('#ldaptestloginstatus').html('500 Server Error');
|
||||||
|
} else if (data.status == 400) {
|
||||||
|
|
||||||
|
if (typeof errors !='string') {
|
||||||
|
|
||||||
|
for (i = 0; i < errors.length; i++) {
|
||||||
|
if (errors[i]) {
|
||||||
|
error_text += '<li>Error: ' + errors[i];
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
error_text = errors;
|
||||||
|
}
|
||||||
|
|
||||||
|
$('#ldaptestloginstatus').html(error_text);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
$('#ldaptestloginstatus').html(data.responseText.message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
});
|
||||||
|
});
|
||||||
</script>
|
</script>
|
||||||
@endpush
|
@endpush
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue