apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat(ldap): began work on org role sync

Browse Source
pull/2360/head
Torkel Ödegaard 10 years ago
parent a7b1df34c5
commit fe41a4e6fa
3 changed files with 10 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      conf/defaults.ini
  2. 11
      pkg/auth/ldap.go
  3. 1
      pkg/auth/settings.go

2
conf/defaults.ini
Unescape View File

@ -128,7 +128,7 @@ allow_org_create = true
# Set to true to automatically assign new users to the default organization (id 1)
auto_assign_org = true
# Default role new users will be automatically assigned (if disabled above is set to true)
# Default role new users will be automatically assigned (if auto_assign_org above is set to true)
auto_assign_org_role = Viewer
#################################### Anonymous Auth ##########################

11
pkg/auth/ldap.go
Unescape View File

@ -27,7 +27,7 @@ func init() {
SearchFilter: "(cn=%s)",
SearchBaseDNs: []string{"dc=grafana,dc=org"},
LdapGroups: []*LdapGroupToOrgRole{
{GroupDN: "cn=users,dc=grafana,dc=org", OrgName: "Main Org.", OrgRole: "Editor"},
{GroupDN: "cn=users,dc=grafana,dc=org", OrgRole: "Editor"},
},
},
}
@ -77,6 +77,10 @@ func (a *ldapAuther) login(query *AuthenticateUserQuery) error {
if grafanaUser, err := a.getGrafanaUserFor(ldapUser); err != nil {
return err
} else {
// sync org roles
if err := a.syncOrgRoles(grafanaUser, ldapUser); err != nil {
return err
}
query.User = grafanaUser
return nil
}
@ -111,7 +115,6 @@ func (a *ldapAuther) getGrafanaUserFor(ldapUser *ldapUserInfo) (*m.User, error)
}
func (a *ldapAuther) createGrafanaUser(ldapUser *ldapUserInfo) (*m.User, error) {
cmd := m.CreateUserCommand{
Login: ldapUser.Username,
Email: ldapUser.Email,
@ -125,6 +128,10 @@ func (a *ldapAuther) createGrafanaUser(ldapUser *ldapUserInfo) (*m.User, error)
return &cmd.Result, nil
}
func (a *ldapAuther) syncOrgRoles(user *m.User, ldapUser *ldapUserInfo) error {
return nil
}
func (a *ldapAuther) initialBind(username, userPassword string) error {
if a.server.BindPassword != "" {
userPassword = a.server.BindPassword

1
pkg/auth/settings.go
Unescape View File

@ -3,7 +3,6 @@ package auth
type LdapGroupToOrgRole struct {
GroupDN string
OrgId int
OrgName string
OrgRole string
}

Write Preview
Loading…
Cancel
Save