chore(ldap): migrate more campusUser usages
This commit is contained in:
parent
af09e02801
commit
c8350722a4
@ -1,4 +1,4 @@
|
|||||||
-- SPDX-FileCopyrightText: 2022 Steffen Jost <jost@tcs.ifi.lmu.de>
|
-- SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel <sarah.vaupel@uniworx.de>, Steffen Jost <jost@tcs.ifi.lmu.de>
|
||||||
--
|
--
|
||||||
-- SPDX-License-Identifier: AGPL-3.0-or-later
|
-- SPDX-License-Identifier: AGPL-3.0-or-later
|
||||||
|
|
||||||
@ -16,7 +16,7 @@ import qualified Data.CaseInsensitive as CI
|
|||||||
import qualified Data.Text as Text
|
import qualified Data.Text as Text
|
||||||
import qualified Data.Text.Encoding as Text
|
import qualified Data.Text.Encoding as Text
|
||||||
-- import qualified Data.Set as Set
|
-- import qualified Data.Set as Set
|
||||||
import Foundation.Yesod.Auth (decodeUserTest,ldapLookupAndUpsert,campusUserFailoverMode,CampusUserConversionException())
|
import Foundation.Yesod.Auth (decodeLdapUserTest,ldapLookupAndUpsert,CampusUserConversionException())
|
||||||
import Handler.Utils
|
import Handler.Utils
|
||||||
|
|
||||||
import qualified Ldap.Client as Ldap
|
import qualified Ldap.Client as Ldap
|
||||||
@ -36,8 +36,8 @@ postAdminLdapR = do
|
|||||||
Nothing -> addMessage Error (text2Html "LDAP Configuration missing.") >> return Nothing
|
Nothing -> addMessage Error (text2Html "LDAP Configuration missing.") >> return Nothing
|
||||||
Just ldapPool -> do
|
Just ldapPool -> do
|
||||||
addMessage Info $ text2Html "Input for LDAP test received."
|
addMessage Info $ text2Html "Input for LDAP test received."
|
||||||
ldapData <- campusUser'' ldapPool campusUserFailoverMode lid
|
ldapData <- ldapUser'' ldapPool lid
|
||||||
decodedErr <- decodeUserTest (pure $ CI.mk lid) $ concat ldapData
|
decodedErr <- decodeLdapUserTest (pure $ CI.mk lid) $ concat ldapData
|
||||||
whenIsLeft decodedErr $ addMessageI Error
|
whenIsLeft decodedErr $ addMessageI Error
|
||||||
return ldapData
|
return ldapData
|
||||||
mbLdapData <- formResultMaybe presult procFormPerson
|
mbLdapData <- formResultMaybe presult procFormPerson
|
||||||
|
|||||||
@ -421,7 +421,7 @@ upsertAvsUserById api = do
|
|||||||
(_:_) -> throwM $ AvsUserAmbiguous api
|
(_:_) -> throwM $ AvsUserAmbiguous api
|
||||||
[] -> do
|
[] -> do
|
||||||
upsRes :: Either SomeException (Entity User)
|
upsRes :: Either SomeException (Entity User)
|
||||||
<- try $ ldapLookupAndUpsert persNo
|
<- try $ ldapLookupAndUpsert persNo -- TODO: do azure lookup and upsert if appropriate
|
||||||
$logInfoS "AVS" $ "No matching existing user found. Attempted LDAP upsert returned: " <> tshow upsRes
|
$logInfoS "AVS" $ "No matching existing user found. Attempted LDAP upsert returned: " <> tshow upsRes
|
||||||
case upsRes of
|
case upsRes of
|
||||||
Right Entity{entityKey=uid} -> insertUniqueEntity $ UserAvs api uid avsPersonPersonNo now Nothing -- pin/addr are updated in next step anyway
|
Right Entity{entityKey=uid} -> insertUniqueEntity $ UserAvs api uid avsPersonPersonNo now Nothing -- pin/addr are updated in next step anyway
|
||||||
@ -460,7 +460,8 @@ upsertAvsUserById api = do
|
|||||||
, audPinPassword = userPin
|
, audPinPassword = userPin
|
||||||
, audEmail = fakeNo -- Email is unknown in this version of the avs query, to be updated later (FUTURE TODO)
|
, audEmail = fakeNo -- Email is unknown in this version of the avs query, to be updated later (FUTURE TODO)
|
||||||
, audIdent = fakeIdent -- use AvsPersonId instead
|
, audIdent = fakeIdent -- use AvsPersonId instead
|
||||||
, audAuth = maybe AuthKindNoLogin (const AuthKindLDAP) avsPersonInternalPersonalNo -- FUTURE TODO: if email is known, use AuthKinfPWHash for email invite, if no internal personnel number is known
|
, audAuth = maybe AuthKindNoLogin (const AuthKindAzure) avsPersonInternalPersonalNo -- FUTURE TODO: if email is known, use AuthKinfPWHash for email invite, if no internal personnel number is known
|
||||||
|
, audAzureId = Nothing -- TODO
|
||||||
}
|
}
|
||||||
mbUid <- addNewUser newUsr -- triggers JobSynchroniseUserdbUser, JobSendPasswordReset and NotificationUserAutoModeUpdate -- TODO: check if these are failsafe
|
mbUid <- addNewUser newUsr -- triggers JobSynchroniseUserdbUser, JobSendPasswordReset and NotificationUserAutoModeUpdate -- TODO: check if these are failsafe
|
||||||
whenIsJust mbUid $ \uid -> runDB $ do
|
whenIsJust mbUid $ \uid -> runDB $ do
|
||||||
|
|||||||
@ -25,7 +25,7 @@ module Handler.Utils.Users
|
|||||||
|
|
||||||
import Import
|
import Import
|
||||||
import Auth.LDAP (ldapUserMatr')
|
import Auth.LDAP (ldapUserMatr')
|
||||||
import Foundation.Yesod.Auth (upsertCampusUser)
|
import Foundation.Yesod.Auth (upsertLdapUser)
|
||||||
|
|
||||||
import Crypto.Hash (hashlazy)
|
import Crypto.Hash (hashlazy)
|
||||||
|
|
||||||
@ -241,8 +241,8 @@ guessUser (((Set.toList . toNullable) <$>) . Set.toList . dnfTerms -> criteria)
|
|||||||
doLdap userMatr = do
|
doLdap userMatr = do
|
||||||
ldapPool' <- getsYesod $ view _appLdapPool
|
ldapPool' <- getsYesod $ view _appLdapPool
|
||||||
fmap join . for ldapPool' $ \ldapPool -> do
|
fmap join . for ldapPool' $ \ldapPool -> do
|
||||||
ldapData <- ldapUserMatr' ldapPool FailoverUnlimited userMatr
|
ldapData <- ldapUserMatr' ldapPool userMatr
|
||||||
for ldapData $ upsertCampusUser UpsertCampusUserGuessUser
|
for ldapData $ upsertLdapUser UpsertUserGuessUser
|
||||||
|
|
||||||
let
|
let
|
||||||
getTermMatr :: [PredLiteral GuessUserInfo] -> Maybe UserMatriculation
|
getTermMatr :: [PredLiteral GuessUserInfo] -> Maybe UserMatriculation
|
||||||
|
|||||||
@ -13,7 +13,7 @@ import qualified Data.CaseInsensitive as CI
|
|||||||
import qualified Data.Conduit.List as C
|
import qualified Data.Conduit.List as C
|
||||||
|
|
||||||
import Auth.LDAP
|
import Auth.LDAP
|
||||||
import Foundation.Yesod.Auth (CampusUserConversionException, upsertCampusUser)
|
import Foundation.Yesod.Auth (CampusUserConversionException, upsertLdapUser, upsertAzureUser)
|
||||||
|
|
||||||
import Jobs.Queue
|
import Jobs.Queue
|
||||||
|
|
||||||
@ -53,14 +53,14 @@ dispatchJobSynchroniseUserdbUser jUser = JobHandlerException $ do
|
|||||||
$logInfoS "SynchroniseUserdb" [st|Synchronising #{upsertIdent} with LDAP|]
|
$logInfoS "SynchroniseUserdb" [st|Synchronising #{upsertIdent} with LDAP|]
|
||||||
-- reTestAfter <- getsYesod $ view _appUserdbRetestFailover
|
-- reTestAfter <- getsYesod $ view _appUserdbRetestFailover
|
||||||
-- ldapAttrs <- MaybeT $ campusUserReTest' ldapConf ((>= reTestAfter) . realToFrac) FailoverUnlimited user
|
-- ldapAttrs <- MaybeT $ campusUserReTest' ldapConf ((>= reTestAfter) . realToFrac) FailoverUnlimited user
|
||||||
ldapAttrs <- MaybeT $ campusUserReTest' ldapConf ((>= reTestAfter) . realToFrac) FailoverUnlimited user
|
ldapAttrs <- MaybeT $ ldapUser ldapConf user
|
||||||
void . lift $ upsertLdapUser (UpsertLdapUserLdapSync upsertIdent) ldapAttrs
|
void . lift $ upsertLdapUser (UpsertUserSync upsertIdent) ldapAttrs
|
||||||
UserSourceConfSingleSource (UserSourceAzure azureConf) ->
|
UserSourceConfSingleSource (UserSourceAzureAdV2 azureConf) ->
|
||||||
runDB . void . runMaybeT . handleExc $ do
|
runDB . void . runMaybeT . handleExc $ do
|
||||||
user@User{userIdent,userAzurePrimaryKey} <- MaybeT $ get jUser
|
user@User{userIdent,userAzurePrimaryKey} <- MaybeT $ get jUser
|
||||||
let upsertIdent = maybe userIdent CI.mk userAzurePrimaryKey
|
let upsertIdent = maybe userIdent CI.mk userAzurePrimaryKey
|
||||||
$logInfoS "SynchroniseUserdb" [st|Synchronising #{upsertIdent} with Azure|]
|
$logInfoS "SynchroniseUserdb" [st|Synchronising #{upsertIdent} with Azure|]
|
||||||
void . lift $ upsertAzureUser (UpsertAzureUserSync upsertIdent) azureConf
|
void . lift $ upsertAzureUser (UpsertUserSync upsertIdent) azureConf
|
||||||
where
|
where
|
||||||
handleExc :: MaybeT DB a -> MaybeT DB a
|
handleExc :: MaybeT DB a -> MaybeT DB a
|
||||||
handleExc
|
handleExc
|
||||||
|
|||||||
@ -123,7 +123,8 @@ dispatchHealthCheckLDAPAdmins = fmap HealthLDAPAdmins . yesodTimeout (^. _appHea
|
|||||||
Sum numResolved <- fmap fold . forM ldapAdminUsers $ \(CI.original -> adminIdent) ->
|
Sum numResolved <- fmap fold . forM ldapAdminUsers $ \(CI.original -> adminIdent) ->
|
||||||
let hCampusExc :: CampusUserException -> Handler (Sum Integer)
|
let hCampusExc :: CampusUserException -> Handler (Sum Integer)
|
||||||
hCampusExc err = mempty <$ $logErrorS "healthCheckLDAPAdmins" (adminIdent <> ": " <> tshow err)
|
hCampusExc err = mempty <$ $logErrorS "healthCheckLDAPAdmins" (adminIdent <> ": " <> tshow err)
|
||||||
in handle hCampusExc $ Sum 1 <$ ldapUserReTest ldapPool (const True) FailoverUnlimited (Creds apLdap adminIdent [])
|
in handle hCampusExc $ Sum 1 <$ ldapUser ldapPool (Creds apLdap adminIdent [])
|
||||||
|
--in handle hCampusExc $ Sum 1 <$ ldapUserReTest ldapPool (const True) FailoverUnlimited (Creds apLdap adminIdent [])
|
||||||
if
|
if
|
||||||
| numAdmins >= 1 -> return $ numResolved % numAdmins
|
| numAdmins >= 1 -> return $ numResolved % numAdmins
|
||||||
| otherwise -> return 0
|
| otherwise -> return 0
|
||||||
|
|||||||
Reference in New Issue
Block a user