Skip to content

Commit

Permalink
refactor LDAP client service and event handler for improved organizat…
Browse files Browse the repository at this point in the history 
…ion and member checks
  • Loading branch information
@AlexanderUngefug
AlexanderUngefug committed Dec 13, 2024
1 parent 1b07158 commit 4a070de
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 18 deletions.
68 changes: 52 additions & 16 deletions src/core/ldap/domain/ldap-client.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -469,13 +469,10 @@ export class LdapClientService {
await client.add(orgUnitDn, newOrgUnit);
}

const orgRoleDn: string = `cn=${LdapClientService.GROUPS},ou=${schoolReferrer},${LdapClientService.DC_SCHULE_SH_DC_DE}`;
const searchResultOrgRole: SearchResult = await client.search(
`ou=${schoolReferrer},${LdapClientService.DC_SCHULE_SH_DC_DE}`,
{
filter: `(cn=${LdapClientService.GROUPS})`,
},
);
const orgRoleDn: string = `cn=${LdapClientService.GROUPS},${orgUnitDn}`;
const searchResultOrgRole: SearchResult = await client.search(orgUnitDn, {
filter: `(cn=${LdapClientService.GROUPS})`,
});
if (!searchResultOrgRole.searchEntries[0]) {
const newOrgRole: { cn: string; objectClass: string } = {
cn: LdapClientService.GROUPS,
Expand All @@ -484,13 +481,10 @@ export class LdapClientService {
await client.add(orgRoleDn, newOrgRole);
}

const lehrerDn: string = `cn=${groupId},cn=${LdapClientService.GROUPS},ou=${schoolReferrer},${LdapClientService.DC_SCHULE_SH_DC_DE}`;
const searchResultGroupOfNames: SearchResult = await client.search(
`cn=${LdapClientService.GROUPS},ou=${schoolReferrer},${LdapClientService.DC_SCHULE_SH_DC_DE}`,
{
filter: `(cn=${groupId})`,
},
);
const lehrerDn: string = `cn=${groupId},${orgRoleDn}`;
const searchResultGroupOfNames: SearchResult = await client.search(orgRoleDn, {
filter: `(cn=${groupId})`,
});
if (!searchResultGroupOfNames.searchEntries[0]) {
const newLehrerGroup: { cn: string; objectclass: string[]; member: string[] } = {
cn: groupId,
Expand All @@ -508,6 +502,11 @@ export class LdapClientService {
}
}

if (this.isPersonInSearchResult(searchResultGroupOfNames, personUid)) {
this.logger.info(`LDAP: Person ${personUid} is already in group ${groupId}`);
return { ok: true, value: false };
}

try {
await client.modify(lehrerDn, [
new Change({
Expand All @@ -533,8 +532,17 @@ export class LdapClientService {
const client: Client = this.ldapClient.getClient();
const bindResult: Result<boolean> = await this.bind();
if (!bindResult.ok) return bindResult;
const dn: string = `cn=${groupId},cn=${LdapClientService.GROUPS},ou=${schoolReferrer},${LdapClientService.DC_SCHULE_SH_DC_DE}`;
const searchResultOrgUnit: SearchResult = await client.search(dn, { scope: 'base' });
const searchResultOrgUnit: SearchResult = await client.search(
`cn=${LdapClientService.GROUPS},ou=${schoolReferrer},${LdapClientService.DC_SCHULE_SH_DC_DE}`,
{
filter: `(cn=${groupId})`,
},
);

if (!this.isPersonInSearchResult(searchResultOrgUnit, personUid)) {
this.logger.info(`LDAP: Person ${personUid} is not in group ${groupId}`);
return { ok: true, value: false };
}

if (!searchResultOrgUnit.searchEntries[0]) {
const errMsg: string = `LDAP: Group ${groupId} not found`;
Expand Down Expand Up @@ -566,4 +574,32 @@ export class LdapClientService {
return { ok: false, error: new LdapRemovePersonFromGroupError() };
}
}

private isPersonInSearchResult(searchResult: SearchResult, personUid: string): boolean | undefined {
if (!searchResult.searchEntries[0]) return;
const member: string | string[] | Buffer | Buffer[] | undefined = searchResult.searchEntries[0]['member'];
const lehrerUid: string = this.getLehrerUid(personUid, 'users');

if (typeof member === 'string') {
return member === lehrerUid;
}

if (Buffer.isBuffer(member)) {
return member.toString() === lehrerUid;
}

if (Array.isArray(member)) {
return member.some((entry: string | Buffer) => {
if (typeof entry === 'string') {
return entry === lehrerUid;
}
if (Buffer.isBuffer(entry)) {
return entry.toString() === lehrerUid;
}
return false;
});
}

return false;
}
}
18 changes: 16 additions & 2 deletions src/core/ldap/domain/ldap-event-handler.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,10 @@ export class LdapEventHandler {

await Promise.allSettled(
event.removedKontexte
.filter((pk: PersonenkontextEventKontextData) => pk.rolle === RollenArt.LEHR)
.filter(
(pk: PersonenkontextEventKontextData) =>
pk.rolle === RollenArt.LEHR && !this.hatZuordnungZuOrganisationNachLoeschen(event, pk),
)
.map((pk: PersonenkontextEventKontextData) => {
if (!pk.orgaKennung) {
return Promise.reject(new Error('Organisation has no Kennung'));
Expand Down Expand Up @@ -207,7 +210,7 @@ export class LdapEventHandler {
.then((emailDomain: Result<string>) => {
if (emailDomain.ok) {
return this.ldapClientService
.createLehrer(event.person, emailDomain.value, pk.orgaKennung!, undefined)
.createLehrer(event.person, emailDomain.value, pk.orgaKennung!)
.then((creationResult: Result<PersonData>) => {
if (!creationResult.ok) {
this.logger.error(creationResult.error.message);
Expand Down Expand Up @@ -246,4 +249,15 @@ export class LdapEventHandler {

await this.ldapClientService.changeEmailAddressByPersonId(event.personId, event.newAddress);
}

public hatZuordnungZuOrganisationNachLoeschen(
personenkontextUpdatedEvent: PersonenkontextUpdatedEvent,
personenkontextEventKontextData: PersonenkontextEventKontextData,
): boolean {
const orgaId: OrganisationID = personenkontextEventKontextData.orgaId;
const currentOrgaIds: OrganisationID[] = personenkontextUpdatedEvent.currentKontexte.map(
(pk: PersonenkontextEventKontextData) => pk.orgaId,
);
return currentOrgaIds.includes(orgaId);
}
}

0 comments on commit 4a070de

Please sign in to comment.