168 lines
5.9 KiB
JavaScript
168 lines
5.9 KiB
JavaScript
// LDAP Admin Routes
|
|
|
|
const { db } = require('../database');
|
|
const LDAPService = require('../ldap-service');
|
|
const { requireAdmin } = require('../middleware/auth');
|
|
|
|
// Routes registrieren
|
|
function registerAdminLDAPRoutes(app) {
|
|
// LDAP-Konfiguration abrufen
|
|
app.get('/admin/ldap/config', requireAdmin, (req, res) => {
|
|
db.get('SELECT * FROM ldap_config WHERE id = 1', (err, config) => {
|
|
if (err) {
|
|
return res.status(500).json({ error: 'Fehler beim Abrufen der Konfiguration' });
|
|
}
|
|
|
|
// Passwort nicht zurückgeben
|
|
if (config) {
|
|
delete config.bind_password;
|
|
}
|
|
|
|
res.json({ config: config || null });
|
|
});
|
|
});
|
|
|
|
// LDAP-Konfiguration speichern
|
|
app.post('/admin/ldap/config', requireAdmin, (req, res) => {
|
|
const {
|
|
enabled,
|
|
url,
|
|
bind_dn,
|
|
bind_password,
|
|
base_dn,
|
|
user_search_filter,
|
|
username_attribute,
|
|
firstname_attribute,
|
|
lastname_attribute,
|
|
sync_interval
|
|
} = req.body;
|
|
|
|
// Validierung - nur wenn aktiviert
|
|
if (enabled && (!url || !base_dn)) {
|
|
return res.status(400).json({ error: 'URL und Base DN sind erforderlich wenn LDAP aktiviert ist' });
|
|
}
|
|
|
|
// Prüfe ob Konfiguration bereits existiert
|
|
db.get('SELECT id FROM ldap_config WHERE id = 1', (err, existing) => {
|
|
if (err) {
|
|
return res.status(500).json({ error: 'Fehler beim Prüfen der Konfiguration' });
|
|
}
|
|
|
|
const configData = {
|
|
enabled: enabled ? 1 : 0,
|
|
url: url.trim(),
|
|
bind_dn: bind_dn ? bind_dn.trim() : null,
|
|
bind_password: bind_password ? bind_password.trim() : null,
|
|
base_dn: base_dn.trim(),
|
|
user_search_filter: user_search_filter ? user_search_filter.trim() : '(objectClass=person)',
|
|
username_attribute: username_attribute ? username_attribute.trim() : 'cn',
|
|
firstname_attribute: firstname_attribute ? firstname_attribute.trim() : 'givenName',
|
|
lastname_attribute: lastname_attribute ? lastname_attribute.trim() : 'sn',
|
|
sync_interval: parseInt(sync_interval) || 0,
|
|
updated_at: new Date().toISOString()
|
|
};
|
|
|
|
if (existing) {
|
|
// Update - Passwort nur aktualisieren wenn angegeben
|
|
if (configData.bind_password) {
|
|
db.run(
|
|
`UPDATE ldap_config SET
|
|
enabled = ?, url = ?, bind_dn = ?, bind_password = ?, base_dn = ?,
|
|
user_search_filter = ?, username_attribute = ?, firstname_attribute = ?,
|
|
lastname_attribute = ?, sync_interval = ?, updated_at = ?
|
|
WHERE id = 1`,
|
|
[
|
|
configData.enabled, configData.url, configData.bind_dn, configData.bind_password,
|
|
configData.base_dn, configData.user_search_filter, configData.username_attribute,
|
|
configData.firstname_attribute, configData.lastname_attribute, configData.sync_interval,
|
|
configData.updated_at
|
|
],
|
|
(err) => {
|
|
if (err) {
|
|
return res.status(500).json({ error: 'Fehler beim Speichern der Konfiguration' });
|
|
}
|
|
res.json({ success: true });
|
|
}
|
|
);
|
|
} else {
|
|
// Passwort nicht ändern
|
|
db.run(
|
|
`UPDATE ldap_config SET
|
|
enabled = ?, url = ?, bind_dn = ?, base_dn = ?,
|
|
user_search_filter = ?, username_attribute = ?, firstname_attribute = ?,
|
|
lastname_attribute = ?, sync_interval = ?, updated_at = ?
|
|
WHERE id = 1`,
|
|
[
|
|
configData.enabled, configData.url, configData.bind_dn,
|
|
configData.base_dn, configData.user_search_filter, configData.username_attribute,
|
|
configData.firstname_attribute, configData.lastname_attribute, configData.sync_interval,
|
|
configData.updated_at
|
|
],
|
|
(err) => {
|
|
if (err) {
|
|
return res.status(500).json({ error: 'Fehler beim Speichern der Konfiguration' });
|
|
}
|
|
res.json({ success: true });
|
|
}
|
|
);
|
|
}
|
|
} else {
|
|
// Insert
|
|
db.run(
|
|
`INSERT INTO ldap_config (
|
|
enabled, url, bind_dn, bind_password, base_dn, user_search_filter,
|
|
username_attribute, firstname_attribute, lastname_attribute, sync_interval, updated_at
|
|
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
|
|
[
|
|
configData.enabled, configData.url, configData.bind_dn, configData.bind_password,
|
|
configData.base_dn, configData.user_search_filter, configData.username_attribute,
|
|
configData.firstname_attribute, configData.lastname_attribute, configData.sync_interval,
|
|
configData.updated_at
|
|
],
|
|
(err) => {
|
|
if (err) {
|
|
return res.status(500).json({ error: 'Fehler beim Erstellen der Konfiguration' });
|
|
}
|
|
res.json({ success: true });
|
|
}
|
|
);
|
|
}
|
|
});
|
|
});
|
|
|
|
// Manuelle LDAP-Synchronisation starten
|
|
app.post('/admin/ldap/sync', requireAdmin, (req, res) => {
|
|
LDAPService.performSync('manual', (err, result) => {
|
|
if (err) {
|
|
return res.status(500).json({
|
|
error: err.message || 'Fehler bei der Synchronisation',
|
|
synced: result ? result.synced : 0,
|
|
errors: result ? result.errors : []
|
|
});
|
|
}
|
|
res.json({
|
|
success: true,
|
|
synced: result.synced,
|
|
errors: result.errors || []
|
|
});
|
|
});
|
|
});
|
|
|
|
// Sync-Log abrufen
|
|
app.get('/admin/ldap/sync/log', requireAdmin, (req, res) => {
|
|
const limit = parseInt(req.query.limit) || 10;
|
|
db.all(
|
|
'SELECT * FROM ldap_sync_log ORDER BY sync_started_at DESC LIMIT ?',
|
|
[limit],
|
|
(err, logs) => {
|
|
if (err) {
|
|
return res.status(500).json({ error: 'Fehler beim Abrufen des Logs' });
|
|
}
|
|
res.json({ logs: logs || [] });
|
|
}
|
|
);
|
|
});
|
|
}
|
|
|
|
module.exports = registerAdminLDAPRoutes;
|