bitwarden/directory-connector
1
0
Fork 0
mirror of https://github.com/bitwarden/directory-connector synced 2026-01-08 03:23:41 +00:00
Code Issues Releases Wiki Activity

Deleted users for ldap

Browse Source
This commit is contained in:
Kyle Spearrin
2017-05-16 11:20:53 -04:00
parent e6af13d935
commit de0acb46ea
4 changed files with 78 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Core/Models/Entry.cs
View File

@@ -25,5 +25,6 @@ namespace Bit.Core.Models
{
public string Email { get; set; }
public bool Disabled { get; set; }
public bool Deleted { get; set; }
}
}

4
src/Core/Models/ImportRequest.cs
View File

@@ -33,13 +33,13 @@ namespace Bit.Core.Models
public User(UserEntry entry)
{
Email = entry.Email;
Disabled = entry.Disabled;
Deleted = entry.Disabled || entry.Deleted;
ExternalId = entry.ExternalId;
}
public string ExternalId { get; set; }
public string Email { get; set; }
public bool Disabled { get; set; }
public bool Deleted { get; set; }
}
}

2
src/Core/Services/AzureDirectoryService.cs
View File

@@ -214,7 +214,7 @@ namespace Bit.Core.Services
object deleted;
if(user.AdditionalData.TryGetValue("@removed", out deleted) && deleted.ToString().Contains("changed"))
{
entry.Disabled = true;
entry.Deleted = true;
}
else if(!entry.Disabled && (entry?.Email?.Contains("#") ?? true))
{

113
src/Core/Services/LdapDirectoryService.cs
View File

@@ -201,58 +201,93 @@ namespace Bit.Core.Services
var users = new List<UserEntry>();
foreach(SearchResult item in result)
{
var user = new UserEntry
{
ReferenceId = new Uri(item.Path).Segments?.LastOrDefault()
};
if(user.ReferenceId == null)
var user = BuildUser(item, false);
if(user == null)
{
continue;
}
// External Id
if(item.Properties.Contains("objectGUID") && item.Properties["objectGUID"].Count > 0)
{
user.ExternalId = item.Properties["objectGUID"][0].ToString();
}
else
{
user.ExternalId = user.ReferenceId;
}
users.Add(user);
}
user.Disabled = EntryDisabled(item);
// Deleted users
if(SettingsService.Instance.Server.Type == DirectoryType.ActiveDirectory)
{
filter = string.Format("(&{0}(isDeleted=TRUE))",
filter != null ? string.Format("({0})", filter) : string.Empty);
// Email
if(SettingsService.Instance.Sync.EmailPrefixSuffix &&
item.Properties.Contains(SettingsService.Instance.Sync.UserEmailPrefixAttribute) &&
item.Properties[SettingsService.Instance.Sync.UserEmailPrefixAttribute].Count > 0 &&
!string.IsNullOrWhiteSpace(SettingsService.Instance.Sync.UserEmailSuffix))
searcher = new DirectorySearcher(entry, filter);
searcher.Tombstone = true;
result = searcher.FindAll();
foreach(SearchResult item in result)
{
user.Email = string.Concat(
item.Properties[SettingsService.Instance.Sync.UserEmailPrefixAttribute][0].ToString(),
SettingsService.Instance.Sync.UserEmailSuffix).ToLowerInvariant();
}
else if(item.Properties.Contains(SettingsService.Instance.Sync.UserEmailAttribute) &&
item.Properties[SettingsService.Instance.Sync.UserEmailAttribute].Count > 0)
{
user.Email = item.Properties[SettingsService.Instance.Sync.UserEmailAttribute][0]
.ToString()
.ToLowerInvariant();
}
else if(!user.Disabled)
{
continue;
}
var user = BuildUser(item, true);
if(user == null)
{
continue;
}
// Dates
user.CreationDate = item.Properties.ParseDateTime(SettingsService.Instance.Sync.CreationDateAttribute);
user.RevisionDate = item.Properties.ParseDateTime(SettingsService.Instance.Sync.RevisionDateAttribute);
users.Add(user);
}
}
return Task.FromResult(users);
}
private static UserEntry BuildUser(SearchResult item, bool deleted)
{
var user = new UserEntry
{
ReferenceId = new Uri(item.Path).Segments?.LastOrDefault(),
Deleted = deleted
};
if(user.ReferenceId == null)
{
return null;
}
// External Id
if(item.Properties.Contains("objectGUID") && item.Properties["objectGUID"].Count > 0)
{
user.ExternalId = item.Properties["objectGUID"][0].ToString();
}
else
{
user.ExternalId = user.ReferenceId;
}
user.Disabled = EntryDisabled(item);
// Email
if(SettingsService.Instance.Sync.EmailPrefixSuffix &&
item.Properties.Contains(SettingsService.Instance.Sync.UserEmailPrefixAttribute) &&
item.Properties[SettingsService.Instance.Sync.UserEmailPrefixAttribute].Count > 0 &&
!string.IsNullOrWhiteSpace(SettingsService.Instance.Sync.UserEmailSuffix))
{
user.Email = string.Concat(
item.Properties[SettingsService.Instance.Sync.UserEmailPrefixAttribute][0].ToString(),
SettingsService.Instance.Sync.UserEmailSuffix).ToLowerInvariant();
}
else if(item.Properties.Contains(SettingsService.Instance.Sync.UserEmailAttribute) &&
item.Properties[SettingsService.Instance.Sync.UserEmailAttribute].Count > 0)
{
user.Email = item.Properties[SettingsService.Instance.Sync.UserEmailAttribute][0]
.ToString()
.ToLowerInvariant();
}
else if(!user.Disabled && !user.Deleted)
{
return null;
}
// Dates
user.CreationDate = item.Properties.ParseDateTime(SettingsService.Instance.Sync.CreationDateAttribute);
user.RevisionDate = item.Properties.ParseDateTime(SettingsService.Instance.Sync.RevisionDateAttribute);
return user;
}
private static bool EntryDisabled(SearchResult item)
{
if(!item.Properties.Contains("userAccountControl"))