LDAP Public SSH Keys synchronization (#1844)

* Add LDAP Key Synchronization feature Signed-off-by: Magnus Lindvall <magnus@dnmgns.com> * Add migration: add login source id column for public_key table * Only update keys if needed * Add function to only list pubkey synchronized from ldap * Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it. * Only get keys belonging to current login source id * Set default login source id to 0 * Some minor cleanup. Add integration tests (updete dep testify)
2025-06-23 06:28:01 +02:00 · 2018-05-24 06:59:02 +02:00
parent b908ac9fab
commit cdb9478774
25 changed files with 620 additions and 436 deletions
--- a/routers/admin/auths.go
+++ b/routers/admin/auths.go
@ -97,24 +97,25 @@ func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig {
 	}
 	return &models.LDAPConfig{
 		Source: &ldap.Source{
-			Name:              form.Name,
-			Host:              form.Host,
-			Port:              form.Port,
-			SecurityProtocol:  ldap.SecurityProtocol(form.SecurityProtocol),
-			SkipVerify:        form.SkipVerify,
-			BindDN:            form.BindDN,
-			UserDN:            form.UserDN,
-			BindPassword:      form.BindPassword,
-			UserBase:          form.UserBase,
-			AttributeUsername: form.AttributeUsername,
-			AttributeName:     form.AttributeName,
-			AttributeSurname:  form.AttributeSurname,
-			AttributeMail:     form.AttributeMail,
-			AttributesInBind:  form.AttributesInBind,
-			SearchPageSize:    pageSize,
-			Filter:            form.Filter,
-			AdminFilter:       form.AdminFilter,
-			Enabled:           true,
+			Name:                  form.Name,
+			Host:                  form.Host,
+			Port:                  form.Port,
+			SecurityProtocol:      ldap.SecurityProtocol(form.SecurityProtocol),
+			SkipVerify:            form.SkipVerify,
+			BindDN:                form.BindDN,
+			UserDN:                form.UserDN,
+			BindPassword:          form.BindPassword,
+			UserBase:              form.UserBase,
+			AttributeUsername:     form.AttributeUsername,
+			AttributeName:         form.AttributeName,
+			AttributeSurname:      form.AttributeSurname,
+			AttributeMail:         form.AttributeMail,
+			AttributesInBind:      form.AttributesInBind,
+			AttributeSSHPublicKey: form.AttributeSSHPublicKey,
+			SearchPageSize:        pageSize,
+			Filter:                form.Filter,
+			AdminFilter:           form.AdminFilter,
+			Enabled:               true,
 		},
 	}
 }
--- a/routers/api/v1/user/key.go
+++ b/routers/api/v1/user/key.go
@ -129,7 +129,7 @@ func CreateUserPublicKey(ctx *context.APIContext, form api.CreateKeyOption, uid
 		return
 	}

-	key, err := models.AddPublicKey(uid, form.Title, content)
+	key, err := models.AddPublicKey(uid, form.Title, content, 0)
 	if err != nil {
 		repo.HandleAddKeyError(ctx, err)
 		return
--- a/routers/user/setting/keys.go
+++ b/routers/user/setting/keys.go
@ -99,7 +99,7 @@ func KeysPost(ctx *context.Context, form auth.AddKeyForm) {
 			return
 		}

-		if _, err = models.AddPublicKey(ctx.User.ID, form.Title, content); err != nil {
+		if _, err = models.AddPublicKey(ctx.User.ID, form.Title, content, 0); err != nil {
 			ctx.Data["HasSSHError"] = true
 			switch {
 			case models.IsErrKeyAlreadyExist(err):