liquid_feedback_frontend: config/

liquid_feedback_frontend

annotate config/_ldap.lua @ 1829:4d27edb80e89

Fix error when creating new user

author	bsw
date	Thu Feb 03 12:17:08 2022 +0100 (2022-02-03)
parents	3fb752f4afcb
children

rev	line source
bsw@1656	1 config.ldap = {
bsw@1656	2 hosts = {
bsw@1656	3 {
bsw@1656	4 { uri = "ldap://192.168.1.1", tls = true, timeout = 5 },
bsw@1656	5 { uri = "ldap://192.168.1.2", tls = true, timeout = 5 },
bsw@1656	6 },
bsw@1656	7 { uri = "ldap://192.168.1.3", tls = true, timeout = 5 },
bsw@1656	8 },
bsw@1656	9 base = "dc=example,dc=org",
bsw@1656	10 bind_as = { dn = "cn=admin,dc=example,dc=org", password = "secure" },
bsw@1656	11 member = {
bsw@1656	12 registration = "auto",
bsw@1656	13 scope = "subtree",
bsw@1656	14 login_normalizer = function (login)
bsw@1656	15 return login:lower()
bsw@1656	16 end,
bsw@1656	17 login_filter_map = function (login)
bsw@1656	18 return "(uid=" .. ldap.escape_filter(login) .. ")"
bsw@1656	19 end,
bsw@1656	20 login_map = function (ldap_entry)
bsw@1656	21 return ldap_entry.uid[1]
bsw@1656	22 end,
bsw@1656	23 uid_filter_map = function (uid)
bsw@1656	24 return "(uidNumber=" .. ldap.escape_filter(uid) .. ")"
bsw@1656	25 end,
bsw@1656	26 uid_map = function (ldap_entry)
bsw@1656	27 return ldap_entry.uidNumber[1]
bsw@1656	28 end,
bsw@1656	29 fetch_attr = { "uid", "uidNumber", "givenName", "sn", "displayName", "memberof" },
bsw@1656	30 attr_map = function (ldap_entry, member)
bsw@1656	31 member.identification = ldap_entry.givenName[1] .. " " .. ldap_entry.sn[1]
bsw@1656	32 member.name = ldap_entry.displayName[1]
bsw@1656	33 end,
bsw@1656	34 privilege_map = function (ldap_entry, member)
bsw@1656	35 local privileges
bsw@1656	36 if ldap_entry.dn:match("ou=people,dc=example,dc=org") then
bsw@1656	37 privileges = {
bsw@1656	38 { unit_id = 1, voting_right = true, polling_right = true },
bsw@1656	39 { unit_id = 2, voting_right = true, polling_right = false },
bsw@1656	40 { unit_id = 3, voting_right = false, polling_right = true }
bsw@1656	41 }
bsw@1656	42 elseif ldap_entry.dn:match("ou=employees,dc=example,dc=org$") then
bsw@1656	43 privileges = {
bsw@1656	44 { unit_id = 1, voting_right = false, polling_right = true },
bsw@1656	45 { unit_id = 2, voting_right = false, polling_right = true },
bsw@1656	46 { unit_id = 3, voting_right = true, polling_right = false }
bsw@1656	47 }
bsw@1656	48 elseif ldap_entry.dn:match("ou=member,dc=example,dc=org$") then
bsw@1656	49 privileges = {
bsw@1656	50 { unit_id = 1, voting_right = true, polling_right = false }
bsw@1656	51 }
bsw@1656	52 end
bsw@1656	53 return privileges
bsw@1656	54 end,
bsw@1656	55 cache_passwords = true,
bsw@1656	56 locked_profile_fields = { name = true }
bsw@1656	57 }
bsw@1656	58 }
bsw@1656	59