liquid_feedback_frontend

annotate config/_ldap_ad.lua @ 1668:6d75df24e66e

find changesets by author, revision, files, or words in the commit message
Updated German translation
author bsw
date Sun Mar 07 09:52:36 2021 +0100 (2021-03-07)
parents 3fb752f4afcb
children
rev   line source
bsw@1656 1 local function str2hex(s)
bsw@1656 2 local t = {string.byte(s, 1, #s)}
bsw@1656 3 local f = string.format
bsw@1656 4 for i = 1, #t do t[i] = f("\\%02x", t[i]) end
bsw@1656 5 return table.concat(t)
bsw@1656 6 end
bsw@1656 7
bsw@1656 8 config.ldap = {
bsw@1656 9 hosts = {
bsw@1656 10 { uri = "ldap://192.168.1.1", tls = true, timeout = 5 },
bsw@1656 11 { uri = "ldap://192.168.1.2", tls = true, timeout = 5 }
bsw@1656 12 },
bsw@1656 13 base = "CN=Users,DC=example,DC=org",
bsw@1656 14 bind_as = { dn = "CN=LiquidFeedback Service,CN=Users,DC=example,DC=org", password = "secure" },
bsw@1656 15 member = {
bsw@1656 16 registration = "auto",
bsw@1656 17 scope = "subtree",
bsw@1656 18 login_normalizer = function (login)
bsw@1656 19 return login:lower()
bsw@1656 20 end,
bsw@1656 21 login_filter_map = function (login)
bsw@1656 22 return "(sAMAccountName=" .. ldap.escape_filter(login) .. ")"
bsw@1656 23 end,
bsw@1656 24 login_map = function (ldap_entry)
bsw@1656 25 return ldap_entry.sAMAccountName[1]
bsw@1656 26 end,
bsw@1656 27 uid_filter_map = function (uid)
bsw@1656 28 return "(objectGUID=" .. uid .. ")"
bsw@1656 29 end,
bsw@1656 30 uid_map = function (ldap_entry)
bsw@1656 31 return str2hex(ldap_entry.objectGUID[1])
bsw@1656 32 end,
bsw@1656 33 allowed_map = function (ldap_entry)
bsw@1656 34 local allowed = false
bsw@1656 35 if ldap_entry.memberOf then
bsw@1656 36 for i, group in ipairs(ldap_entry.memberOf) do
bsw@1656 37 if group == "CN=LiquidFeedback User,CN=Users,DC=example,DC=org" then
bsw@1656 38 allowed = true
bsw@1656 39 end
bsw@1656 40 end
bsw@1656 41 end
bsw@1656 42 return allowed
bsw@1656 43 end,
bsw@1656 44 fetch_attr = { "sAMAccountName", "objectGUID", "givenName", "name", "displayName", "memberOf" },
bsw@1656 45 attr_map = function (ldap_entry, member)
bsw@1656 46 member.identification = ldap_entry.givenName[1] .. " " .. ldap_entry.name[1]
bsw@1656 47 member.name = ldap_entry.displayName[1]
bsw@1656 48 end,
bsw@1656 49 privilege_map = function (ldap_entry, member)
bsw@1656 50 local privileges = {}
bsw@1656 51 if ldap_entry.memberOf then
bsw@1656 52 for i, group in ipairs(ldap_entry.memberOf) do
bsw@1656 53 if group == "CN=LiquidFeedback User,CN=Users,DC=example,DC=org" then
bsw@1656 54 table.insert(privileges,
bsw@1656 55 { unit_id = 1, voting_right = true, polling_right = true }
bsw@1656 56 )
bsw@1656 57 end
bsw@1656 58 end
bsw@1656 59 end
bsw@1656 60 return privileges
bsw@1656 61 end,
bsw@1656 62 cache_passwords = true,
bsw@1656 63 locked_profile_fields = { name = true }
bsw@1656 64 }
bsw@1656 65 }
bsw@1656 66

Impressum / About Us