rev |
line source |
bsw@1071
|
1 -- Update member privileges from LDAP
|
bsw@1071
|
2 -- --------------------------------------------------------------------------
|
bsw@1071
|
3 --
|
bsw@1071
|
4 -- arguments:
|
bsw@1071
|
5 -- member: the member for which the privileges should be updated
|
bsw@1071
|
6 -- ldap_entry: the ldap entry to be used for updating the privileges
|
bsw@1071
|
7 --
|
bsw@1071
|
8 -- returns:
|
bsw@1071
|
9 -- err: an error code, if an error occured (string)
|
bsw@1071
|
10 -- err2: Error dependent extra error information
|
bsw@1071
|
11
|
bsw@1071
|
12 function ldap.update_member_privileges(member, ldap_entry)
|
bsw@1071
|
13
|
bsw@1071
|
14 local privileges, err = config.ldap.member.privilege_map(ldap_entry, member)
|
bsw@1071
|
15
|
bsw@1071
|
16 if err then
|
bsw@1071
|
17 return false, "privilege_map_error", err
|
bsw@1071
|
18 end
|
bsw@1071
|
19
|
bsw@1071
|
20 local privileges_by_unit_id = {}
|
bsw@1071
|
21 for i, privilege in ipairs(privileges) do
|
bsw@1071
|
22 privileges_by_unit_id[privilege.unit_id] = privilege
|
bsw@1071
|
23 end
|
bsw@1071
|
24
|
bsw@1071
|
25 local current_privileges = Privilege:by_member_id(member.id)
|
bsw@1071
|
26 local current_privilege_ids = {}
|
bsw@1071
|
27
|
bsw@1071
|
28 for i, privilege in ipairs(current_privileges) do
|
bsw@1071
|
29 if privileges_by_unit_id[privilege.unit_id] then
|
bsw@1071
|
30 current_privilege_ids[privilege.unit_id] = privilege
|
bsw@1071
|
31 else
|
bsw@1071
|
32 privilege:destroy()
|
bsw@1071
|
33 end
|
bsw@1071
|
34 end
|
bsw@1071
|
35
|
bsw@1071
|
36 for i, privilege in ipairs(privileges) do
|
bsw@1071
|
37 local current_privilege = current_privilege_ids[privilege.unit_id]
|
bsw@1071
|
38 if not current_privilege then
|
bsw@1071
|
39 current_privilege = Privilege:new()
|
bsw@1071
|
40 current_privilege.member_id = member.id
|
bsw@1071
|
41 current_privileges[#current_privileges+1] = current_privilege
|
bsw@1071
|
42 end
|
bsw@1071
|
43 for key, val in pairs(privilege) do
|
bsw@1071
|
44 current_privilege[key] = val
|
bsw@1071
|
45 end
|
bsw@1071
|
46 end
|
bsw@1071
|
47
|
bsw@1071
|
48 for i, privilege in ipairs(current_privileges) do
|
bsw@1071
|
49 local err = privilege:try_save()
|
bsw@1071
|
50 if err then
|
bsw@1071
|
51 return false, "privilege_save_error", err
|
bsw@1071
|
52 end
|
bsw@1071
|
53 end
|
bsw@1071
|
54
|
bsw@1071
|
55 return true
|
bsw@1071
|
56 end
|