liquid_feedback_frontend

diff config/_ldap.lua @ 1656:3fb752f4afcb

find changesets by author, revision, files, or words in the commit message
Cleanup of configuration files
author bsw
date Sun Feb 14 12:46:39 2021 +0100 (2021-02-14)
parents
children
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/config/_ldap.lua	Sun Feb 14 12:46:39 2021 +0100
     1.3 @@ -0,0 +1,59 @@
     1.4 +config.ldap = {
     1.5 +  hosts = {
     1.6 +    {
     1.7 +      { uri = "ldap://192.168.1.1", tls = true, timeout = 5 },
     1.8 +      { uri = "ldap://192.168.1.2", tls = true, timeout = 5 },
     1.9 +    },
    1.10 +    { uri = "ldap://192.168.1.3", tls = true, timeout = 5 },
    1.11 +  },
    1.12 +  base = "dc=example,dc=org",
    1.13 +  bind_as = { dn = "cn=admin,dc=example,dc=org", password = "secure" },
    1.14 +  member = {
    1.15 +    registration = "auto",
    1.16 +    scope = "subtree",
    1.17 +    login_normalizer = function (login)
    1.18 +      return login:lower()
    1.19 +    end,
    1.20 +    login_filter_map = function (login)
    1.21 +      return "(uid=" .. ldap.escape_filter(login) .. ")"
    1.22 +    end,
    1.23 +    login_map = function (ldap_entry)
    1.24 +      return ldap_entry.uid[1]
    1.25 +    end,
    1.26 +    uid_filter_map = function (uid)
    1.27 +      return "(uidNumber=" .. ldap.escape_filter(uid) .. ")"
    1.28 +    end,
    1.29 +    uid_map = function (ldap_entry)
    1.30 +      return ldap_entry.uidNumber[1]
    1.31 +    end,
    1.32 +    fetch_attr = { "uid", "uidNumber", "givenName", "sn", "displayName", "memberof" },
    1.33 +    attr_map = function (ldap_entry, member)
    1.34 +      member.identification = ldap_entry.givenName[1] .. " " .. ldap_entry.sn[1]
    1.35 +      member.name = ldap_entry.displayName[1]
    1.36 +    end,
    1.37 +    privilege_map = function (ldap_entry, member)
    1.38 +      local privileges
    1.39 +      if ldap_entry.dn:match("ou=people,dc=example,dc=org") then
    1.40 +        privileges = {
    1.41 +          { unit_id = 1, voting_right = true, polling_right = true },
    1.42 +          { unit_id = 2, voting_right = true, polling_right = false },
    1.43 +          { unit_id = 3, voting_right = false, polling_right = true }
    1.44 +        }
    1.45 +      elseif ldap_entry.dn:match("ou=employees,dc=example,dc=org$") then
    1.46 +        privileges = {
    1.47 +          { unit_id = 1, voting_right = false, polling_right = true },
    1.48 +          { unit_id = 2, voting_right = false, polling_right = true },
    1.49 +          { unit_id = 3, voting_right = true, polling_right = false }
    1.50 +        }
    1.51 +      elseif ldap_entry.dn:match("ou=member,dc=example,dc=org$") then
    1.52 +        privileges = {
    1.53 +          { unit_id = 1, voting_right = true, polling_right = false }
    1.54 +        }
    1.55 +      end
    1.56 +      return privileges
    1.57 +    end,
    1.58 +    cache_passwords = true,
    1.59 +    locked_profile_fields = { name = true }
    1.60 +  }
    1.61 +}
    1.62 +

Impressum / About Us