liquid_feedback_frontend
view config/_ldap.lua @ 1789:87878d24d7a8
Removed debug code
| author | bsw | 
|---|---|
| date | Wed Oct 20 15:47:25 2021 +0200 (2021-10-20) | 
| parents | 3fb752f4afcb | 
| children | 
 line source
     1 config.ldap = {
     2   hosts = {
     3     {
     4       { uri = "ldap://192.168.1.1", tls = true, timeout = 5 },
     5       { uri = "ldap://192.168.1.2", tls = true, timeout = 5 },
     6     },
     7     { uri = "ldap://192.168.1.3", tls = true, timeout = 5 },
     8   },
     9   base = "dc=example,dc=org",
    10   bind_as = { dn = "cn=admin,dc=example,dc=org", password = "secure" },
    11   member = {
    12     registration = "auto",
    13     scope = "subtree",
    14     login_normalizer = function (login)
    15       return login:lower()
    16     end,
    17     login_filter_map = function (login)
    18       return "(uid=" .. ldap.escape_filter(login) .. ")"
    19     end,
    20     login_map = function (ldap_entry)
    21       return ldap_entry.uid[1]
    22     end,
    23     uid_filter_map = function (uid)
    24       return "(uidNumber=" .. ldap.escape_filter(uid) .. ")"
    25     end,
    26     uid_map = function (ldap_entry)
    27       return ldap_entry.uidNumber[1]
    28     end,
    29     fetch_attr = { "uid", "uidNumber", "givenName", "sn", "displayName", "memberof" },
    30     attr_map = function (ldap_entry, member)
    31       member.identification = ldap_entry.givenName[1] .. " " .. ldap_entry.sn[1]
    32       member.name = ldap_entry.displayName[1]
    33     end,
    34     privilege_map = function (ldap_entry, member)
    35       local privileges
    36       if ldap_entry.dn:match("ou=people,dc=example,dc=org") then
    37         privileges = {
    38           { unit_id = 1, voting_right = true, polling_right = true },
    39           { unit_id = 2, voting_right = true, polling_right = false },
    40           { unit_id = 3, voting_right = false, polling_right = true }
    41         }
    42       elseif ldap_entry.dn:match("ou=employees,dc=example,dc=org$") then
    43         privileges = {
    44           { unit_id = 1, voting_right = false, polling_right = true },
    45           { unit_id = 2, voting_right = false, polling_right = true },
    46           { unit_id = 3, voting_right = true, polling_right = false }
    47         }
    48       elseif ldap_entry.dn:match("ou=member,dc=example,dc=org$") then
    49         privileges = {
    50           { unit_id = 1, voting_right = true, polling_right = false }
    51         }
    52       end
    53       return privileges
    54     end,
    55     cache_passwords = true,
    56     locked_profile_fields = { name = true }
    57   }
    58 }
