aboutsummaryrefslogtreecommitdiff
path: root/invite.go
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-02-14 22:51:12 +0100
committerAlex Auvolat <alex@adnab.me>2020-02-14 22:51:12 +0100
commit193e28cf0086a4b4a1f6d562c42b7c22b6e34561 (patch)
tree300b6f3f79013c72b8177f4f99e0bc93b49da5e4 /invite.go
parentd78ce5309a2753693a4076697b101d2fb474822c (diff)
downloadguichet-193e28cf0086a4b4a1f6d562c42b7c22b6e34561.tar.gz
guichet-193e28cf0086a4b4a1f6d562c42b7c22b6e34561.zip
Remember who invited who
Diffstat (limited to 'invite.go')
-rw-r--r--invite.go29
1 files changed, 24 insertions, 5 deletions
diff --git a/invite.go b/invite.go
index cb83eb4..83e35a3 100644
--- a/invite.go
+++ b/invite.go
@@ -43,7 +43,7 @@ func handleInviteNewAccount(w http.ResponseWriter, r *http.Request) {
return
}
- handleNewAccount(w, r, login.conn)
+ handleNewAccount(w, r, login.conn, login.Info.DN)
}
// New account creation using code
@@ -65,7 +65,25 @@ func handleInvitationCode(w http.ResponseWriter, r *http.Request) {
return
}
- if handleNewAccount(w, r, l) {
+ sReq := ldap.NewSearchRequest(
+ inviteDn,
+ ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false,
+ fmt.Sprintf("(objectclass=*)"),
+ []string{"dn", "creatorsname"},
+ nil)
+ sr, err := l.Search(sReq)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+ if len(sr.Entries) != 1 {
+ http.Error(w, fmt.Sprintf("Expected 1 entry, got %d", len(sr.Entries)), http.StatusInternalServerError)
+ return
+ }
+
+ invitedBy := sr.Entries[0].GetAttributeValue("creatorsname")
+
+ if handleNewAccount(w, r, l, invitedBy) {
del_req := ldap.NewDelRequest(inviteDn, nil)
err = l.Del(del_req)
if err != nil {
@@ -91,7 +109,7 @@ type NewAccountData struct {
Success bool
}
-func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn) bool {
+func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn, invitedBy string) bool {
templateInviteNewAccount := template.Must(template.ParseFiles("templates/layout.html", "templates/invite_new_account.html"))
data := &NewAccountData{}
@@ -107,14 +125,14 @@ func handleNewAccount(w http.ResponseWriter, r *http.Request, l *ldap.Conn) bool
password1 := strings.Join(r.Form["password"], "")
password2 := strings.Join(r.Form["password2"], "")
- tryCreateAccount(l, data, password1, password2)
+ tryCreateAccount(l, data, password1, password2, invitedBy)
}
templateInviteNewAccount.Execute(w, data)
return data.Success
}
-func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 string) {
+func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 string, invitedBy string) {
// Check if username is correct
if match, err := regexp.MatchString("^[a-zA-Z0-9._-]+$", data.Username); !(err == nil && match) {
data.ErrorInvalidUsername = true
@@ -156,6 +174,7 @@ func tryCreateAccount(l *ldap.Conn, data *NewAccountData, pass1 string, pass2 st
req.Attribute("objectclass", []string{"inetOrgPerson", "organizationalPerson", "person", "top"})
req.Attribute("structuralobjectclass", []string{"inetOrgPerson"})
req.Attribute("userpassword", []string{SSHAEncode([]byte(pass1))})
+ req.Attribute("invitedby", []string{invitedBy})
if len(data.DisplayName) > 0 {
req.Attribute("displayname", []string{data.DisplayName})
}