UniqueSoft/wg-portal
2
0
Fork 0
mirror of https://github.com/h44z/wg-portal synced 2025-02-26 05:49:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ldap-sync: fix creation of only one user per LDAP sync

Browse Source 
Before this fix, a too early `return` statement terminated the
`updateLdapUsers()` function, whenever one not already existing user was
created. Therefore, in each LDAP sync a maximum of one new user could be
created (i.e., it took x LDAP sync cycles until x new LDAP users are
registered in wg-portal). Depending on the LDAP `sync_interval` this can
take a long time and produces unecessary long waiting times until users
are available in wg-portal.

Removing the early return statement, and move the remainder of the
function into an `else` statement, so that all new users can be
added in a single LDAP sync.

Also adding a debug statement to better trace the behavior.

Signed-off-by: klmmr <35450576+klmmr@users.noreply.github.com>
This commit is contained in:
klmmr 2025-02-22 10:24:48 +01:00
parent 67f076effe
commit 209b835389
1 changed files with 34 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
internal/app/users/user_manager.go
View File

@ -506,50 +506,49 @@ func (m Manager) updateLdapUsers(
tctx, cancel := context.WithTimeout(ctx, 30*time.Second) tctx, cancel := context.WithTimeout(ctx, 30*time.Second)
tctx = domain.SetUserInfo(tctx, domain.SystemAdminContextUserInfo()) tctx = domain.SetUserInfo(tctx, domain.SystemAdminContextUserInfo())
// create new user
if existingUser == nil { if existingUser == nil {
// create new user
logrus.Tracef("creating new user %s from provider %s...", user.Identifier, provider.ProviderName)
err := m.NewUser(tctx, user) err := m.NewUser(tctx, user)
if err != nil { if err != nil {
cancel() cancel()
return fmt.Errorf("create error for user id %s: %w", user.Identifier, err) return fmt.Errorf("create error for user id %s: %w", user.Identifier, err)
} }
cancel()
return nil
}
// update existing user
if provider.AutoReEnable && existingUser.DisabledReason == domain.DisabledReasonLdapMissing {
user.Disabled = nil
user.DisabledReason = ""
} else { } else {
user.Disabled = existingUser.Disabled // update existing user
user.DisabledReason = existingUser.DisabledReason if provider.AutoReEnable && existingUser.DisabledReason == domain.DisabledReasonLdapMissing {
} user.Disabled = nil
if existingUser.Source == domain.UserSourceLdap && userChangedInLdap(existingUser, user) { user.DisabledReason = ""
err := m.users.SaveUser(tctx, user.Identifier, func(u *domain.User) (*domain.User, error) { } else {
u.UpdatedAt = time.Now() user.Disabled = existingUser.Disabled
u.UpdatedBy = domain.CtxSystemLdapSyncer user.DisabledReason = existingUser.DisabledReason
u.Source = user.Source
u.ProviderName = user.ProviderName
u.Email = user.Email
u.Firstname = user.Firstname
u.Lastname = user.Lastname
u.Phone = user.Phone
u.Department = user.Department
u.IsAdmin = user.IsAdmin
u.Disabled = nil
u.DisabledReason = ""
return u, nil
})
if err != nil {
cancel()
return fmt.Errorf("update error for user id %s: %w", user.Identifier, err)
} }
if existingUser.Source == domain.UserSourceLdap && userChangedInLdap(existingUser, user) {
err := m.users.SaveUser(tctx, user.Identifier, func(u *domain.User) (*domain.User, error) {
u.UpdatedAt = time.Now()
u.UpdatedBy = domain.CtxSystemLdapSyncer
u.Source = user.Source
u.ProviderName = user.ProviderName
u.Email = user.Email
u.Firstname = user.Firstname
u.Lastname = user.Lastname
u.Phone = user.Phone
u.Department = user.Department
u.IsAdmin = user.IsAdmin
u.Disabled = nil
u.DisabledReason = ""
if existingUser.IsDisabled() && !user.IsDisabled() { return u, nil
m.bus.Publish(app.TopicUserEnabled, *user) })
if err != nil {
cancel()
return fmt.Errorf("update error for user id %s: %w", user.Identifier, err)
}
if existingUser.IsDisabled() && !user.IsDisabled() {
m.bus.Publish(app.TopicUserEnabled, *user)
}
} }
} }