| /** |
| * Controller for LDAP |
| * |
| * @module app/configuration |
| * @exports ldapController |
| * @name ldapController |
| */ |
| |
| window.angular && (function(angular) { |
| 'use strict'; |
| |
| angular.module('app.configuration').controller('ldapController', [ |
| '$scope', 'APIUtils', '$q', 'toastService', |
| function($scope, APIUtils, $q, toastService) { |
| $scope.loading = false; |
| $scope.isSecure = false; |
| $scope.ldapProperties = {}; |
| $scope.originalProperties = {}; |
| $scope.submitted = false; |
| $scope.roleGroups = []; |
| $scope.roleGroupType = ''; |
| $scope.clientCertificateExpires = ''; |
| |
| $scope.$on('$viewContentLoaded', function() { |
| $scope.loadLdap(); |
| }); |
| |
| $scope.loadLdap = function() { |
| $scope.loading = true; |
| $scope.submitted = false; |
| var getLdapProperties = |
| APIUtils.getAllUserAccountProperties() |
| .then(function(data) { |
| $scope.ldapProperties = { |
| 'ServiceEnabled': data.LDAP.ServiceEnabled ? |
| data.LDAP.ServiceEnabled : |
| data.ActiveDirectory.ServiceEnabled ? |
| data.ActiveDirectory.ServiceEnabled : |
| false, |
| 'LDAPServiceEnabled': data.LDAP.ServiceEnabled, |
| 'ADServiceEnabled': data.ActiveDirectory.ServiceEnabled, |
| 'EnabledServiceType': data.LDAP.ServiceEnabled ? |
| 'ldap' : |
| data.ActiveDirectory.ServiceEnabled ? 'ad' : '', |
| 'ServiceAddresses': data.LDAP.ServiceEnabled ? |
| data.LDAP.ServiceAddresses : |
| data.ActiveDirectory.ServiceEnabled ? |
| data.ActiveDirectory.ServiceAddresses : |
| [], |
| 'useSSL': $scope.isSSL( |
| data.LDAP.ServiceEnabled ? |
| data.LDAP.ServiceAddresses[0] : |
| data.ActiveDirectory.ServiceAddresses[0]), |
| 'Username': data.LDAP.ServiceEnabled ? |
| data.LDAP.Authentication.Username : |
| data.ActiveDirectory.ServiceEnabled ? |
| data.ActiveDirectory.Authentication.Username : |
| '', |
| 'BaseDistinguishedNames': data.LDAP.ServiceEnabled ? |
| data.LDAP.LDAPService.SearchSettings |
| .BaseDistinguishedNames : |
| data.ActiveDirectory.ServiceEnabled ? |
| data.ActiveDirectory.LDAPService.SearchSettings |
| .BaseDistinguishedNames : |
| [], |
| 'GroupsAttribute': data.LDAP.ServiceEnabled ? |
| data.LDAP.LDAPService.SearchSettings.GroupsAttribute : |
| data.ActiveDirectory.ServiceEnabled ? |
| data.ActiveDirectory.LDAPService.SearchSettings |
| .GroupsAttribute : |
| '', |
| 'UsernameAttribute': data.LDAP.ServiceEnabled ? |
| data.LDAP.LDAPService.SearchSettings.UsernameAttribute : |
| data.ActiveDirectory.ServiceEnabled ? |
| data.ActiveDirectory.LDAPService.SearchSettings |
| .UsernameAttribute : |
| '', |
| 'AuthenticationType': data.LDAP.ServiceEnabled ? |
| data.LDAP.Authentication.AuthenticationType : |
| data.ActiveDirectory.Authentication.AuthenticationType, |
| }; |
| |
| $scope.roleGroupType = |
| $scope.ldapProperties.EnabledServiceType; |
| |
| if ($scope.ldapProperties.ServiceEnabled) { |
| if ($scope.ldapProperties.LDAPServiceEnabled) { |
| $scope.roleGroups = data.LDAP.RemoteRoleMapping; |
| } else if ($scope.ldapProperties.ADServiceEnabled) { |
| $scope.roleGroups = |
| data.ActiveDirectory.RemoteRoleMapping; |
| } |
| } |
| }) |
| .catch(function(error) { |
| console.log(JSON.stringify(error)); |
| }); |
| var getClientCertificate = |
| APIUtils |
| .getCertificate('/redfish/v1/AccountService/LDAP/Certificates') |
| .then(function(data) { |
| if (data.Members) { |
| var certificate = data.Members[0]; |
| APIUtils.getCertificate(certificate['@odata.id']) |
| .then( |
| function(data) { |
| $scope.clientCertificateExpires = |
| data.ValidNotAfter; |
| }, |
| function(error) { |
| console.log(JSON.stringify(error)); |
| }) |
| } |
| }) |
| .catch(function(error) { |
| console.log(JSON.stringify(error)); |
| }); |
| |
| var promises = [getLdapProperties, getClientCertificate]; |
| $q.all(promises).finally(function() { |
| $scope.loading = false; |
| }); |
| }; |
| |
| $scope.saveLdapSettings = function() { |
| for (var i in $scope.ldapProperties.ServiceAddresses) { |
| if ($scope.ldapProperties.useSSL !== |
| $scope.isSSL($scope.ldapProperties.ServiceAddresses[i])) { |
| toastService.error( |
| 'Server URI ' + $scope.ldapProperties.ServiceAddresses[i] + |
| ' must begin with ' + |
| ($scope.ldapProperties.useSSL ? 'ldaps:// ' : 'ldap:// ') + |
| 'when SSL is ' + |
| ($scope.ldapProperties.useSSL ? 'configured. ' : |
| 'not configured.')); |
| } |
| } |
| |
| // Default LDAP and AD Attributes |
| let LDAP = {}; |
| |
| let ActiveDirectory = {}; |
| |
| // Data to pass to request |
| let data = {}; |
| data.LDAP = LDAP; |
| data.ActiveDirectory = ActiveDirectory; |
| |
| // Values to update the service type object |
| let Authentication = {}; |
| Authentication.Username = $scope.ldapProperties.Username; |
| Authentication.Password = $scope.ldapProperties.Password; |
| Authentication.AuthenticationType = |
| $scope.ldapProperties.AuthenticationType; |
| |
| let LDAPService = {}; |
| LDAPService.SearchSettings = {}; |
| LDAPService.SearchSettings.BaseDistinguishedNames = |
| $scope.ldapProperties.BaseDistinguishedNames; |
| LDAPService.SearchSettings.GroupsAttribute = |
| $scope.ldapProperties.GroupsAttribute; |
| LDAPService.SearchSettings.UsernameAttribute = |
| $scope.ldapProperties.UsernameAttribute; |
| |
| let ServiceAddresses = $scope.ldapProperties.ServiceAddresses; |
| if ($scope.ldapProperties.EnabledServiceType == 'ldap') { |
| ActiveDirectory.ServiceEnabled = false; |
| LDAP.ServiceEnabled = true; |
| LDAP.Authentication = Authentication; |
| LDAP.LDAPService = LDAPService; |
| LDAP.ServiceAddresses = ServiceAddresses; |
| } else if ($scope.ldapProperties.EnabledServiceType == 'ad') { |
| ActiveDirectory.ServiceEnabled = true; |
| LDAP.ServiceEnabled = false; |
| ActiveDirectory.Authentication = Authentication; |
| ActiveDirectory.LDAPService = LDAPService; |
| ActiveDirectory.ServiceAddresses = ServiceAddresses; |
| } |
| |
| APIUtils.saveLdapProperties(data).then( |
| function(response) { |
| if (!response.data.hasOwnProperty('error')) { |
| toastService.success('Successfully updated LDAP settings.'); |
| $scope.loadLdap(); |
| } else { |
| toastService.error('Unable to update LDAP settings.'); |
| console.log(JSON.stringify(response.data.error.message)); |
| } |
| }, |
| function(error) { |
| toastService.error('Unable to update LDAP settings.'); |
| console.log(JSON.stringify(error)); |
| }); |
| }; |
| |
| $scope.isSSL = function(uri) { |
| return uri.startsWith('ldaps://'); |
| }; |
| $scope.updateServiceEnabled = function() { |
| if (!$scope.ldapProperties.ServiceEnabled) { |
| $scope.ldapProperties.EnabledServiceType = ''; |
| let data = {}; |
| let LDAP = {}; |
| data.LDAP = LDAP; |
| LDAP.ServiceEnabled = false; |
| let ActiveDirectory = {}; |
| data.ActiveDirectory = ActiveDirectory; |
| ActiveDirectory.ServiceEnabled = false; |
| |
| APIUtils.saveLdapProperties(data).then( |
| function(response) { |
| toastService.success('Successfully disabled LDAP.'); |
| $scope.roleGroups = []; |
| $scope.loadLdap(); |
| }, |
| function(error) { |
| toastService.error('Unable to disable LDAP.'); |
| console.log(JSON.stringify(error)); |
| }); |
| } |
| } |
| } |
| ]); |
| })(angular); |