Blame - src/store/modules/AccessControl/LdapStore.js - openbmc/webui-vue - Gitiles

blob: 780de38ed0a8246a7b3edc72dc48bc27174a1b4e [file] [log] [blame]

Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	1	import api from '@/store/api';
				2	import i18n from '@/i18n';
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	3	import { find } from 'lodash';
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	4
				5	const LdapStore = {
				6	namespaced: true,
				7	state: {
				8	isServiceEnabled: null,
				9	ldap: {
				10	serviceEnabled: null,
				11	serviceAddress: null,
				12	bindDn: null,
				13	baseDn: null,
				14	userAttribute: null,
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	15	groupsAttribute: null,
				16	roleGroups: []
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	17	},
				18	activeDirectory: {
				19	serviceEnabled: null,
				20	serviceAddress: null,
				21	bindDn: null,
				22	baseDn: null,
				23	userAttribute: null,
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	24	groupsAttribute: null,
				25	roleGroups: []
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	26	}
				27	},
				28	getters: {
				29	isServiceEnabled: state => state.isServiceEnabled,
				30	ldap: state => state.ldap,
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	31	activeDirectory: state => state.activeDirectory,
				32	isActiveDirectoryEnabled: state => {
				33	return state.activeDirectory.serviceEnabled;
				34	},
				35	enabledRoleGroups: (state, getters) => {
				36	const serviceType = getters.isActiveDirectoryEnabled
				37	? 'activeDirectory'
				38	: 'ldap';
				39	return state[serviceType].roleGroups;
				40	}
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	41	},
				42	mutations: {
				43	setServiceEnabled: (state, serviceEnabled) =>
				44	(state.isServiceEnabled = serviceEnabled),
				45	setLdapProperties: (
				46	state,
				47	{
				48	ServiceEnabled,
				49	ServiceAddresses,
				50	Authentication = {},
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	51	LDAPService: { SearchSettings = {} } = {},
				52	RemoteRoleMapping = []
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	53	}
				54	) => {
				55	state.ldap.serviceAddress = ServiceAddresses[0];
				56	state.ldap.serviceEnabled = ServiceEnabled;
				57	state.ldap.baseDn = SearchSettings.BaseDistinguishedNames[0];
				58	state.ldap.bindDn = Authentication.Username;
				59	state.ldap.userAttribute = SearchSettings.UsernameAttribute;
				60	state.ldap.groupsAttribute = SearchSettings.GroupsAttribute;
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	61	state.ldap.roleGroups = RemoteRoleMapping;
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	62	},
				63	setActiveDirectoryProperties: (
				64	state,
				65	{
				66	ServiceEnabled,
				67	ServiceAddresses,
				68	Authentication = {},
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	69	LDAPService: { SearchSettings = {} } = {},
				70	RemoteRoleMapping = []
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	71	}
				72	) => {
				73	state.activeDirectory.serviceEnabled = ServiceEnabled;
				74	state.activeDirectory.serviceAddress = ServiceAddresses[0];
				75	state.activeDirectory.bindDn = Authentication.Username;
				76	state.activeDirectory.baseDn = SearchSettings.BaseDistinguishedNames[0];
				77	state.activeDirectory.userAttribute = SearchSettings.UsernameAttribute;
				78	state.activeDirectory.groupsAttribute = SearchSettings.GroupsAttribute;
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	79	state.activeDirectory.roleGroups = RemoteRoleMapping;
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	80	}
				81	},
				82	actions: {
Yoshie Muranaka	e9a59c7	2020-04-30 12:16:30 -0700	[diff] [blame]	83	async getAccountSettings({ commit }) {
				84	return await api
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	85	.get('/redfish/v1/AccountService')
				86	.then(({ data: { LDAP = {}, ActiveDirectory = {} } }) => {
				87	const ldapEnabled = LDAP.ServiceEnabled;
				88	const activeDirectoryEnabled = ActiveDirectory.ServiceEnabled;
				89
				90	commit('setServiceEnabled', ldapEnabled \|\| activeDirectoryEnabled);
				91	commit('setLdapProperties', LDAP);
				92	commit('setActiveDirectoryProperties', ActiveDirectory);
				93	})
				94	.catch(error => console.log(error));
				95	},
				96	async saveLdapSettings({ state, dispatch }, properties) {
				97	const data = { LDAP: properties };
				98	if (state.activeDirectory.serviceEnabled) {
				99	// Disable Active Directory service if enabled
				100	await api.patch('/redfish/v1/AccountService', {
				101	ActiveDirectory: { ServiceEnabled: false }
				102	});
				103	}
				104	return await api
				105	.patch('/redfish/v1/AccountService', data)
				106	.then(() => dispatch('getAccountSettings'))
				107	.then(() => i18n.t('pageLdap.toast.successSaveLdapSettings'))
				108	.catch(error => {
				109	console.log(error);
				110	throw new Error(i18n.t('pageLdap.toast.errorSaveLdapSettings'));
				111	});
				112	},
				113	async saveActiveDirectorySettings({ state, dispatch }, properties) {
				114	const data = { ActiveDirectory: properties };
				115	if (state.ldap.serviceEnabled) {
				116	// Disable LDAP service if enabled
				117	await api.patch('/redfish/v1/AccountService', {
				118	LDAP: { ServiceEnabled: false }
				119	});
				120	}
				121	return await api
				122	.patch('/redfish/v1/AccountService', data)
				123	.then(() => dispatch('getAccountSettings'))
				124	.then(() => i18n.t('pageLdap.toast.successSaveActiveDirectorySettings'))
				125	.catch(error => {
				126	console.log(error);
				127	throw new Error(
				128	i18n.t('pageLdap.toast.errorSaveActiveDirectorySettings')
				129	);
				130	});
				131	},
				132	async saveAccountSettings(
				133	{ dispatch },
				134	{
				135	serviceEnabled,
				136	serviceAddress,
				137	activeDirectoryEnabled,
				138	bindDn,
				139	bindPassword,
				140	baseDn,
				141	userIdAttribute,
				142	groupIdAttribute
				143	}
				144	) {
				145	const data = {
				146	ServiceEnabled: serviceEnabled,
				147	ServiceAddresses: [serviceAddress],
				148	Authentication: {
				149	Username: bindDn,
				150	Password: bindPassword
				151	},
				152	LDAPService: {
				153	SearchSettings: {
				154	BaseDistinguishedNames: [baseDn]
				155	}
				156	}
				157	};
				158	if (groupIdAttribute)
				159	data.LDAPService.SearchSettings.GroupsAttribute = groupIdAttribute;
				160	if (userIdAttribute)
				161	data.LDAPService.SearchSettings.UsernameAttribute = userIdAttribute;
				162
				163	if (activeDirectoryEnabled) {
				164	return await dispatch('saveActiveDirectorySettings', data);
				165	} else {
				166	return await dispatch('saveLdapSettings', data);
				167	}
Yoshie Muranaka	dc3d541	2020-04-17 09:39:41 -0700	[diff] [blame]	168	},
				169	async addNewRoleGroup(
				170	{ dispatch, getters },
				171	{ groupName, groupPrivilege }
				172	) {
				173	const data = {};
				174	const enabledRoleGroups = getters['enabledRoleGroups'];
				175	const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
				176	const RemoteRoleMapping = [
				177	...enabledRoleGroups,
				178	{
				179	LocalRole: groupPrivilege,
				180	RemoteGroup: groupName
				181	}
				182	];
				183	if (isActiveDirectoryEnabled) {
				184	data.ActiveDirectory = { RemoteRoleMapping };
				185	} else {
				186	data.LDAP = { RemoteRoleMapping };
				187	}
				188	return await api
				189	.patch('/redfish/v1/AccountService', data)
				190	.then(() => dispatch('getAccountSettings'))
				191	.then(() =>
				192	i18n.t('pageLdap.toast.successAddRoleGroup', {
				193	groupName
				194	})
				195	)
				196	.catch(error => {
				197	console.log(error);
				198	throw new Error(i18n.t('pageLdap.toast.errorAddRoleGroup'));
				199	});
				200	},
				201	async saveRoleGroup({ dispatch, getters }, { groupName, groupPrivilege }) {
				202	const data = {};
				203	const enabledRoleGroups = getters['enabledRoleGroups'];
				204	const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
				205	const RemoteRoleMapping = enabledRoleGroups.map(group => {
				206	if (group.RemoteGroup === groupName) {
				207	return {
				208	RemoteGroup: groupName,
				209	LocalRole: groupPrivilege
				210	};
				211	} else {
				212	return {};
				213	}
				214	});
				215	if (isActiveDirectoryEnabled) {
				216	data.ActiveDirectory = { RemoteRoleMapping };
				217	} else {
				218	data.LDAP = { RemoteRoleMapping };
				219	}
				220	return await api
				221	.patch('/redfish/v1/AccountService', data)
				222	.then(() => dispatch('getAccountSettings'))
				223	.then(() =>
				224	i18n.t('pageLdap.toast.successSaveRoleGroup', { groupName })
				225	)
				226	.catch(error => {
				227	console.log(error);
				228	throw new Error(i18n.t('pageLdap.toast.errorSaveRoleGroup'));
				229	});
				230	},
				231	async deleteRoleGroup({ dispatch, getters }, { roleGroups = [] }) {
				232	const data = {};
				233	const enabledRoleGroups = getters['enabledRoleGroups'];
				234	const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
				235	const RemoteRoleMapping = enabledRoleGroups.map(group => {
				236	if (find(roleGroups, { groupName: group.RemoteGroup })) {
				237	return null;
				238	} else {
				239	return {};
				240	}
				241	});
				242	if (isActiveDirectoryEnabled) {
				243	data.ActiveDirectory = { RemoteRoleMapping };
				244	} else {
				245	data.LDAP = { RemoteRoleMapping };
				246	}
				247	return await api
				248	.patch('/redfish/v1/AccountService', data)
				249	.then(() => dispatch('getAccountSettings'))
				250	.then(() =>
				251	i18n.tc('pageLdap.toast.successDeleteRoleGroup', roleGroups.length)
				252	)
				253	.catch(error => {
				254	console.log(error);
				255	throw new Error(
				256	i18n.tc('pageLdap.toast.errorDeleteRoleGroup', roleGroups.length)
				257	);
				258	});
Yoshie Muranaka	c4e38ab	2020-04-09 12:41:27 -0700	[diff] [blame]	259	}
				260	}
				261	};
				262
				263	export default LdapStore;