Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / webui-vue / 603cfbfcf872d1928d5614e06152d013c41cc6cc / . / src / store / modules / SecurityAndAccess / LdapStore.js
blob: a8114f75c301955ad2420eee0bd6310d74126e9c [file] [log] [blame]
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]1import api from '@/store/api';
2import i18n from '@/i18n';
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]3import { find } from 'lodash';
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]4
5const LdapStore = {
6 namespaced: true,
7 state: {
8 isServiceEnabled: null,
9 ldap: {
10 serviceEnabled: null,
11 serviceAddress: null,
12 bindDn: null,
13 baseDn: null,
14 userAttribute: null,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]15 groupsAttribute: null,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]16 roleGroups: [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]17 },
18 activeDirectory: {
19 serviceEnabled: null,
20 serviceAddress: null,
21 bindDn: null,
22 baseDn: null,
23 userAttribute: null,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]24 groupsAttribute: null,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]25 roleGroups: [],
26 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]27 },
28 getters: {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]29 isServiceEnabled: (state) => state.isServiceEnabled,
30 ldap: (state) => state.ldap,
31 activeDirectory: (state) => state.activeDirectory,
32 isActiveDirectoryEnabled: (state) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]33 return state.activeDirectory.serviceEnabled;
34 },
35 enabledRoleGroups: (state, getters) => {
36 const serviceType = getters.isActiveDirectoryEnabled
37 ? 'activeDirectory'
38 : 'ldap';
39 return state[serviceType].roleGroups;
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]40 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]41 },
42 mutations: {
43 setServiceEnabled: (state, serviceEnabled) =>
44 (state.isServiceEnabled = serviceEnabled),
45 setLdapProperties: (
46 state,
47 {
48 ServiceEnabled,
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]49 ServiceAddresses = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]50 Authentication = {},
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]51 LDAPService: {
52 SearchSettings: {
53 BaseDistinguishedNames = [],
54 UsernameAttribute,
55 GroupsAttribute,
56 } = {},
57 } = {},
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]58 RemoteRoleMapping = [],
Ed Tanous81323992024-02-27 11:26:24 -0800[diff] [blame]59 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]60 ) => {
61 state.ldap.serviceAddress = ServiceAddresses[0];
62 state.ldap.serviceEnabled = ServiceEnabled;
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]63 state.ldap.baseDn = BaseDistinguishedNames[0];
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]64 state.ldap.bindDn = Authentication.Username;
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]65 state.ldap.userAttribute = UsernameAttribute;
66 state.ldap.groupsAttribute = GroupsAttribute;
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]67 state.ldap.roleGroups = RemoteRoleMapping;
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]68 },
69 setActiveDirectoryProperties: (
70 state,
71 {
72 ServiceEnabled,
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]73 ServiceAddresses = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]74 Authentication = {},
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]75 LDAPService: {
76 SearchSettings: {
77 BaseDistinguishedNames = [],
78 UsernameAttribute,
79 GroupsAttribute,
80 } = {},
81 } = {},
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]82 RemoteRoleMapping = [],
Ed Tanous81323992024-02-27 11:26:24 -0800[diff] [blame]83 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]84 ) => {
85 state.activeDirectory.serviceEnabled = ServiceEnabled;
86 state.activeDirectory.serviceAddress = ServiceAddresses[0];
87 state.activeDirectory.bindDn = Authentication.Username;
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]88 state.activeDirectory.baseDn = BaseDistinguishedNames[0];
89 state.activeDirectory.userAttribute = UsernameAttribute;
90 state.activeDirectory.groupsAttribute = GroupsAttribute;
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]91 state.activeDirectory.roleGroups = RemoteRoleMapping;
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]92 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]93 },
94 actions: {
Yoshie Muranakae9a59c72020-04-30 12:16:30 -0700[diff] [blame]95 async getAccountSettings({ commit }) {
96 return await api
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]97 .get('/redfish/v1/AccountService')
98 .then(({ data: { LDAP = {}, ActiveDirectory = {} } }) => {
99 const ldapEnabled = LDAP.ServiceEnabled;
100 const activeDirectoryEnabled = ActiveDirectory.ServiceEnabled;
101
102 commit('setServiceEnabled', ldapEnabled || activeDirectoryEnabled);
103 commit('setLdapProperties', LDAP);
104 commit('setActiveDirectoryProperties', ActiveDirectory);
105 })
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]106 .catch((error) => console.log(error));
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]107 },
108 async saveLdapSettings({ state, dispatch }, properties) {
109 const data = { LDAP: properties };
110 if (state.activeDirectory.serviceEnabled) {
111 // Disable Active Directory service if enabled
112 await api.patch('/redfish/v1/AccountService', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]113 ActiveDirectory: { ServiceEnabled: false },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]114 });
115 }
116 return await api
117 .patch('/redfish/v1/AccountService', data)
118 .then(() => dispatch('getAccountSettings'))
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]119 .then(() => i18n.global.t('pageLdap.toast.successSaveLdapSettings'))
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]120 .catch((error) => {
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]121 console.log(error);
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]122 throw new Error(
123 i18n.global.t('pageLdap.toast.errorSaveLdapSettings'),
124 );
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]125 });
126 },
127 async saveActiveDirectorySettings({ state, dispatch }, properties) {
128 const data = { ActiveDirectory: properties };
129 if (state.ldap.serviceEnabled) {
130 // Disable LDAP service if enabled
131 await api.patch('/redfish/v1/AccountService', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]132 LDAP: { ServiceEnabled: false },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]133 });
134 }
135 return await api
136 .patch('/redfish/v1/AccountService', data)
137 .then(() => dispatch('getAccountSettings'))
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]138 .then(() =>
139 i18n.global.t('pageLdap.toast.successSaveActiveDirectorySettings'),
140 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]141 .catch((error) => {
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]142 console.log(error);
143 throw new Error(
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]144 i18n.global.t('pageLdap.toast.errorSaveActiveDirectorySettings'),
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]145 );
146 });
147 },
148 async saveAccountSettings(
149 { dispatch },
150 {
151 serviceEnabled,
152 serviceAddress,
153 activeDirectoryEnabled,
154 bindDn,
155 bindPassword,
156 baseDn,
157 userIdAttribute,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]158 groupIdAttribute,
Ed Tanous81323992024-02-27 11:26:24 -0800[diff] [blame]159 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]160 ) {
161 const data = {
162 ServiceEnabled: serviceEnabled,
163 ServiceAddresses: [serviceAddress],
164 Authentication: {
165 Username: bindDn,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]166 Password: bindPassword,
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]167 },
168 LDAPService: {
169 SearchSettings: {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]170 BaseDistinguishedNames: [baseDn],
171 },
172 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]173 };
174 if (groupIdAttribute)
175 data.LDAPService.SearchSettings.GroupsAttribute = groupIdAttribute;
176 if (userIdAttribute)
177 data.LDAPService.SearchSettings.UsernameAttribute = userIdAttribute;
178
179 if (activeDirectoryEnabled) {
180 return await dispatch('saveActiveDirectorySettings', data);
181 } else {
182 return await dispatch('saveLdapSettings', data);
183 }
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]184 },
185 async addNewRoleGroup(
186 { dispatch, getters },
Ed Tanous81323992024-02-27 11:26:24 -0800[diff] [blame]187 { groupName, groupPrivilege },
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]188 ) {
189 const data = {};
190 const enabledRoleGroups = getters['enabledRoleGroups'];
191 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
192 const RemoteRoleMapping = [
193 ...enabledRoleGroups,
194 {
195 LocalRole: groupPrivilege,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]196 RemoteGroup: groupName,
197 },
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]198 ];
199 if (isActiveDirectoryEnabled) {
200 data.ActiveDirectory = { RemoteRoleMapping };
201 } else {
202 data.LDAP = { RemoteRoleMapping };
203 }
204 return await api
205 .patch('/redfish/v1/AccountService', data)
206 .then(() => dispatch('getAccountSettings'))
207 .then(() =>
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]208 i18n.global.t('pageLdap.toast.successAddRoleGroup', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]209 groupName,
Ed Tanous81323992024-02-27 11:26:24 -0800[diff] [blame]210 }),
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]211 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]212 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]213 console.log(error);
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]214 throw new Error(i18n.global.t('pageLdap.toast.errorAddRoleGroup'));
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]215 });
216 },
217 async saveRoleGroup({ dispatch, getters }, { groupName, groupPrivilege }) {
218 const data = {};
219 const enabledRoleGroups = getters['enabledRoleGroups'];
220 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]221 const RemoteRoleMapping = enabledRoleGroups.map((group) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]222 if (group.RemoteGroup === groupName) {
223 return {
224 RemoteGroup: groupName,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]225 LocalRole: groupPrivilege,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]226 };
227 } else {
228 return {};
229 }
230 });
231 if (isActiveDirectoryEnabled) {
232 data.ActiveDirectory = { RemoteRoleMapping };
233 } else {
234 data.LDAP = { RemoteRoleMapping };
235 }
236 return await api
237 .patch('/redfish/v1/AccountService', data)
238 .then(() => dispatch('getAccountSettings'))
239 .then(() =>
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]240 i18n.global.t('pageLdap.toast.successSaveRoleGroup', { groupName }),
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]241 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]242 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]243 console.log(error);
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]244 throw new Error(i18n.global.t('pageLdap.toast.errorSaveRoleGroup'));
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]245 });
246 },
247 async deleteRoleGroup({ dispatch, getters }, { roleGroups = [] }) {
248 const data = {};
249 const enabledRoleGroups = getters['enabledRoleGroups'];
250 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]251 const RemoteRoleMapping = enabledRoleGroups.map((group) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]252 if (find(roleGroups, { groupName: group.RemoteGroup })) {
253 return null;
254 } else {
255 return {};
256 }
257 });
258 if (isActiveDirectoryEnabled) {
259 data.ActiveDirectory = { RemoteRoleMapping };
260 } else {
261 data.LDAP = { RemoteRoleMapping };
262 }
263 return await api
264 .patch('/redfish/v1/AccountService', data)
265 .then(() => dispatch('getAccountSettings'))
266 .then(() =>
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]267 i18n.global.t(
268 'pageLdap.toast.successDeleteRoleGroup',
269 roleGroups.length,
270 ),
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]271 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]272 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]273 console.log(error);
274 throw new Error(
Surya V603cfbf2024-07-11 15:19:46 +0530[diff] [blame^]275 i18n.global.t(
276 'pageLdap.toast.errorDeleteRoleGroup',
277 roleGroups.length,
278 ),
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]279 );
280 });
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]281 },
282 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]283};
284
285export default LdapStore;