Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / webui-vue / c000265df8ad027b36d13c6f9dcbd6f347533bcb / . / src / store / modules / SecurityAndAccess / LdapStore.js
blob: 5aa31c2d4ab7e33bf6dab3f505b2cc44699e760f [file] [log] [blame]
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]1import api from '@/store/api';
2import i18n from '@/i18n';
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]3import { find } from 'lodash';
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]4
5const LdapStore = {
6 namespaced: true,
7 state: {
8 isServiceEnabled: null,
9 ldap: {
10 serviceEnabled: null,
11 serviceAddress: null,
12 bindDn: null,
13 baseDn: null,
14 userAttribute: null,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]15 groupsAttribute: null,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]16 roleGroups: [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]17 },
18 activeDirectory: {
19 serviceEnabled: null,
20 serviceAddress: null,
21 bindDn: null,
22 baseDn: null,
23 userAttribute: null,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]24 groupsAttribute: null,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]25 roleGroups: [],
26 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]27 },
28 getters: {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]29 isServiceEnabled: (state) => state.isServiceEnabled,
30 ldap: (state) => state.ldap,
31 activeDirectory: (state) => state.activeDirectory,
32 isActiveDirectoryEnabled: (state) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]33 return state.activeDirectory.serviceEnabled;
34 },
35 enabledRoleGroups: (state, getters) => {
36 const serviceType = getters.isActiveDirectoryEnabled
37 ? 'activeDirectory'
38 : 'ldap';
39 return state[serviceType].roleGroups;
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]40 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]41 },
42 mutations: {
43 setServiceEnabled: (state, serviceEnabled) =>
44 (state.isServiceEnabled = serviceEnabled),
45 setLdapProperties: (
46 state,
47 {
48 ServiceEnabled,
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]49 ServiceAddresses = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]50 Authentication = {},
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]51 LDAPService: {
52 SearchSettings: {
53 BaseDistinguishedNames = [],
54 UsernameAttribute,
55 GroupsAttribute,
56 } = {},
57 } = {},
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]58 RemoteRoleMapping = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]59 }
60 ) => {
61 state.ldap.serviceAddress = ServiceAddresses[0];
62 state.ldap.serviceEnabled = ServiceEnabled;
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]63 state.ldap.baseDn = BaseDistinguishedNames[0];
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]64 state.ldap.bindDn = Authentication.Username;
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]65 state.ldap.userAttribute = UsernameAttribute;
66 state.ldap.groupsAttribute = GroupsAttribute;
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]67 state.ldap.roleGroups = RemoteRoleMapping;
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]68 },
69 setActiveDirectoryProperties: (
70 state,
71 {
72 ServiceEnabled,
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]73 ServiceAddresses = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]74 Authentication = {},
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]75 LDAPService: {
76 SearchSettings: {
77 BaseDistinguishedNames = [],
78 UsernameAttribute,
79 GroupsAttribute,
80 } = {},
81 } = {},
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]82 RemoteRoleMapping = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]83 }
84 ) => {
85 state.activeDirectory.serviceEnabled = ServiceEnabled;
86 state.activeDirectory.serviceAddress = ServiceAddresses[0];
87 state.activeDirectory.bindDn = Authentication.Username;
Sandeepa Singhd2422c42021-06-01 15:57:33 +0530[diff] [blame]88 state.activeDirectory.baseDn = BaseDistinguishedNames[0];
89 state.activeDirectory.userAttribute = UsernameAttribute;
90 state.activeDirectory.groupsAttribute = GroupsAttribute;
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]91 state.activeDirectory.roleGroups = RemoteRoleMapping;
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]92 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]93 },
94 actions: {
Yoshie Muranakae9a59c72020-04-30 12:16:30 -0700[diff] [blame]95 async getAccountSettings({ commit }) {
96 return await api
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]97 .get('/redfish/v1/AccountService')
98 .then(({ data: { LDAP = {}, ActiveDirectory = {} } }) => {
99 const ldapEnabled = LDAP.ServiceEnabled;
100 const activeDirectoryEnabled = ActiveDirectory.ServiceEnabled;
101
102 commit('setServiceEnabled', ldapEnabled || activeDirectoryEnabled);
103 commit('setLdapProperties', LDAP);
104 commit('setActiveDirectoryProperties', ActiveDirectory);
105 })
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]106 .catch((error) => console.log(error));
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]107 },
108 async saveLdapSettings({ state, dispatch }, properties) {
109 const data = { LDAP: properties };
110 if (state.activeDirectory.serviceEnabled) {
111 // Disable Active Directory service if enabled
112 await api.patch('/redfish/v1/AccountService', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]113 ActiveDirectory: { ServiceEnabled: false },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]114 });
115 }
116 return await api
117 .patch('/redfish/v1/AccountService', data)
118 .then(() => dispatch('getAccountSettings'))
119 .then(() => i18n.t('pageLdap.toast.successSaveLdapSettings'))
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]120 .catch((error) => {
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]121 console.log(error);
122 throw new Error(i18n.t('pageLdap.toast.errorSaveLdapSettings'));
123 });
124 },
125 async saveActiveDirectorySettings({ state, dispatch }, properties) {
126 const data = { ActiveDirectory: properties };
127 if (state.ldap.serviceEnabled) {
128 // Disable LDAP service if enabled
129 await api.patch('/redfish/v1/AccountService', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]130 LDAP: { ServiceEnabled: false },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]131 });
132 }
133 return await api
134 .patch('/redfish/v1/AccountService', data)
135 .then(() => dispatch('getAccountSettings'))
136 .then(() => i18n.t('pageLdap.toast.successSaveActiveDirectorySettings'))
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]137 .catch((error) => {
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]138 console.log(error);
139 throw new Error(
140 i18n.t('pageLdap.toast.errorSaveActiveDirectorySettings')
141 );
142 });
143 },
144 async saveAccountSettings(
145 { dispatch },
146 {
147 serviceEnabled,
148 serviceAddress,
149 activeDirectoryEnabled,
150 bindDn,
151 bindPassword,
152 baseDn,
153 userIdAttribute,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]154 groupIdAttribute,
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]155 }
156 ) {
157 const data = {
158 ServiceEnabled: serviceEnabled,
159 ServiceAddresses: [serviceAddress],
160 Authentication: {
161 Username: bindDn,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]162 Password: bindPassword,
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]163 },
164 LDAPService: {
165 SearchSettings: {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]166 BaseDistinguishedNames: [baseDn],
167 },
168 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]169 };
170 if (groupIdAttribute)
171 data.LDAPService.SearchSettings.GroupsAttribute = groupIdAttribute;
172 if (userIdAttribute)
173 data.LDAPService.SearchSettings.UsernameAttribute = userIdAttribute;
174
175 if (activeDirectoryEnabled) {
176 return await dispatch('saveActiveDirectorySettings', data);
177 } else {
178 return await dispatch('saveLdapSettings', data);
179 }
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]180 },
181 async addNewRoleGroup(
182 { dispatch, getters },
183 { groupName, groupPrivilege }
184 ) {
185 const data = {};
186 const enabledRoleGroups = getters['enabledRoleGroups'];
187 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
188 const RemoteRoleMapping = [
189 ...enabledRoleGroups,
190 {
191 LocalRole: groupPrivilege,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]192 RemoteGroup: groupName,
193 },
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]194 ];
195 if (isActiveDirectoryEnabled) {
196 data.ActiveDirectory = { RemoteRoleMapping };
197 } else {
198 data.LDAP = { RemoteRoleMapping };
199 }
200 return await api
201 .patch('/redfish/v1/AccountService', data)
202 .then(() => dispatch('getAccountSettings'))
203 .then(() =>
204 i18n.t('pageLdap.toast.successAddRoleGroup', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]205 groupName,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]206 })
207 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]208 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]209 console.log(error);
210 throw new Error(i18n.t('pageLdap.toast.errorAddRoleGroup'));
211 });
212 },
213 async saveRoleGroup({ dispatch, getters }, { groupName, groupPrivilege }) {
214 const data = {};
215 const enabledRoleGroups = getters['enabledRoleGroups'];
216 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]217 const RemoteRoleMapping = enabledRoleGroups.map((group) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]218 if (group.RemoteGroup === groupName) {
219 return {
220 RemoteGroup: groupName,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]221 LocalRole: groupPrivilege,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]222 };
223 } else {
224 return {};
225 }
226 });
227 if (isActiveDirectoryEnabled) {
228 data.ActiveDirectory = { RemoteRoleMapping };
229 } else {
230 data.LDAP = { RemoteRoleMapping };
231 }
232 return await api
233 .patch('/redfish/v1/AccountService', data)
234 .then(() => dispatch('getAccountSettings'))
235 .then(() =>
236 i18n.t('pageLdap.toast.successSaveRoleGroup', { groupName })
237 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]238 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]239 console.log(error);
240 throw new Error(i18n.t('pageLdap.toast.errorSaveRoleGroup'));
241 });
242 },
243 async deleteRoleGroup({ dispatch, getters }, { roleGroups = [] }) {
244 const data = {};
245 const enabledRoleGroups = getters['enabledRoleGroups'];
246 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]247 const RemoteRoleMapping = enabledRoleGroups.map((group) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]248 if (find(roleGroups, { groupName: group.RemoteGroup })) {
249 return null;
250 } else {
251 return {};
252 }
253 });
254 if (isActiveDirectoryEnabled) {
255 data.ActiveDirectory = { RemoteRoleMapping };
256 } else {
257 data.LDAP = { RemoteRoleMapping };
258 }
259 return await api
260 .patch('/redfish/v1/AccountService', data)
261 .then(() => dispatch('getAccountSettings'))
262 .then(() =>
263 i18n.tc('pageLdap.toast.successDeleteRoleGroup', roleGroups.length)
264 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]265 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]266 console.log(error);
267 throw new Error(
268 i18n.tc('pageLdap.toast.errorDeleteRoleGroup', roleGroups.length)
269 );
270 });
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]271 },
272 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]273};
274
275export default LdapStore;