Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / webui-vue / 6641cc489d053d6978868b94ddfb3dc93fd96dde / . / src / store / modules / AccessControl / LdapStore.js
blob: 722384c129eceea5bb59a1527849fb5f4a93bb1d [file] [log] [blame]
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]1import api from '@/store/api';
2import i18n from '@/i18n';
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]3import { find } from 'lodash';
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]4
5const LdapStore = {
6 namespaced: true,
7 state: {
8 isServiceEnabled: null,
9 ldap: {
10 serviceEnabled: null,
11 serviceAddress: null,
12 bindDn: null,
13 baseDn: null,
14 userAttribute: null,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]15 groupsAttribute: null,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]16 roleGroups: [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]17 },
18 activeDirectory: {
19 serviceEnabled: null,
20 serviceAddress: null,
21 bindDn: null,
22 baseDn: null,
23 userAttribute: null,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]24 groupsAttribute: null,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]25 roleGroups: [],
26 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]27 },
28 getters: {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]29 isServiceEnabled: (state) => state.isServiceEnabled,
30 ldap: (state) => state.ldap,
31 activeDirectory: (state) => state.activeDirectory,
32 isActiveDirectoryEnabled: (state) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]33 return state.activeDirectory.serviceEnabled;
34 },
35 enabledRoleGroups: (state, getters) => {
36 const serviceType = getters.isActiveDirectoryEnabled
37 ? 'activeDirectory'
38 : 'ldap';
39 return state[serviceType].roleGroups;
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]40 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]41 },
42 mutations: {
43 setServiceEnabled: (state, serviceEnabled) =>
44 (state.isServiceEnabled = serviceEnabled),
45 setLdapProperties: (
46 state,
47 {
48 ServiceEnabled,
49 ServiceAddresses,
50 Authentication = {},
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]51 LDAPService: { SearchSettings = {} } = {},
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]52 RemoteRoleMapping = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]53 }
54 ) => {
55 state.ldap.serviceAddress = ServiceAddresses[0];
56 state.ldap.serviceEnabled = ServiceEnabled;
57 state.ldap.baseDn = SearchSettings.BaseDistinguishedNames[0];
58 state.ldap.bindDn = Authentication.Username;
59 state.ldap.userAttribute = SearchSettings.UsernameAttribute;
60 state.ldap.groupsAttribute = SearchSettings.GroupsAttribute;
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]61 state.ldap.roleGroups = RemoteRoleMapping;
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]62 },
63 setActiveDirectoryProperties: (
64 state,
65 {
66 ServiceEnabled,
67 ServiceAddresses,
68 Authentication = {},
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]69 LDAPService: { SearchSettings = {} } = {},
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]70 RemoteRoleMapping = [],
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]71 }
72 ) => {
73 state.activeDirectory.serviceEnabled = ServiceEnabled;
74 state.activeDirectory.serviceAddress = ServiceAddresses[0];
75 state.activeDirectory.bindDn = Authentication.Username;
76 state.activeDirectory.baseDn = SearchSettings.BaseDistinguishedNames[0];
77 state.activeDirectory.userAttribute = SearchSettings.UsernameAttribute;
78 state.activeDirectory.groupsAttribute = SearchSettings.GroupsAttribute;
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]79 state.activeDirectory.roleGroups = RemoteRoleMapping;
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]80 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]81 },
82 actions: {
Yoshie Muranakae9a59c72020-04-30 12:16:30 -0700[diff] [blame]83 async getAccountSettings({ commit }) {
84 return await api
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]85 .get('/redfish/v1/AccountService')
86 .then(({ data: { LDAP = {}, ActiveDirectory = {} } }) => {
87 const ldapEnabled = LDAP.ServiceEnabled;
88 const activeDirectoryEnabled = ActiveDirectory.ServiceEnabled;
89
90 commit('setServiceEnabled', ldapEnabled || activeDirectoryEnabled);
91 commit('setLdapProperties', LDAP);
92 commit('setActiveDirectoryProperties', ActiveDirectory);
93 })
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]94 .catch((error) => console.log(error));
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]95 },
96 async saveLdapSettings({ state, dispatch }, properties) {
97 const data = { LDAP: properties };
98 if (state.activeDirectory.serviceEnabled) {
99 // Disable Active Directory service if enabled
100 await api.patch('/redfish/v1/AccountService', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]101 ActiveDirectory: { ServiceEnabled: false },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]102 });
103 }
104 return await api
105 .patch('/redfish/v1/AccountService', data)
106 .then(() => dispatch('getAccountSettings'))
107 .then(() => i18n.t('pageLdap.toast.successSaveLdapSettings'))
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]108 .catch((error) => {
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]109 console.log(error);
110 throw new Error(i18n.t('pageLdap.toast.errorSaveLdapSettings'));
111 });
112 },
113 async saveActiveDirectorySettings({ state, dispatch }, properties) {
114 const data = { ActiveDirectory: properties };
115 if (state.ldap.serviceEnabled) {
116 // Disable LDAP service if enabled
117 await api.patch('/redfish/v1/AccountService', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]118 LDAP: { ServiceEnabled: false },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]119 });
120 }
121 return await api
122 .patch('/redfish/v1/AccountService', data)
123 .then(() => dispatch('getAccountSettings'))
124 .then(() => i18n.t('pageLdap.toast.successSaveActiveDirectorySettings'))
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]125 .catch((error) => {
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]126 console.log(error);
127 throw new Error(
128 i18n.t('pageLdap.toast.errorSaveActiveDirectorySettings')
129 );
130 });
131 },
132 async saveAccountSettings(
133 { dispatch },
134 {
135 serviceEnabled,
136 serviceAddress,
137 activeDirectoryEnabled,
138 bindDn,
139 bindPassword,
140 baseDn,
141 userIdAttribute,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]142 groupIdAttribute,
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]143 }
144 ) {
145 const data = {
146 ServiceEnabled: serviceEnabled,
147 ServiceAddresses: [serviceAddress],
148 Authentication: {
149 Username: bindDn,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]150 Password: bindPassword,
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]151 },
152 LDAPService: {
153 SearchSettings: {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]154 BaseDistinguishedNames: [baseDn],
155 },
156 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]157 };
158 if (groupIdAttribute)
159 data.LDAPService.SearchSettings.GroupsAttribute = groupIdAttribute;
160 if (userIdAttribute)
161 data.LDAPService.SearchSettings.UsernameAttribute = userIdAttribute;
162
163 if (activeDirectoryEnabled) {
164 return await dispatch('saveActiveDirectorySettings', data);
165 } else {
166 return await dispatch('saveLdapSettings', data);
167 }
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]168 },
169 async addNewRoleGroup(
170 { dispatch, getters },
171 { groupName, groupPrivilege }
172 ) {
173 const data = {};
174 const enabledRoleGroups = getters['enabledRoleGroups'];
175 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
176 const RemoteRoleMapping = [
177 ...enabledRoleGroups,
178 {
179 LocalRole: groupPrivilege,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]180 RemoteGroup: groupName,
181 },
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]182 ];
183 if (isActiveDirectoryEnabled) {
184 data.ActiveDirectory = { RemoteRoleMapping };
185 } else {
186 data.LDAP = { RemoteRoleMapping };
187 }
188 return await api
189 .patch('/redfish/v1/AccountService', data)
190 .then(() => dispatch('getAccountSettings'))
191 .then(() =>
192 i18n.t('pageLdap.toast.successAddRoleGroup', {
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]193 groupName,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]194 })
195 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]196 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]197 console.log(error);
198 throw new Error(i18n.t('pageLdap.toast.errorAddRoleGroup'));
199 });
200 },
201 async saveRoleGroup({ dispatch, getters }, { groupName, groupPrivilege }) {
202 const data = {};
203 const enabledRoleGroups = getters['enabledRoleGroups'];
204 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]205 const RemoteRoleMapping = enabledRoleGroups.map((group) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]206 if (group.RemoteGroup === groupName) {
207 return {
208 RemoteGroup: groupName,
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]209 LocalRole: groupPrivilege,
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]210 };
211 } else {
212 return {};
213 }
214 });
215 if (isActiveDirectoryEnabled) {
216 data.ActiveDirectory = { RemoteRoleMapping };
217 } else {
218 data.LDAP = { RemoteRoleMapping };
219 }
220 return await api
221 .patch('/redfish/v1/AccountService', data)
222 .then(() => dispatch('getAccountSettings'))
223 .then(() =>
224 i18n.t('pageLdap.toast.successSaveRoleGroup', { groupName })
225 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]226 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]227 console.log(error);
228 throw new Error(i18n.t('pageLdap.toast.errorSaveRoleGroup'));
229 });
230 },
231 async deleteRoleGroup({ dispatch, getters }, { roleGroups = [] }) {
232 const data = {};
233 const enabledRoleGroups = getters['enabledRoleGroups'];
234 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled'];
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]235 const RemoteRoleMapping = enabledRoleGroups.map((group) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]236 if (find(roleGroups, { groupName: group.RemoteGroup })) {
237 return null;
238 } else {
239 return {};
240 }
241 });
242 if (isActiveDirectoryEnabled) {
243 data.ActiveDirectory = { RemoteRoleMapping };
244 } else {
245 data.LDAP = { RemoteRoleMapping };
246 }
247 return await api
248 .patch('/redfish/v1/AccountService', data)
249 .then(() => dispatch('getAccountSettings'))
250 .then(() =>
251 i18n.tc('pageLdap.toast.successDeleteRoleGroup', roleGroups.length)
252 )
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]253 .catch((error) => {
Yoshie Muranakadc3d5412020-04-17 09:39:41 -0700[diff] [blame]254 console.log(error);
255 throw new Error(
256 i18n.tc('pageLdap.toast.errorDeleteRoleGroup', roleGroups.length)
257 );
258 });
Derick Montague602e98a2020-10-21 16:20:00 -0500[diff] [blame]259 },
260 },
Yoshie Muranakac4e38ab2020-04-09 12:41:27 -0700[diff] [blame]261};
262
263export default LdapStore;