merged with wekan master @ v5.38

2025-12-16 23:40:13 +01:00 · 2021-07-20 13:33:42 +02:00 · 2021-07-20 13:33:42 +02:00 · cb418f5e23
commit cb418f5e23
parent fe7962e10a f7d6ac9401
743 changed files with 117634 additions and 43043 deletions
--- a/packages/wekan-ldap/server/ldap.js
+++ b/packages/wekan-ldap/server/ldap.js
@ -19,7 +19,7 @@ export default class LDAP {
      idle_timeout                       : this.constructor.settings_get('LDAP_IDLE_TIMEOUT'),
      encryption                         : this.constructor.settings_get('LDAP_ENCRYPTION'),
      ca_cert                            : this.constructor.settings_get('LDAP_CA_CERT'),
-      reject_unauthorized                : this.constructor.settings_get('LDAP_REJECT_UNAUTHORIZED') || false,
+      reject_unauthorized                : this.constructor.settings_get('LDAP_REJECT_UNAUTHORIZED') !== undefined ? this.constructor.settings_get('LDAP_REJECT_UNAUTHORIZED') : true,
      Authentication                     : this.constructor.settings_get('LDAP_AUTHENTIFICATION'),
      Authentication_UserDN              : this.constructor.settings_get('LDAP_AUTHENTIFICATION_USERDN'),
      Authentication_Password            : this.constructor.settings_get('LDAP_AUTHENTIFICATION_PASSWORD'),
@ -102,7 +102,7 @@ export default class LDAP {

    if (this.options.ca_cert && this.options.ca_cert !== '') {
      // Split CA cert into array of strings
-      const chainLines = this.constructor.settings_get('LDAP_CA_CERT').split('\n');
+      const chainLines = this.constructor.settings_get('LDAP_CA_CERT').replace(/\\n/g,'\n').split('\n');
      let cert         = [];
      const ca         = [];
      chainLines.forEach((line) => {
--- a/packages/wekan-ldap/server/loginHandler.js
+++ b/packages/wekan-ldap/server/loginHandler.js
@ -56,17 +56,17 @@ Accounts.registerLoginHandler('ldap', function(loginRequest) {
         throw new Error('User not Found');
       }

-       if (ldap.authSync(users[0].dn, loginRequest.ldapPass) === true) {
-         if (ldap.isUserInGroup(loginRequest.username, users[0])) {
-           ldapUser = users[0];
-         } else {
-           throw new Error('User not in a valid group');
-         }
-       } else {
-         log_info('Wrong password for', loginRequest.username);
-       }
-     }
+      if (ldap.isUserInGroup(loginRequest.username, users[0])) {
+        ldapUser = users[0];
+      } else {
+        throw new Error('User not in a valid group');
+      }

+      if (ldap.authSync(users[0].dn, loginRequest.ldapPass) !== true) {
+        ldapUser = null;
+        log_info('Wrong password for', loginRequest.username)
+      }
+     }

  } catch (error) {
     log_error(error);
--- a/packages/wekan-ldap/server/sync.js
+++ b/packages/wekan-ldap/server/sync.js
@ -247,6 +247,22 @@ export function syncUserData(user, ldapUser) {
    }
  }

+  if (LDAP.settings_get('LDAP_EMAIL_FIELD') !== '') {
+    const email = getLdapEmail(ldapUser);
+    log_debug('email=', email);
+
+    if (user && user._id && email !== '') {
+      log_info('Syncing user email:', email);
+      Meteor.users.update({
+        _id: user._id
+      }, {
+        $set: {
+          'emails.0.address': email,
+        }
+      });
+    }
+  }
+
 }

 export function addLdapUser(ldapUser, username, password) {