Ohm-Management - Projektarbeit B-ME

inmemory.js 4.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199
  1. var ldap = require('../lib/index');
  2. ///--- Shared handlers
  3. function authorize(req, res, next) {
  4. /* Any user may search after bind, only cn=root has full power */
  5. var isSearch = (req instanceof ldap.SearchRequest);
  6. if (!req.connection.ldap.bindDN.equals('cn=root') && !isSearch)
  7. return next(new ldap.InsufficientAccessRightsError());
  8. return next();
  9. }
  10. ///--- Globals
  11. var SUFFIX = 'o=smartdc';
  12. var db = {};
  13. var server = ldap.createServer();
  14. server.bind('cn=root', function (req, res, next) {
  15. if (req.dn.toString() !== 'cn=root' || req.credentials !== 'secret')
  16. return next(new ldap.InvalidCredentialsError());
  17. res.end();
  18. return next();
  19. });
  20. server.add(SUFFIX, authorize, function (req, res, next) {
  21. var dn = req.dn.toString();
  22. if (db[dn])
  23. return next(new ldap.EntryAlreadyExistsError(dn));
  24. db[dn] = req.toObject().attributes;
  25. res.end();
  26. return next();
  27. });
  28. server.bind(SUFFIX, function (req, res, next) {
  29. var dn = req.dn.toString();
  30. if (!db[dn])
  31. return next(new ldap.NoSuchObjectError(dn));
  32. if (!db[dn].userpassword)
  33. return next(new ldap.NoSuchAttributeError('userPassword'));
  34. if (db[dn].userpassword.indexOf(req.credentials) === -1)
  35. return next(new ldap.InvalidCredentialsError());
  36. res.end();
  37. return next();
  38. });
  39. server.compare(SUFFIX, authorize, function (req, res, next) {
  40. var dn = req.dn.toString();
  41. if (!db[dn])
  42. return next(new ldap.NoSuchObjectError(dn));
  43. if (!db[dn][req.attribute])
  44. return next(new ldap.NoSuchAttributeError(req.attribute));
  45. var matches = false;
  46. var vals = db[dn][req.attribute];
  47. for (var i = 0; i < vals.length; i++) {
  48. if (vals[i] === req.value) {
  49. matches = true;
  50. break;
  51. }
  52. }
  53. res.end(matches);
  54. return next();
  55. });
  56. server.del(SUFFIX, authorize, function (req, res, next) {
  57. var dn = req.dn.toString();
  58. if (!db[dn])
  59. return next(new ldap.NoSuchObjectError(dn));
  60. delete db[dn];
  61. res.end();
  62. return next();
  63. });
  64. server.modify(SUFFIX, authorize, function (req, res, next) {
  65. var dn = req.dn.toString();
  66. if (!req.changes.length)
  67. return next(new ldap.ProtocolError('changes required'));
  68. if (!db[dn])
  69. return next(new ldap.NoSuchObjectError(dn));
  70. var entry = db[dn];
  71. for (var i = 0; i < req.changes.length; i++) {
  72. mod = req.changes[i].modification;
  73. switch (req.changes[i].operation) {
  74. case 'replace':
  75. if (!entry[mod.type])
  76. return next(new ldap.NoSuchAttributeError(mod.type));
  77. if (!mod.vals || !mod.vals.length) {
  78. delete entry[mod.type];
  79. } else {
  80. entry[mod.type] = mod.vals;
  81. }
  82. break;
  83. case 'add':
  84. if (!entry[mod.type]) {
  85. entry[mod.type] = mod.vals;
  86. } else {
  87. mod.vals.forEach(function (v) {
  88. if (entry[mod.type].indexOf(v) === -1)
  89. entry[mod.type].push(v);
  90. });
  91. }
  92. break;
  93. case 'delete':
  94. if (!entry[mod.type])
  95. return next(new ldap.NoSuchAttributeError(mod.type));
  96. delete entry[mod.type];
  97. break;
  98. }
  99. }
  100. res.end();
  101. return next();
  102. });
  103. server.search(SUFFIX, authorize, function (req, res, next) {
  104. var dn = req.dn.toString();
  105. if (!db[dn])
  106. return next(new ldap.NoSuchObjectError(dn));
  107. var scopeCheck;
  108. switch (req.scope) {
  109. case 'base':
  110. if (req.filter.matches(db[dn])) {
  111. res.send({
  112. dn: dn,
  113. attributes: db[dn]
  114. });
  115. }
  116. res.end();
  117. return next();
  118. case 'one':
  119. scopeCheck = function (k) {
  120. if (req.dn.equals(k))
  121. return true;
  122. var parent = ldap.parseDN(k).parent();
  123. return (parent ? parent.equals(req.dn) : false);
  124. };
  125. break;
  126. case 'sub':
  127. scopeCheck = function (k) {
  128. return (req.dn.equals(k) || req.dn.parentOf(k));
  129. };
  130. break;
  131. }
  132. Object.keys(db).forEach(function (key) {
  133. if (!scopeCheck(key))
  134. return;
  135. if (req.filter.matches(db[key])) {
  136. res.send({
  137. dn: key,
  138. attributes: db[key]
  139. });
  140. }
  141. });
  142. res.end();
  143. return next();
  144. });
  145. ///--- Fire it up
  146. server.listen(1389, function () {
  147. console.log('LDAP server up at: %s', server.url);
  148. });