upstream/mattermost
1
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2026-02-18 18:18:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Update ldap-check.sh (#31180)

Browse source 
Co-authored-by: Mattermost Build <build@mattermost.com>
This commit is contained in:
Wayne Wollesen 2025-10-07 05:31:48 -05:00 committed by GitHub
parent 71579a85a6
commit 6698a2cc84
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 47 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

80
server/scripts/ldap-check.sh
View file

@ -1,6 +1,12 @@
#!/bin/bash
./jq-dep-check.sh
jq_cmd=jq
[[ $(type -P "$jq_cmd") ]] || {
echo "'$jq_cmd' command line JSON processor not found";
echo "Please install on linux with 'sudo apt-get install jq'"
echo "Please install on mac with 'brew install jq'"
exit 1;
}
ldapsearch_cmd=ldapsearch
[[ $(type -P "$ldapsearch_cmd") ]] || {
@ -17,31 +23,28 @@ if [[ -z ${1} ]]; then
exit 1;
fi
echo "Looking for config.json"
find_config_file() {
local config_paths=("./config.json" "./config/config.json" "../config/config.json" "/opt/mattermost/config/config.json")
for path in "${config_paths[@]}"; do
if [[ -e "$path" ]]; then
echo "$path"
return 0
fi
done
return 1
}
config_file=
if [[ -e "./config.json" ]]; then
config_file="./config.json"
echo "Found config at $config_file";
fi
if [[ -z ${config_file} && -e "./config/config.json" ]]; then
config_file="./config/config.json"
echo "Found config at $config_file";
fi
if [[ -z ${config_file} && -e "../config/config.json" ]]; then
config_file="../config/config.json"
echo "Found config at $config_file";
fi
if [[ -z ${config_file} ]]; then
echo "We could not find config.json";
exit 1;
config_file=$(find_config_file)
if [[ $? -ne 0 ]]; then
echo "We could not find config.json"
exit 1
fi
LdapServer=`cat $config_file | jq -r .LdapSettings.LdapServer`
LdapPort=`cat $config_file | jq -r .LdapSettings.LdapPort`
ConnectionSecurity=`cat $config_file | jq -r .LdapSettings.ConnectionSecurity`
BindUsername=`cat $config_file | jq -r .LdapSettings.BindUsername`
BindPassword=`cat $config_file | jq -r .LdapSettings.BindPassword`
BaseDN=`cat $config_file | jq -r .LdapSettings.BaseDN`
@ -52,6 +55,17 @@ IdAttribute=`cat $config_file | jq -r .LdapSettings.IdAttribute`
GroupFilter=`cat $config_file | jq -r .LdapSettings.GroupFilter`
GroupIdAttribute=`cat $config_file | jq -r .LdapSettings.GroupIdAttribute`
if [[ -z ${ConnectionSecurity} || ${ConnectionSecurity} == "null" ]]; then
LdapUri="ldap://$LdapServer:$LdapPort"
StartTlsFlag=""
elif [[ ${ConnectionSecurity} == "STARTTLS" ]]; then
LdapUri="ldap://$LdapServer:$LdapPort"
StartTlsFlag="-ZZ"
else
LdapUri="ldaps://$LdapServer:$LdapPort"
StartTlsFlag=""
fi
if [[ -z ${UserFilter} ]]; then
UserFilter="($IdAttribute=$2)"
else
@ -64,20 +78,20 @@ else
GroupFilter="(&($GroupIdAttribute=$2)$GroupFilter)"
fi
run_ldap_search() {
local filter="$1"
local attributes="$2"
cmd_to_run="$ldapsearch_cmd -LLL -x $StartTlsFlag -H \"$LdapUri\" -D \"$BindUsername\" -w \"$BindPassword\" -b \"$BaseDN\" \"$filter\" $attributes"
echo $cmd_to_run
echo "-------------------------"
eval $cmd_to_run
}
if [[ $1 == '-u' ]]; then
cmd_to_run="$ldapsearch_cmd -LLL -x -h $LdapServer -p $LdapPort -D \"$BindUsername\" -w \"$BindPassword\" -b \"$BaseDN\" \"$UserFilter\" $IdAttribute $UsernameAttribute $EmailAttribute"
echo $cmd_to_run
echo "-------------------------"
eval $cmd_to_run
run_ldap_search "$UserFilter" "$IdAttribute $UsernameAttribute $EmailAttribute"
elif [[ $1 == '-g' ]]; then
cmd_to_run="$ldapsearch_cmd -LLL -x -h $LdapServer -p $LdapPort -D \"$BindUsername\" -w \"$BindPassword\" -b \"$BaseDN\" \"$GroupFilter\""
echo $cmd_to_run
echo "-------------------------"
eval $cmd_to_run
run_ldap_search "$GroupFilter" ""
else
echo "User or Group not specified"
fi