configure-module: use new admin domains REST API

NethServer · May 5, 2023 · f3e2b16 · f3e2b16
1 parent fc63fa4
commit f3e2b16
Showing 1 changed file with 52 additions and 41 deletions.
diff --git a/imageroot/actions/configure-module/20config b/imageroot/actions/configure-module/20config
@@ -10,42 +10,11 @@ import sys
 import os
 import agent
 import agent.ldapproxy
-import subprocess
 import urllib.request
 
 api_endpoint = "http://localhost:" + os.environ["TCP_PORT"] + "/webtop/api/com.sonicle.webtop.core/v1"
 api_headers={"Content-Type": "application/json", "Authorization": "Bearer " + os.environ["WEBAPP_API_TOKEN"]}
 
-def domain_setup(user_domain_name, user_domain):
-    user_domain_uri = "ldapneth://accountprovider" + ":" + user_domain["port"]
-    user_domain_admin = user_domain["bind_dn"]
-
-    user_domain_password = subprocess.check_output(['podman', 'run', '--rm', os.environ["WEBTOP_WEBAPP_IMAGE"], 'bash', '-c', "echo -n " + user_domain["bind_password"] + " | java -classpath /usr/share/webtop/ WebtopPassEncode"], text=True).splitlines().pop()
-
-    user_domain_parameters = {
-            "loginDn": user_domain["base_dn"],
-            "loginFilter": None,
-            "userDn": user_domain["base_dn"],
-            "userFilter": None,
-            "userIdField": "uid",
-            "userFirstnameField": "givenName",
-            "userLastnameField": "sn",
-            "userDisplayNameField": "gecos",
-            }
-
-    if user_domain["schema"] == "ad":
-        user_domain_parameters["loginFilter"] = "&(objectCategory=person)(objectClass=user)"
-        user_domain_parameters["userIdField"] = "sAMAccountName"
-        user_domain_parameters["userFilter"] = "(&(objectClass=user)(objectCategory=person)(!(isCriticalSystemObject=TRUE)))"
-        user_domain_parameters["userDisplayNameField"] = "displayName"
-
-    with subprocess.Popen(['podman', 'exec', '-i', 'postgres', 'psql', '-U', 'postgres', 'webtop5'], stdin=subprocess.PIPE, text=True) as psql:
-        print("DELETE FROM core.domains WHERE domain_id = 'NethServer';\n", file=psql.stdin)
-        print("INSERT INTO core.domains (domain_id, internet_name, enabled, description, user_auto_creation, dir_uri, dir_admin, dir_password, dir_connection_security, dir_case_sensitive, dir_password_policy, dir_parameters) VALUES ('NethServer', '" + user_domain_name + "', 't', 'NethServer', 't', '" + user_domain_uri + "', '" + user_domain_admin + "', '" + user_domain_password + "', null, 'f', 'f', '" + json.dumps(user_domain_parameters) + "');\n", file=psql.stdin)
-
-        agent.set_env("USER_DOMAIN_PORT", user_domain["port"])
-
-
 # Try to parse the stdin as JSON.
 # If parsing fails, output everything to stderr
 data = json.load(sys.stdin)
@@ -209,19 +178,61 @@ if "mail_module" in data:
     user_domain_name = rdb.hget(f"module/{mail_module}/srv/tcp/imap", "user_domain") or ""
     user_domain = agent.ldapproxy.Ldapproxy().get_domain(user_domain_name) or {}
 
-    domain_setup(user_domain_name, user_domain)
+    user_domain_json =  {
+            "enabled": True,
+            "displayName": "NethServer",
+            "authDomainName": user_domain_name,
+            "domainName": user_domain_name,
+            "publicURL": "https://" + data["hostname"] + "/webtop",
+            "userAutoCreation": True,
+            "dirUri": "ldapneth://accountprovider" + ":" + user_domain["port"],
+            "dirAdmin": user_domain["bind_dn"],
+            "dirPassword": user_domain["bind_password"],
+            "dirConnSecurity": "OFF",
+            "dirCaseSensitive": False,
+            "dirRawParameters": {
+                "loginDn": user_domain["base_dn"],
+                "loginFilter": None,
+                "userDn": user_domain["base_dn"],
+                "userFilter": None,
+                "userIdField": "uid",
+                "userFirstnameField": "givenName",
+                "userLastnameField": "sn",
+                "userDisplayNameField": "gecos"
+                },
+            "passwordPolicies": {
+                "minLength": None,
+                "complexity": False,
+                "avoidConsecutiveChars": False,
+                "avoidOldSimilarity": False,
+                "avoidUsernameSimilarity": False,
+                "expiration": None,
+                "verifyAtLogin": False
+                }
+            }
 
-    agent.set_env("MAIL_MODULE", mail_module)
-    agent.set_env("RESTART_WEBAPP", "1")
+    if user_domain["schema"] == "ad":
+        user_domain_json["dirRawParameters"]["loginFilter"] = "&(objectCategory=person)(objectClass=user)"
+        user_domain_json["dirRawParameters"]["userIdField"] = "sAMAccountName"
+        user_domain_json["dirRawParameters"]["userFilter"] = "(&(objectClass=user)(objectCategory=person)(!(isCriticalSystemObject=TRUE)))"
+        user_domain_json["dirRawParameters"]["userDisplayNameField"] = "displayName"
 
-# In case of module move/migrate/restore, check if the port of local the ldapproxy is changed
-if "MAIL_MODULE" in os.environ and ("mail_module" not in data or data["mail_module"] == os.getenv("MAIL_MODULE")) :
-    user_domain_name = rdb.hget(f'module/{data["mail_module"]}/srv/tcp/imap', "user_domain") or ""
-    user_domain = agent.ldapproxy.Ldapproxy().get_domain(user_domain_name) or {}
+    try:
+        #Check if the domain already exist
+        urllib.request.urlopen(urllib.request.Request(f"{api_endpoint}/admin/domains/NethServer", headers=api_headers))
+        #Update the doiman
+        urllib.request.urlopen(urllib.request.Request(f"{api_endpoint}/admin/domains/NethServer?update_options=3", json.dumps(user_domain_json).encode(), headers=api_headers, method='PUT'))
+    except urllib.error.HTTPError as e:
+        if e.code == 404:
+            # Create the doiman
+            user_domain_json["domainId"] = "NethServer"
+            urllib.request.urlopen(urllib.request.Request(f"{api_endpoint}/admin/domains", json.dumps(user_domain_json).encode(), headers=api_headers, method='POST'))
+            pass
+    except urllib.error.URLError as e:
+        raise Exception(f'Error reaching webapp daemon: {e.reason}')
+
+    agent.set_env("MAIL_MODULE", mail_module)
 
-    if user_domain["port"] != os.environ["USER_DOMAIN_PORT"]:
-        domain_setup(user_domain_name, user_domain)
-        agent.set_env("RESTART_WEBAPP", "1")
 
 if "webapp" in data:
     if "debug" in data["webapp"] and data["webapp"]["debug"] != os.getenv("WEBAPP_JS_DEBUG"):