From c600f814860a847f0b8426a03e56fb39435fa3d4 Mon Sep 17 00:00:00 2001 From: Brian McLaughlin Date: Tue, 27 Feb 2024 16:54:51 -0500 Subject: [PATCH] Add config for USER_SEARCH, GROUP_SEARCH and GROUP_TYPE No-Issue --- .../management/commands/dump_auth_config.py | 48 ++++++++++++++++--- 1 file changed, 41 insertions(+), 7 deletions(-) diff --git a/galaxy_ng/app/management/commands/dump_auth_config.py b/galaxy_ng/app/management/commands/dump_auth_config.py index 2c478f9cb8..5d1ffefc58 100644 --- a/galaxy_ng/app/management/commands/dump_auth_config.py +++ b/galaxy_ng/app/management/commands/dump_auth_config.py @@ -5,7 +5,7 @@ class Command(BaseCommand): - KEYCLOAK_AUTH_KEYS = [ + KEYCLOAK_KEYS = [ "SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL", "SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL", "SOCIAL_AUTH_KEYCLOAK_KEY", @@ -13,22 +13,21 @@ class Command(BaseCommand): "SOCIAL_AUTH_KEYCLOAK_SECRET", ] - LDAP_AUTH_KEYS = [ + LDAP_KEYS = [ "AUTH_LDAP_SERVER_URI", "AUTH_LDAP_BIND_DN", "AUTH_LDAP_BIND_PASSWORD", "AUTH_LDAP_USER_DN_TEMPLATE", - "AUTH_LDAP_USER_SEARCH", "AUTH_LDAP_USER_SEARCH_BASE_DN", "AUTH_LDAP_USER_SEARCH_SCOPE", "AUTH_LDAP_USER_SEARCH_FILTER", - "AUTH_LDAP_GROUP_SEARCH", "AUTH_LDAP_GROUP_SEARCH_BASE_DN", "AUTH_LDAP_GROUP_SEARCH_SCOPE", "AUTH_LDAP_GROUP_SEARCH_FILTER", - "AUTH_LDAP_GROUP_TYPE", "AUTH_LDAP_GROUP_TYPE_PARAMS", "AUTH_LDAP_USER_ATTR_MAP", + "AUTH_LDAP_CONNECTION_OPTIONS", + "AUTH_LDAP_START_TLS", ] help = "Dump auth config data from database to a JSON file" @@ -48,6 +47,36 @@ def is_enabled(self, keys): values.append(settings.get(key, default=None)) return all(values) + def post_config_ldap(self): + post_config = {} + # Configure USER_SEARCH and GROUP_SEARCH + AUTH_LDAP_USER_SEARCH_BASE_DN = settings.get("AUTH_LDAP_USER_SEARCH_BASE_DN", default=None) + AUTH_LDAP_USER_SEARCH_SCOPE = settings.get("AUTH_LDAP_USER_SEARCH_SCOPE", default=None) + AUTH_LDAP_USER_SEARCH_FILTER = settings.get("AUTH_LDAP_USER_SEARCH_FILTER", default=None) + AUTH_LDAP_GROUP_SEARCH_BASE_DN = settings.get("AUTH_LDAP_GROUP_SEARCH_BASE_DN", default=None) + AUTH_LDAP_GROUP_SEARCH_SCOPE = settings.get("AUTH_LDAP_GROUP_SEARCH_SCOPE", default=None) + AUTH_LDAP_GROUP_SEARCH_FILTER = settings.get("AUTH_LDAP_GROUP_SEARCH_FILTER", default=None) + + post_config["USER_SEARCH"] = [ + AUTH_LDAP_USER_SEARCH_BASE_DN, + AUTH_LDAP_USER_SEARCH_SCOPE, + AUTH_LDAP_USER_SEARCH_FILTER, + ] + + post_config["GROUP_SEARCH"] = [ + AUTH_LDAP_GROUP_SEARCH_BASE_DN, + AUTH_LDAP_GROUP_SEARCH_SCOPE, + AUTH_LDAP_GROUP_SEARCH_FILTER, + ] + + # Configure GROUP_TYPE + post_config["GROUP_TYPE"] = None + AUTH_LDAP_GROUP_TYPE = settings.get("AUTH_LDAP_GROUP_TYPE") + if AUTH_LDAP_GROUP_TYPE: + post_config["GROUP_TYPE"] = type(AUTH_LDAP_GROUP_TYPE).__name__ + + return post_config + def format_config_data(self, type, keys, prefix): config = { "type": f"galaxy.authentication.authenticator_plugins.{type}", @@ -60,6 +89,11 @@ def format_config_data(self, type, keys, prefix): k = key[len(prefix):] v = settings.get(key, default=None) config["configuration"].update({k: v}) + + # handle post configuration for ldap: + if type == "ldap": + config["configuration"].update(self.post_config_ldap()) + return config def handle(self, *args, **options): @@ -70,12 +104,12 @@ def handle(self, *args, **options): data.append( self.format_config_data( "keycloak", - self.KEYCLOAK_AUTH_KEYS, + self.KEYCLOAK_KEYS, "SOCIAL_AUTH_KEYCLOAK_"), ) # Add LDAP auth config - data.append(self.format_config_data("ldap", self.LDAP_AUTH_KEYS, "AUTH_LDAP_")) + data.append(self.format_config_data("ldap", self.LDAP_KEYS, "AUTH_LDAP_")) # Define the path for the output JSON file output_file = options["output_file"]