casdoor/object/ldap_autosync.go

package object

import (
	"fmt"
	"sync"
	"time"

	"github.com/beego/beego/logs"
	"github.com/casdoor/casdoor/util"
)

type LdapAutoSynchronizer struct {
	sync.Mutex
	ldapIdToStopChan map[string]chan struct{}
}

var globalLdapAutoSynchronizer *LdapAutoSynchronizer

func InitLdapAutoSynchronizer() {
	globalLdapAutoSynchronizer = NewLdapAutoSynchronizer()
	err := globalLdapAutoSynchronizer.LdapAutoSynchronizerStartUpAll()
	if err != nil {
		panic(err)
	}
}

func NewLdapAutoSynchronizer() *LdapAutoSynchronizer {
	return &LdapAutoSynchronizer{
		ldapIdToStopChan: make(map[string]chan struct{}),
	}
}

func GetLdapAutoSynchronizer() *LdapAutoSynchronizer {
	return globalLdapAutoSynchronizer
}

// StartAutoSync
// start autosync for specified ldap, old existing autosync goroutine will be ceased
func (l *LdapAutoSynchronizer) StartAutoSync(ldapId string) error {
	l.Lock()
	defer l.Unlock()

	ldap, err := GetLdap(ldapId)
	if err != nil {
		return err
	}

	if ldap == nil {
		return fmt.Errorf("ldap %s doesn't exist", ldapId)
	}
	if res, ok := l.ldapIdToStopChan[ldapId]; ok {
		res <- struct{}{}
		delete(l.ldapIdToStopChan, ldapId)
	}

	stopChan := make(chan struct{})
	l.ldapIdToStopChan[ldapId] = stopChan
	logs.Info(fmt.Sprintf("autoSync started for %s", ldap.Id))
	util.SafeGoroutine(func() {
		err := l.syncRoutine(ldap, stopChan)
		if err != nil {
			panic(err)
		}
	})
	return nil
}

func (l *LdapAutoSynchronizer) StopAutoSync(ldapId string) {
	l.Lock()
	defer l.Unlock()
	if res, ok := l.ldapIdToStopChan[ldapId]; ok {
		res <- struct{}{}
		delete(l.ldapIdToStopChan, ldapId)
	}
}

// autosync goroutine
func (l *LdapAutoSynchronizer) syncRoutine(ldap *Ldap, stopChan chan struct{}) error {
	ticker := time.NewTicker(time.Duration(ldap.AutoSync) * time.Minute)
	defer ticker.Stop()
	for {
		select {
		case <-stopChan:
			logs.Info(fmt.Sprintf("autoSync goroutine for %s stopped", ldap.Id))
			return nil
		case <-ticker.C:
		}

		err := UpdateLdapSyncTime(ldap.Id)
		if err != nil {
			return err
		}

		// fetch all users
		conn, err := ldap.GetLdapConn()
		if err != nil {
			logs.Warning(fmt.Sprintf("autoSync failed for %s, error %s", ldap.Id, err))
			continue
		}

		users, err := conn.GetLdapUsers(ldap)
		if err != nil {
			conn.Close()
			logs.Warning(fmt.Sprintf("autoSync failed for %s, error %s", ldap.Id, err))
			continue
		}

		existed, failed, err := SyncLdapUsers(ldap.Owner, AutoAdjustLdapUser(users), ldap.Id)
		if err != nil {
			conn.Close()
			logs.Warning(fmt.Sprintf("autoSync failed for %s, error %s", ldap.Id, err))
			continue
		}

		if len(failed) != 0 {
			logs.Warning(fmt.Sprintf("ldap autosync,%d new users,but %d user failed during :", len(users)-len(existed)-len(failed), len(failed)), failed)
			logs.Warning(err.Error())
		} else {
			logs.Info(fmt.Sprintf("ldap autosync success, %d new users, %d existing users", len(users)-len(existed), len(existed)))
		}

		conn.Close()
	}
}

// LdapAutoSynchronizerStartUpAll
// start all autosync goroutine for existing ldap servers in each organizations
func (l *LdapAutoSynchronizer) LdapAutoSynchronizerStartUpAll() error {
	organizations := []*Organization{}
	err := ormer.Engine.Desc("created_time").Find(&organizations)
	if err != nil {
		logs.Info("failed to Star up LdapAutoSynchronizer; ")
	}
	for _, org := range organizations {
		ldaps, err := GetLdaps(org.Name)
		if err != nil {
			return err
		}

		for _, ldap := range ldaps {
			if ldap.AutoSync != 0 {
				err = l.StartAutoSync(ldap.Id)
				if err != nil {
					return err
				}
			}
		}
	}
	return nil
}

func UpdateLdapSyncTime(ldapId string) error {
	_, err := ormer.Engine.ID(ldapId).Update(&Ldap{LastSync: util.GetCurrentTime()})
	if err != nil {
		return err
	}

	return nil
}
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`package object`

			`import (`
			`"fmt"`
			`"sync"`
			`"time"`

Update beego to v1.12.11 2022-09-29 19:44:08 +08:00			`"github.com/beego/beego/logs"`
fix: recover when goroutine panic that will kill main program (#692) * fix #684 recover when goroutine panic that will kill main program * Update util.go Co-authored-by: Yang Luo <hsluoyz@qq.com> 2022-04-22 21:59:06 +08:00			`"github.com/casdoor/casdoor/util"`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`)`

			`type LdapAutoSynchronizer struct {`
			`sync.Mutex`
			`ldapIdToStopChan map[string]chan struct{}`
			`}`

			`var globalLdapAutoSynchronizer *LdapAutoSynchronizer`

			`func InitLdapAutoSynchronizer() {`
			`globalLdapAutoSynchronizer = NewLdapAutoSynchronizer()`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`err := globalLdapAutoSynchronizer.LdapAutoSynchronizerStartUpAll()`
			`if err != nil {`
			`panic(err)`
			`}`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`}`

			`func NewLdapAutoSynchronizer() *LdapAutoSynchronizer {`
			`return &LdapAutoSynchronizer{`
			`ldapIdToStopChan: make(map[string]chan struct{}),`
			`}`
			`}`

			`func GetLdapAutoSynchronizer() *LdapAutoSynchronizer {`
			`return globalLdapAutoSynchronizer`
			`}`

style: golint (#988) 2022-08-09 16:50:49 +08:00			`// StartAutoSync`
chore(style): use `gofumpt` to fmt go code (#967) 2022-08-07 12:26:14 +08:00			`// start autosync for specified ldap, old existing autosync goroutine will be ceased`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`func (l *LdapAutoSynchronizer) StartAutoSync(ldapId string) error {`
			`l.Lock()`
			`defer l.Unlock()`

feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`ldap, err := GetLdap(ldapId)`
			`if err != nil {`
			`return err`
			`}`

feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`if ldap == nil {`
			`return fmt.Errorf("ldap %s doesn't exist", ldapId)`
			`}`
			`if res, ok := l.ldapIdToStopChan[ldapId]; ok {`
			`res <- struct{}{}`
			`delete(l.ldapIdToStopChan, ldapId)`
			`}`

			`stopChan := make(chan struct{})`
			`l.ldapIdToStopChan[ldapId] = stopChan`
			`logs.Info(fmt.Sprintf("autoSync started for %s", ldap.Id))`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`util.SafeGoroutine(func() {`
			`err := l.syncRoutine(ldap, stopChan)`
			`if err != nil {`
			`panic(err)`
			`}`
			`})`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`return nil`
			`}`

			`func (l *LdapAutoSynchronizer) StopAutoSync(ldapId string) {`
			`l.Lock()`
			`defer l.Unlock()`
			`if res, ok := l.ldapIdToStopChan[ldapId]; ok {`
			`res <- struct{}{}`
			`delete(l.ldapIdToStopChan, ldapId)`
			`}`
			`}`

chore(style): use `gofumpt` to fmt go code (#967) 2022-08-07 12:26:14 +08:00			`// autosync goroutine`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`func (l LdapAutoSynchronizer) syncRoutine(ldap Ldap, stopChan chan struct{}) error {`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`ticker := time.NewTicker(time.Duration(ldap.AutoSync) * time.Minute)`
			`defer ticker.Stop()`
			`for {`
feat: add pagination for LdapSyncPage and fix the bug Ldap auto-sync cannot disable (#496) * feat: add pagination for LdapSyncPage Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix: Ldap auto sync cannot disable Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> 2022-02-15 23:03:53 +08:00			`select {`
			`case <-stopChan:`
			`logs.Info(fmt.Sprintf("autoSync goroutine for %s stopped", ldap.Id))`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`return nil`
feat: add pagination for LdapSyncPage and fix the bug Ldap auto-sync cannot disable (#496) * feat: add pagination for LdapSyncPage Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix: Ldap auto sync cannot disable Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> 2022-02-15 23:03:53 +08:00			`case <-ticker.C:`
			`}`

feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`err := UpdateLdapSyncTime(ldap.Id)`
			`if err != nil {`
			`return err`
			`}`

chore(style): use `gofumpt` to fmt go code (#967) 2022-08-07 12:26:14 +08:00			`// fetch all users`
feat: support LDAP with SSL/TLS enabled (#1655) 2023-03-15 11:12:31 +08:00			`conn, err := ldap.GetLdapConn()`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`if err != nil {`
			`logs.Warning(fmt.Sprintf("autoSync failed for %s, error %s", ldap.Id, err))`
			`continue`
			`}`

feat: add LDAP custom filter support (#1719) * refactor: improve ldap server code * feat: custom filter * fix: fix displayName mapping * feat: add custom filter search fields * chore: add license * chore: i18n * chore: i18n * chore: update init field 2023-04-13 14:12:31 +08:00			`users, err := conn.GetLdapUsers(ldap)`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`if err != nil {`
feat: unbind LDAP clients if not used any more 2023-12-02 17:51:25 +08:00			`conn.Close()`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`logs.Warning(fmt.Sprintf("autoSync failed for %s, error %s", ldap.Id, err))`
			`continue`
			`}`
fix: fix incorrect LDAP sync status (#1859) 2023-05-18 22:03:53 +08:00
feat: compatible different uid of LDAP server (#1860) * feat: compatible different uid of LDAP server * Update organization.go --------- Co-authored-by: hsluoyz <hsluoyz@qq.com> 2023-05-19 02:34:25 +08:00			`existed, failed, err := SyncLdapUsers(ldap.Owner, AutoAdjustLdapUser(users), ldap.Id)`
feat: check application existence in object.AddUser() (#3686) 2025-04-05 16:38:20 +08:00			`if err != nil {`
			`conn.Close()`
			`logs.Warning(fmt.Sprintf("autoSync failed for %s, error %s", ldap.Id, err))`
			`continue`
			`}`

fix: fix incorrect LDAP sync status (#1859) 2023-05-18 22:03:53 +08:00			`if len(failed) != 0 {`
			`logs.Warning(fmt.Sprintf("ldap autosync,%d new users,but %d user failed during :", len(users)-len(existed)-len(failed), len(failed)), failed)`
			`logs.Warning(err.Error())`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`} else {`
fix: fix incorrect LDAP sync status (#1859) 2023-05-18 22:03:53 +08:00			`logs.Info(fmt.Sprintf("ldap autosync success, %d new users, %d existing users", len(users)-len(existed), len(existed)))`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`}`
feat: unbind LDAP clients if not used any more 2023-12-02 17:51:25 +08:00
			`conn.Close()`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`}`
			`}`

style: golint (#988) 2022-08-09 16:50:49 +08:00			`// LdapAutoSynchronizerStartUpAll`
chore(style): use `gofumpt` to fmt go code (#967) 2022-08-07 12:26:14 +08:00			`// start all autosync goroutine for existing ldap servers in each organizations`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`func (l *LdapAutoSynchronizer) LdapAutoSynchronizerStartUpAll() error {`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`organizations := []*Organization{}`
feat: make hard-coded authz adapter editable, rename adapter to ormer (#2149) * refactor: rename casbinAdapter to casdoorAdapter * feat: add initEnforcer * fix: router * refactor: make hard-coded code configurable * fix: data type * feat: support sqlite3 * feat: disable delete and edit name for built in resources * feat: optimize code * fix: init * fix: e2e * fix: remove datasourcename * fix: revert rename * refactor: change all ORM's Adatper to Ormer * refactor: name 2023-07-29 15:07:04 +08:00			`err := ormer.Engine.Desc("created_time").Find(&organizations)`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`if err != nil {`
			`logs.Info("failed to Star up LdapAutoSynchronizer; ")`
			`}`
			`for _, org := range organizations {`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`ldaps, err := GetLdaps(org.Name)`
			`if err != nil {`
			`return err`
			`}`

			`for _, ldap := range ldaps {`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`if ldap.AutoSync != 0 {`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`err = l.StartAutoSync(ldap.Id)`
			`if err != nil {`
			`return err`
			`}`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`}`
			`}`
			`}`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`return nil`
feat: implement automatic synchronization for ldap users (#371) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-15 17:45:11 +08:00			`}`
feat: add LDAP custom filter support (#1719) * refactor: improve ldap server code * feat: custom filter * fix: fix displayName mapping * feat: add custom filter search fields * chore: add license * chore: i18n * chore: i18n * chore: update init field 2023-04-13 14:12:31 +08:00
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`func UpdateLdapSyncTime(ldapId string) error {`
feat: make hard-coded authz adapter editable, rename adapter to ormer (#2149) * refactor: rename casbinAdapter to casdoorAdapter * feat: add initEnforcer * fix: router * refactor: make hard-coded code configurable * fix: data type * feat: support sqlite3 * feat: disable delete and edit name for built in resources * feat: optimize code * fix: init * fix: e2e * fix: remove datasourcename * fix: revert rename * refactor: change all ORM's Adatper to Ormer * refactor: name 2023-07-29 15:07:04 +08:00			`_, err := ormer.Engine.ID(ldapId).Update(&Ldap{LastSync: util.GetCurrentTime()})`
feat: add LDAP custom filter support (#1719) * refactor: improve ldap server code * feat: custom filter * fix: fix displayName mapping * feat: add custom filter search fields * chore: add license * chore: i18n * chore: i18n * chore: update init field 2023-04-13 14:12:31 +08:00			`if err != nil {`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`return err`
feat: add LDAP custom filter support (#1719) * refactor: improve ldap server code * feat: custom filter * fix: fix displayName mapping * feat: add custom filter search fields * chore: add license * chore: i18n * chore: i18n * chore: update init field 2023-04-13 14:12:31 +08:00			`}`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00
			`return nil`
feat: add LDAP custom filter support (#1719) * refactor: improve ldap server code * feat: custom filter * fix: fix displayName mapping * feat: add custom filter search fields * chore: add license * chore: i18n * chore: i18n * chore: update init field 2023-04-13 14:12:31 +08:00			`}`