From 47468774b6b87c67d8ba98e52bfece04d6d48d1a Mon Sep 17 00:00:00 2001
From: Anton Tananaev <atananaev@lyft.com>
Date: Tue, 29 Dec 2020 11:11:13 -0800
Subject: Migrate LDAP configuration

---
 .../org/traccar/api/resource/UserResource.java     |  5 +-
 src/main/java/org/traccar/config/Config.java       |  2 +-
 src/main/java/org/traccar/config/Keys.java         | 88 ++++++++++++++++++++++
 .../java/org/traccar/database/LdapProvider.java    | 53 +++++++------
 4 files changed, 121 insertions(+), 27 deletions(-)

(limited to 'src/main/java/org')

diff --git a/src/main/java/org/traccar/api/resource/UserResource.java b/src/main/java/org/traccar/api/resource/UserResource.java
index 813ace6d6..d54cc2382 100644
--- a/src/main/java/org/traccar/api/resource/UserResource.java
+++ b/src/main/java/org/traccar/api/resource/UserResource.java
@@ -17,6 +17,7 @@ package org.traccar.api.resource;
 
 import org.traccar.Context;
 import org.traccar.api.BaseObjectResource;
+import org.traccar.config.Keys;
 import org.traccar.database.UsersManager;
 import org.traccar.helper.LogAction;
 import org.traccar.model.ManagedUser;
@@ -73,8 +74,8 @@ public class UserResource extends BaseObjectResource<User> {
                 Context.getPermissionsManager().checkUserLimit(getUserId());
             } else {
                 Context.getPermissionsManager().checkRegistration(getUserId());
-                entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit", -1));
-                int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays");
+                entity.setDeviceLimit(Context.getConfig().getInteger(Keys.USERS_DEFAULT_DEVICE_LIMIT));
+                int expirationDays = Context.getConfig().getInteger(Keys.USERS_DEFAULT_EXPIRATION_DAYS);
                 if (expirationDays > 0) {
                     entity.setExpirationTime(
                         new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000));
diff --git a/src/main/java/org/traccar/config/Config.java b/src/main/java/org/traccar/config/Config.java
index dd61e1f00..54e6efd06 100644
--- a/src/main/java/org/traccar/config/Config.java
+++ b/src/main/java/org/traccar/config/Config.java
@@ -66,7 +66,7 @@ public class Config {
     }
 
     public String getString(ConfigKey<String> key) {
-        return getString(key.getKey());
+        return getString(key.getKey(), key.getDefaultValue());
     }
 
     @Deprecated
diff --git a/src/main/java/org/traccar/config/Keys.java b/src/main/java/org/traccar/config/Keys.java
index 215b00805..4531c7541 100644
--- a/src/main/java/org/traccar/config/Keys.java
+++ b/src/main/java/org/traccar/config/Keys.java
@@ -198,6 +198,94 @@ public final class Keys {
             Collections.singletonList(KeyType.GLOBAL),
             300L);
 
+    /**
+     * Device limit for self registered users. Default value is -1, which indicates no limit.
+     */
+    public static final ConfigKey<Integer> USERS_DEFAULT_DEVICE_LIMIT = new ConfigKey<>(
+            "users.defaultDeviceLimit",
+            Collections.singletonList(KeyType.GLOBAL),
+            -1);
+
+    /**
+     * Default user expiration for self registered users. Value is in days. By default no expiration is set.
+     */
+    public static final ConfigKey<Integer> USERS_DEFAULT_EXPIRATION_DAYS = new ConfigKey<>(
+            "users.defaultExpirationDays",
+            Collections.singletonList(KeyType.GLOBAL));
+
+    /**
+     * LDAP server URL.
+     */
+    public static final ConfigKey<String> LDAP_URL = new ConfigKey<>(
+            "ldap.url",
+            Collections.singletonList(KeyType.GLOBAL));
+
+    /**
+     * LDAP server login.
+     */
+    public static final ConfigKey<String> LDAP_USER = new ConfigKey<>(
+            "ldap.user",
+            Collections.singletonList(KeyType.GLOBAL));
+
+    /**
+     * LDAP server password.
+     */
+    public static final ConfigKey<String> LDAP_PASSWORD = new ConfigKey<>(
+            "ldap.password",
+            Collections.singletonList(KeyType.GLOBAL));
+
+    /**
+     * LDAP user search base.
+     */
+    public static final ConfigKey<String> LDAP_BASE = new ConfigKey<>(
+            "ldap.base",
+            Collections.singletonList(KeyType.GLOBAL));
+
+    /**
+     * LDAP attribute used as user id. Default value is 'uid'.
+     */
+    public static final ConfigKey<String> LDAP_ID_ATTRIBUTE = new ConfigKey<>(
+            "ldap.idAttribute",
+            Collections.singletonList(KeyType.GLOBAL),
+            "uid");
+
+    /**
+     * LDAP attribute used as user name. Default value is 'cn'.
+     */
+    public static final ConfigKey<String> LDAP_NAME_ATTRIBUTE = new ConfigKey<>(
+            "ldap.nameAttribute",
+            Collections.singletonList(KeyType.GLOBAL),
+            "cn");
+
+    /**
+     * LDAP attribute used as user email. Default value is 'mail'.
+     */
+    public static final ConfigKey<String> LDAP_MAIN_ATTRIBUTE = new ConfigKey<>(
+            "ldap.mailAttribute",
+            Collections.singletonList(KeyType.GLOBAL),
+            "mail");
+
+    /**
+     * LDAP custom search filter. If not specified, '({idAttribute}=:login)' will be used as a filter.
+     */
+    public static final ConfigKey<String> LDAP_SEARCH_FILTER = new ConfigKey<>(
+            "ldap.searchFilter",
+            Collections.singletonList(KeyType.GLOBAL));
+
+    /**
+     * LDAP custom admin search filter.
+     */
+    public static final ConfigKey<String> LDAP_ADMIN_FILTER = new ConfigKey<>(
+            "ldap.adminFilter",
+            Collections.singletonList(KeyType.GLOBAL));
+
+    /**
+     * LDAP admin user group. Used if custom admin filter is not specified.
+     */
+    public static final ConfigKey<String> LDAP_ADMIN_GROUP = new ConfigKey<>(
+            "ldap.adminGroup",
+            Collections.singletonList(KeyType.GLOBAL));
+
     /**
      * If no data is reported by a device for the given amount of time, status changes from online to unknown. Value is
      * in seconds. Default timeout is 10 minutes.
diff --git a/src/main/java/org/traccar/database/LdapProvider.java b/src/main/java/org/traccar/database/LdapProvider.java
index a8220ea8e..d659a11a1 100644
--- a/src/main/java/org/traccar/database/LdapProvider.java
+++ b/src/main/java/org/traccar/database/LdapProvider.java
@@ -26,6 +26,7 @@ import javax.naming.directory.SearchResult;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.traccar.config.Config;
+import org.traccar.config.Keys;
 import org.traccar.model.User;
 
 import java.util.Hashtable;
@@ -34,35 +35,39 @@ public class LdapProvider {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(LdapProvider.class);
 
-    private String url;
-    private String searchBase;
-    private String idAttribute;
-    private String nameAttribute;
-    private String mailAttribute;
-    private String searchFilter;
-    private String adminFilter;
-    private String serviceUser;
-    private String servicePassword;
+    private final String url;
+    private final String searchBase;
+    private final String idAttribute;
+    private final String nameAttribute;
+    private final String mailAttribute;
+    private final String searchFilter;
+    private final String adminFilter;
+    private final String serviceUser;
+    private final String servicePassword;
 
     public LdapProvider(Config config) {
-        String url = config.getString("ldap.url");
-        if (url != null) {
-            this.url = url;
+        url = config.getString(Keys.LDAP_URL);
+        searchBase = config.getString(Keys.LDAP_BASE);
+        idAttribute = config.getString(Keys.LDAP_ID_ATTRIBUTE);
+        nameAttribute = config.getString(Keys.LDAP_NAME_ATTRIBUTE);
+        mailAttribute = config.getString(Keys.LDAP_MAIN_ATTRIBUTE);
+        if (config.hasKey(Keys.LDAP_SEARCH_FILTER)) {
+            searchFilter = config.getString(Keys.LDAP_SEARCH_FILTER);
         } else {
-            this.url = "ldap://" + config.getString("ldap.server") + ":" + config.getInteger("ldap.port", 389);
+            searchFilter = "(" + idAttribute + "=:login)";
         }
-        this.searchBase = config.getString("ldap.base");
-        this.idAttribute = config.getString("ldap.idAttribute", "uid");
-        this.nameAttribute = config.getString("ldap.nameAttribute", "cn");
-        this.mailAttribute = config.getString("ldap.mailAttribute", "mail");
-        this.searchFilter = config.getString("ldap.searchFilter", "(" + idAttribute + "=:login)");
-        String adminGroup = config.getString("ldap.adminGroup");
-        this.adminFilter = config.getString("ldap.adminFilter");
-        if (this.adminFilter == null && adminGroup != null) {
-            this.adminFilter = "(&(" + idAttribute + "=:login)(memberOf=" + adminGroup + "))";
+        if (config.hasKey(Keys.LDAP_ADMIN_FILTER)) {
+            adminFilter = config.getString(Keys.LDAP_ADMIN_FILTER);
+        } else {
+            String adminGroup = config.getString(Keys.LDAP_ADMIN_GROUP);
+            if (adminGroup != null) {
+                adminFilter = "(&(" + idAttribute + "=:login)(memberOf=" + adminGroup + "))";
+            } else {
+                adminFilter = null;
+            }
         }
-        this.serviceUser = config.getString("ldap.user");
-        this.servicePassword = config.getString("ldap.password");
+        serviceUser = config.getString(Keys.LDAP_USER);
+        servicePassword = config.getString(Keys.LDAP_PASSWORD);
     }
 
     private InitialDirContext auth(String accountName, String password) throws NamingException {
-- 
cgit v1.2.3