1import api from '@/store/api'; 2import i18n from '@/i18n'; 3import { find } from 'lodash'; 4 5const LdapStore = { 6 namespaced: true, 7 state: { 8 isServiceEnabled: null, 9 ldap: { 10 serviceEnabled: null, 11 serviceAddress: null, 12 bindDn: null, 13 baseDn: null, 14 userAttribute: null, 15 groupsAttribute: null, 16 roleGroups: [], 17 }, 18 activeDirectory: { 19 serviceEnabled: null, 20 serviceAddress: null, 21 bindDn: null, 22 baseDn: null, 23 userAttribute: null, 24 groupsAttribute: null, 25 roleGroups: [], 26 }, 27 }, 28 getters: { 29 isServiceEnabled: (state) => state.isServiceEnabled, 30 ldap: (state) => state.ldap, 31 activeDirectory: (state) => state.activeDirectory, 32 isActiveDirectoryEnabled: (state) => { 33 return state.activeDirectory.serviceEnabled; 34 }, 35 enabledRoleGroups: (state, getters) => { 36 const serviceType = getters.isActiveDirectoryEnabled 37 ? 'activeDirectory' 38 : 'ldap'; 39 return state[serviceType].roleGroups; 40 }, 41 }, 42 mutations: { 43 setServiceEnabled: (state, serviceEnabled) => 44 (state.isServiceEnabled = serviceEnabled), 45 setLdapProperties: ( 46 state, 47 { 48 ServiceEnabled, 49 ServiceAddresses = [], 50 Authentication = {}, 51 LDAPService: { 52 SearchSettings: { 53 BaseDistinguishedNames = [], 54 UsernameAttribute, 55 GroupsAttribute, 56 } = {}, 57 } = {}, 58 RemoteRoleMapping = [], 59 }, 60 ) => { 61 state.ldap.serviceAddress = ServiceAddresses[0]; 62 state.ldap.serviceEnabled = ServiceEnabled; 63 state.ldap.baseDn = BaseDistinguishedNames[0]; 64 state.ldap.bindDn = Authentication.Username; 65 state.ldap.userAttribute = UsernameAttribute; 66 state.ldap.groupsAttribute = GroupsAttribute; 67 state.ldap.roleGroups = RemoteRoleMapping; 68 }, 69 setActiveDirectoryProperties: ( 70 state, 71 { 72 ServiceEnabled, 73 ServiceAddresses = [], 74 Authentication = {}, 75 LDAPService: { 76 SearchSettings: { 77 BaseDistinguishedNames = [], 78 UsernameAttribute, 79 GroupsAttribute, 80 } = {}, 81 } = {}, 82 RemoteRoleMapping = [], 83 }, 84 ) => { 85 state.activeDirectory.serviceEnabled = ServiceEnabled; 86 state.activeDirectory.serviceAddress = ServiceAddresses[0]; 87 state.activeDirectory.bindDn = Authentication.Username; 88 state.activeDirectory.baseDn = BaseDistinguishedNames[0]; 89 state.activeDirectory.userAttribute = UsernameAttribute; 90 state.activeDirectory.groupsAttribute = GroupsAttribute; 91 state.activeDirectory.roleGroups = RemoteRoleMapping; 92 }, 93 }, 94 actions: { 95 async getAccountSettings({ commit }) { 96 return await api 97 .get('/redfish/v1/AccountService') 98 .then(({ data: { LDAP = {}, ActiveDirectory = {} } }) => { 99 const ldapEnabled = LDAP.ServiceEnabled; 100 const activeDirectoryEnabled = ActiveDirectory.ServiceEnabled; 101 102 commit('setServiceEnabled', ldapEnabled || activeDirectoryEnabled); 103 commit('setLdapProperties', LDAP); 104 commit('setActiveDirectoryProperties', ActiveDirectory); 105 }) 106 .catch((error) => console.log(error)); 107 }, 108 async saveLdapSettings({ state, dispatch }, properties) { 109 const data = { LDAP: properties }; 110 if (state.activeDirectory.serviceEnabled) { 111 // Disable Active Directory service if enabled 112 await api.patch('/redfish/v1/AccountService', { 113 ActiveDirectory: { ServiceEnabled: false }, 114 }); 115 } 116 return await api 117 .patch('/redfish/v1/AccountService', data) 118 .then(() => dispatch('getAccountSettings')) 119 .then(() => i18n.t('pageLdap.toast.successSaveLdapSettings')) 120 .catch((error) => { 121 console.log(error); 122 throw new Error(i18n.t('pageLdap.toast.errorSaveLdapSettings')); 123 }); 124 }, 125 async saveActiveDirectorySettings({ state, dispatch }, properties) { 126 const data = { ActiveDirectory: properties }; 127 if (state.ldap.serviceEnabled) { 128 // Disable LDAP service if enabled 129 await api.patch('/redfish/v1/AccountService', { 130 LDAP: { ServiceEnabled: false }, 131 }); 132 } 133 return await api 134 .patch('/redfish/v1/AccountService', data) 135 .then(() => dispatch('getAccountSettings')) 136 .then(() => i18n.t('pageLdap.toast.successSaveActiveDirectorySettings')) 137 .catch((error) => { 138 console.log(error); 139 throw new Error( 140 i18n.t('pageLdap.toast.errorSaveActiveDirectorySettings'), 141 ); 142 }); 143 }, 144 async saveAccountSettings( 145 { dispatch }, 146 { 147 serviceEnabled, 148 serviceAddress, 149 activeDirectoryEnabled, 150 bindDn, 151 bindPassword, 152 baseDn, 153 userIdAttribute, 154 groupIdAttribute, 155 }, 156 ) { 157 const data = { 158 ServiceEnabled: serviceEnabled, 159 ServiceAddresses: [serviceAddress], 160 Authentication: { 161 Username: bindDn, 162 Password: bindPassword, 163 }, 164 LDAPService: { 165 SearchSettings: { 166 BaseDistinguishedNames: [baseDn], 167 }, 168 }, 169 }; 170 if (groupIdAttribute) 171 data.LDAPService.SearchSettings.GroupsAttribute = groupIdAttribute; 172 if (userIdAttribute) 173 data.LDAPService.SearchSettings.UsernameAttribute = userIdAttribute; 174 175 if (activeDirectoryEnabled) { 176 return await dispatch('saveActiveDirectorySettings', data); 177 } else { 178 return await dispatch('saveLdapSettings', data); 179 } 180 }, 181 async addNewRoleGroup( 182 { dispatch, getters }, 183 { groupName, groupPrivilege }, 184 ) { 185 const data = {}; 186 const enabledRoleGroups = getters['enabledRoleGroups']; 187 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled']; 188 const RemoteRoleMapping = [ 189 ...enabledRoleGroups, 190 { 191 LocalRole: groupPrivilege, 192 RemoteGroup: groupName, 193 }, 194 ]; 195 if (isActiveDirectoryEnabled) { 196 data.ActiveDirectory = { RemoteRoleMapping }; 197 } else { 198 data.LDAP = { RemoteRoleMapping }; 199 } 200 return await api 201 .patch('/redfish/v1/AccountService', data) 202 .then(() => dispatch('getAccountSettings')) 203 .then(() => 204 i18n.t('pageLdap.toast.successAddRoleGroup', { 205 groupName, 206 }), 207 ) 208 .catch((error) => { 209 console.log(error); 210 throw new Error(i18n.t('pageLdap.toast.errorAddRoleGroup')); 211 }); 212 }, 213 async saveRoleGroup({ dispatch, getters }, { groupName, groupPrivilege }) { 214 const data = {}; 215 const enabledRoleGroups = getters['enabledRoleGroups']; 216 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled']; 217 const RemoteRoleMapping = enabledRoleGroups.map((group) => { 218 if (group.RemoteGroup === groupName) { 219 return { 220 RemoteGroup: groupName, 221 LocalRole: groupPrivilege, 222 }; 223 } else { 224 return {}; 225 } 226 }); 227 if (isActiveDirectoryEnabled) { 228 data.ActiveDirectory = { RemoteRoleMapping }; 229 } else { 230 data.LDAP = { RemoteRoleMapping }; 231 } 232 return await api 233 .patch('/redfish/v1/AccountService', data) 234 .then(() => dispatch('getAccountSettings')) 235 .then(() => 236 i18n.t('pageLdap.toast.successSaveRoleGroup', { groupName }), 237 ) 238 .catch((error) => { 239 console.log(error); 240 throw new Error(i18n.t('pageLdap.toast.errorSaveRoleGroup')); 241 }); 242 }, 243 async deleteRoleGroup({ dispatch, getters }, { roleGroups = [] }) { 244 const data = {}; 245 const enabledRoleGroups = getters['enabledRoleGroups']; 246 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled']; 247 const RemoteRoleMapping = enabledRoleGroups.map((group) => { 248 if (find(roleGroups, { groupName: group.RemoteGroup })) { 249 return null; 250 } else { 251 return {}; 252 } 253 }); 254 if (isActiveDirectoryEnabled) { 255 data.ActiveDirectory = { RemoteRoleMapping }; 256 } else { 257 data.LDAP = { RemoteRoleMapping }; 258 } 259 return await api 260 .patch('/redfish/v1/AccountService', data) 261 .then(() => dispatch('getAccountSettings')) 262 .then(() => 263 i18n.tc('pageLdap.toast.successDeleteRoleGroup', roleGroups.length), 264 ) 265 .catch((error) => { 266 console.log(error); 267 throw new Error( 268 i18n.tc('pageLdap.toast.errorDeleteRoleGroup', roleGroups.length), 269 ); 270 }); 271 }, 272 }, 273}; 274 275export default LdapStore; 276