1import api from '@/store/api'; 2import i18n from '@/i18n'; 3import { find } from 'lodash'; 4 5const LdapStore = { 6 namespaced: true, 7 state: { 8 isServiceEnabled: null, 9 ldap: { 10 serviceEnabled: null, 11 serviceAddress: null, 12 bindDn: null, 13 baseDn: null, 14 userAttribute: null, 15 groupsAttribute: null, 16 roleGroups: [], 17 }, 18 activeDirectory: { 19 serviceEnabled: null, 20 serviceAddress: null, 21 bindDn: null, 22 baseDn: null, 23 userAttribute: null, 24 groupsAttribute: null, 25 roleGroups: [], 26 }, 27 }, 28 getters: { 29 isServiceEnabled: (state) => state.isServiceEnabled, 30 ldap: (state) => state.ldap, 31 activeDirectory: (state) => state.activeDirectory, 32 isActiveDirectoryEnabled: (state) => { 33 return state.activeDirectory.serviceEnabled; 34 }, 35 enabledRoleGroups: (state, getters) => { 36 const serviceType = getters.isActiveDirectoryEnabled 37 ? 'activeDirectory' 38 : 'ldap'; 39 return state[serviceType].roleGroups; 40 }, 41 }, 42 mutations: { 43 setServiceEnabled: (state, serviceEnabled) => 44 (state.isServiceEnabled = serviceEnabled), 45 setLdapProperties: ( 46 state, 47 { 48 ServiceEnabled, 49 ServiceAddresses = [], 50 Authentication = {}, 51 LDAPService: { 52 SearchSettings: { 53 BaseDistinguishedNames = [], 54 UsernameAttribute, 55 GroupsAttribute, 56 } = {}, 57 } = {}, 58 RemoteRoleMapping = [], 59 }, 60 ) => { 61 state.ldap.serviceAddress = ServiceAddresses[0]; 62 state.ldap.serviceEnabled = ServiceEnabled; 63 state.ldap.baseDn = BaseDistinguishedNames[0]; 64 state.ldap.bindDn = Authentication.Username; 65 state.ldap.userAttribute = UsernameAttribute; 66 state.ldap.groupsAttribute = GroupsAttribute; 67 state.ldap.roleGroups = RemoteRoleMapping; 68 }, 69 setActiveDirectoryProperties: ( 70 state, 71 { 72 ServiceEnabled, 73 ServiceAddresses = [], 74 Authentication = {}, 75 LDAPService: { 76 SearchSettings: { 77 BaseDistinguishedNames = [], 78 UsernameAttribute, 79 GroupsAttribute, 80 } = {}, 81 } = {}, 82 RemoteRoleMapping = [], 83 }, 84 ) => { 85 state.activeDirectory.serviceEnabled = ServiceEnabled; 86 state.activeDirectory.serviceAddress = ServiceAddresses[0]; 87 state.activeDirectory.bindDn = Authentication.Username; 88 state.activeDirectory.baseDn = BaseDistinguishedNames[0]; 89 state.activeDirectory.userAttribute = UsernameAttribute; 90 state.activeDirectory.groupsAttribute = GroupsAttribute; 91 state.activeDirectory.roleGroups = RemoteRoleMapping; 92 }, 93 }, 94 actions: { 95 async getAccountSettings({ commit }) { 96 return await api 97 .get('/redfish/v1/AccountService') 98 .then(({ data: { LDAP = {}, ActiveDirectory = {} } }) => { 99 const ldapEnabled = LDAP.ServiceEnabled; 100 const activeDirectoryEnabled = ActiveDirectory.ServiceEnabled; 101 102 commit('setServiceEnabled', ldapEnabled || activeDirectoryEnabled); 103 commit('setLdapProperties', LDAP); 104 commit('setActiveDirectoryProperties', ActiveDirectory); 105 }) 106 .catch((error) => console.log(error)); 107 }, 108 async saveLdapSettings({ state, dispatch }, properties) { 109 const data = { LDAP: properties }; 110 if (state.activeDirectory.serviceEnabled) { 111 // Disable Active Directory service if enabled 112 await api.patch('/redfish/v1/AccountService', { 113 ActiveDirectory: { ServiceEnabled: false }, 114 }); 115 } 116 return await api 117 .patch('/redfish/v1/AccountService', data) 118 .then(() => dispatch('getAccountSettings')) 119 .then(() => i18n.global.t('pageLdap.toast.successSaveLdapSettings')) 120 .catch((error) => { 121 console.log(error); 122 throw new Error( 123 i18n.global.t('pageLdap.toast.errorSaveLdapSettings'), 124 ); 125 }); 126 }, 127 async saveActiveDirectorySettings({ state, dispatch }, properties) { 128 const data = { ActiveDirectory: properties }; 129 if (state.ldap.serviceEnabled) { 130 // Disable LDAP service if enabled 131 await api.patch('/redfish/v1/AccountService', { 132 LDAP: { ServiceEnabled: false }, 133 }); 134 } 135 return await api 136 .patch('/redfish/v1/AccountService', data) 137 .then(() => dispatch('getAccountSettings')) 138 .then(() => 139 i18n.global.t('pageLdap.toast.successSaveActiveDirectorySettings'), 140 ) 141 .catch((error) => { 142 console.log(error); 143 throw new Error( 144 i18n.global.t('pageLdap.toast.errorSaveActiveDirectorySettings'), 145 ); 146 }); 147 }, 148 async saveAccountSettings( 149 { dispatch }, 150 { 151 serviceEnabled, 152 serviceAddress, 153 activeDirectoryEnabled, 154 bindDn, 155 bindPassword, 156 baseDn, 157 userIdAttribute, 158 groupIdAttribute, 159 }, 160 ) { 161 const data = { 162 ServiceEnabled: serviceEnabled, 163 ServiceAddresses: [serviceAddress], 164 Authentication: { 165 Username: bindDn, 166 Password: bindPassword, 167 }, 168 LDAPService: { 169 SearchSettings: { 170 BaseDistinguishedNames: [baseDn], 171 }, 172 }, 173 }; 174 if (groupIdAttribute) 175 data.LDAPService.SearchSettings.GroupsAttribute = groupIdAttribute; 176 if (userIdAttribute) 177 data.LDAPService.SearchSettings.UsernameAttribute = userIdAttribute; 178 179 if (activeDirectoryEnabled) { 180 return await dispatch('saveActiveDirectorySettings', data); 181 } else { 182 return await dispatch('saveLdapSettings', data); 183 } 184 }, 185 async addNewRoleGroup( 186 { dispatch, getters }, 187 { groupName, groupPrivilege }, 188 ) { 189 const data = {}; 190 const enabledRoleGroups = getters['enabledRoleGroups']; 191 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled']; 192 const RemoteRoleMapping = [ 193 ...enabledRoleGroups, 194 { 195 LocalRole: groupPrivilege, 196 RemoteGroup: groupName, 197 }, 198 ]; 199 if (isActiveDirectoryEnabled) { 200 data.ActiveDirectory = { RemoteRoleMapping }; 201 } else { 202 data.LDAP = { RemoteRoleMapping }; 203 } 204 return await api 205 .patch('/redfish/v1/AccountService', data) 206 .then(() => dispatch('getAccountSettings')) 207 .then(() => 208 i18n.global.t('pageLdap.toast.successAddRoleGroup', { 209 groupName, 210 }), 211 ) 212 .catch((error) => { 213 console.log(error); 214 throw new Error(i18n.global.t('pageLdap.toast.errorAddRoleGroup')); 215 }); 216 }, 217 async saveRoleGroup({ dispatch, getters }, { groupName, groupPrivilege }) { 218 const data = {}; 219 const enabledRoleGroups = getters['enabledRoleGroups']; 220 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled']; 221 const RemoteRoleMapping = enabledRoleGroups.map((group) => { 222 if (group.RemoteGroup === groupName) { 223 return { 224 RemoteGroup: groupName, 225 LocalRole: groupPrivilege, 226 }; 227 } else { 228 return {}; 229 } 230 }); 231 if (isActiveDirectoryEnabled) { 232 data.ActiveDirectory = { RemoteRoleMapping }; 233 } else { 234 data.LDAP = { RemoteRoleMapping }; 235 } 236 return await api 237 .patch('/redfish/v1/AccountService', data) 238 .then(() => dispatch('getAccountSettings')) 239 .then(() => 240 i18n.global.t('pageLdap.toast.successSaveRoleGroup', { groupName }), 241 ) 242 .catch((error) => { 243 console.log(error); 244 throw new Error(i18n.global.t('pageLdap.toast.errorSaveRoleGroup')); 245 }); 246 }, 247 async deleteRoleGroup({ dispatch, getters }, { roleGroups = [] }) { 248 const data = {}; 249 const enabledRoleGroups = getters['enabledRoleGroups']; 250 const isActiveDirectoryEnabled = getters['isActiveDirectoryEnabled']; 251 const RemoteRoleMapping = enabledRoleGroups.map((group) => { 252 if (find(roleGroups, { groupName: group.RemoteGroup })) { 253 return null; 254 } else { 255 return {}; 256 } 257 }); 258 if (isActiveDirectoryEnabled) { 259 data.ActiveDirectory = { RemoteRoleMapping }; 260 } else { 261 data.LDAP = { RemoteRoleMapping }; 262 } 263 return await api 264 .patch('/redfish/v1/AccountService', data) 265 .then(() => dispatch('getAccountSettings')) 266 .then(() => 267 i18n.global.t( 268 'pageLdap.toast.successDeleteRoleGroup', 269 roleGroups.length, 270 ), 271 ) 272 .catch((error) => { 273 console.log(error); 274 throw new Error( 275 i18n.global.t( 276 'pageLdap.toast.errorDeleteRoleGroup', 277 roleGroups.length, 278 ), 279 ); 280 }); 281 }, 282 }, 283}; 284 285export default LdapStore; 286