refs 124384: apply feedback

apps/app/src/components/Admin/UserGroup/ExternalUserGroup/LdapGroupSyncSettingsForm.tsx

@@ -6,7 +6,7 @@ import { useTranslation } from 'react-i18next';
 
 import { apiv3Put } from '~/client/util/apiv3-client';
 import { toastError, toastSuccess } from '~/client/util/toastr';
-import { LdapGroupSyncSettings } from '~/interfaces/external-user-group';
+import { LdapGroupMembershipAttributeType, LdapGroupSyncSettings } from '~/interfaces/external-user-group';
 import { useSWRxLdapGroupSyncSettings } from '~/stores/external-user-group';
 
 export const LdapGroupSyncSettingsForm: FC = () => {
@@ -17,7 +17,7 @@ export const LdapGroupSyncSettingsForm: FC = () => {
   const [formValues, setFormValues] = useState<LdapGroupSyncSettings>({
     ldapGroupSearchBase: '',
     ldapGroupMembershipAttribute: '',
-    ldapGroupMembershipAttributeType: 'DN',
+    ldapGroupMembershipAttributeType: LdapGroupMembershipAttributeType.dn,
     ldapGroupChildGroupAttribute: '',
     autoGenerateUserOnLdapGroupSync: false,
     preserveDeletedLdapGroups: false,
@@ -99,7 +99,7 @@ export const LdapGroupSyncSettingsForm: FC = () => {
             id="ldapGroupMembershipAttributeType"
             value={formValues.ldapGroupMembershipAttributeType}
             onChange={(e) => {
-              if (e.target.value === 'DN' || e.target.value === 'UID') {
+              if (e.target.value === LdapGroupMembershipAttributeType.dn || e.target.value === LdapGroupMembershipAttributeType.uid) {
                 setFormValues({ ...formValues, ldapGroupMembershipAttributeType: e.target.value });
               }
             }}>

apps/app/src/interfaces/external-user-group.ts

@@ -17,10 +17,13 @@ export interface IExternalUserGroupRelation extends Omit<IUserGroupRelation, 're
   relatedGroup: Ref<IExternalUserGroup>
 }
 
+export const LdapGroupMembershipAttributeType = { dn: 'DN', uid: 'UID' } as const;
+type LdapGroupMembershipAttributeType = typeof LdapGroupMembershipAttributeType[keyof typeof LdapGroupMembershipAttributeType];
+
 export interface LdapGroupSyncSettings {
   ldapGroupSearchBase: string
   ldapGroupMembershipAttribute: string
-  ldapGroupMembershipAttributeType: 'DN' | 'UID'
+  ldapGroupMembershipAttributeType: LdapGroupMembershipAttributeType
   ldapGroupChildGroupAttribute: string
   autoGenerateUserOnLdapGroupSync: boolean
   preserveDeletedLdapGroups: boolean

apps/app/src/server/crowi/index.js

@@ -86,6 +86,7 @@ function Crowi() {
   this.xss = new Xss();
   this.questionnaireService = null;
   this.questionnaireCronService = null;
+  this.externalAccountService = null;
 
   this.tokens = null;
 
@@ -150,6 +151,7 @@ Crowi.prototype.init = async function() {
     this.setupSyncPageStatusService(),
     this.setupQuestionnaireService(),
     this.setUpCustomize(), // depends on pluginService
+    this.setupExternalAccountService(),
   ]);
 
   // globalNotification depends on slack and mailer
@@ -780,4 +782,11 @@ Crowi.prototype.setupG2GTransferService = async function() {
   }
 };
 
+Crowi.prototype.setupExternalAccountService = function() {
+  const ExternalAccountService = require('../service/external-account');
+  if (this.externalAccountService == null) {
+    this.externalAccountService = new ExternalAccountService(this);
+  }
+};
+
 export default Crowi;

apps/app/src/server/routes/login-passport.js

@@ -9,9 +9,6 @@ import { NullUsernameToBeRegisteredError } from '~/server/models/errors';
 import { createRedirectToForUnauthenticated } from '~/server/util/createRedirectToForUnauthenticated';
 import loggerFactory from '~/utils/logger';
 
-import ExternalAccountService from '../service/external-account';
-
-
 /* eslint-disable no-use-before-define */
 
 module.exports = function(crowi, app) {
@@ -20,7 +17,6 @@ module.exports = function(crowi, app) {
   const passport = require('passport');
   const ExternalAccount = crowi.model('ExternalAccount');
   const passportService = crowi.passportService;
-  const externalAccountService = new ExternalAccountService(crowi);
 
   const activityEvent = crowi.event('activity');
 
@@ -218,7 +214,7 @@ module.exports = function(crowi, app) {
 
     let externalAccount;
     try {
-      externalAccount = await externalAccountService.getOrCreateUser(userInfo, providerId);
+      externalAccount = await crowi.externalAccountService.getOrCreateUser(userInfo, providerId);
     }
     catch (error) {
       return next(error);
@@ -392,7 +388,7 @@ module.exports = function(crowi, app) {
       userInfo.username = userInfo.email.slice(0, userInfo.email.indexOf('@'));
     }
 
-    const externalAccount = await externalAccountService.getOrCreateUser(userInfo, providerId);
+    const externalAccount = await crowi.externalAccountService.getOrCreateUser(userInfo, providerId);
     if (!externalAccount) {
       return next(new ExternalAccountLoginError('message.sign_in_failure'));
     }
@@ -435,7 +431,7 @@ module.exports = function(crowi, app) {
       name: response.displayName,
     };
 
-    const externalAccount = await externalAccountService.getOrCreateUser(userInfo, providerId);
+    const externalAccount = await crowi.externalAccountService.getOrCreateUser(userInfo, providerId);
     if (!externalAccount) {
       return next(new ExternalAccountLoginError('message.sign_in_failure'));
     }
@@ -485,7 +481,7 @@ module.exports = function(crowi, app) {
     };
     debug('mapping response to userInfo', userInfo, response, attrMapId, attrMapUserName, attrMapMail);
 
-    const externalAccount = await externalAccountService.getOrCreateUser(userInfo, providerId);
+    const externalAccount = await crowi.externalAccountService.getOrCreateUser(userInfo, providerId);
     if (!externalAccount) {
       return new ExternalAccountLoginError('message.sign_in_failure');
     }
@@ -544,7 +540,7 @@ module.exports = function(crowi, app) {
       return next(new ExternalAccountLoginError('Sign in failure due to insufficient privileges.'));
     }
 
-    const externalAccount = await externalAccountService.getOrCreateUser(userInfo, providerId);
+    const externalAccount = await crowi.externalAccountService.getOrCreateUser(userInfo, providerId);
     if (!externalAccount) {
       return next(new ExternalAccountLoginError('message.sign_in_failure'));
     }

apps/app/src/server/service/external-group/external-user-group-sync-service.ts

@@ -7,7 +7,6 @@ import ExternalUserGroupRelation from '~/server/models/external-user-group-relat
 import { excludeTestIdsFromTargetIds } from '~/server/util/compare-objectId';
 
 import { configManager } from '../config-manager';
-import ExternalAccountService from '../external-account';
 
 abstract class ExternalUserGroupSyncService {
 
@@ -15,8 +14,6 @@ abstract class ExternalUserGroupSyncService {
 
   authProviderType: string; // auth provider type (e.g: ldap, oidc)
 
-  externalAccountService: ExternalAccountService;
-
   crowi: any;
 
   // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
@@ -24,7 +21,6 @@ abstract class ExternalUserGroupSyncService {
     this.groupProviderType = groupProviderType;
     this.authProviderType = authProviderType;
     this.crowi = crowi;
-    this.externalAccountService = new ExternalAccountService(crowi);
   }
 
   /** External user group tree sync method
@@ -99,7 +95,7 @@ abstract class ExternalUserGroupSyncService {
 
     const getExternalAccount = async() => {
       if (autoGenerateUserOnGroupSync) {
-        return this.externalAccountService.getOrCreateUser(userInfo, this.authProviderType);
+        return this.crowi.externalAccountService.getOrCreateUser(userInfo, this.authProviderType);
       }
       return this.crowi.models.ExternalAccount
         .findOne({ providerType: this.groupProviderType, accountId: userInfo.id });

apps/app/src/server/service/external-group/ldap-user-group-sync-service.ts

@@ -1,4 +1,6 @@
-import { ExternalGroupProviderType, ExternalUserGroupTreeNode, ExternalUserInfo } from '~/interfaces/external-user-group';
+import {
+  ExternalGroupProviderType, ExternalUserGroupTreeNode, ExternalUserInfo, LdapGroupMembershipAttributeType,
+} from '~/interfaces/external-user-group';
 
 import { configManager } from '../config-manager';
 import LdapService, { SearchResultEntry } from '../ldap';
@@ -90,10 +92,10 @@ class LdapUserGroupSyncService extends ExternalUserGroupSyncService {
 
     // get full user info from LDAP server using externalUserInfo (DN or UID)
     const getUserEntries = async() => {
-      if (groupMembershipAttributeType === 'DN') {
+      if (groupMembershipAttributeType === LdapGroupMembershipAttributeType.dn) {
         return this.ldapService.search(undefined, userId, 'base');
       }
-      if (groupMembershipAttributeType === 'UID') {
+      if (groupMembershipAttributeType === LdapGroupMembershipAttributeType.uid) {
         return this.ldapService.search(`(uid=${userId})`, undefined);
       }
     };