hook mattermost pour ldapui

11 months ago · c4f5476dc2
5 changed files with 32 additions and 4 deletions
--- a/dockers/ldap/UIHooks/post-hook.sh
+++ b/dockers/ldap/UIHooks/post-hook.sh
@ -0,0 +1,16 @@
+#!/bin/bash
+
+EMAIL=$1
+NEWPASSWORD=$2
+OLDPASSWORD=$3
+
+URL_AGORA="https://${matterHost}.${domain}/api/v4"
+mattermost_token=${MM_ADMIN_TOKEN}
+
+IDUSER=$(curl -s -H "Authorization: Bearer ${mattermost_token}" "${URL_AGORA}/users/email/${EMAIL}" | awk -F "," '{print $1}' | sed -e 's/{"id"://g' -e 's/"//g')
+if [ ${IDUSER} == 'app.user.missing_account.const' ]
+then
+  exit 1
+else
+  curl -X PUT -i -H "Authorization: Bearer ${mattermost_token}" -d "{\"current_password\":\"${OLDPASSWORD}\",\"new_password\":\"${NEWPASSWORD}\"}" "${URL_AGORA}/api/v4/users/${IDUSER}/password"
+fi
--- a/dockers/ldap/docker-compose.yml
+++ b/dockers/ldap/docker-compose.yml
@ -21,6 +21,14 @@ services:
      - ldap
    external_links:
      - ${smtpServName}:${smtpHost}
+    env_file:
+      - ../../secret/env-${ldapUIName}
+    # ports:
+    #   - 389:389
+    #   - 636:636
+    environment:
+      - domain=${domain}
+      - matterHost=${matterHost}
    volumes:
      - /etc/ssl:/etc/ssl:ro
      - /usr/local/share/ca-certificates:/usr/local/share/ca-certificates:ro
@ -29,6 +37,7 @@ services:
      - configSSP:/var/www/conf/
      - icons:/var/www/html/images/
      - lang:/var/www/lang/
+      - ./UIHooks:/var/www/kaz/
    # labels:
    #   - "traefik.enable=true"
    #   - "traefik.http.routers.${ldapUIName}.rule=Host(`${ldapUIHost}.${domain}`)"
--- a/dockers/ldap/first.sh
+++ b/dockers/ldap/first.sh
@ -72,18 +72,17 @@ updateVarInConf "mail_from" "admin@${domain}" "${CONFIG_IHM}"
 updateVarInConf "mail_from_name" "Récupération de mot de passe Kaz" "${CONFIG_IHM}"
 updateVarInConf "mail_smtp_host" "${smtpHost}.${domain}" "${CONFIG_IHM}"
 updateVarInConf "use_sms" "false" "${CONFIG_IHM}" "php"
-updateVarInConf "keyphrase" "apOcfivnart+Osh2" "${CONFIG_IHM}"
+updateVarInConf "keyphrase" "${LDAPUI_PASSWORD}" "${CONFIG_IHM}"
 updateVarInConf "lang" "fr" "${CONFIG_IHM}"
 updateVarInConf "allowed_lang" "array('fr', 'br');" "${CONFIG_IHM}" "php"
-#updateVarInConf "prehook_password_encodebase64" "true" "${CONFIG_IHM}"
-#updateVarInConf "posthook_password_encodebase64" "true" "${CONFIG_IHM}"
 updateVarInConf "mail_smtp_secure" "tls" "${CONFIG_IHM}"
 updateVarInConf "mail_address_use_ldap" "true" "${CONFIG_IHM}"
 updateVarInConf "mail_attributes" "array(\"mailDeSecours\", \"mail\")" "${CONFIG_IHM}" "php"
 updateVarInConf "pwd_min_length" "10" "${CONFIG_IHM}"
 updateVarInConf "pwd_min_special" "2" "${CONFIG_IHM}"
 updateVarInConf "pwd_show_policy" "always" "${CONFIG_IHM}"
-
+updateVarInConf "posthook" "/var/www/kaz/post_hook.sh" "${CONFIG_IHM}"
+updateVarInConf "posthook_password_encodebase64" "true" "${CONFIG_IHM}"


 docker cp "${KAZ_BIN_DIR}/look/kaz/kaz-tete.png" "${ldapUIName}:/var/www/html/images/ltb-logo.png"
--- a/secret.tmpl/SetAllPass.sh
+++ b/secret.tmpl/SetAllPass.sh
@ -65,6 +65,8 @@ ldap_LDAPUI_ADMINS_GROUP=admins
 ldap_LDAPUI_ADMIN_BIND_DN=cn=ldapui,ou=applications,${ldap_root}
 ldap_LDAPUI_ADMIN_BIND_PWD=${ldap_LDAP_LDAPUI_PASSWORD}
 ldap_LDAPUI_IGNORE_CERT_ERRORS=TRUE
+ldap_LDAPUI_PASSWORD="--clean_val--"
+ldap_LDAPUI_MM_ADMIN_TOKEN="xxx-private"

 ###################
 # gitea
--- a/secret.tmpl/env-ldapUI
+++ b/secret.tmpl/env-ldapUI
@ -5,3 +5,5 @@ LDAPUI_ADMINS_GROUP=
 LDAPUI_ADMIN_BIND_DN=
 LDAPUI_ADMIN_BIND_PWD=
 LDAPUI_IGNORE_CERT_ERRORS=
+LDAPUI_PASSWORD=
+LDAPUI_MM_ADMIN_TOKEN=