func (ls *LdapSource) Modify(uid, password string, values map[string]string) error {
if ls.Debug {
log.Printf("change profile for %s values: %v", uid, values)
}
userdn := ls.UDN(uid)
err := ls.Bind(userdn, password, true)
if err != nil {
return ErrLogin
}
entry, err := ls.getEntry(userdn)
if err != nil {
return err
}
modify := ldap.NewModifyRequest(entry.DN)
changed := make(map[string]bool)
for k, v := range values {
if v == "" {
continue
}
vals := entry.GetAttributeValues(k)
if len(vals) == 0 {
changed[k] = true
modify.Add(k, []string{v})
} else {
if vals[0] != v {
changed[k] = true
modify.Replace(k, []string{v})
}
}
}
if len(changed) == 0 {
if ls.Debug {
log.Printf("nothing changed for %s", uid)
}
return nil
}
_, sok := changed["sn"]
_, gok := changed["givenName"]
if sok && gok {
modify.Replace("cn", []string{fmt.Sprintf("%s%s", values["sn"], values["givenName"])})
}
if err := ls.c.Modify(modify); err != nil {
log.Printf("Modify ERROR: %s\n", err.Error())
}
return nil
}
// modify enables or disables an LDAP account
func modify(l *ldap.Conn, entry *ldap.Entry, action string) error {
useraccountcontrol := entry.Attributes[1].Values[0]
if useraccountcontrol != action {
modify := ldap.NewModifyRequest(entry.DN)
modify.Replace("useraccountcontrol", []string{action})
if err := l.Modify(modify); err != nil {
log.Println("ERROR: %s\n", err.Error())
return err
}
cn := entry.Attributes[0].Values[0]
logMod(cn, action)
}
return nil
}
func ExampleConn_Modify() {
l, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", "ldap.example.com", 389))
if err != nil {
log.Fatal(err)
}
defer l.Close()
// Add a description, and replace the mail attributes
modify := ldap.NewModifyRequest("cn=user,dc=example,dc=com")
modify.Add("description", []string{"An example user"})
modify.Replace("mail", []string{"*****@*****.**"})
err = l.Modify(modify)
if err != nil {
log.Fatal(err)
}
}