func (ls *Source) FindUserDN(name string) (string, bool) { l, err := ldapDial(ls) if err != nil { log.Error(4, "LDAP Connect error, %s:%v", ls.Host, err) ls.Enabled = false return "", false } defer l.Close() log.Trace("Search for LDAP user: %s", name) if ls.BindDN != "" && ls.BindPassword != "" { err = l.Bind(ls.BindDN, ls.BindPassword) if err != nil { log.Debug("Failed to bind as BindDN[%s]: %v", ls.BindDN, err) return "", false } log.Trace("Bound as BindDN %s", ls.BindDN) } else { log.Trace("Proceeding with anonymous LDAP search.") } // A search for the user. userFilter, ok := ls.sanitizedUserQuery(name) if !ok { return "", false } log.Trace("Searching using filter %s", userFilter) search := ldap.NewSearchRequest( ls.UserBase, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, userFilter, []string{}, nil) // Ensure we found a user sr, err := l.Search(search) if err != nil || len(sr.Entries) < 1 { log.Debug("Failed search using filter[%s]: %v", userFilter, err) return "", false } else if len(sr.Entries) > 1 { log.Debug("Filter '%s' returned more than one user.", userFilter) return "", false } userDN := sr.Entries[0].DN if userDN == "" { log.Error(4, "LDAP search was successful, but found no DN!") return "", false } return userDN, true }
// Handle handles and logs error by given status. func (ctx *Context) Handle(status int, title string, err error) { if err != nil { log.Error(4, "%s: %v", title, err) if macaron.Env != macaron.PROD { ctx.Data["ErrorMsg"] = err } } switch status { case 404: ctx.Data["Title"] = "Page Not Found" case 500: ctx.Data["Title"] = "Internal Server Error" } ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status))) }
// APIError logs error with title if status is 500. func (ctx *Context) APIError(status int, title string, obj interface{}) { var message string if err, ok := obj.(error); ok { message = err.Error() } else { message = obj.(string) } if status == 500 { log.Error(4, "%s: %s", title, message) } ctx.JSON(status, map[string]string{ "message": message, "url": base.DOC_URL, }) }
// Note: get back time.Time from database Go sees it at UTC where they are really Local. // So this function makes correct timezone offset. func regulateTimeZone(t time.Time) time.Time { /*if !setting.UseMySQL { return t }*/ zone := t.Local().Format("-0700") if len(zone) != 5 { log.Error(4, "Unprocessable timezone: %s - %s", t.Local(), zone) return t } hour := com.StrTo(zone[2:3]).MustInt() minutes := com.StrTo(zone[3:5]).MustInt() if zone[0] == '-' { return t.Add(time.Duration(hour) * time.Hour).Add(time.Duration(minutes) * time.Minute) } return t.Add(-1 * time.Duration(hour) * time.Hour).Add(-1 * time.Duration(minutes) * time.Minute) }
// searchEntry : search an LDAP source if an entry (name, passwd) is valid and in the specific filter func (ls *Source) SearchEntry(name, passwd string, directBind bool) (string, string, string, string, bool, bool) { var userDN string if directBind { log.Trace("LDAP will bind directly via UserDN template: %s", ls.UserDN) var ok bool userDN, ok = ls.sanitizedUserDN(name) if !ok { return "", "", "", "", false, false } } else { log.Trace("LDAP will use BindDN.") var found bool userDN, found = ls.FindUserDN(name) if !found { return "", "", "", "", false, false } } l, err := ldapDial(ls) if err != nil { log.Error(4, "LDAP Connect error (%s): %v", ls.Host, err) ls.Enabled = false return "", "", "", "", false, false } defer l.Close() log.Trace("Binding with userDN: %s", userDN) err = l.Bind(userDN, passwd) if err != nil { log.Debug("LDAP auth. failed for %s, reason: %v", userDN, err) return "", "", "", "", false, false } log.Trace("Bound successfully with userDN: %s", userDN) userFilter, ok := ls.sanitizedUserQuery(name) if !ok { return "", "", "", "", false, false } search := ldap.NewSearchRequest( userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, userFilter, []string{ls.AttributeName, ls.AttributeSurname, ls.AttributeMail}, nil) sr, err := l.Search(search) if err != nil { log.Error(4, "LDAP Search failed unexpectedly! (%v)", err) return "", "", "", "", false, false } else if len(sr.Entries) < 1 { if directBind { log.Error(4, "User filter inhibited user login.") } else { log.Error(4, "LDAP Search failed unexpectedly! (0 entries)") } return "", "", "", "", false, false } username_attr := sr.Entries[0].GetAttributeValue(ls.AttributeUsername) name_attr := sr.Entries[0].GetAttributeValue(ls.AttributeName) sn_attr := sr.Entries[0].GetAttributeValue(ls.AttributeSurname) mail_attr := sr.Entries[0].GetAttributeValue(ls.AttributeMail) admin_attr := false if len(ls.AdminFilter) > 0 { search = ldap.NewSearchRequest( userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter, []string{ls.AttributeName}, nil) sr, err = l.Search(search) if err != nil { log.Error(4, "LDAP Admin Search failed unexpectedly! (%v)", err) } else if len(sr.Entries) < 1 { log.Error(4, "LDAP Admin Search failed") } else { admin_attr = true } } return username_attr, name_attr, sn_attr, mail_attr, admin_attr, true }
func (ctx *Context) HandleText(status int, title string) { if (status/100 == 4) || (status/100 == 5) { log.Error(4, "%s", title) } ctx.PlainText(status, []byte(title)) }