portainer/portainer

package ldap

import (
    "net/http"

    portainer "github.com/portainer/portainer/api"
    "github.com/portainer/portainer/api/dataservices"
    "github.com/portainer/portainer/api/filesystem"
    "github.com/portainer/portainer/api/http/security"
    httperror "github.com/portainer/portainer/pkg/libhttp/error"

    "github.com/gorilla/mux"
)

// Handler is the HTTP handler used to handle LDAP search Operations
type Handler struct {
    *mux.Router
    DataStore   dataservices.DataStore
    FileService portainer.FileService
    LDAPService portainer.LDAPService
}

// NewHandler returns a new Handler
func NewHandler(bouncer security.BouncerService) *Handler {
    h := &Handler{
        Router: mux.NewRouter(),
    }

    h.Handle("/ldap/check",
        bouncer.AdminAccess(httperror.LoggerHandler(h.ldapCheck))).Methods(http.MethodPost)

    return h
}

func (handler *Handler) prefillSettings(ldapSettings *portainer.LDAPSettings) error {
    if !ldapSettings.AnonymousMode && ldapSettings.Password == "" {
        settings, err := handler.DataStore.Settings().Settings()
        if err != nil {
            return err
        }

        ldapSettings.Password = settings.LDAPSettings.Password
    }

    if (ldapSettings.TLSConfig.TLS || ldapSettings.StartTLS) && !ldapSettings.TLSConfig.TLSSkipVerify {
        caCertPath, err := handler.FileService.GetPathForTLSFile(filesystem.LDAPStorePath, portainer.TLSFileCA)
        if err != nil {
            return err
        }

        ldapSettings.TLSConfig.TLSCACertPath = caCertPath
    }

    return nil
}