当前位置: 首页 > 工具软件 > Ruby/LDAP > 使用案例 >

redmine 大坑ldap插件

曾奇略
2023-12-01

主要坑

默认的ldap只支持认证,不支持同步,需要下插件
4.0 根本不支持这个插件,自己写脚本吧

redmine3.0x可以从这里下ldap同步插件

安装很简单

1. **install.** - Copy your plugin directory into `#{RAILS_ROOT}/plugins`.
   If you are downloading the plugin directly from GitHub, you can do so by
   changing into the `#{RAILS_ROOT}/plugins` directory and issuing the command:
   git clone git://github.com/thorin/redmine_ldap_sync.git

   **upgrade** - Backup and replace the old plugin directory with the new
   plugin files. If you are downloading the plugin directly from GitHub, you
   can do so by changing into the plugin directory and issuing the command
   `git pull`.

2. Update the ruby gems by changing into the redmine's directory and run the
   following command.
  
   bundle install
  

3. **upgrade** - Still on the redmine's directory, run the following command
   to upgrade your database (make a db backup before).
  
   rake redmine:plugins:migrate RAILS_ENV=production
  

4. Change into redmine's directory `#{RAILS_ROOT}` and run the following
   command.
   
   rake -T redmine:plugins:ldap_sync RAILS_ENV=production
   
   If the installation/upgrade was successful you should now see the list of
   [Rake Tasks](#rake-tasks).

5. Restart Redmine.

链接: [link](https://github.com/thorin/redmine_ldap_sync).

但是问题来了 我运行报错啊!!!

如下:



1: from /home/redmine/redmine/plugins/redmine_ldap_sync/app/models/ldap_setting.rb:18:in `<top (required)>'
/home/redmine/redmine/plugins/redmine_ldap_sync/app/models/ldap_setting.rb:69:in `<class:LdapSetting>': uninitialized constant User::STANDARD_FIELDS (NameError)

还好有人在git上是问了 结果是取巧的办法,不初始化

~~不管了,浪费了一天 先解决,大家有正确的方法请留言 啊 谢谢

require 'redmine'

Redmine::Plugin.register :redmine_ldap_sync do
  name 'Redmine LDAP Sync'
  author 'Ricardo Santos'
  author_url 'https://github.com/thorin'
  description 'Syncs users and groups with ldap'
  url 'https://github.com/thorin/redmine_ldap_sync'
  version '2.1.1.devel'
  requires_redmine :version_or_higher => '2.1.0'

  settings :default => HashWithIndifferentAccess.new()
  menu :admin_menu, :ldap_sync, { :controller => 'ldap_settings', :action => 'index' }, :caption => :label_ldap_synchronization,
                    :html => {:class => 'icon icon-ldap-sync'}
end

RedmineApp::Application.config.after_initialize do
  require_dependency 'ldap_sync/core_ext'
  require_dependency 'ldap_sync/infectors'
end

# hooks
require_dependency 'ldap_sync/hooks'

把init方法注释

##RedmineApp::Application.config.after_initialize do
  require_dependency 'ldap_sync/core_ext'
  require_dependency 'ldap_sync/infectors'
##end

***这算是解决不了问题就把问题提出人解决了啊
期待大家的正常解决方案
***

后来发现 我白费了几天功夫

原来4.0 不支持这个插件,好在redmine提供了难用的api
插件不会写,写个能用的脚本先解决下问题吧,既然用的ruby,那就写ruby脚本吧

def get_user

  api =('http://192.168.0.222:3000/users.json')
  params ={"key" =>'xxxxxxxxxxxxx',}


  uri = URI(api)
  uri.query = URI.encode_www_form(params)
  #use_ssl = true if uri.scheme =='https'
  res = Net::HTTP.get_response(uri)
  #puts res.body if res.is_a?(Net::HTTPSuccess)
  json =JSON.load(res.body)
  p json

  puts "get users "

end

执行后会看到用户

{"users"=>[{"id"=>1, "login"=>"admin", "admin"=>true, "firstname"=>"Redmine", "lastname"=>"Admin", "mail"=>"admin@example.net", "created_on"=>"2020-01-14T07:08:01Z", "last_login_on"=>"2020-01-16T07:15:08Z"}], "total_count"=>1, "offset"=>0, "limit"=>25}
get users
def update_user(ldapuser, mail)
  base_url = "http://192.168.0.222:3000" 
  api_token = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxf" 

  payload = {
    user: {
      login: ldapuser,
      firstname: ldapuser,
      lastname: ldapuser,
      mail: mail,
      valid_statuse: 'STATUS_ACTIVE',#valid_statuses = [STATUS_ACTIVE, STATUS_REGISTERED, STATUS_LOCKED]这个就是你们添加了用户,却无法登录的原因
      user_auth_source_id: 1,#redmine是在页面执行了一个js脚本,看地址是get一个自动认证的,但是我试了几次不成功,现在只能手动改为ldap认证,不过后来发现数据库的user_auth_source_id默认改为1,就可以了
      password: "[FILTERED]", 
      password_confirmation: "[FILTERED]",
      generate_password:"[FILTERED]"
    }
  }

  url = "#{base_url}/users.json" 
  puts url
  uri = URI.parse(url) 
  req = Net::HTTP::Post.new(uri.request_uri)

  req["Content-Type"] = "application/json" 
  req['X-Redmine-API-Key'] = api_token
  req.body = payload.to_json

  http = Net::HTTP.new(uri.host,uri.port)
  #http.use_ssl = true
  response = http.request(req)
  return response
end
#add_user_ldap

response = update_user("hg","hg@ay.com.cn")
p response

运行之后 你的redmin就会创建ldap用户了

{"users"=>[{"id"=>1, "login"=>"admin", "admin"=>true, "firstname"=>"Redmine", "lastname"=>"Admin", "mail"=>"admin@example.net", "created_on"=>"2020-01-14T07:08:01Z", "last_login_on"=>"2020-01-16T07:15:08Z"}], "total_count"=>1, "offset"=>0, "limit"=>25}
get users
nil
ok
http://192.168.0.222:3000/users.json
#<Net::HTTPCreated 201 Created  readbody=true>
[Finished in 0.3s]

现在有了用户但是还是不能用ldap登录,因为用户管理里默认是内部认证,不是ldap用户
而数据库里认证那边默认是null
也就是没有认证

SELECT * FROM redmine.users;
UPDATE redmine.users SET auth_source_id ='1' WHERE login ='hg';

我这里偷懒了 默认改为1

mysql> use redmine
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> alter table redmine.users alter column source_id set default 1;
ERROR 1054 (42S22): Unknown column 'source_id' in 'users'
mysql> alter table redmine.users alter column source_id set default 1;
ERROR 1054 (42S22): Unknown column 'source_id' in 'users'
mysql> alter table redmine.users alter column auth_source_id set default 1;
Query OK, 0 rows affected (0.08 sec)
Records: 0  Duplicates: 0  Warnings: 0



这样新创建的用户都ldap用户

然后配合ldap脚本,就能同步用户了
同理,可以同步组

下一篇文就脚本
需要脚本请前往这里

 类似资料: