Extract LDAP config spec to a separate module

Currently it has mostly auth-related options, but the goal is to unify the common parts of LDAP configuration for auth, mod_shared_roster_ldap and mod_vcard.
esl · Dec 8, 2021 · dc96af3 · dc96af3
1 parent e0877c0
commit dc96af3
Show file tree

Hide file tree

Showing 4 changed files with 63 additions and 59 deletions.
diff --git a/src/auth/ejabberd_auth_ldap.erl b/src/auth/ejabberd_auth_ldap.erl
@@ -49,10 +49,6 @@
          supported_features/0
         ]).
 
-%% Config spec callbacks
--export([process_ldap_dn_filter/1,
-         process_ldap_local_filter/1]).
-
 %% Internal
 -export([check_password/4,
          check_password/6]).
@@ -112,49 +108,17 @@ config_spec() ->
                  <<"bind_pool_tag">> => #option{type = atom,
                                                 validate = non_empty},
                  <<"base">> => #option{type = binary},
-                 <<"uids">> => #list{items = mongoose_config_spec:ldap_uids()},
+                 <<"uids">> => #list{items = mongoose_ldap_config:uids()},
                  <<"filter">> => #option{type = binary,
                                          validate = ldap_filter},
-                 <<"dn_filter">> => ldap_dn_filter(),
-                 <<"local_filter">> => ldap_local_filter(),
+                 <<"dn_filter">> => mongoose_ldap_config:dn_filter(),
+                 <<"local_filter">> => mongoose_ldap_config:local_filter(),
                  <<"deref">> => #option{type = atom,
                                         validate = {enum, [never, always, finding, searching]}}
                 },
        format_items = map
       }.
 
-ldap_dn_filter() ->
-    #section{
-       items = #{<<"filter">> => #option{type = binary,
-                                         validate = ldap_filter},
-                 <<"attributes">> => #list{items = #option{type = binary}}
-                },
-       required = [<<"filter">>],
-       defaults = #{<<"attributes">> => []},
-       process = fun ?MODULE:process_ldap_dn_filter/1,
-       format_items = map
-      }.
-
-ldap_local_filter() ->
-    #section{
-       items = #{<<"operation">> => #option{type = atom,
-                                            validate = {enum, [equal, notequal]}},
-                 <<"attribute">> => #option{type = string,
-                                            validate = non_empty},
-                 <<"values">> => #list{items = #option{type = string},
-                                       validate = non_empty}
-                },
-       required = all,
-       process = fun ?MODULE:process_ldap_local_filter/1,
-       format_items = map
-      }.
-
-process_ldap_dn_filter(#{filter := Filter, attributes := Attrs}) ->
-    {Filter, Attrs}.
-
-process_ldap_local_filter(#{operation := Op, attribute := Attr, values := Values}) ->
-    {Op, {Attr, Values}}.
-
 -spec start_link(HostType :: mongooseim:host_type()) -> {ok, pid()} | {error, any()}.
 start_link(HostType) ->
     Proc = gen_mod:get_module_proc(HostType, ?MODULE),
@@ -504,10 +468,7 @@ parse_options(HostType) ->
     RawUserFilter = maps:get(filter, Opts, <<>>),
     UserFilter = eldap_utils:process_user_filter(UIDs, RawUserFilter),
     SearchFilter = eldap_utils:get_search_filter(UserFilter),
-    {DNFilter, DNFilterAttrs} = case maps:find(dn_filter, Opts) of
-                                    {ok, DNF} -> DNF;
-                                    error -> {undefined, []}
-                                end,
+    {DNFilter, DNFilterAttrs} = maps:get(dn_filter, Opts, {undefined, []}),
     LocalFilter = maps:get(local_filter, Opts, undefined),
     #state{host_type = HostType,
            eldap_id = {HostType, EldapID},

diff --git a/src/config/mongoose_config_spec.erl b/src/config/mongoose_config_spec.erl
@@ -5,8 +5,7 @@
 
 %% spec parts used by modules and services
 -export([wpool_items/0,
-         iqdisc/0,
-         ldap_uids/0]).
+         iqdisc/0]).
 
 %% callbacks for the 'process' step
 -export([process_host/1,
@@ -506,16 +505,6 @@ auth_password() ->
        wrap = {kv, password_format}
       }.
 
-%% path: (host_config[].)auth.ldap.uids
-ldap_uids() ->
-    #section{
-       items = #{<<"attr">> => #option{type = binary},
-                 <<"format">> => #option{type = binary}},
-       process = fun ?MODULE:process_ldap_uids/1,
-       required = [<<"attr">>],
-       format_items = map
-      }.
-
 %% path: outgoing_pools
 outgoing_pools() ->
     PoolTypes = [<<"cassandra">>, <<"elastic">>, <<"http">>, <<"ldap">>,
@@ -1121,9 +1110,6 @@ process_auth_password(KVs) ->
         {[], [{hash, Hashes}]} -> {scram, Hashes}
     end.
 
-process_ldap_uids(#{attr := Attr, format := Format}) -> {Attr, Format};
-process_ldap_uids(#{attr := Attr}) -> Attr.
-
 process_pool([Tag, Type|_], KVs) ->
     {[ScopeOpts, HostOpts, ConnOpts], Opts} = proplists:split(KVs, [scope, host, connection]),
     Scope = pool_scope(ScopeOpts, HostOpts),

diff --git a/src/mongoose_ldap_config.erl b/src/mongoose_ldap_config.erl
@@ -0,0 +1,57 @@
+-module(mongoose_ldap_config).
+
+%% Config spec
+-export([uids/0,
+         dn_filter/0,
+         local_filter/0]).
+
+%% Config spec callbacks
+-export([process_uids/1,
+         process_dn_filter/1,
+         process_local_filter/1]).
+
+-include("mongoose_config_spec.hrl").
+
+uids() ->
+    #section{
+       items = #{<<"attr">> => #option{type = binary},
+                 <<"format">> => #option{type = binary}},
+       process = fun ?MODULE:process_uids/1,
+       required = [<<"attr">>],
+       format_items = map
+      }.
+
+dn_filter() ->
+    #section{
+       items = #{<<"filter">> => #option{type = binary,
+                                         validate = ldap_filter},
+                 <<"attributes">> => #list{items = #option{type = binary}}
+                },
+       required = [<<"filter">>],
+       defaults = #{<<"attributes">> => []},
+       process = fun ?MODULE:process_dn_filter/1,
+       format_items = map
+      }.
+
+local_filter() ->
+    #section{
+       items = #{<<"operation">> => #option{type = atom,
+                                            validate = {enum, [equal, notequal]}},
+                 <<"attribute">> => #option{type = string,
+                                            validate = non_empty},
+                 <<"values">> => #list{items = #option{type = string},
+                                       validate = non_empty}
+                },
+       required = all,
+       process = fun ?MODULE:process_local_filter/1,
+       format_items = map
+      }.
+
+process_uids(#{attr := Attr, format := Format}) -> {Attr, Format};
+process_uids(#{attr := Attr}) -> Attr.
+
+process_dn_filter(#{filter := Filter, attributes := Attrs}) ->
+    {Filter, Attrs}.
+
+process_local_filter(#{operation := Op, attribute := Attr, values := Values}) ->
+    {Op, {Attr, Values}}.
diff --git a/src/vcard/mod_vcard.erl b/src/vcard/mod_vcard.erl
@@ -234,7 +234,7 @@ config_spec() ->
                  <<"ldap_pool_tag">> => #option{type = atom,
                                                 validate = pool_name},
                  <<"ldap_base">> => #option{type = string},
-                 <<"ldap_uids">> => #list{items = mongoose_config_spec:ldap_uids()},
+                 <<"ldap_uids">> => #list{items = mongoose_ldap_config:uids()},
                  <<"ldap_filter">> => #option{type = binary},
                  <<"ldap_deref">> => #option{type = atom,
                                              validate = {enum, [never, always, finding, searching]}},