Impl save time ldap user

CHANGELOG.md

@@ -10,6 +10,9 @@ Changelog for binary "usermgmt" and library "usermgmt_lib".
 
 ### Added
 
+- Added conf field "ldap_add_created_at" to opt in for creating LDAP users with creation date
+  Note: the field value field "ldapAttributes" under the array field "objectclass_common" is needed
+  within the config file. Otherwise one gets an error while creating an user within LDAP""
 - Added configuration field "ldap_default_user". Allows to define username for LDAP login used by default.
 - Added CLI option to specify the configuration file
 - Logging also performed to logging file

README.md

@@ -196,6 +196,15 @@ usermgmt generate-config > /home/foo/conf.toml
 The `conf.toml` file looks as follows:
 
 ```toml
+# If true, a timestamp is created within the LDAP database.
+# Timestamp is when an user was created within LDAP database user entry
+# Make sure to also include the field "'ldapAttributes'" under the array "objectclass_common" 
+# Within the config file. Otherwise one gets an error while creating an user within LDAP.
+# The timestamp is saved in the format of rfc 3339 with the UTC time zone.
+# Example of date and time 'year: 2024, month: may, day: 9 and hour: 10, minutes: 49 and seconds: 34'
+# 2024-05-09T10:49:34.545686277+00:00
+# Link: To this rfc 3339 => https://www.rfc-editor.org/rfc/rfc3339
+ldap_add_created_at = true
 # Default value of the Slurm default QOS for the student group
 student_default_qos = 'basic'
 # Default value of the Slurm default QOS for the staff group
@@ -403,6 +412,16 @@ This project currently consists of 3 crates:
 
 ## Tips and advanced usage
 
+### LDAP: Create users with a date of their creation
+
+There is a feature of this tool in which a creation date is added to the LDAP user upon creation.
+To preserve the backwards compatibility with earlier versions, this features must be opted in.
+
+You can opt in by the following steps:
+
+1. Set the field value "ldap_add_created_at" to `true` within the configuration file.
+2. Add the value "ldapAttributes" to the array value "objectclass_common" within the configuration file.
+
 ### Use SSH agent for ssh authentication 
 
 To save yourself entering password for ssh authentication again and again, 

conf.toml

@@ -3,6 +3,7 @@
 
 # ldap bind for user is cn=admin,dc=example,dc=org in docker set up
 
+ldap_add_created_at = true 
 student_default_qos = 'basic'
 staff_default_qos = 'advanced'
 student_qos = ['interactive', 'basic']
@@ -17,6 +18,7 @@ objectclass_common = [
     'posixAccount',
     'shadowAccount',
     'slurmRole',
+    'ldapAttributes',
     'top',
 ]
 compute_nodes = ['m0.host.de', 'ml1.host.de']

docker/bootstrap_lidfs/02_scheme_ldap_attr.ldif

@@ -0,0 +1,13 @@
+dn: cn=ldap_specs,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: ldap_specs
+olcAttributeTypes: {0}( 1.3.6.1.4.1.49213.1.1.30 NAME 'createdAt' 
+    DESC 'When the user was added to the LDAP database' 
+    EQUALITY caseIgnoreMatch 
+    SUBSTR caseIgnoreSubstringsMatch
+    SYNTAX  1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
+    )
+olcObjectClasses: {0}( 1.3.6.1.4.1.24552.500.200.1.2.17 NAME 'ldapAttributes' SUP top AUXILIARY
+    DESC 'Specific attributes releated to LDAP'
+    MUST ( createdAt )
+    )

usermgmt_gui/CHANGELOG.md

@@ -1,6 +1,6 @@
 # Changelog
 
-All changes to the GUI Frontend of the usermgmt project.
+All changes to the GUI Front-End of the usermgmt project.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
@@ -11,6 +11,7 @@ Changelog for binary "usermgmt_gui".
 
 ### Added 
 
+- Added an edit field for "objectclass_common" of configuration file within the configuration window.
 - Logging also performed to logging file
 - Ssh key pair can be provided by field within configuration
 

usermgmt_gui/src/drawing/configuration.rs

@@ -246,6 +246,8 @@ fn construct_fields(config: &mut MgmtConfig, map: CacheForConfFields) -> Vec<Con
     }
 
     let mut fields: Vec<ConfiField> = vec![
+        create_conf_field!(objectclass_common),
+        create_conf_field!(ldap_add_created_at),
         create_conf_field!(student_default_qos),
         create_conf_field!(staff_default_qos),
         create_conf_field!(default_ssh_user),

usermgmt_lib/Cargo.toml

@@ -31,6 +31,7 @@ derive_more = { version = "0.99.17", default-features = false, features = [
   "deref",
 ] }
 flexi_logger = { version = "0.27.4", features = ["async"] }
+chrono = { version = "0.4.38", features = ["alloc"] }
 
 [dev-dependencies]
 insta = { version = "1.35.1", features = ["yaml"] }

usermgmt_lib/src/config.rs

@@ -38,6 +38,7 @@ pub struct MgmtConfig {
     pub ldap_readonly_user_prefix: Option<String>,
     pub ldap_bind_prefix: Option<String>,
     pub ldap_bind_org_unit: Option<String>,
+    pub ldap_add_created_at: bool,
     pub home_host: String,
     pub nfs_host: String,
     pub head_node: String,
@@ -83,6 +84,7 @@ impl MgmtConfig {
 impl Default for MgmtConfig {
     fn default() -> Self {
         MgmtConfig {
+            ldap_add_created_at: false,
             student_default_qos: "basic".to_string(),
             staff_default_qos: "advanced".to_string(),
             student_qos: vec!["interactive".to_string(), "basic".to_string()],

usermgmt_lib/src/ldap.rs

@@ -6,6 +6,7 @@ mod ldap_session;
 mod ldap_simple_credential;
 pub mod text_list_output;
 
+use chrono::Utc;
 pub use ldap_config::LDAPConfig;
 pub use ldap_credential::LdapCredential;
 pub use ldap_search_result::LdapSearchResult;
@@ -91,6 +92,24 @@ where
     where
         T: LdapCredential,
     {
+        fn add_fields<T>(
+            connection: &mut LdapConn,
+            entity: &NewEntity,
+            ldap_config: &LDAPConfig<T>,
+            fields: Vec<(&str, HashSet<&str>)>,
+        ) -> AppResult
+        where
+            T: LdapCredential,
+        {
+            let result_from_adding = connection.add(
+                &format!("uid={},{}", entity.username, ldap_config.base()),
+                fields,
+            );
+
+            ldap_is_success(result_from_adding).context("Unable to create LDAP user!")?;
+            Ok(())
+        }
+
         let un = entity.username.as_ref().as_str();
         let gid = entity.group.gid().to_string();
         let uid = uid.to_string();
@@ -115,30 +134,36 @@ where
             .unwrap_or("");
 
         ldap_session.action(|connection, ldap_config| {
-            let result_form_adding = connection.add(
-                &format!("uid={},{}", entity.username, ldap_config.base()),
-                vec![
-                    ("cn", hashset! {un}),
-                    (
-                        "objectClass",
-                        hashset_from_vec_str(&config.objectclass_common).to_owned(),
-                    ),
-                    ("gidNumber", hashset! {gid.as_str()}),
-                    ("uidNumber", hashset! {uid.as_str()}),
-                    ("uid", hashset! {un}),
-                    ("sn", hashset! {ln}),
-                    ("givenName", hashset! {gn}),
-                    ("mail", hashset! {mail}),
-                    ("slurmDefaultQos", hashset! {def_qos}),
-                    ("homeDirectory", hashset! {home.as_str()}),
-                    ("slurmQos", qos),
-                    ("sshPublicKey", hashset! {pubkey}),
-                    ("loginShell", hashset! {config.login_shell.as_str()}),
-                ],
-            );
-
-            ldap_is_success(result_form_adding).context("Unable to create LDAP user!")?;
-            Ok(())
+            let mut fields = vec![
+                ("cn", hashset! {un}),
+                (
+                    "objectClass",
+                    hashset_from_vec_str(&config.objectclass_common).to_owned(),
+                ),
+                ("gidNumber", hashset! {gid.as_str()}),
+                ("uidNumber", hashset! {uid.as_str()}),
+                ("uid", hashset! {un}),
+                ("sn", hashset! {ln}),
+                ("givenName", hashset! {gn}),
+                ("mail", hashset! {mail}),
+                ("slurmDefaultQos", hashset! {def_qos}),
+                ("homeDirectory", hashset! {home.as_str()}),
+                ("slurmQos", qos),
+                ("sshPublicKey", hashset! {pubkey}),
+                ("loginShell", hashset! {config.login_shell.as_str()}),
+            ];
+
+            if config.ldap_add_created_at {
+                let created_at = Utc::now().to_rfc3339();
+                let attr = hashset! {created_at.as_str()};
+                fields.push(("createdAt", attr));
+
+                add_fields(connection, entity, ldap_config, fields)?;
+                Ok(())
+            } else {
+                add_fields(connection, entity, ldap_config, fields)?;
+                Ok(())
+            }
         })
     }
 }
@@ -522,6 +547,7 @@ static SORTED_LDAP_LISTING_ATTRIBUTES: Lazy<Vec<&str>> = Lazy::new(|| {
         "mail",
         "slurmDefaultQos",
         "slurmQos",
+        "createdAt",
     ];
     to_sort.sort();
     to_sort

usermgmt_lib/src/ldap/ldap_search_result.rs

@@ -84,6 +84,7 @@ impl LdapSearchResult {
     pub fn headers(&self) -> Vec<&str> {
         self.header.iter().map(|string| string.as_str()).collect()
     }
+
     pub fn fields(&self) -> Vec<Vec<Vec<&str>>> {
         self.fields
             .as_slice()