From 4d75c244dbbfb5269a42650d2e35f4f892b15d36 Mon Sep 17 00:00:00 2001
From: Baptiste Daroussin <bapt@FreeBSD.org>
Date: Wed, 30 Oct 2024 17:46:36 +0100
Subject: [PATCH] LDAP: allow to set a prefix and a suffix to loginName

---
 options/locale/locale_en-US.ini          | 2 ++
 routers/web/admin/auths.go               | 2 ++
 services/auth/source/ldap/source.go      | 2 ++
 services/auth/source/ldap/source_sync.go | 4 +++-
 services/forms/auth_form.go              | 2 ++
 templates/admin/auth/edit.tmpl           | 8 ++++++++
 templates/admin/auth/source/ldap.tmpl    | 8 ++++++++
 7 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 289b8aa17f..676ed9838c 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -3182,6 +3182,8 @@ auths.attribute_ssh_public_key = Public SSH key attribute
 auths.attribute_avatar = Avatar attribute
 auths.attributes_in_bind = Fetch attributes in bind DN context
 auths.default_domain_name = Default domain name used for the email address
+auths.username_prefix = Prefix used for username
+auths.username_suffix = Suffix used for username
 auths.allow_deactivate_all = Allow an empty search result to deactivate all users
 auths.use_paged_search = Use paged search
 auths.search_page_size = Page size
diff --git a/routers/web/admin/auths.go b/routers/web/admin/auths.go
index 799b7e8a84..549a8284f3 100644
--- a/routers/web/admin/auths.go
+++ b/routers/web/admin/auths.go
@@ -130,6 +130,8 @@ func parseLDAPConfig(form forms.AuthenticationForm) *ldap.Source {
 		BindPassword:          form.BindPassword,
 		UserBase:              form.UserBase,
 		DefaultDomainName:     form.DefaultDomainName,
+		UsernamePrefix:        form.UsernamePrefix,
+		UsernameSuffix:        form.UsernameSuffix,
 		AttributeUsername:     form.AttributeUsername,
 		AttributeName:         form.AttributeName,
 		AttributeSurname:      form.AttributeSurname,
diff --git a/services/auth/source/ldap/source.go b/services/auth/source/ldap/source.go
index ba407b351a..be4b1282ea 100644
--- a/services/auth/source/ldap/source.go
+++ b/services/auth/source/ldap/source.go
@@ -35,6 +35,8 @@ type Source struct {
 	UserBase              string // Base search path for users
 	UserDN                string // Template for the DN of the user for simple auth
 	DefaultDomainName     string // DomainName used if none are in the field, default "localhost.local"
+	UsernamePrefix        string // Prefix used for the username
+	UsernameSuffix        string // Suffix used for the username
 	AttributeUsername     string // Username attribute
 	AttributeName         string // First name attribute
 	AttributeSurname      string // Surname attribute
diff --git a/services/auth/source/ldap/source_sync.go b/services/auth/source/ldap/source_sync.go
index 4a1dc7a44c..0daa46e4d6 100644
--- a/services/auth/source/ldap/source_sync.go
+++ b/services/auth/source/ldap/source_sync.go
@@ -112,6 +112,8 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 			su.Mail = fmt.Sprintf("%s@%s", su.Username, domainName)
 		}
 
+
+		loginName := fmt.Sprintf("%s%s%s", source.UsernamePrefix, su.Username, source.UsernameSuffix)
 		fullName := composeFullName(su.Name, su.Surname, su.Username)
 		// If no existing user found, create one
 		if usr == nil {
@@ -123,7 +125,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 				FullName:    fullName,
 				LoginType:   source.authSource.Type,
 				LoginSource: source.authSource.ID,
-				LoginName:   su.Username,
+				LoginName:   loginName,
 				Email:       su.Mail,
 				IsAdmin:     su.IsAdmin,
 			}
diff --git a/services/forms/auth_form.go b/services/forms/auth_form.go
index a3eca9473b..11d6566605 100644
--- a/services/forms/auth_form.go
+++ b/services/forms/auth_form.go
@@ -27,6 +27,8 @@ type AuthenticationForm struct {
 	AttributeName                 string
 	AttributeSurname              string
 	DefaultDomainName             string
+	UsernamePrefix                string
+	UsernameSuffix                string
 	AttributeMail                 string
 	AttributeSSHPublicKey         string
 	AttributeAvatar               string
diff --git a/templates/admin/auth/edit.tmpl b/templates/admin/auth/edit.tmpl
index a8b2049f92..1dc76b993e 100644
--- a/templates/admin/auth/edit.tmpl
+++ b/templates/admin/auth/edit.tmpl
@@ -85,6 +85,14 @@
 						<label for="attribute_username">{{ctx.Locale.Tr "admin.auths.attribute_username"}}</label>
 						<input id="attribute_username" name="attribute_username" value="{{$cfg.AttributeUsername}}" placeholder="{{ctx.Locale.Tr "admin.auths.attribute_username_placeholder"}}">
 					</div>
+					<div class="field">
+						<label for="username_prefix">{{ctx.Locale.Tr "admin.auths.username_prefix"}}</label>
+						<input id="username_prefix" name="username_prefix" value="{{$cfg.UsernamePrefix}}" placeholder="" >
+					</div>
+					<div class="field">
+						<label for="username_suffix">{{ctx.Locale.Tr "admin.auths.username_prefix"}}</label>
+						<input id="username_suffix" name="username_suffix" value="{{$cfg.UsernameSuffix}}" placeholder="" >
+					</div>
 					<div class="field">
 						<label for="attribute_name">{{ctx.Locale.Tr "admin.auths.attribute_name"}}</label>
 						<input id="attribute_name" name="attribute_name" value="{{$cfg.AttributeName}}">
diff --git a/templates/admin/auth/source/ldap.tmpl b/templates/admin/auth/source/ldap.tmpl
index 6cb6643f26..e2fe5b5a21 100644
--- a/templates/admin/auth/source/ldap.tmpl
+++ b/templates/admin/auth/source/ldap.tmpl
@@ -59,6 +59,14 @@
 		<label for="attribute_username">{{ctx.Locale.Tr "admin.auths.attribute_username"}}</label>
 		<input id="attribute_username" name="attribute_username" value="{{.attribute_username}}" placeholder="{{ctx.Locale.Tr "admin.auths.attribute_username_placeholder"}}">
 	</div>
+	<div class="field">
+		<label for="username_prefix">{{ctx.Locale.Tr "admin.auths.username_prefix"}}</label>
+		<input id="username_prefix" name="username_prefix" value="{{.username_prefix}}" placeholder="{{ctx.Locale.Tr "admin.auths.attribute_username_placeholder"}}">
+	</div>
+	<div class="field">
+		<label for="username_suffix">{{ctx.Locale.Tr "admin.auths.username_suffix"}}</label>
+		<input id="username_suffix" name="username_suffix" value="{{.username_suffix}}" placeholder="{{ctx.Locale.Tr "admin.auths.attribute_username_placeholder"}}">
+	</div>
 	<div class="field">
 		<label for="attribute_name">{{ctx.Locale.Tr "admin.auths.attribute_name"}}</label>
 		<input id="attribute_name" name="attribute_name" value="{{.attribute_name}}">
-- 
2.47.0