testing

src/index.ts

@@ -137,24 +137,40 @@ async function synchronizeUserACL(activeDirectoryUser: ActiveDirectoryUser, perm
  */
 async function synchronizeUserSOB(activeDirectoryGroup: ActiveDirectoryUser): Promise<void> {
   // Should always be one entry
-  const activeDirectoryPermissionGroup: ActiveDirectoryUser = ((await activeDirectoryConnector.search(activeDirectoryGroup[ActiveDirectoryPermissions.mailPermSOB], {
+  const activeDirectoryPermissionGroup: ActiveDirectoryUser[] = ((await activeDirectoryConnector.search(activeDirectoryGroup[ActiveDirectoryPermissions.mailPermSOB], {
     scope: 'sub',
     attributes: ['memberFlattened'],
-  })).searchEntries)[0] as unknown as ActiveDirectoryUser;
+  })).searchEntries) as unknown as ActiveDirectoryUser[];
+
+  // Construct list in database with DN of all committees they are in
+  // Get existing list of committees, add new DN as string
+  for (const members of activeDirectoryPermissionGroup) {
+    // For some reason a single entry is returned as string, so turn it into an array
+    if (!Array.isArray(members.memberFlattened))
+      members.memberFlattened = [members.memberFlattened];
+    for (const member of members.memberFlattened) {
+      const memberResults = (await activeDirectoryConnector.search(member, {
+        scope: 'sub',
+        attributes: ['mail'],
+      })).searchEntries as unknown as ActiveDirectoryUser[];
+      await editLocalUserPermissions(memberResults[0].mail, activeDirectoryGroup.mail);
+    }
+  }
 
-  // Singular entries are possible, so turn them into an array
-  if (!Array.isArray(activeDirectoryPermissionGroup.memberFlattened))
-    activeDirectoryPermissionGroup.memberFlattened = [activeDirectoryPermissionGroup.memberFlattened];
 
-  // All users are given as DN, so we have to get their mail first
-  for (const activeDirectoryUserDN of activeDirectoryPermissionGroup.memberFlattened) {
-    const activeDirectoryUserMail: ActiveDirectoryUser = ((await activeDirectoryConnector.search(activeDirectoryUserDN, {
-      scope: 'sub',
-      attributes: ['mail'],
-    })).searchEntries)[0] as unknown as ActiveDirectoryUser;
-    // Own group has to be skipped to prevent clashing permissions
-    await editLocalUserPermissions(activeDirectoryUserMail.mail, activeDirectoryGroup.mail);
-  }
+  // Singular entries are possible, so turn them into an array
+  // if (!Array.isArray(activeDirectoryPermissionGroup.memberFlattened))
+  //   activeDirectoryPermissionGroup.memberFlattened = [activeDirectoryPermissionGroup.memberFlattened];
+
+  // // All users are given as DN, so we have to get their mail first
+  // for (const activeDirectoryUserDN of activeDirectoryPermissionGroup.memberFlattened) {
+  //   const activeDirectoryUserMail: ActiveDirectoryUser = ((await activeDirectoryConnector.search(activeDirectoryUserDN, {
+  //     scope: 'sub',
+  //     attributes: ['mail'],
+  //   })).searchEntries)[0] as unknown as ActiveDirectoryUser;
+  //   // Own group has to be skipped to prevent clashing permissions
+  //   await editLocalUserPermissions(activeDirectoryUserMail.mail, activeDirectoryGroup.mail);
+  // }
 }
 
 
@@ -413,6 +429,7 @@ async function synchronizeUsersWithActiveDirectory(): Promise<void> {
  */
 async function synchronizePermissionsWithActiveDirectory(): Promise<void> {
   for (const activeDirectoryUser of activeDirectoryUsers) {
+    console.log(activeDirectoryUser.mail);
     try {
       // Check if current user has corresponding permissions
       // Sometimes, the mail considered is a personal account, but it can also be a shared mailbox