Refactor LDAP sync to sync service structure

[JustSamuel]

Description

This PR changes the syncing of users to a user-first syncing. This means that instead of having different services scattered throughout the codebase, we focus on having a single interface that can be implemented and used in the general user sync.

A sync-service should implement a sync, fetch and down function. It can also be decided to override the guard function if needed. The new syncing structure is as follows:

The user-sync-service is akin to a compound design pattern and takes an array of services to use. Each of these services implements the sync function, enabling the user to be synced with an external service. This sync has a result object which can indicate one of the following:

• The sync was skipped for the provided user (i.e. wrong user type)
• The sync errored (GEWISDB is down)
• The sync result, which is either true for a successful sync or false for a bad sync.

A bad sync can be the case that the user does no longer exist in LDAP or the GEWISDB.
After the user has been synced by all the services, the following happens:

• If none of the syncs errored, we either down a user if all services returned a bad sync, or else do nothing.

down is the function which should clean up or remove data related to the user entity. For the LDAP sync this will be removing the LDAPAuthentication entry, but for the GEWISDB sync this will mean deactivating the user in SudoSOS as no longer existing in the GEWISDB is a reason to be deactivated. This bring us to the following question:

Currently down is only called when all syncs are bad. Is this desired?

Take the cases that a user becomes inactive and removed from AD. The LDAP sync will start to report bad syncs. This could be grounds to remove the user from the LDAP table. However only calling down when all syncs report bad feels safer as it makes for a build in safeguard. This is exceptionally clear from the other case, where a user is removed from GEWISDB but still exists in AD. This is strange, and we would expect a user to also be removed from LDAP. However if they are still in AD, they could still "login", meaning that removing their whole SudoSOS account could potentially lead to a duplicate being created if they login with LDAP.

Therefore I am more inclined to go with the "all syncs should report bad" option. In the end, everything will still be cleaned. It will just take a bit longer with the safer route.

Related issues/external references

#330

Types of changes

• New feature (non-breaking change which adds functionality)

[github-actions]

SudoSOS Coverage Report

Commit: ef207b5
Base: develop@38c5d00

Type	Base	This PR
Total Statements Coverage	?	84.26% (?)
Total Branches Coverage	?	80.88% (?)
Total Functions Coverage	?	85.83% (?)
Total Lines Coverage	?	84.66% (?)

Details (changed files)

File	Statements	Branches	Functions	Lines

Details (all files)

File	Statements	Branches	Functions	Lines
/src/index.ts	88.57%	20%	50%	90.44%
/src/authentication/token-handler.ts	100%	100%	100%	100%
/src/controller/authentication-controller.ts	86.62%	100%	96.15%	86.47%
/src/controller/authentication-secure-controller.ts	88.23%	100%	100%	88.23%
/src/controller/balance-controller.ts	78.04%	50%	100%	78.04%
/src/controller/banner-controller.ts	82.52%	94.11%	100%	82.52%
/src/controller/base-controller.ts	100%	100%	100%	100%
/src/controller/container-controller.ts	85.96%	78.57%	100%	85.45%
/src/controller/debtor-controller.ts	82.96%	53.33%	100%	86.71%
/src/controller/event-controller.ts	82.66%	90%	100%	82.66%
/src/controller/event-shift-controller.ts	75.82%	90%	100%	75.82%
/src/controller/invoice-controller.ts	78.33%	75.86%	92.3%	78.08%
/src/controller/payout-request-controller.ts	69.36%	73.68%	84.61%	69.36%
/src/controller/point-of-sale-controller.ts	83.01%	78.94%	100%	83%
/src/controller/product-category-controller.ts	82.45%	100%	100%	82.45%
/src/controller/product-controller.ts	85.6%	85.71%	100%	86.77%
/src/controller/rbac-controller.ts	87.58%	87.5%	100%	87.32%
/src/controller/root-controller.ts	86.2%	100%	100%	86.2%
/src/controller/seller-payout-controller.ts	84.55%	84.61%	100%	84.44%
/src/controller/server-settings-controller.ts	100%	100%	100%	100%
/src/controller/simple-file-controller.ts	11.62%	0%	0%	11.62%
/src/controller/stripe-controller.ts	92.59%	100%	100%	92.59%
/src/controller/stripe-webhook-controller.ts	97.56%	100%	87.5%	97.56%
/src/controller/test-controller.ts	33.33%	100%	0%	33.33%
/src/controller/transaction-controller.ts	85.14%	96%	100%	84.69%
/src/controller/transfer-controller.ts	84.21%	93.33%	100%	83.63%
/src/controller/user-controller.ts	84.74%	92.85%	100%	84.61%
/src/controller/vat-group-controller.ts	87.8%	100%	100%	87.8%
/src/controller/voucher-group-controller.ts	79.41%	71.42%	100%	79.41%
/src/controller/write-off-controller.ts	85.45%	100%	100%	85.45%
/src/controller/request/file-request.ts	0%	0%	0%	0%
/src/controller/request/validators/container-request-spec.ts	100%	100%	100%	100%
/src/controller/request/validators/general-validators.ts	86.53%	66.66%	77.77%	84.61%
/src/controller/request/validators/invoice-request-spec.ts	96.15%	80%	100%	100%
/src/controller/request/validators/point-of-sale-request-spec.ts	95%	100%	100%	94.11%
/src/controller/request/validators/product-request-spec.ts	90.32%	57.14%	100%	90%
/src/controller/request/validators/rbac-request-spec.ts	100%	100%	100%	100%
/src/controller/request/validators/string-spec.ts	100%	100%	100%	100%
/src/controller/request/validators/update-local-request-spec.ts	100%	100%	100%	100%
/src/controller/request/validators/update-nfc-request-spec.ts	100%	100%	100%	100%
/src/controller/request/validators/update-pin-request-spec.ts	100%	100%	100%	100%
/src/controller/request/validators/user-request-spec.ts	82.6%	25%	85.71%	83.33%
/src/controller/request/validators/validation-errors.ts	87.8%	100%	62.96%	100%
/src/controller/response/dinero.ts	0%	0%	0%	0%
/src/database/database.ts	95.5%	50%	33.33%	97.7%
/src/database/schema.ts	92%	100%	50%	95.83%
/src/database/with-manager.ts	100%	100%	100%	100%
/src/entity/banner.ts	100%	100%	100%	100%
/src/entity/base-entity-without-id.ts	100%	100%	100%	100%
/src/entity/base-entity.ts	100%	100%	100%	100%
/src/entity/server-setting.ts	84.61%	0%	100%	100%
/src/entity/vat-group.ts	100%	100%	100%	100%
/src/entity/authenticator/authentication-method.ts	100%	100%	100%	100%
/src/entity/authenticator/ean-authenticator.ts	100%	100%	100%	100%
/src/entity/authenticator/hash-based-authentication-method.ts	100%	100%	100%	100%
/src/entity/authenticator/key-authenticator.ts	100%	100%	100%	100%
/src/entity/authenticator/ldap-authenticator.ts	100%	100%	100%	100%
/src/entity/authenticator/local-authenticator.ts	100%	100%	100%	100%
/src/entity/authenticator/member-authenticator.ts	100%	100%	100%	100%
/src/entity/authenticator/nfc-authenticator.ts	100%	100%	100%	100%
/src/entity/authenticator/pin-authenticator.ts	100%	100%	100%	100%
/src/entity/authenticator/reset-token.ts	100%	100%	100%	100%
/src/entity/container/container-revision.ts	95.23%	100%	83.33%	94.11%
/src/entity/container/container.ts	100%	100%	100%	100%
/src/entity/event/event-shift-answer.ts	100%	100%	100%	100%
/src/entity/event/event-shift.ts	100%	100%	100%	100%
/src/entity/event/event.ts	100%	100%	100%	100%
/src/entity/file/banner-image.ts	100%	100%	100%	100%
/src/entity/file/base-file.ts	100%	100%	100%	100%
/src/entity/file/invoice-pdf.ts	100%	100%	100%	100%
/src/entity/file/payout-request-pdf.ts	100%	100%	100%	100%
/src/entity/file/pdf-able.ts	88.88%	83.33%	88.88%	93.75%
/src/entity/file/pdf-file.ts	100%	100%	100%	100%
/src/entity/file/product-image.ts	100%	100%	100%	100%
/src/entity/file/seller-payout-pdf.ts	100%	100%	100%	100%
/src/entity/fine/fine.ts	100%	100%	100%	100%
/src/entity/fine/fineHandoutEvent.ts	100%	100%	100%	100%
/src/entity/fine/userFineGroup.ts	100%	100%	100%	100%
/src/entity/invoices/invoice-status.ts	100%	100%	100%	100%
/src/entity/invoices/invoice.ts	100%	100%	100%	100%
/src/entity/point-of-sale/point-of-sale-revision.ts	94.44%	100%	75%	93.33%
/src/entity/point-of-sale/point-of-sale.ts	100%	100%	100%	100%
/src/entity/point-of-sale/product-ordering.ts	100%	100%	100%	100%
/src/entity/product/product-category.ts	100%	100%	100%	100%
/src/entity/product/product-revision.ts	96.55%	100%	83.33%	96.15%
/src/entity/product/product.ts	100%	100%	100%	100%
/src/entity/rbac/assigned-role.ts	100%	100%	100%	100%
/src/entity/rbac/permission.ts	100%	100%	100%	100%
/src/entity/rbac/role-user-type.ts	100%	100%	100%	100%
/src/entity/rbac/role.ts	100%	100%	100%	100%
/src/entity/report/fine-report.ts	100%	100%	100%	100%
/src/entity/report/report.ts	100%	100%	100%	100%
/src/entity/stripe/stripe-deposit.ts	100%	100%	100%	100%
/src/entity/stripe/stripe-payment-intent-status.ts	100%	100%	100%	100%
/src/entity/stripe/stripe-payment-intent.ts	100%	100%	100%	100%
/src/entity/transactions/balance.ts	100%	100%	100%	100%
/src/entity/transactions/sub-transaction-row.ts	100%	100%	100%	100%
/src/entity/transactions/sub-transaction.ts	100%	100%	100%	100%
/src/entity/transactions/transaction.ts	100%	100%	100%	100%
/src/entity/transactions/transfer.ts	100%	100%	100%	100%
/src/entity/transactions/write-off.ts	100%	100%	100%	100%
/src/entity/transactions/payout/base-payout.ts	100%	100%	100%	100%
/src/entity/transactions/payout/payout-request-status.ts	100%	100%	100%	100%
/src/entity/transactions/payout/payout-request.ts	100%	100%	100%	100%
/src/entity/transactions/payout/seller-payout.ts	100%	100%	100%	100%
/src/entity/transformer/dinero-transformer.ts	100%	100%	100%	100%
/src/entity/user/invoice-user.ts	100%	100%	100%	100%
/src/entity/user/local-user.ts	100%	100%	100%	100%
/src/entity/user/user-voucher-group.ts	100%	100%	100%	100%
/src/entity/user/user.ts	97.87%	83.33%	100%	100%
/src/entity/user/voucher-group.ts	100%	100%	100%	100%
/src/errors/index.ts	100%	100%	50%	100%
/src/errors/not-implemented-error.ts	20%	0%	0%	20%
/src/errors/pdf-error.ts	100%	100%	100%	100%
/src/files/initialize.ts	100%	100%	100%	100%
/src/files/response.ts	28.57%	100%	0%	28.57%
/src/files/storage/disk-storage.ts	82.14%	66.66%	60%	82.14%
/src/files/storage/file-storage.ts	100%	100%	100%	100%
/src/files/storage/index.ts	100%	100%	50%	100%
/src/files/storage/locations.ts	100%	100%	100%	100%
/src/gewis/gewis.ts	77.77%	28.57%	71.42%	82.35%
/src/gewis/controller/gewis-authentication-controller.ts	87.5%	66.66%	100%	87.5%
/src/gewis/database/seed.ts	100%	100%	100%	100%
/src/gewis/entity/gewis-user.ts	100%	100%	100%	100%
/src/gewis/helpers/gewis-helper.ts	100%	83.33%	100%	100%
/src/gewis/service/gewisdb-service.ts	87.67%	86.66%	80%	89.39%
/src/helpers/ad.ts	90%	100%	100%	90%
/src/helpers/bindings.ts	100%	100%	100%	100%
/src/helpers/database.ts	100%	100%	100%	100%
/src/helpers/express-pdf.ts	100%	50%	100%	100%
/src/helpers/hash.ts	100%	100%	100%	100%
/src/helpers/ordering.ts	90.9%	75%	100%	90%
/src/helpers/pagination.ts	100%	87.87%	100%	100%
/src/helpers/pdf.ts	93.93%	63.63%	100%	96.66%
/src/helpers/query-filter.ts	95.08%	93.75%	94.44%	96.07%
/src/helpers/raw-body.ts	100%	100%	100%	100%
/src/helpers/revision-to-response.ts	91.3%	64.28%	88.88%	95.23%
/src/helpers/specification-validation.ts	94.59%	87.5%	88.88%	96.87%
/src/helpers/timestamps.ts	58.82%	60%	66.66%	56.25%
/src/helpers/token-helper.ts	100%	100%	100%	100%
/src/helpers/transaction-mapper.ts	90%	100%	76.19%	91.07%
/src/helpers/validators.ts	94.54%	88.88%	100%	97.67%
/src/mailer/index.ts	100%	100%	100%	100%
/src/mailer/mail-body-generator.ts	91.66%	83.33%	100%	91.66%
/src/mailer/mail-message.ts	100%	100%	100%	100%
/src/mailer/mailer.ts	100%	100%	100%	100%
/src/mailer/transporter.ts	100%	100%	100%	100%
/src/mailer/messages/changed-pin.ts	85.71%	100%	0%	85.71%
/src/mailer/messages/forgot-event-planning.ts	76.92%	100%	57.14%	76.92%
/src/mailer/messages/hello-world.ts	100%	100%	100%	100%
/src/mailer/messages/index.ts	100%	100%	100%	100%
/src/mailer/messages/mail-content-builder.ts	81.81%	53.33%	100%	81.81%
/src/mailer/messages/membership-expiry-notification.ts	86.66%	50%	66.66%	86.66%
/src/mailer/messages/password-reset.ts	33.33%	0%	0%	33.33%
/src/mailer/messages/user-debt-notification.ts	85.71%	100%	60%	85.71%
/src/mailer/messages/user-got-fined.ts	76.92%	100%	57.14%	76.92%
/src/mailer/messages/user-will-get-fined.ts	70.37%	50%	60%	70.37%
/src/mailer/messages/welcome-to-sudosos.ts	85.71%	100%	60%	85.71%
/src/mailer/messages/welcome-with-reset.ts	85.71%	100%	60%	85.71%
/src/middleware/policy-middleware.ts	100%	100%	100%	100%
/src/middleware/request-validator-middleware.ts	92.3%	66.66%	100%	100%
/src/middleware/restriction-middleware.ts	96.15%	93.33%	75%	100%
/src/middleware/token-middleware.ts	100%	100%	100%	100%
/src/migrations/1707251162194-invoice-refactor.ts	5.71%	0%	0%	6.06%
/src/migrations/1720608140757-soft-deletes.ts	25%	100%	0%	25%
/src/migrations/1720610649657-payout-request-pdf.ts	12.5%	100%	0%	14.28%
/src/migrations/1720624912260-database-rbac.ts	13.72%	0%	4.76%	14.43%
/src/migrations/1721916495084-transfers-vat.ts	16.66%	0%	0%	18.18%
/src/migrations/1722004753128-write-offs.ts	23.8%	0%	0%	26.31%
/src/migrations/1722022351000-pos-cashiers.ts	33.33%	100%	0%	33.33%
/src/migrations/1722083254200-server-settings.ts	50%	100%	0%	50%
/src/migrations/1722084520361-pos-users.ts	21.05%	100%	0%	22.22%
/src/migrations/1722118077157-invoice-rework.ts	13.33%	0%	0%	14.28%
/src/migrations/1722517212441-nested-product-categories.ts	15.38%	100%	0%	16.66%
/src/migrations/1722869409448-stripe-payment-intents.ts	11.11%	100%	16.66%	12.12%
/src/migrations/1724506999318-invoice-as-topups.ts	11.39%	0%	0%	12.5%
/src/migrations/1724855153990-seller-payouts.ts	13.55%	0%	5.55%	15.23%
/src/migrations/1725196803203-user-type-enums.ts	15%	0%	0%	15%
/src/migrations/1725388477226-custom-invoice-entries.ts	15.38%	0%	0%	16.66%
/src/migrations/1726066600389-seller-payout-pdf.ts	23.07%	100%	25%	25%
/src/migrations/1726689003147-ldap-objectguid.ts	12%	0%	0%	13.63%
/src/rbac/default-roles.ts	100%	100%	100%	100%
/src/rbac/role-manager.ts	80%	72.72%	83.33%	83.33%
/src/server-settings/server-settings-store.ts	98.24%	88.88%	100%	100%
/src/server-settings/setting-defaults.ts	100%	100%	100%	100%
/src/service/ad-service.ts	40.74%	25%	26.31%	45.65%
/src/service/authentication-service.ts	92.5%	73.07%	100%	92.03%
/src/service/balance-service.ts	98.27%	87.27%	100%	98.05%
/src/service/banner-service.ts	95.23%	88.88%	100%	95.12%
/src/service/container-service.ts	97.02%	85.18%	100%	100%
/src/service/debtor-service.ts	98.41%	85%	100%	100%
/src/service/event-service.ts	100%	100%	100%	100%
/src/service/file-service.ts	97.22%	72.22%	100%	97.18%
/src/service/invoice-service.ts	93.75%	57.14%	95.55%	97.9%
/src/service/payout-request-service.ts	100%	97.36%	100%	100%
/src/service/point-of-sale-service.ts	97.26%	88.88%	100%	100%
/src/service/product-category-service.ts	100%	100%	100%	100%
/src/service/product-service.ts	94.44%	78.26%	95.45%	94.87%
/src/service/rbac-service.ts	96.34%	86.95%	100%	100%
/src/service/report-service.ts	99.01%	90%	100%	100%
/src/service/seller-payout-service.ts	100%	100%	100%	100%
/src/service/stripe-service.ts	98.5%	92.85%	100%	98.41%
/src/service/transaction-service.ts	96.96%	83.75%	100%	96.68%
/src/service/transfer-service.ts	100%	97.43%	100%	100%
/src/service/user-service.ts	90.16%	54.71%	84.61%	93.57%
/src/service/vat-group-service.ts	97.36%	76.47%	93.75%	96.96%
/src/service/voucher-group-service.ts	100%	100%	100%	100%
/src/service/write-off-service.ts	100%	85.71%	100%	100%
/src/service/pdf/invoice-pdf-service.ts	97.05%	87.5%	100%	96.66%
/src/service/pdf/payout-request-pdf-service.ts	100%	100%	100%	100%
/src/service/pdf/pdf-service.ts	100%	75%	100%	100%
/src/service/pdf/report-pdf-service.ts	100%	100%	100%	100%
/src/service/pdf/seller-payout-pdf-service.ts	50%	100%	20%	57.14%
/src/service/pdf/user-report-pdf-service.ts	95%	50%	100%	100%
/src/service/sync/sync-service.ts	22.22%	0%	0%	25%
/src/service/sync/user/ldap-sync-service.ts	43.82%	41.17%	35.71%	44.87%
/src/service/sync/user/user-sync-service.ts	100%	100%	100%	100%
/src/start/swagger.ts	82.5%	53.33%	66.66%	82.05%
/src/subscriber/index.ts	100%	100%	100%	100%
/src/subscriber/transaction-subscriber.ts	91.17%	88.88%	66.66%	92.85%
/src/subscriber/transfer-subscriber.ts	100%	100%	100%	100%