Skip to content
This repository was archived by the owner on Sep 19, 2022. It is now read-only.

Commit 2bc5c5f

Browse files
vyskocilpavelvyskocilpavel
authored
Merge pull request #64 from pajavyskocil/perun_attributes
Added modes into PerunAttribute process filter
2 parents c2a60b8 + 95d063d commit 2bc5c5f

File tree

2 files changed

+33
-1
lines changed

2 files changed

+33
-1
lines changed

CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@ All notable changes to this project will be documented in this file.
77

88
#### Changed
99
- Using of short array syntax (from array() to [])
10+
- Added modes into PerunAttribute process filter
11+
- MODE_FULL - Rewrite all attributes specified in config
12+
- MODE_PARTIAL - Rewrite only unset attributes
1013

1114
#### Fixed
1215
- Fixed the problem that IDP filter on WAYF didn't work correctly

lib/Auth/Process/PerunAttributes.php

Lines changed: 30 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,10 @@ class PerunAttributes extends \SimpleSAML\Auth\ProcessingFilter
2222
{
2323
private $attrMap;
2424
private $interface;
25+
private $mode;
2526

27+
const MODE_FULL = 'FULL';
28+
const MODE_PARTIAL = 'PARTIAL';
2629
/**
2730
* @var Adapter
2831
*/
@@ -43,8 +46,16 @@ public function __construct($config, $reserved)
4346
$config['interface'] = Adapter::RPC;
4447
}
4548

49+
if (!isset($config['mode'])) {
50+
$config['mode'] = self::MODE_FULL;
51+
}
52+
4653
$this->attrMap = (array)$config['attrMap'];
4754
$this->interface = (string)$config['interface'];
55+
$this->mode = (string)$config['mode'];
56+
if (!in_array($this->mode, [self::MODE_FULL, self::MODE_PARTIAL])) {
57+
$this->mode = self::MODE_FULL;
58+
}
4859
$this->adapter = Adapter::getInstance($this->interface);
4960
}
5061

@@ -62,7 +73,25 @@ public function process(&$request)
6273
);
6374
}
6475

65-
$attrs = $this->adapter->getUserAttributes($user, array_keys($this->attrMap));
76+
$attributes = [];
77+
if ($this->mode === self::MODE_FULL) {
78+
$attributes = array_keys($this->attrMap);
79+
} else if ($this->mode === self::MODE_PARTIAL) {
80+
// Check if attribute has some value
81+
foreach ($this->attrMap as $attrName => $attrValue) {
82+
if (isset($request['Attributes'][$attrValue])) {
83+
$attr = $request['Attributes'][$attrValue];
84+
if ($attr === null || empty($attr)) {
85+
array_push($attributes, $attrName);
86+
}
87+
} else {
88+
array_push($attributes, $attrName);
89+
}
90+
}
91+
}
92+
93+
94+
$attrs = $this->adapter->getUserAttributes($user, $attributes);
6695

6796
foreach ($attrs as $attrName => $attrValue) {
6897
$sspAttr = $this->attrMap[$attrName];

0 commit comments

Comments
 (0)