Merge remote-tracking branch 'origin/develop' into develop

Author: cdujeu

core/src/plugins/auth.ldap/LdapAuthDriver.php

@@ -780,36 +780,107 @@ public function updateUserObject(&$userObject)
                                     $userroles = $userObject->getRoles();
                                     //remove all mapped roles before
 
+                                    $oldRoles = array();
+                                    $newRoles = array();
+
                                     if (is_array($userroles)) {
-                                        foreach ($userroles as $key => $role) {
-                                            if ((RolesService::getRole($key)) && !(strpos($key, $this->mappedRolePrefix) === false)) {
-                                                $userObject->removeRole($key);
+                                        foreach ($userroles as $rkey => $role) {
+                                            if ((AuthService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
+                                                if (isSet($matchFilter) && !preg_match($matchFilter, $rkey)) continue;
+                                                if (isSet($valueFilters) && !in_array($rkey, $valueFilters)) continue;
+                                                //$userObject->removeRole($key);
+                                                $oldRoles[$rkey] = $role;
                                             }
                                         }
                                     }
-                                    $userObject->recomputeMergedRole();
+                                    //$userObject->recomputeMergedRole();
 
+                                    // Detect changes
                                     foreach ($memberValues as $uniqValue => $fullDN) {
                                         $uniqValueWithPrefix = $rolePrefix . $uniqValue;
                                         if (isSet($matchFilter) && !preg_match($matchFilter, $uniqValueWithPrefix)) continue;
                                         if (isSet($valueFilters) && !in_array($uniqValueWithPrefix, $valueFilters)) continue;
-                                        $roleToAdd = RolesService::getRole($uniqValueWithPrefix);
-                                        if ($roleToAdd === false) {
-                                            $roleToAdd = RolesService::getOrCreateRole($uniqValueWithPrefix, $userObject->getGroupPath());
+                                        $roleToAdd = AuthService::getRole($uniqValueWithPrefix);
+                                        if($roleToAdd === false){
+                                            $roleToAdd = AuthService::getRole($uniqValueWithPrefix, true);
                                             $roleToAdd->setLabel($uniqValue);
-                                            RolesService::updateRole($roleToAdd);
+                                            AuthService::updateRole($roleToAdd);
+                                        }
+                                        $newRoles[$roleToAdd->getId()] = $roleToAdd;
+                                        //$userObject->addRole($roleToAdd);
+                                    }
+
+                                    if((count(array_diff(array_keys($oldRoles), array_keys($newRoles))) > 0) ||
+                                        (count(array_diff(array_keys($newRoles), array_keys($oldRoles))) > 0) )
+                                    {
+                                        // remove old roles
+                                        foreach ($oldRoles as $rkey => $role) {
+                                            if ((AuthService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
+                                                $userObject->removeRole($rkey);
+                                            }
+                                        }
+
+                                        //Add new roles;
+                                        foreach($newRoles as $rkey => $role){
+                                            if ((AuthService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
+                                                $userObject->addRole($role);
+                                            }
                                         }
-                                        $userObject->addRole($roleToAdd);
+                                        $userObject->recomputeMergedRole();
                                         $changes = true;
                                     }
-                                } else {
+
+                                } else {  // Others attributes mapping
+                                    $oldRoles = array();
+                                    $newRoles = array();
+                                    $userroles = $userObject->getRoles();
+
+                                    // Get old roles
+                                    if (is_array($userroles)) {
+                                        foreach ($userroles as $rkey => $role) {
+                                            if ((AuthService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
+                                                if (isSet($matchFilter) && !preg_match($matchFilter, $rkey)) continue;
+                                                if (isSet($valueFilters) && !in_array($rkey, $valueFilters)) continue;
+                                                //$userObject->removeRole($key);
+                                                $oldRoles[$rkey] = $rkey;
+                                            }
+                                        }
+                                    }
+
+                                    // Get new roles
                                     foreach ($entry[$key] as $uniqValue) {
                                         if (isSet($matchFilter) && !preg_match($matchFilter, $uniqValue)) continue;
                                         if (isSet($valueFilters) && !in_array($uniqValue, $valueFilters)) continue;
-                                        if ((!in_array($uniqValue, array_keys($userObject->getRoles()))) && !empty($uniqValue)) {
-                                            $userObject->addRole(RolesService::getOrCreateRole($uniqValue, $userObject->getGroupPath()));
-                                            $changes = true;
+                                        if (!empty($uniqValue)) {
+                                            $roleToAdd = AuthService::getRole($uniqValue);
+                                            if($roleToAdd === false){
+                                                $roleToAdd = AuthService::getRole($uniqValue, true);
+                                                $roleToAdd->setLabel($uniqValue);
+                                                AuthService::updateRole($roleToAdd);
+                                            }
+                                            //$userObject->addRole(AuthService::getRole($uniqValue, true));
+                                            //$changes = true;
+                                            $newRoles[$uniqValue]  = $roleToAdd;
+                                        }
+                                    }
+
+                                    // Do the sync if two sets of roles are different
+                                    if ( (count(array_diff(array_keys($oldRoles), array_keys($newRoles))) > 0) ||
+                                        (count(array_diff(array_keys($newRoles), array_keys($oldRoles))) > 0)){
+                                        // remove old roles
+                                        foreach ($oldRoles as $rkey => $role) {
+                                            if ((AuthService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
+                                                $userObject->removeRole($rkey);
+                                            }
                                         }
+                                        //Add new roles;
+                                        foreach($newRoles as $rkey => $role){
+                                            if ((AuthService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
+                                                $userObject->addRole($role);
+                                            }
+                                        }
+                                        $userObject->recomputeMergedRole();
+                                        $changes = true;
                                     }
                                 }
                                 break;

core/src/plugins/log.sql/queries.json

@@ -52,7 +52,7 @@
       "order":"Date_sortable"
     },
       "DIAGRAM":"bar",
-    "SQL":"SELECT DATE( logdate )AS Date, COUNT( DISTINCT ajxp_log.user ) AS Connections FROM ajxp_log WHERE ajxp_log.user IN ( SELECT DISTINCT login FROM ajxp_user_rights WHERE severity =  \"INFO\" AND login NOT IN ( SELECT DISTINCT login  FROM ajxp_user_rights WHERE repo_uuid = \"ajxp.parent_user\" ) )  AND AJXP_CURSOR_DATE GROUP BY DATE( logdate )  ORDER BY logdate DESC "
+    "SQL":"SELECT DATE( logdate )AS Date, COUNT( DISTINCT ajxp_log.user ) AS Connections FROM ajxp_log WHERE ajxp_log.user IN ( SELECT DISTINCT login FROM ajxp_user_rights WHERE severity =  \"INFO\" AND login NOT IN ( SELECT DISTINCT login  FROM ajxp_user_rights WHERE repo_uuid = \"ajxp.parent_user\" ) )  AND AJXP_CURSOR_DATE GROUP BY DATE( logdate )  ORDER BY DATE(logdate) DESC "
   },
   {
     "NAME":"connections_per_day",
@@ -63,7 +63,7 @@
       "order":"Date_sortable"
     },
       "DIAGRAM":"bar",
-    "SQL":"SELECT DATE( logdate )AS Date, COUNT( DISTINCT id ) AS Connections FROM ajxp_log WHERE ajxp_log.user IN ( SELECT DISTINCT login FROM ajxp_user_rights WHERE severity =  \"INFO\" AND login NOT IN (SELECT DISTINCT login FROM ajxp_user_rights WHERE repo_uuid = \"ajxp.parent_user\" ) ) AND AJXP_CURSOR_DATE AND (params LIKE  \"Log In%\" OR message LIKE  \"Log In%\" ) AND ( params LIKE \"%WebUI%\" ) GROUP BY DATE( logdate )  ORDER BY logdate DESC"
+    "SQL":"SELECT DATE( logdate )AS Date, COUNT( DISTINCT id ) AS Connections FROM ajxp_log WHERE ajxp_log.user IN ( SELECT DISTINCT login FROM ajxp_user_rights WHERE severity =  \"INFO\" AND login NOT IN (SELECT DISTINCT login FROM ajxp_user_rights WHERE repo_uuid = \"ajxp.parent_user\" ) ) AND AJXP_CURSOR_DATE AND (params LIKE  \"Log In%\" OR message LIKE  \"Log In%\" ) AND ( params LIKE \"%WebUI%\" ) GROUP BY DATE( logdate )  ORDER BY DATE(logdate) DESC"
   },
     {
         "SEPARATOR":true,
@@ -78,7 +78,7 @@
        "order":"Date_sortable"
     },
       "DIAGRAM":"bar",
-    "SQL":"SELECT DATE(logdate) AS Date, COUNT(distinct id) AS Downloads FROM ajxp_log WHERE severity = \"INFO\" AND (params like \"Download%\" OR message like \"Download%\" ) AND AJXP_CURSOR_DATE GROUP BY DATE(logdate)  ORDER BY logdate DESC"
+    "SQL":"SELECT DATE(logdate) AS Date, COUNT(distinct id) AS Downloads FROM ajxp_log WHERE severity = \"INFO\" AND (params like \"Download%\" OR message like \"Download%\" ) AND AJXP_CURSOR_DATE GROUP BY DATE(logdate)  ORDER BY DATE(logdate) DESC"
   },
   {
     "NAME":"uploads_per_day",
@@ -89,7 +89,7 @@
       "order":"Date_sortable"
     },
       "DIAGRAM":"bar",
-    "SQL":"SELECT DATE(logdate) AS Date, COUNT(distinct id) AS Uploads FROM ajxp_log WHERE severity = \"INFO\" AND (message like \"Upload%\" OR message like \"Upload%\") AND AJXP_CURSOR_DATE GROUP BY DATE(logdate)  ORDER BY logdate DESC"
+    "SQL":"SELECT DATE(logdate) AS Date, COUNT(distinct id) AS Uploads FROM ajxp_log WHERE severity = \"INFO\" AND (message like \"Upload%\" OR message like \"Upload%\") AND AJXP_CURSOR_DATE GROUP BY DATE(logdate)  ORDER BY DATE(logdate) DESC"
   },
   {
     "NAME":"sharedfiles_per_day",
@@ -100,7 +100,7 @@
       "order":"Date_sortable"
     },
       "DIAGRAM":"bar",
-    "SQL":"SELECT DATE( logdate )AS Date, COUNT( DISTINCT id ) AS Shares FROM ajxp_log WHERE severity = \"INFO\" AND AJXP_CURSOR_DATE AND ajxp_log.user IN ( SELECT DISTINCT login FROM ajxp_user_rights  WHERE login NOT IN ( SELECT DISTINCT login FROM ajxp_user_rights WHERE repo_uuid = \"ajxp.parent_user\" ) ) AND (params LIKE \"New Share%\" OR message LIKE \"New Share%\" ) GROUP BY DATE( logdate )  ORDER BY logdate DESC"
+    "SQL":"SELECT DATE( logdate )AS Date, COUNT( DISTINCT id ) AS Shares FROM ajxp_log WHERE severity = \"INFO\" AND AJXP_CURSOR_DATE AND ajxp_log.user IN ( SELECT DISTINCT login FROM ajxp_user_rights  WHERE login NOT IN ( SELECT DISTINCT login FROM ajxp_user_rights WHERE repo_uuid = \"ajxp.parent_user\" ) ) AND (params LIKE \"New Share%\" OR message LIKE \"New Share%\" ) GROUP BY DATE( logdate )  ORDER BY DATE(logdate) DESC"
   },
     {
         "NAME":"most_downloaded",
@@ -112,4 +112,4 @@
         "DIAGRAM": "pie",
         "SQL":"SELECT SUBSTR(params,7) AS File, COUNT( 1 ) AS Downloaded FROM ajxp_log WHERE severity = \"INFO\" AND (params LIKE \"Download%\" OR message LIKE \"Download%\" ) AND AJXP_CURSOR_DATE GROUP BY params ORDER BY COUNT( 1 ) DESC LIMIT 20"
     }
-]
+]