Skip to content
This repository was archived by the owner on Nov 25, 2020. It is now read-only.

Commit 9fa086c

Browse files
cdujeucdujeu
committed
Merge remote-tracking branch 'origin/develop' into develop
2 parents e5e6211 + e63e949 commit 9fa086c

File tree

2 files changed

+21
-17
lines changed

2 files changed

+21
-17
lines changed

core/src/plugins/auth.ldap/LdapAuthDriver.php

Lines changed: 20 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -686,6 +686,10 @@ public function buildGroupBranch($groupAttrValue, &$branch = array())
686686

687687
}
688688

689+
/**
690+
* User user object with mapping rules with attributes from LDAP
691+
* @param \Pydio\Core\Model\UserInterface $userObject
692+
*/
689693
public function updateUserObject(&$userObject)
690694
{
691695

@@ -785,7 +789,7 @@ public function updateUserObject(&$userObject)
785789

786790
if (is_array($userroles)) {
787791
foreach ($userroles as $rkey => $role) {
788-
if ((AuthService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
792+
if ((RolesService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
789793
if (isSet($matchFilter) && !preg_match($matchFilter, $rkey)) continue;
790794
if (isSet($valueFilters) && !in_array($rkey, $valueFilters)) continue;
791795
//$userObject->removeRole($key);
@@ -800,11 +804,11 @@ public function updateUserObject(&$userObject)
800804
$uniqValueWithPrefix = $rolePrefix . $uniqValue;
801805
if (isSet($matchFilter) && !preg_match($matchFilter, $uniqValueWithPrefix)) continue;
802806
if (isSet($valueFilters) && !in_array($uniqValueWithPrefix, $valueFilters)) continue;
803-
$roleToAdd = AuthService::getRole($uniqValueWithPrefix);
807+
$roleToAdd = RolesService::getRole($uniqValueWithPrefix);
804808
if($roleToAdd === false){
805-
$roleToAdd = AuthService::getRole($uniqValueWithPrefix, true);
809+
$roleToAdd = RolesService::getOrCreateRole($uniqValueWithPrefix);
806810
$roleToAdd->setLabel($uniqValue);
807-
AuthService::updateRole($roleToAdd);
811+
RolesService::updateRole($roleToAdd);
808812
}
809813
$newRoles[$roleToAdd->getId()] = $roleToAdd;
810814
//$userObject->addRole($roleToAdd);
@@ -815,14 +819,14 @@ public function updateUserObject(&$userObject)
815819
{
816820
// remove old roles
817821
foreach ($oldRoles as $rkey => $role) {
818-
if ((AuthService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
822+
if ((RolesService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
819823
$userObject->removeRole($rkey);
820824
}
821825
}
822826

823827
//Add new roles;
824828
foreach($newRoles as $rkey => $role){
825-
if ((AuthService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
829+
if ((RolesService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
826830
$userObject->addRole($role);
827831
}
828832
}
@@ -838,10 +842,9 @@ public function updateUserObject(&$userObject)
838842
// Get old roles
839843
if (is_array($userroles)) {
840844
foreach ($userroles as $rkey => $role) {
841-
if ((AuthService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
845+
if ((RolesService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
842846
if (isSet($matchFilter) && !preg_match($matchFilter, $rkey)) continue;
843847
if (isSet($valueFilters) && !in_array($rkey, $valueFilters)) continue;
844-
//$userObject->removeRole($key);
845848
$oldRoles[$rkey] = $rkey;
846849
}
847850
}
@@ -852,14 +855,12 @@ public function updateUserObject(&$userObject)
852855
if (isSet($matchFilter) && !preg_match($matchFilter, $uniqValue)) continue;
853856
if (isSet($valueFilters) && !in_array($uniqValue, $valueFilters)) continue;
854857
if (!empty($uniqValue)) {
855-
$roleToAdd = AuthService::getRole($uniqValue);
858+
$roleToAdd = RolesService::getRole($uniqValue);
856859
if($roleToAdd === false){
857-
$roleToAdd = AuthService::getRole($uniqValue, true);
860+
$roleToAdd = RolesService::getOrCreateRole($uniqValue);
858861
$roleToAdd->setLabel($uniqValue);
859-
AuthService::updateRole($roleToAdd);
862+
RolesService::updateRole($roleToAdd);
860863
}
861-
//$userObject->addRole(AuthService::getRole($uniqValue, true));
862-
//$changes = true;
863864
$newRoles[$uniqValue] = $roleToAdd;
864865
}
865866
}
@@ -869,13 +870,13 @@ public function updateUserObject(&$userObject)
869870
(count(array_diff(array_keys($newRoles), array_keys($oldRoles))) > 0)){
870871
// remove old roles
871872
foreach ($oldRoles as $rkey => $role) {
872-
if ((AuthService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
873+
if ((RolesService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
873874
$userObject->removeRole($rkey);
874875
}
875876
}
876877
//Add new roles;
877878
foreach($newRoles as $rkey => $role){
878-
if ((AuthService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
879+
if ((RolesService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
879880
$userObject->addRole($role);
880881
}
881882
}
@@ -906,7 +907,10 @@ public function updateUserObject(&$userObject)
906907
$parent = "/" . implode("/", array_reverse($branch));
907908
}
908909
if (!ConfService::getConfStorageImpl()->groupExists(rtrim($userObject->getRealGroupPath($parent), "/") . "/" . $fullDN)) {
909-
UsersService::createGroup($parent, $fullDN, $humanName);
910+
try{
911+
UsersService::createGroup($parent, $fullDN, $humanName);
912+
}
913+
catch(\Exception $e){}
910914
}
911915
$userObject->setGroupPath(rtrim($parent, "/") . "/" . $fullDN, true);
912916
// Update Roles from groupPath

core/src/plugins/auth.ldap/manifest.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@
3131
<param name="LDAP_GDN" group="CONF_MESSAGE[Groups Schema]" type="string" replicationGroup="LDAPGDN" label="CONF_MESSAGE[Groups DN]" description="CONF_MESSAGE[DN where the groups are stored. Must be used in cunjonction with a group parameter mapping, generally using the memberOf feature.]" mandatory="false"/>
3232
<param name="LDAP_GROUP_FILTER" group="CONF_MESSAGE[Groups Schema]" type="string" label="CONF_MESSAGE[LDAP Groups Filter]" description="CONF_MESSAGE[Filter which groups to fetch.]" mandatory="false" default="objectClass=group"/>
3333
<param name="LDAP_GROUPATTR" group="CONF_MESSAGE[Groups Schema]" type="string" label="CONF_MESSAGE[Group attribute]" description="CONF_MESSAGE[Group main attribute to be used as a label]" mandatory="false"/>
34-
<param name="LDAP_GROUP_PREFIX" group="CONF_MESSAGE[Groups Schema]" type="string" label="CONF_MESSAGE[Role Prefix (for memberof)]" description="CONF_MESSAGE[Role prefix when you mapping memberof => roleID]" default="" mandatory="false" />
34+
<param name="LDAP_GROUP_PREFIX" group="CONF_MESSAGE[Groups Schema]" type="string" label="CONF_MESSAGE[Role Prefix (for memberof)]" description="CONF_MESSAGE[Role prefix when you mapping memberof => roleID]" default="ldap_" mandatory="false" />
3535

3636
<!-- Attributes Mapping -->
3737
<param name="LDAP_MAPPING_LEGEND" group="CONF_MESSAGE[Attributes Mapping]" type="legend" label="" description="CONF_MESSAGE[Use this section to automatically map some LDAP attributes to Pydio plugins parameters values.]"/>

0 commit comments

Comments
 (0)