Merge remote-tracking branch 'origin/develop' into develop

Author: cdujeu

core/src/plugins/action.scheduler/class.AjxpScheduler.php

@@ -189,7 +189,11 @@ public function runTask($taskId, $status = null, &$currentlyRunning = -1, $force
                 $data["user_id"] = "queue:".$tmpQueue;
             }
             if ($data["repository_id"] == "*") {
-                $data["repository_id"] = implode(",", array_keys(ConfService::getRepositoriesList("all")));
+                $criteria = array();
+                $criteria["isTemplate"] = false;
+                $count = 0;
+                $listRepos = ConfService::listRepositoriesWithCriteria($criteria, $count);
+                $data["repository_id"] = implode(",", array_keys($listRepos));
             }
             $process = AJXP_Controller::applyActionInBackground(
                 $data["repository_id"],
@@ -270,7 +274,7 @@ public function switchAction($action, $httpVars, $postProcessData)
                     AJXP_XMLWriter::close();
                 }
 
-            break;
+                break;
 
             case "scheduler_runTask":
 
@@ -280,7 +284,7 @@ public function switchAction($action, $httpVars, $postProcessData)
                 AJXP_XMLWriter::reloadDataNode();
                 AJXP_XMLWriter::close();
 
-            break;
+                break;
 
             case "scheduler_generateCronExpression":
 
@@ -291,10 +295,10 @@ public function switchAction($action, $httpVars, $postProcessData)
                 HTMLWriter::charsetHeader("text/plain", "UTF-8");
                 print "$cronTiming $phpCmd $rootInstall -r=ajxp_conf -u=".AuthService::getLoggedUser()->getId()." -p=YOUR_PASSWORD_HERE -a=scheduler_runAll >> $logFile";
 
-            break;
+                break;
 
             default:
-            break;
+                break;
         }
 
     }
@@ -331,26 +335,26 @@ public function listTasks($action, $httpVars, $postProcessData)
 
             $timeArray = $this->getTimeArray($task["schedule"]);
             $res = $this->getNextExecutionTimeForScript(time(), $timeArray);
-                $task["NEXT_EXECUTION"] = date($mess["date_format"], $res);
-                $task["PARAMS"] = implode(", ", $task["PARAMS"]);
-                $task["icon"] = "scheduler/ICON_SIZE/task.png";
-                $task["ajxp_mime"] = "scheduler_task";
-                $sFile = AJXP_CACHE_DIR."/cmd_outputs/task_".$task["task_id"].".status";
-                if (is_file($sFile)) {
-                    $s = $this->getTaskStatus($task["task_id"]);
-                    $task["STATUS"] = implode(":", $s);
-                    $task["LAST_EXECUTION"] = date($mess["date_format"], filemtime($sFile));
-                } else {
-                    $task["STATUS"] = "n/a";
-                    $task["LAST_EXECUTION"] = "n/a";
-                }
-
-                AJXP_XMLWriter::renderNode("/admin/scheduler/".$task["task_id"],
-                    (isSet($task["label"])?$task["label"]:"Action ".$task["action_name"]),
-                    true,
-                    $task
-                );
+            $task["NEXT_EXECUTION"] = date($mess["date_format"], $res);
+            $task["PARAMS"] = implode(", ", $task["PARAMS"]);
+            $task["icon"] = "scheduler/ICON_SIZE/task.png";
+            $task["ajxp_mime"] = "scheduler_task";
+            $sFile = AJXP_CACHE_DIR."/cmd_outputs/task_".$task["task_id"].".status";
+            if (is_file($sFile)) {
+                $s = $this->getTaskStatus($task["task_id"]);
+                $task["STATUS"] = implode(":", $s);
+                $task["LAST_EXECUTION"] = date($mess["date_format"], filemtime($sFile));
+            } else {
+                $task["STATUS"] = "n/a";
+                $task["LAST_EXECUTION"] = "n/a";
             }
+
+            AJXP_XMLWriter::renderNode("/admin/scheduler/".$task["task_id"],
+                (isSet($task["label"])?$task["label"]:"Action ".$task["action_name"]),
+                true,
+                $task
+            );
+        }
         AJXP_XMLWriter::close();
 
     }
@@ -457,7 +461,7 @@ public function handleTasks($action, $httpVars, $fileVars)
                 AJXP_XMLWriter::reloadDataNode();
                 AJXP_XMLWriter::close();
 
-            break;
+                break;
 
             case "scheduler_removeTask" :
 
@@ -467,7 +471,7 @@ public function handleTasks($action, $httpVars, $fileVars)
                 AJXP_XMLWriter::reloadDataNode();
                 AJXP_XMLWriter::close();
 
-            break;
+                break;
 
             case "scheduler_loadTask":
 
@@ -502,10 +506,10 @@ public function handleTasks($action, $httpVars, $fileVars)
                     echo json_encode($task);
                 }
 
-            break;
+                break;
 
             default:
-            break;
+                break;
         }
         //var_dump($tasks);
 
@@ -663,4 +667,4 @@ public function nextMinute($timeArray, &$a, &$m, &$j, &$h, &$min)
             if ($min == 60) { return -1; }
         } while ($valeurs[$min] != TRUE);
     }
-}
+}

core/src/plugins/auth.ldap/class.ldapAuthDriver.php

@@ -250,13 +250,13 @@ public function getUserEntries($login = null, $countOnly = false, $offset = -1,
             }
 
             if(isset($searchAttrArray)){
-               if(count($searchAttrArray) > 1){
-                   $searchAttrFilter = "(|";
-                   foreach($searchAttrArray as $attr){
-                       $searchAttrFilter .= "(". $attr . "=" . $login . ")";
+                if(count($searchAttrArray) > 1){
+                    $searchAttrFilter = "(|";
+                    foreach($searchAttrArray as $attr){
+                        $searchAttrFilter .= "(". $attr . "=" . $login . ")";
                     }
-                   $searchAttrFilter .= ")";
-               }
+                    $searchAttrFilter .= ")";
+                }
                 else{
                     $searchAttrFilter = "(" . $searchAttrArray[0] . "=" . $login . ")";
                 }
@@ -748,14 +748,15 @@ public function updateUserObject(&$userObject)
                                     $valueFilters = array_map("trim", explode(",", $filter));
                                 }
                                 if ($key == "memberof") {
-
+                                    if (empty($valueFilters)) {
+                                        $valueFilters = $this->getLdapGroupListFromDN();
+                                    }
                                     if ($this->mappedRolePrefix) {
                                         $rolePrefix = $this->mappedRolePrefix;
                                     } else {
                                         $rolePrefix = "";
                                     }
 
-                                    /*
                                     $userroles = $userObject->getRoles();
                                     //remove all mapped roles before
 
@@ -767,7 +768,6 @@ public function updateUserObject(&$userObject)
                                         }
                                     }
                                     $userObject->recomputeMergedRole();
-                                    */
 
                                     foreach ($memberValues as $uniqValue => $fullDN) {
                                         $uniqValueWithPrefix = $rolePrefix . $uniqValue;
@@ -914,4 +914,35 @@ public function saveCountToCache($fileContent)
             file_put_contents($this->getPluginCacheDir() . DIRECTORY_SEPARATOR . $fileName, serialize($fileContent));
         }
     }
-}
+
+    public function getLdapGroupListFromDN()
+    {
+        $origUsersDN = $this->ldapDN;
+        $origUsersFilter = $this->ldapFilter;
+        $origUsersAttr = $this->ldapUserAttr;
+        $this->ldapDN = $this->ldapGDN;
+        $this->ldapFilter = $this->ldapGFilter;
+        $this->ldapUserAttr = $this->ldapGroupAttr;
+
+        $entries = $this->getUserEntries();
+        $returnArray = array();
+        if (is_array($entries) && $entries["count"] > 0) {
+            unset($entries["count"]);
+            foreach ($entries as $key => $entry) {
+                if(isset($this->mappedRolePrefix)){
+                    $returnArray[$this->mappedRolePrefix . $entry[$this->ldapGroupAttr][0]] = $this->mappedRolePrefix . $entry[$this->ldapGroupAttr][0];
+                }
+                else{
+                    $returnArray[$entry[$this->ldapGroupAttr][0]] = $entry[$this->ldapGroupAttr][0];
+                }
+            }
+        }
+
+        $this->dynamicFilter = null;
+        $this->ldapDN = $origUsersDN;
+        $this->ldapFilter = $origUsersFilter;
+        $this->ldapUserAttr = $origUsersAttr;
+
+        return $returnArray;
+    }
+}

core/src/plugins/authfront.cas/plugin_doc.html

@@ -1,11 +1,8 @@
 <p>Authenticate user using <a href="http://www.jasig.org/cas" target="_top">CAS</a>.</p>
 
-<p>You have to set it up correctly in conf/bootstrap_plugins.php using the following keys in <var>$PLUGINS["AUTH_DRIVER"]["OPTIONS"]</var> array:</p>
-
-<pre>
-  CAS_SERVER: hostname of the CAS server (example: login.example.com)
-  CAS_URI: URI where CAS server is installed on (example: /cas)
-  CAS_PORT: port where CAS server is listening on waiting for connections
-  USERS_FILEPATH: Inherited from auth.serial. File where user data is stored
-</pre>
+Authfront.cas is based on phpCAS library of JASIG that turns Pydio to be able be integrated into a SSO system.
+It can do the authentication on a remote server CAS by using two mode: client and proxy
+* In mode client, authfront.cas runs as a cas client to authenticate given user's credential to remote server CAS.
+* In mode proxy, it can provide additionally authentication service to another service such as smb/cifs or imap ...
+Note: The connection between pydio and cas normally is an ssl connection. Administrator must take attention on configuration of certificate and trusted relationship of two direction between Pydio server and CAS.