Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Fix ldap mapping attribute to roles
Browse files Browse the repository at this point in the history
  • Loading branch information
@c12simple
c12simple committed Jun 13, 2017
1 parent 62d4c99 commit 0c6d7f9
Showing 1 changed file with 17 additions and 8 deletions.
25 changes: 17 additions & 8 deletions core/src/plugins/auth.ldap/LdapAuthDriver.php
View file
Expand Up @@ -860,14 +860,22 @@ public function updateUserObject(&$userObject)
}

} else { // Others attributes mapping
if(isSet($entry[$key]["count"])) unset($entry[$key]["count"]);

if ($this->mappedRolePrefix) {
$rolePrefix = $this->mappedRolePrefix;
} else {
$rolePrefix = "";
}

$oldRoles = array();
$newRoles = array();
$userroles = $userObject->getRoles();

// Get old roles
if (is_array($userroles)) {
foreach ($userroles as $rkey => $role) {
if ((RolesService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
if ((RolesService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
if (isSet($matchFilter) && !preg_match($matchFilter, $rkey)) continue;
if (isSet($valueFilters) && !in_array($rkey, $valueFilters)) continue;
$oldRoles[$rkey] = $rkey;
Expand All @@ -877,16 +885,17 @@ public function updateUserObject(&$userObject)

// Get new roles
foreach ($entry[$key] as $uniqValue) {
if (isSet($matchFilter) && !preg_match($matchFilter, $uniqValue)) continue;
if (isSet($valueFilters) && !in_array($uniqValue, $valueFilters)) continue;
$uniqValueWithPrefix = $rolePrefix . $uniqValue;
if (isSet($matchFilter) && !preg_match($matchFilter, $uniqValueWithPrefix)) continue;
if (isSet($valueFilters) && !in_array($uniqValueWithPrefix, $valueFilters)) continue;
if (!empty($uniqValue)) {
$roleToAdd = RolesService::getRole($uniqValue);
$roleToAdd = RolesService::getRole($uniqValueWithPrefix);
if($roleToAdd === false){
$roleToAdd = RolesService::getOrCreateRole($uniqValue);
$roleToAdd = RolesService::getOrCreateRole($uniqValueWithPrefix);
$roleToAdd->setLabel($uniqValue);
RolesService::updateRole($roleToAdd);
}
$newRoles[$uniqValue] = $roleToAdd;
$newRoles[$uniqValueWithPrefix] = $roleToAdd;
}
}

Expand All @@ -895,13 +904,13 @@ public function updateUserObject(&$userObject)
(count(array_diff(array_keys($newRoles), array_keys($oldRoles))) > 0)){
// remove old roles
foreach ($oldRoles as $rkey => $role) {
if ((RolesService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
if ((RolesService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
$userObject->removeRole($rkey);
}
}
//Add new roles;
foreach($newRoles as $rkey => $role){
if ((RolesService::getRole($rkey)) && (strpos($rkey, $this->mappedRolePrefix) === false)) {
if ((RolesService::getRole($rkey)) && !(strpos($rkey, $this->mappedRolePrefix) === false)) {
$userObject->addRole($role);
}
}
Expand Down

0 comments on commit 0c6d7f9

Please sign in to comment.