fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-2590-A Users are not being imported with the specified role in the connection.

Browse Source
This commit is contained in:
Roly Rudy Gutierrez Pinto
2021-01-13 17:04:37 -04:00
parent cda014c636
commit 22477c82a2
1 changed files with 88 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

159
workflow/engine/classes/LdapAdvanced.php
View File

@@ -927,9 +927,14 @@ class LdapAdvanced
$arrayData['countUser']++; $arrayData['countUser']++;
if ((is_array($username) && !empty($username)) || trim($username) != '') { if ((is_array($username) && !empty($username)) || trim($username) != '') {
$dataUserLdap = $this->getUserDataFromAttribute($username, $arrayUserLdap);
$dataUserLdap["usrRole"] = "";
if (!empty($arrayAuthSourceData['AUTH_SOURCE_DATA']['USR_ROLE'])) {
$dataUserLdap["usrRole"] = $arrayAuthSourceData['AUTH_SOURCE_DATA']['USR_ROLE'];
}
$arrayData = $this->groupSynchronizeUser( $arrayData = $this->groupSynchronizeUser(
$groupUid, $groupUid,
$this->getUserDataFromAttribute($username, $arrayUserLdap), $dataUserLdap,
$arrayData $arrayData
); );
} }
@@ -1631,7 +1636,14 @@ class LdapAdvanced
} }
} }
public function automaticRegister($aAuthSource, $strUser, $strPass) /**
* Automatic register.
* @param array $authSource
* @param string $strUser
* @param string $strPass
* @return bool
*/
public function automaticRegister($authSource, $strUser, $strPass)
{ {
$rbac = RBAC::getSingleton(); $rbac = RBAC::getSingleton();
@@ -1645,52 +1657,56 @@ class LdapAdvanced
$user = $this->searchUserByUid($strUser); $user = $this->searchUserByUid($strUser);
$res = 0; $result = 0;
if (!empty($user)) { if (!empty($user)) {
if ($this->VerifyLogin($user['sUsername'], $strPass) === true) { if ($this->VerifyLogin($user['sUsername'], $strPass) === true) {
$res = 1; $result = 1;
} }
if ($res == 0 && $this->VerifyLogin($user['sDN'], $strPass) === true) { if ($result == 0 && $this->VerifyLogin($user['sDN'], $strPass) === true) {
$res = 1; $result = 1;
} }
} else { } else {
return $res; return $result;
} }
if ($res == 0) { if ($result == 0) {
$aAuthSource = $rbac->authSourcesObj->load($this->sAuthSource); $authSource = $rbac->authSourcesObj->load($this->sAuthSource);
$aAttributes = array(); $attributes = [];
if (isset($aAuthSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE'])) { if (isset($authSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE'])) {
$aAttributes = $aAuthSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE']; $attributes = $authSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE'];
} }
$aData = array(); $usrRole = 'PROCESSMAKER_OPERATOR';
$aData['USR_USERNAME'] = $user['sUsername']; if (!empty($authSource['AUTH_SOURCE_DATA']['USR_ROLE'])) {
$aData["USR_PASSWORD"] = "00000000000000000000000000000000"; $usrRole = $authSource['AUTH_SOURCE_DATA']['USR_ROLE'];
$aData['USR_FIRSTNAME'] = $user['sFirstname']; }
$aData['USR_LASTNAME'] = $user['sLastname']; $data = [];
$aData['USR_EMAIL'] = $user['sEmail']; $data['USR_USERNAME'] = $user['sUsername'];
$aData['USR_DUE_DATE'] = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 2)); $data["USR_PASSWORD"] = "00000000000000000000000000000000";
$aData['USR_CREATE_DATE'] = date('Y-m-d H:i:s'); $data['USR_FIRSTNAME'] = $user['sFirstname'];
$aData['USR_UPDATE_DATE'] = date('Y-m-d H:i:s'); $data['USR_LASTNAME'] = $user['sLastname'];
$aData['USR_BIRTHDAY'] = date('Y-m-d'); $data['USR_EMAIL'] = $user['sEmail'];
$aData['USR_STATUS'] = (isset($user['USR_STATUS'])) ? (($user['USR_STATUS'] == 'ACTIVE') ? 1 : 0) : 1; $data['USR_DUE_DATE'] = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 2));
$aData['USR_AUTH_TYPE'] = strtolower($aAuthSource['AUTH_SOURCE_PROVIDER']); $data['USR_CREATE_DATE'] = date('Y-m-d H:i:s');
$aData['UID_AUTH_SOURCE'] = $aAuthSource['AUTH_SOURCE_UID']; $data['USR_UPDATE_DATE'] = date('Y-m-d H:i:s');
$aData['USR_AUTH_USER_DN'] = $user['sDN']; $data['USR_BIRTHDAY'] = date('Y-m-d');
$aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR'; $data['USR_STATUS'] = (isset($user['USR_STATUS'])) ? (($user['USR_STATUS'] == 'ACTIVE') ? 1 : 0) : 1;
$data['USR_AUTH_TYPE'] = strtolower($authSource['AUTH_SOURCE_PROVIDER']);
$data['UID_AUTH_SOURCE'] = $authSource['AUTH_SOURCE_UID'];
$data['USR_AUTH_USER_DN'] = $user['sDN'];
$data['USR_ROLE'] = $usrRole;
if (!empty($aAttributes)) { if (!empty($attributes)) {
foreach ($aAttributes as $value) { foreach ($attributes as $value) {
if (isset($user[$value['attributeUser']])) { if (isset($user[$value['attributeUser']])) {
$aData[$value['attributeUser']] = str_replace("*", "'", $user[$value['attributeUser']]); $data[$value['attributeUser']] = str_replace("*", "'", $user[$value['attributeUser']]);
if ($value['attributeUser'] == 'USR_STATUS') { if ($value['attributeUser'] == 'USR_STATUS') {
$evalValue = $aData[$value['attributeUser']]; $evalValue = $data[$value['attributeUser']];
$statusValue = (isset($user['USR_STATUS'])) ? $user['USR_STATUS'] : 'ACTIVE'; $statusValue = (isset($user['USR_STATUS'])) ? $user['USR_STATUS'] : 'ACTIVE';
$aData[$value['attributeUser']] = $statusValue; $data[$value['attributeUser']] = $statusValue;
} }
} }
} }
@@ -1698,23 +1714,23 @@ class LdapAdvanced
//req - accountexpires //req - accountexpires
if (isset($user["USR_DUE_DATE"]) && $user["USR_DUE_DATE"] != '') { if (isset($user["USR_DUE_DATE"]) && $user["USR_DUE_DATE"] != '') {
$aData["USR_DUE_DATE"] = $this->convertDateADtoPM($user["USR_DUE_DATE"]); $data["USR_DUE_DATE"] = $this->convertDateADtoPM($user["USR_DUE_DATE"]);
} }
//end //end
$sUserUID = $rbac->createUser($aData, 'PROCESSMAKER_OPERATOR'); $userUid = $rbac->createUser($data, $usrRole);
$aData['USR_UID'] = $sUserUID; $data['USR_UID'] = $userUid;
require_once 'classes/model/Users.php'; require_once 'classes/model/Users.php';
$oUser = new Users(); $users = new Users();
$aData['USR_STATUS'] = (isset($user['USR_STATUS'])) ? $user['USR_STATUS'] : 'ACTIVE'; $data['USR_STATUS'] = (isset($user['USR_STATUS'])) ? $user['USR_STATUS'] : 'ACTIVE';
$oUser->create($aData); $users->create($data);
$this->log(null, "Automatic Register for user $strUser "); $this->log(null, "Automatic Register for user $strUser ");
$res = 1; $result = 1;
} }
return $res; return $result;
} }
/** /**
@@ -2260,15 +2276,15 @@ class LdapAdvanced
} }
/** /**
* creates an users using the data send in the array $aUsers * creates an users using the data send in the array $user
* and then add the user to specific department * and then add the user to specific department
* this function is used in cron only * this function is used in cron only
* *
* @param array $aUser info taken from ldap * @param array $user info taken from ldap
* @param string $depUid the department UID * @param string $depUid the department UID
* @return boolean * @return boolean
*/ */
public function createUserAndActivate($aUser, $depUid) public function createUserAndActivate($user, $depUid)
{ {
$rbac = RBAC::getSingleton(); $rbac = RBAC::getSingleton();
@@ -2284,41 +2300,42 @@ class LdapAdvanced
$rbac->usersRolesObj = new UsersRoles(); $rbac->usersRolesObj = new UsersRoles();
} }
$sUsername = $aUser['sUsername']; $sUsername = $user['sUsername'];
$sFullname = $aUser['sFullname']; $sFullname = $user['sFullname'];
$sFirstname = $aUser['sFirstname']; $sFirstname = $user['sFirstname'];
$sLastname = $aUser['sLastname']; $sLastname = $user['sLastname'];
$sEmail = $aUser['sEmail']; $sEmail = $user['sEmail'];
$sDn = $aUser['sDN']; $sDn = $user['sDN'];
$usrRole = empty($user['usrRole']) ? 'PROCESSMAKER_OPERATOR' : $user['usrRole'];
$aData = array(); $data = [];
$aData['USR_USERNAME'] = $sUsername; $data['USR_USERNAME'] = $sUsername;
$aData["USR_PASSWORD"] = "00000000000000000000000000000000"; $data["USR_PASSWORD"] = "00000000000000000000000000000000";
$aData['USR_FIRSTNAME'] = $sFirstname; $data['USR_FIRSTNAME'] = $sFirstname;
$aData['USR_LASTNAME'] = $sLastname; $data['USR_LASTNAME'] = $sLastname;
$aData['USR_EMAIL'] = $sEmail; $data['USR_EMAIL'] = $sEmail;
$aData['USR_DUE_DATE'] = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 2)); $data['USR_DUE_DATE'] = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 2));
$aData['USR_CREATE_DATE'] = date('Y-m-d H:i:s'); $data['USR_CREATE_DATE'] = date('Y-m-d H:i:s');
$aData['USR_UPDATE_DATE'] = date('Y-m-d H:i:s'); $data['USR_UPDATE_DATE'] = date('Y-m-d H:i:s');
$aData['USR_BIRTHDAY'] = date('Y-m-d'); $data['USR_BIRTHDAY'] = date('Y-m-d');
$aData['USR_STATUS'] = 1; $data['USR_STATUS'] = 1;
$aData['USR_AUTH_TYPE'] = 'ldapadvanced'; $data['USR_AUTH_TYPE'] = 'ldapadvanced';
$aData['UID_AUTH_SOURCE'] = $this->sAuthSource; $data['UID_AUTH_SOURCE'] = $this->sAuthSource;
$aData['USR_AUTH_USER_DN'] = $sDn; $data['USR_AUTH_USER_DN'] = $sDn;
$sUserUID = $rbac->createUser($aData, "PROCESSMAKER_OPERATOR"); $userUid = $rbac->createUser($data, $usrRole);
$aData['USR_STATUS'] = 'ACTIVE'; $data['USR_STATUS'] = 'ACTIVE';
$aData['USR_UID'] = $sUserUID; $data['USR_UID'] = $userUid;
$aData['DEP_UID'] = $depUid; $data['DEP_UID'] = $depUid;
$aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR'; $data['USR_ROLE'] = $usrRole;
require_once 'classes/model/Users.php'; require_once 'classes/model/Users.php';
$oUser = new Users(); $users = new Users();
$oUser->create($aData); $users->create($data);
return $sUserUID; return $userUid;
} }
public function synchronizeManagers($managersHierarchy) public function synchronizeManagers($managersHierarchy)