fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-2589 No logs created when editing a field of a Authentication Sources connection

Browse Source
This commit is contained in:
Roly Rudy Gutierrez Pinto
2021-01-05 23:21:34 -04:00
parent 3cde88716a
commit 3fc6d8e1a5
3 changed files with 252 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
rbac/engine/classes/model/AuthenticationSource.php
View File

@@ -16,6 +16,8 @@
*/
require_once 'classes/model/om/BaseAuthenticationSource.php';
use Illuminate\Support\Facades\Log;
/**
* @package rbac-classes-model
*/
@@ -69,6 +71,7 @@ class AuthenticationSource extends BaseAuthenticationSource {
$oConnection->begin();
$iResult = $oAuthenticationSource->save();
$oConnection->commit();
Log::channel(':ldapAdvanced')->info("create", Bootstrap::context($aData));
$authSourceServerName = isset($aData['AUTH_SOURCE_SERVER_NAME']) ? ' - Server Name: '.$aData['AUTH_SOURCE_SERVER_NAME'] : '';
$authSourcePort = isset($aData['AUTH_SOURCE_PORT']) ? ' - Port: '.$aData['AUTH_SOURCE_PORT'] : '';
@@ -122,6 +125,7 @@ class AuthenticationSource extends BaseAuthenticationSource {
$oConnection->begin();
$iResult = $oAuthenticationSource->save();
$oConnection->commit();
Log::channel(':ldapAdvanced')->info("update", Bootstrap::context($aData));
G::auditLog("UpdateAuthSource", "Authentication Source Name: ".$aData['AUTH_SOURCE_NAME']." - Authentication Source ID: (".$aData['AUTH_SOURCE_UID'].") ".$authSourceServerName.$authSourcePort.$authSourceEnabledTLS.$authSourceVersion.$authSourceBaseDn.$authAnonymous.$authSourceSearchUser.$authSourceLdapType.$authSourceIdentifier.$authSourceFilter);
return $iResult;
}
@@ -131,6 +135,7 @@ class AuthenticationSource extends BaseAuthenticationSource {
foreach($aValidationFailures as $oValidationFailure) {
$sMessage .= $oValidationFailure->getMessage() . '<br />';
}
Log::channel(':ldapAdvanced')->error($sMessage, Bootstrap::context($aData));
throw(new Exception('The registry cannot be updated!<br />'.$sMessage));
}
}
@@ -158,6 +163,7 @@ class AuthenticationSource extends BaseAuthenticationSource {
$oConnection->begin();
$iResult = $oAuthenticationSource->delete();
$oConnection->commit();
Log::channel(':ldapAdvanced')->info("remove", Bootstrap::context(["AUTH_SOURCE_UID" => $sUID]));
G::auditLog("DeleteAuthSource", "Authentication Source Name: ".$authenticationSource['AUTH_SOURCE_NAME']." Authentication Source ID: (".$sUID.") ");
return $iResult;

161
workflow/engine/classes/LdapAdvanced.php
View File

@@ -72,6 +72,7 @@ class LdapAdvanced
*/
public function __construct()
{
}
/**
@@ -298,8 +299,8 @@ class LdapAdvanced
public function progressBar($total, $count)
{
try {
$p = (int)(($count * 100) / $total);
$n = (int)($p / 2);
$p = (int) (($count * 100) / $total);
$n = (int) ($p / 2);
return "[" . str_repeat("|", $n) . str_repeat(" ", 50 - $n) . "] $p%";
} catch (Exception $e) {
@@ -454,7 +455,6 @@ class LdapAdvanced
*/
public function log($link, $text)
{
//$serverAddr = $_SERVER["SERVER_ADDR"];
$logFile = PATH_DATA . "log/ldapAdvanced.log";
if (!file_exists($logFile) || is_writable($logFile)) {
@@ -515,16 +515,19 @@ class LdapAdvanced
}
$ldapcnn = ldap_connect($aAuthSource['AUTH_SOURCE_SERVER_NAME'], $aAuthSource['AUTH_SOURCE_PORT']);
$this->stdLog($ldapcnn, "ldap_connect", $aAuthSource);
$ldapServer = $aAuthSource["AUTH_SOURCE_SERVER_NAME"] . ":" . $aAuthSource["AUTH_SOURCE_PORT"];
ldap_set_option($ldapcnn, LDAP_OPT_PROTOCOL_VERSION, 3);
$this->stdLog($ldapcnn, "ldap_set_option", $aAuthSource);
ldap_set_option($ldapcnn, LDAP_OPT_REFERRALS, 0);
$this->stdLog($ldapcnn, "ldap_set_option", $aAuthSource);
if (isset($aAuthSource["AUTH_SOURCE_ENABLED_TLS"]) && $aAuthSource["AUTH_SOURCE_ENABLED_TLS"]) {
$resultLDAPStartTLS = @ldap_start_tls($ldapcnn);
$this->stdLog($ldapcnn, "ldap_start_tls", $aAuthSource);
$ldapServer = "TLS " . $ldapServer;
//$this->log($ldapcnn, "start tls");
}
if ($aAuthSource["AUTH_ANONYMOUS"] == "1") {
@@ -534,6 +537,7 @@ class LdapAdvanced
$bBind = @ldap_bind($ldapcnn, $aAuthSource['AUTH_SOURCE_SEARCH_USER'], $aAuthSource['AUTH_SOURCE_PASSWORD']);
$this->log($ldapcnn, "bind $ldapServer with user " . $aAuthSource["AUTH_SOURCE_SEARCH_USER"]);
}
$this->stdLog($ldapcnn, "ldap_bind", $aAuthSource);
$this->getDiagnosticMessage($ldapcnn);
if (!$bBind) {
throw new Exception("Unable to bind to server: $ldapServer . " . "LDAP-Errno: " . ldap_errno($ldapcnn) . " : " . ldap_error($ldapcnn) . " \n");
@@ -582,6 +586,7 @@ class LdapAdvanced
];
$message = '';
ldap_get_option($linkIdentifier, LDAP_OPT_DIAGNOSTIC_MESSAGE, $messageError);
$this->stdLog($linkIdentifier, "ldap_get_option", ["error" => $messageError]);
foreach ($keysError as $key => $value) {
if (strpos($messageError, (string) $value['code']) !== false) {
$message = $value['message'];
@@ -613,8 +618,10 @@ class LdapAdvanced
$arrayAttributes = array();
$arrayAttributes['dn'] = ldap_get_dn($ldapcnn, $entry);
$this->stdLog($ldapcnn, "ldap_get_dn");
$arrayAux = ldap_get_attributes($ldapcnn, $entry);
$this->stdLog($ldapcnn, "ldap_get_attributes");
for ($i = 0; $i <= $arrayAux["count"] - 1; $i++) {
$key = strtolower($arrayAux[$i]);
@@ -667,6 +674,7 @@ class LdapAdvanced
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromDepartmentSearchResult() > ldap_list > OK");
$numEntries = ldap_count_entries($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_count_entries");
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromDepartmentSearchResult() > ldap_list > OK > \$numEntries ----> $numEntries");
@@ -676,6 +684,7 @@ class LdapAdvanced
$this->log($ldapcnn, "Search $dn accounts with identifier = $uidUserIdentifier");
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry");
do {
$arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -773,8 +782,10 @@ class LdapAdvanced
do {
ldap_control_paged_result($ldapcnn, $limit, true, $cookie);
$this->stdLog($ldapcnn, "ldap_control_paged_result", ["limit" => $limit]);
$searchResult = @ldap_list($ldapcnn, $dn, $filter, $this->arrayAttributesForUser);
$this->stdLog($ldapcnn, "ldap_list", ["filter" => $filter, "attributes" => $this->arrayAttributesForUser]);
if ($error = ldap_errno($ldapcnn)) {
$flagError = true;
@@ -793,6 +804,7 @@ class LdapAdvanced
if (!$flagError) {
ldap_control_paged_result_response($ldapcnn, $searchResult, $cookie);
$this->stdLog($ldapcnn, "ldap_control_paged_result_response");
}
} while (($cookie !== null && $cookie != '') && !$flagError);
@@ -811,6 +823,7 @@ class LdapAdvanced
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromDepartment() > \$filter ----> $filter");
$searchResult = @ldap_list($ldapcnn, $dn, $filter, $this->arrayAttributesForUser);
$this->stdLog($ldapcnn, "ldap_list", ["attributes" => $this->arrayAttributesForUser]);
if ($error = ldap_errno($ldapcnn)) {
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromDepartment() > ldap_list > ERROR > \$error ---->\n" . print_r($error, true));
@@ -891,13 +904,21 @@ class LdapAdvanced
$member = $value; //User DN
$searchResult = @ldap_search($ldapcnn, $member, $filter, $this->arrayAttributesForUser);
$context = [
"baseDN" => $member,
"filter" => $filter,
"attributes" => $this->arrayAttributesForUser
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
//
} else {
if ($searchResult) {
if (ldap_count_entries($ldapcnn, $searchResult) > 0) {
$this->stdLog($ldapcnn, "ldap_count_entries");
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry");
$arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -972,6 +993,12 @@ class LdapAdvanced
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromGroup() > \$filter ----> $filter");
$searchResult = @ldap_search($ldapcnn, $dn, $filter, array($memberAttribute));
$context = [
"baseDN" => $dn,
"filter" => $filter,
"attributes" => [$memberAttribute]
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromGroup() > ldap_search > ERROR > \$error ---->\n" . print_r($error, true));
@@ -982,11 +1009,13 @@ class LdapAdvanced
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromGroup() > ldap_search > OK2");
$numEntries = ldap_count_entries($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_count_entries");
$this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromGroup() > ldap_search > OK2 > \$numEntries ----> $numEntries");
if ($numEntries > 0) {
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry");
$arrayGroupLdap = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -1027,13 +1056,21 @@ class LdapAdvanced
$memberAttribute2 = $memberAttribute . ';range=' . $start . '-' . $end;
$searchResult = @ldap_search($ldapcnn, $dn, $filter, [$memberAttribute2]);
$context = [
"baseDN" => $dn,
"filter" => $filter,
"attributes" => [$memberAttribute2]
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
break;
} else {
if ($searchResult) {
if (ldap_count_entries($ldapcnn, $searchResult) > 0) {
$this->stdLog($ldapcnn, "ldap_count_entries");
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry");
$arrayGroupLdap = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -1347,16 +1384,24 @@ class LdapAdvanced
$filter = "(&$filter(|(dn=$keyword)(uid=$keyword)(samaccountname=$keyword)(givenname=$keyword)(sn=$keyword)(cn=$keyword)(mail=$keyword)(userprincipalname=$keyword)))";
$oSearch = @ldap_search($ldapcnn, $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"], $filter, array_merge($this->arrayAttributesForUser, $attributeSetAdd));
$context = [
"baseDN" => $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"],
"filter" => $filter,
"attribute" => array_merge($this->arrayAttributesForUser, $attributeSetAdd)
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($oError = ldap_errno($ldapcnn)) {
$this->log($ldapcnn, "Error in Search users");
} else {
if ($oSearch) {
$entries = ldap_count_entries($ldapcnn, $oSearch);
$this->stdLog($ldapcnn, "ldap_count_entries");
$totalUser = $entries;
if ($entries > 0) {
$oEntry = ldap_first_entry($ldapcnn, $oSearch);
$this->stdLog($ldapcnn, "ldap_first_entry");
$countEntries = 0;
@@ -1508,6 +1553,12 @@ class LdapAdvanced
$filter = "(&(" . $this->arrayObjectClassFilter["user"] . ")(|($uidUserIdentifier=$keyword)$filter2))";
$searchResult = @ldap_search($ldapcnn, $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"], $filter, array_merge($this->arrayAttributesForUser, $attributeSetAdd));
$context = [
"baseDN" => $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"],
"filter" => $filter,
"attribute" => array_merge($this->arrayAttributesForUser, $attributeSetAdd)
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
$messageError = ldap_err2str($error);
@@ -1516,9 +1567,11 @@ class LdapAdvanced
} else {
if ($searchResult) {
$numEntries = ldap_count_entries($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_count_entries");
if ($numEntries > 0) {
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry");
$arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -1702,8 +1755,15 @@ class LdapAdvanced
do {
ldap_control_paged_result($ldapcnn, $limit, true, $cookie);
$this->stdLog($ldapcnn, "ldap_control_paged_result", ["pageSize" => $limit, "isCritical" => true]);
$searchResult = @ldap_search($ldapcnn, $arrayAuthenticationSourceData['AUTH_SOURCE_BASE_DN'], $filter, ['dn', 'ou']);
$context = [
"baseDN" => $arrayAuthenticationSourceData['AUTH_SOURCE_BASE_DN'],
"filter" => $filter,
"attributes" => ['dn', 'ou']
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
$this->log($ldapcnn, 'Error in Search');
@@ -1723,7 +1783,9 @@ class LdapAdvanced
//Get departments from the ldap entries
if (ldap_count_entries($ldapcnn, $searchResult) > 0) {
$this->stdLog($ldapcnn, "ldap_count_entries");
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry", $context);
do {
$arrayEntryData = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -1752,6 +1814,7 @@ class LdapAdvanced
if (!$flagError) {
ldap_control_paged_result_response($ldapcnn, $searchResult, $cookie);
$this->stdLog($ldapcnn, "ldap_control_paged_result_response", $context);
}
} while (($cookie !== null && $cookie != '') && !$flagError);
@@ -1791,6 +1854,12 @@ class LdapAdvanced
$ldapcnn = $this->ldapcnn;
$oSearch = @ldap_search($ldapcnn, $aAuthSource["AUTH_SOURCE_BASE_DN"], $dFilter, $this->arrayAttributesForUser);
$context = [
"baseDN" => $aAuthSource["AUTH_SOURCE_BASE_DN"],
"filter" => $dFilter,
"attributes" => $this->arrayAttributesForUser
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($oError = ldap_errno($ldapcnn)) {
return $aUsers;
@@ -1798,7 +1867,9 @@ class LdapAdvanced
if ($oSearch) {
//get the departments from the ldap entries
if (ldap_count_entries($ldapcnn, $oSearch) > 0) {
$this->stdLog($ldapcnn, "ldap_count_entries");
$oEntry = ldap_first_entry($ldapcnn, $oSearch);
$this->stdLog($ldapcnn, "ldap_first_entry");
do {
$aAttr = $this->ldapGetAttributes($ldapcnn, $oEntry);
@@ -1886,7 +1957,6 @@ class LdapAdvanced
return $terminated;
}
/* activate an user previously deactivated
if user is now in another department, we need the second parameter, the depUid
@@ -2326,8 +2396,15 @@ class LdapAdvanced
do {
ldap_control_paged_result($ldapcnn, $limit, true, $cookie);
$this->stdLog($ldapcnn, "ldap_control_paged_result", ["pageSize" => $limit, "isCritical" => true]);
$searchResult = @ldap_search($ldapcnn, $arrayAuthenticationSourceData['AUTH_SOURCE_BASE_DN'], $filter, ['dn', 'cn']);
$context = [
"baseDN" => $arrayAuthenticationSourceData['AUTH_SOURCE_BASE_DN'],
"filter" => $filter,
"attributes" => ['dn', 'cn']
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
$this->log($ldapcnn, 'Error in Search');
@@ -2337,9 +2414,11 @@ class LdapAdvanced
if ($searchResult) {
//Get groups from the ldap entries
$countEntries = ldap_count_entries($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_count_entries");
if ($countEntries > 0) {
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry");
do {
$arrayEntryData = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -2358,6 +2437,7 @@ class LdapAdvanced
if (!$flagError) {
ldap_control_paged_result_response($ldapcnn, $searchResult, $cookie);
$this->stdLog($ldapcnn, "ldap_control_paged_result_response");
}
} while (($cookie !== null && $cookie != '') && !$flagError);
@@ -2513,14 +2593,15 @@ class LdapAdvanced
{
$dn = trim($dn, ',');
$result = ldap_explode_dn($dn, 0);
$this->stdLog(null, "ldap_explode_dn", ["dn" => $dn]);
if (is_array($result)) {
unset($result['count']);
foreach ($result as $key => $value) {
$result[$key] = addcslashes(preg_replace_callback("/\\\([0-9A-Fa-f]{2})/", function ($m) {
return chr(hexdec($m[1]));
}, $value), '<>,"');
$result[$key] = addcslashes(preg_replace_callback("/\\\([0-9A-Fa-f]{2})/", function ($m) {
return chr(hexdec($m[1]));
}, $value), '<>,"');
}
}
@@ -2777,12 +2858,20 @@ class LdapAdvanced
$arrayAttribute = array_merge($this->arrayAttributesForUser, array_values($arrayAttributesToSync));
$searchResult = @ldap_search($ldapcnn, $userDn, '(objectclass=*)', $arrayAttribute);
$context = [
"baseDN" => $userDn,
"filter" => "(objectclass=*)",
"attributes" => $arrayAttribute
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
//
} else {
if ($searchResult && ldap_count_entries($ldapcnn, $searchResult) > 0) {
$this->stdLog($ldapcnn, "ldap_count_entries");
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry", $context);
$arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
@@ -2873,11 +2962,18 @@ class LdapAdvanced
$filter = '(&(' . $this->arrayObjectClassFilter['user'] . ')(|' . $filterUsers . '))';
$searchResult = @ldap_search($ldapcnn, $arrayAuthSourceData['AUTH_SOURCE_BASE_DN'], $filter, $this->arrayAttributesForUser);
$context = [
"baseDN" => $arrayAuthSourceData['AUTH_SOURCE_BASE_DN'],
"filter" => $filter,
"attributes" => $this->arrayAttributesForUser
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($error = ldap_errno($ldapcnn)) {
//
} else {
if ($searchResult && ldap_count_entries($ldapcnn, $searchResult) > 0) {
$this->stdLog($ldapcnn, "ldap_count_entries");
//Get Users from DB
$arrayUser = [];
@@ -2897,14 +2993,15 @@ class LdapAdvanced
//Get Users from LDAP Server
$entry = ldap_first_entry($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_first_entry");
do {
if ($this->ldapUserUpdateByDnAndData(
$ldapcnn,
$arrayAuthSourceData,
ldap_get_dn($ldapcnn, $entry),
$arrayUser
)
$ldapcnn,
$arrayAuthSourceData,
ldap_get_dn($ldapcnn, $entry),
$arrayUser
)
) {
$countUser++;
@@ -3031,9 +3128,16 @@ class LdapAdvanced
}
$searchResult = @ldap_search($ldapcnn, $baseDn, '(|(objectclass=*))', ['dn']);
$context = [
"baseDN" => $baseDn,
"filter" => "(|(objectclass=*))",
"attributes" => ['dn']
];
$this->stdLog($ldapcnn, "ldap_search", $context);
if ($searchResult) {
$countEntries = ldap_count_entries($ldapcnn, $searchResult);
$this->stdLog($ldapcnn, "ldap_count_entries");
if ($countEntries > 0) {
$limit = ($countEntries > $limit) ? $limit : $countEntries;
@@ -3045,4 +3149,35 @@ class LdapAdvanced
throw $e;
}
}
/**
* Standard log
* @param resource $link
* @param string $message
* @param array $context
* @param string $level
*/
public function stdLog($link, $message = "", $context = [], $level = "info")
{
if (empty($link)) {
switch ($level) {
case "error":
Log::channel(':ldapAdvanced')->error($message, Bootstrap::context($context));
break;
case "info":
default:
Log::channel(':ldapAdvanced')->info($message, Bootstrap::context($context));
break;
}
return;
}
$code = ldap_errno($link);
$detail = ldap_err2str($code);
$context["detail"] = $detail;
if ($code === 0) {
Log::channel(':ldapAdvanced')->info($message, Bootstrap::context($context));
} else {
Log::channel(':ldapAdvanced')->error($message, Bootstrap::context($context));
}
}
}

98
workflow/engine/methods/services/ldapadvanced.php
View File

@@ -66,11 +66,13 @@ class ldapadvancedClassCron
$plugin->frontEndShow("START");
$plugin->debugLog("START");
$plugin->stdLog(null, "cron execution started");
foreach ($arrayAuthenticationSource as $value) {
$arrayAuthenticationSourceData = $value;
try {
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$arrayAuthenticationSourceData ---->\n" . print_r($arrayAuthenticationSourceData, true));
$plugin->stdLog(null, "AuthenticationSourceData", ["result" => $arrayAuthenticationSourceData]);
$plugin->sAuthSource = $arrayAuthenticationSourceData["AUTH_SOURCE_UID"];
$plugin->ldapcnn = null;
@@ -84,6 +86,10 @@ class ldapadvancedClassCron
$plugin->frontEndShow("TEXT", "Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]);
$plugin->log(null, "Executing cron for Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]);
$context = [
"AUTH_SOURCE_NAME" => $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]
];
$plugin->stdLog(null, "authentication source", $context);
//Get all departments from Ldap/ActiveDirectory and build a hierarchy using dn (ou->ou parent)
$aLdapDepts = $plugin->searchDepartments();
@@ -92,6 +98,7 @@ class ldapadvancedClassCron
$aRegisteredDepts = $plugin->getRegisteredDepartments($aLdapDepts, $aDepartments);
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredDepts ---->\n" . print_r($aRegisteredDepts, true));
$plugin->stdLog(null, "RegisteredDepartments", ["result" => $aRegisteredDepts]);
//Get all group from Ldap/ActiveDirectory
$aLdapGroups = $plugin->searchGroups();
@@ -100,6 +107,7 @@ class ldapadvancedClassCron
$aRegisteredGroups = $plugin->getRegisteredGroups($aLdapGroups, $aGroups);
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredGroups ---->\n" . print_r($aRegisteredGroups, true));
$plugin->stdLog(null, "RegisteredGroups", ["result" => $aRegisteredGroups]);
//Get all users from Removed OU
$this->usersRemovedOu = $plugin->getUsersFromRemovedOu($arrayAuthenticationSourceData);
@@ -136,6 +144,7 @@ class ldapadvancedClassCron
$count = 0;
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$numDepartments ----> $numDepartments");
$plugin->stdLog(null, "NumberDepartments", ["result" => $numDepartments]);
foreach ($aRegisteredDepts as $registeredDept) {
$count++;
@@ -155,12 +164,21 @@ class ldapadvancedClassCron
$plugin->frontEndShow("TEXT", $logResults);
$plugin->log(null, $logResults);
$context = [
"existingUsers" => $this->dAlready,
"moved" => $this->dMoved,
"impossible" => $this->dImpossible,
"created" => $this->dCreated,
"removed" => $this->dRemoved
];
$plugin->stdLog(null, "departments", $context);
//Group - Synchronize Users
$numGroups = count($aRegisteredGroups);
$count = 0;
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$numGroups ----> $numGroups");
$plugin->stdLog(null, "NumberGroups", ["result" => $numGroups]);
foreach ($aRegisteredGroups as $registeredGroup) {
$count++;
@@ -180,6 +198,14 @@ class ldapadvancedClassCron
$plugin->frontEndShow("TEXT", $logResults);
$plugin->log(null, $logResults);
$context = [
"existingUsers" => $this->gAlready,
"moved" => $this->gMoved,
"impossible" => $this->gImpossible,
"created" => $this->gCreated,
"removed" => $this->gRemoved
];
$plugin->stdLog(null, "groups", $context);
//Manager
$plugin->clearManager($this->managersToClear);
@@ -317,35 +343,68 @@ class ldapadvancedClassCron
$plugin->frontEndShow("TEXT", $logResults);
$plugin->log(null, $logResults);
$context = [
"deletedRemoved" => $this->deletedRemoved
];
$plugin->stdLog(null, "deleted/removed users", $context);
if ($this->deletedRemoved > 0) {
$plugin->log(null, "Deleted/Removed Users: ");
$plugin->log(null, $this->deletedRemovedUsers);
$context = [
"deletedRemovedUsers" => $this->deletedRemovedUsers
];
$plugin->stdLog(null, "deleted/removed users", $context);
}
if ($this->dAlready + $this->gAlready > 0) {
$plugin->log(null, "Existing Users: ");
$plugin->log(null, $this->dAlreadyUsers . " " . $this->gAlreadyUsers);
$context = [
"dAlreadyUsers" => $this->dAlreadyUsers,
"gAlreadyUsers" => $this->gAlreadyUsers
];
$plugin->stdLog(null, "existing users", $context);
}
if ($this->dMoved + $this->gMoved > 0) {
$plugin->log(null, "Moved Users: ");
$plugin->log(null, $this->dMovedUsers . " " . $this->gMovedUsers);
$context = [
"dMovedUsers" => $this->dMovedUsers,
"gMovedUsers" => $this->gMovedUsers
];
$plugin->stdLog(null, "moved users", $context);
}
if ($this->dImpossible + $this->gImpossible > 0) {
$plugin->log(null, "Impossible Users: ");
$plugin->log(null, $this->dImpossibleUsers . " " . $this->gImpossibleUsers);
$context = [
"dImpossibleUsers" => $this->dImpossibleUsers,
"gImpossibleUsers" => $this->gImpossibleUsers
];
$plugin->stdLog(null, "impossible users", $context);
}
if ($this->dCreated + $this->gCreated > 0) {
$plugin->log(null, "Created Users: ");
$plugin->log(null, $this->dCreatedUsers . " " . $this->gCreatedUsers);
$context = [
"dCreatedUsers" => $this->dCreatedUsers,
"gCreatedUsers" => $this->gCreatedUsers
];
$plugin->stdLog(null, "created users", $context);
}
if ($this->dRemoved + $this->gRemoved > 0) {
$plugin->log(null, "Removed Users: ");
$plugin->log(null, $this->dRemovedUsers . " " . $this->gRemovedUsers);
$context = [
"dRemovedUsers" => $this->dRemovedUsers,
"gRemovedUsers" => $this->gRemovedUsers
];
$plugin->stdLog(null, "removed users", $context);
}
//Print and log the managers assignments"s information
@@ -359,21 +418,30 @@ class ldapadvancedClassCron
$plugin->frontEndShow("TEXT", $logResults);
$plugin->log(null, $logResults);
$context = [
"created" => count($newManagers) - count($movedManagers),
"moved" => count($movedManagers),
"removed" => count($deletedManagers) - count($movedManagers) + $this->deletedManager
];
$plugin->stdLog(null, "managers assignments", $context);
//Update Users data based on the LDAP Server
$plugin->usersUpdateData($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]);
} catch (Exception $e) {
$plugin = new LdapAdvanced();
$message = $e->getMessage();
$context = [
'action' => 'ldapSynchronize',
'authSource' => $arrayAuthenticationSourceData
];
$plugin->stdLog(null, $message, $context, "error");
Log::channel(':ldapSynchronize')->error($message, Bootstrap::context($context));
}
}
$plugin->frontEndShow("END");
$plugin->debugLog("END");
$plugin->stdLog(null, "cron execution finalized");
}
public function array_diff_assoc_recursive($array1, $array2)
@@ -423,6 +491,12 @@ class ldapadvancedClassCron
}
}
} catch (Exception $e) {
$plugin = new LdapAdvanced();
$message = $e->getMessage();
$context = [
"trace" => $e->getTrace()
];
$plugin->stdLog(null, $message, $context, "error");
throw $e;
}
}
@@ -438,15 +512,23 @@ class ldapadvancedClassCron
$group->removeUserOfGroup($groupUid, $userUid);
}
} catch (Exception $e) {
$plugin = new LdapAdvanced();
$message = $e->getMessage();
$context = [
"trace" => $e->getTrace()
];
$plugin->stdLog(null, $message, $context, "error");
throw $e;
}
}
public function departmentSynchronizeUsers($ldapAdvanced, $numDepartments, $count, array $arrayDepartmentData)
{
$plugin = new LdapAdvanced();
try {
$ldapAdvanced->debugLog("ldapadvanced.php > function departmentSynchronizeUsers() > START");
$ldapAdvanced->debugLog("ldapadvanced.php > function departmentSynchronizeUsers() > \$arrayDepartmentData ---->\n" . print_r($arrayDepartmentData, true));
$plugin->stdLog(null, "department synchronize users started", ["result" => $arrayDepartmentData]);
//Get users from ProcessMaker tables (for this Department)
$ldapAdvanced->setArrayDepartmentUsers($arrayDepartmentData["DEP_UID"]); //INITIALIZE DATA
@@ -515,19 +597,28 @@ class ldapadvancedClassCron
$this->dRemovedUsers = "";
$ldapAdvanced->debugLog("ldapadvanced.php > function departmentSynchronizeUsers() > END");
$plugin->stdLog(null, "department synchronize users finalized");
//Return all UID of Users synchronized in the Department (Return all UID of Users of this Department)
return $arrayUserUid;
} catch (Exception $e) {
$plugin = new LdapAdvanced();
$message = $e->getMessage();
$context = [
"trace" => $e->getTrace()
];
$plugin->stdLog(null, $message, $context, "error");
throw $e;
}
}
public function groupSynchronizeUsers($ldapAdvanced, $numGroups, $count, array $arrayGroupData)
{
$plugin = new LdapAdvanced();
try {
$ldapAdvanced->debugLog("ldapadvanced.php > function groupSynchronizeUsers() > START");
$ldapAdvanced->debugLog("ldapadvanced.php > function groupSynchronizeUsers() > \$arrayGroupData ---->\n" . print_r($arrayGroupData, true));
$plugin->stdLog(null, "group synchronize users started", ["result" => $arrayGroupData]);
//Get users from ProcessMaker tables (for this Group)
$ldapAdvanced->setArrayGroupUsers($arrayGroupData["GRP_UID"]); //INITIALIZE DATA
@@ -596,10 +687,17 @@ class ldapadvancedClassCron
$this->gRemovedUsers = "";
$ldapAdvanced->debugLog("ldapadvanced.php > function groupSynchronizeUsers() > END");
$plugin->stdLog(null, "group synchronize users finalized");
//Return all UID of Users synchronized in the Group (Return all UID of Users of this Group)
return $arrayUserUid;
} catch (Exception $e) {
$plugin = new LdapAdvanced();
$message = $e->getMessage();
$context = [
"trace" => $e->getTrace()
];
$plugin->stdLog(null, $message, $context, "error");
throw $e;
}
}