From a083cec1dd08a9193eb0905ff9b94a846f0b7f34 Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Mon, 11 Jan 2021 11:08:50 -0400 Subject: [PATCH] PMCORE-2487 Multiple groups are created with the same name when setting up ldap group synchronization --- workflow/engine/classes/LdapAdvanced.php | 43 +++++++++++ .../translations/english/processmaker.en.po | 6 ++ workflow/engine/data/mysql/insert.sql | 1 + .../authSourcesSynchronizeAjax.php | 73 +++++++++---------- .../authSources/authSourcesSynchronize.js | 14 +++- 5 files changed, 97 insertions(+), 40 deletions(-) diff --git a/workflow/engine/classes/LdapAdvanced.php b/workflow/engine/classes/LdapAdvanced.php index 7811ac3f8..6dde39f31 100644 --- a/workflow/engine/classes/LdapAdvanced.php +++ b/workflow/engine/classes/LdapAdvanced.php @@ -1,8 +1,10 @@ where('GRP_STATUS', '=', 'ACTIVE') + ->where('GRP_TITLE', '=', $title) + ->orderBy('GRP_ID', 'ASC') + ->get() + ->first(); + if (!empty($groupWf)) { + return $groupWf->GRP_UID; + } + } catch (Exception $e) { + $message = $e->getMessage(); + Log::channel(':ldapSynchronizeGroups')->error($message, Bootstrap::context()); + } + return ""; + } + + /** + * Check duplicate titles in GROUPWF table. + * @return bool + */ + public function checkDuplicateTitles(): bool + { + $sql = "" + . "select GRP_TITLE,count(GRP_TITLE) " + . "from GROUPWF " + . "group by GRP_TITLE having count(GRP_TITLE)>1"; + $results = DB::select(DB::raw($sql)); + if (empty($results)) { + return false; + } + return true; + } + /** * Get number of Users in each Group from the Database * diff --git a/workflow/engine/content/translations/english/processmaker.en.po b/workflow/engine/content/translations/english/processmaker.en.po index 008d18893..b55590721 100755 --- a/workflow/engine/content/translations/english/processmaker.en.po +++ b/workflow/engine/content/translations/english/processmaker.en.po @@ -10463,6 +10463,12 @@ msgstr "is not registered!" msgid "is required" msgstr "is required" +# TRANSLATION +# LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS +#: LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS +msgid "It was identified in the workspace duplicated groups, please remove manually these groups." +msgstr "It was identified in the workspace duplicated groups, please remove manually these groups." + # TRANSLATION # LABEL/ID_IUD #: LABEL/ID_IUD diff --git a/workflow/engine/data/mysql/insert.sql b/workflow/engine/data/mysql/insert.sql index c1ef788f1..36c4e7ebe 100755 --- a/workflow/engine/data/mysql/insert.sql +++ b/workflow/engine/data/mysql/insert.sql @@ -58597,6 +58597,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE ( 'LABEL','ID_ISSUED_TO','en','Issued to','2014-09-18') , ( 'LABEL','ID_IS_NOT_REGISTERED','en','is not registered!','2014-01-15') , ( 'LABEL','ID_IS_REQUIRED','en','is required','2014-01-15') , +( 'LABEL','ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS','en','It was identified in the workspace duplicated groups, please remove manually these groups.','2020-12-02') , ( 'LABEL','ID_IUD','en','#','2014-01-15') , ( 'LABEL','ID_JAVASCRIPTS','en','JavaScripts','2014-01-15') , ( 'LABEL','ID_JAVASCRIPT_CACHE','en','Javascript cache','2014-01-15') , diff --git a/workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php b/workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php index 50179b154..900515491 100644 --- a/workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php +++ b/workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php @@ -164,63 +164,58 @@ try { $ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]); foreach ($groupsToCheck as $groupDN) { - //$baseDN = str_replace($authenticationSource["AUTH_SOURCE_BASE_DN"], "", $groupDN); $ous = custom_ldap_explode_dn($groupDN); $currentGroup = array_shift($ous); - //$parentDN = implode(",", $ous); - //$ous = custom_ldap_explode_dn($baseDN); - //$currentGroup = array_shift($ous); - - foreach ($ous as $key => $val) { - $aux = explode("=", $val); - - if (isset($aux[0]) && strtolower(trim($aux[0]) != "ou")) { - unset($ous[$key]); - } - } - $groupAux = explode("=", $currentGroup); $groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : ""; - $groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN); - - if ($groupUID == "") { - $group = new Groupwf(); - $row["GRP_TITLE"] = stripslashes($groupTitle); - $row["GRP_LDAP_DN"] = $groupDN; - $groupUID = $group->create($row); - - if ($groupUID == false) { - $response = new stdclass(); - $response->status = "ERROR"; - $response->message = "Error creating group"; - die($json->encode($response)); - } + $groupTitle = stripslashes($groupTitle); + if (empty($groupTitle)) { + continue; + } + $groupUid = $ldapAdvanced->getGroupUidByTitle($groupTitle); + $groupwf = new Groupwf(); + if ($groupUid === "") { + $group = [ + "GRP_TITLE" => $groupTitle, + "GRP_LDAP_DN" => $groupDN + ]; + $groupwf->create($group); + } else { + $group = $groupwf->Load($groupUid); + $group["GRP_LDAP_DN"] = $groupDN; + $groupwf->update($group); } } if (count($groupsToUncheck) > 0) { foreach ($groupsToUncheck as $groupDN) { - $groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN); - - if ($groupUID != "") { - $group = new Groupwf(); - $groupInfo = $group->Load($groupUID); - $groupInfo["GRP_LDAP_DN"] = ""; - $group->update($groupInfo); - + $ous = custom_ldap_explode_dn($groupDN); + $currentGroup = array_shift($ous); + $groupAux = explode("=", $currentGroup); + $groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : ""; + $groupTitle = stripslashes($groupTitle); + if (empty($groupTitle)) { + continue; + } + $groupUid = $ldapAdvanced->getGroupUidByTitle($groupTitle); + if ($groupUid != "") { + $groupwf = new Groupwf(); + $group = $groupwf->Load($groupUid); + $group["GRP_LDAP_DN"] = ""; + $groupwf->update($group); if (!isset($authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"])) { $authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"] = array(); } - - $authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"][] = $groupUID; + $authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"][] = $groupUid; } } - $RBAC->authSourcesObj->update($authenticationSource); } - $response = new stdclass(); $response->status = "OK"; + if ($ldapAdvanced->checkDuplicateTitles()) { + $response->warning = G::LoadTranslation("ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS"); + } die($json->encode($response)); break; } diff --git a/workflow/engine/templates/authSources/authSourcesSynchronize.js b/workflow/engine/templates/authSources/authSourcesSynchronize.js index 28faa322a..32cd808e6 100644 --- a/workflow/engine/templates/authSources/authSourcesSynchronize.js +++ b/workflow/engine/templates/authSources/authSourcesSynchronize.js @@ -143,6 +143,7 @@ Ext.onReady(function() { var response = Ext.util.JSON.decode(r.responseText); if (response.status == 'OK') { treeGroups.getLoader().load(treeGroups.root); + treeGroups.responseMessage = response; } else { alert(response.message); @@ -164,7 +165,18 @@ Ext.onReady(function() { msg: 'All changes have been saved.', icon: Ext.Msg.INFO, minWidth: 200, - buttons: Ext.Msg.OK + buttons: Ext.Msg.OK, + fn: function (btn) { + if (btn == 'ok' && treeGroups.responseMessage && treeGroups.responseMessage.warning) { + Ext.Msg.show({ + title: _('ID_WARNING'), + msg: treeGroups.responseMessage.warning, + icon: Ext.Msg.INFO, + minWidth: 200, + buttons: Ext.Msg.OK + }); + } + } }); } });