PMCORE-2487 Multiple groups are created with the same name when setting up ldap group synchronization
This commit is contained in:
Roly Rudy Gutierrez Pinto
@@ -1,8 +1,10 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
use ProcessMaker\BusinessModel\User;
|
||||
use ProcessMaker\Model\Groupwf;
|
||||
|
||||
/**
|
||||
* class.ldapAdvanced.php
|
||||
@@ -2401,6 +2403,47 @@ class LdapAdvanced
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get group Uid by title.
|
||||
* @param string $title
|
||||
* @return string
|
||||
*/
|
||||
public function getGroupUidByTitle(string $title): string
|
||||
{
|
||||
try {
|
||||
$groupWf = Groupwf::query()
|
||||
->where('GRP_STATUS', '=', 'ACTIVE')
|
||||
->where('GRP_TITLE', '=', $title)
|
||||
->orderBy('GRP_ID', 'ASC')
|
||||
->get()
|
||||
->first();
|
||||
if (!empty($groupWf)) {
|
||||
return $groupWf->GRP_UID;
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
$message = $e->getMessage();
|
||||
Log::channel(':ldapSynchronizeGroups')->error($message, Bootstrap::context());
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
/**
|
||||
* Check duplicate titles in GROUPWF table.
|
||||
* @return bool
|
||||
*/
|
||||
public function checkDuplicateTitles(): bool
|
||||
{
|
||||
$sql = ""
|
||||
. "select GRP_TITLE,count(GRP_TITLE) "
|
||||
. "from GROUPWF "
|
||||
. "group by GRP_TITLE having count(GRP_TITLE)>1";
|
||||
$results = DB::select(DB::raw($sql));
|
||||
if (empty($results)) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get number of Users in each Group from the Database
|
||||
*
|
||||
|
||||
@@ -10463,6 +10463,12 @@ msgstr "is not registered!"
|
||||
msgid "is required"
|
||||
msgstr "is required"
|
||||
|
||||
# TRANSLATION
|
||||
# LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS
|
||||
#: LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS
|
||||
msgid "It was identified in the workspace duplicated groups, please remove manually these groups."
|
||||
msgstr "It was identified in the workspace duplicated groups, please remove manually these groups."
|
||||
|
||||
# TRANSLATION
|
||||
# LABEL/ID_IUD
|
||||
#: LABEL/ID_IUD
|
||||
|
||||
@@ -58597,6 +58597,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
|
||||
( 'LABEL','ID_ISSUED_TO','en','Issued to','2014-09-18') ,
|
||||
( 'LABEL','ID_IS_NOT_REGISTERED','en','is not registered!','2014-01-15') ,
|
||||
( 'LABEL','ID_IS_REQUIRED','en','is required','2014-01-15') ,
|
||||
( 'LABEL','ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS','en','It was identified in the workspace duplicated groups, please remove manually these groups.','2020-12-02') ,
|
||||
( 'LABEL','ID_IUD','en','#','2014-01-15') ,
|
||||
( 'LABEL','ID_JAVASCRIPTS','en','JavaScripts','2014-01-15') ,
|
||||
( 'LABEL','ID_JAVASCRIPT_CACHE','en','Javascript cache','2014-01-15') ,
|
||||
|
||||
@@ -164,63 +164,58 @@ try {
|
||||
$ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]);
|
||||
|
||||
foreach ($groupsToCheck as $groupDN) {
|
||||
//$baseDN = str_replace($authenticationSource["AUTH_SOURCE_BASE_DN"], "", $groupDN);
|
||||
$ous = custom_ldap_explode_dn($groupDN);
|
||||
$currentGroup = array_shift($ous);
|
||||
//$parentDN = implode(",", $ous);
|
||||
//$ous = custom_ldap_explode_dn($baseDN);
|
||||
//$currentGroup = array_shift($ous);
|
||||
|
||||
foreach ($ous as $key => $val) {
|
||||
$aux = explode("=", $val);
|
||||
|
||||
if (isset($aux[0]) && strtolower(trim($aux[0]) != "ou")) {
|
||||
unset($ous[$key]);
|
||||
}
|
||||
}
|
||||
|
||||
$groupAux = explode("=", $currentGroup);
|
||||
$groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : "";
|
||||
$groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN);
|
||||
|
||||
if ($groupUID == "") {
|
||||
$group = new Groupwf();
|
||||
$row["GRP_TITLE"] = stripslashes($groupTitle);
|
||||
$row["GRP_LDAP_DN"] = $groupDN;
|
||||
$groupUID = $group->create($row);
|
||||
|
||||
if ($groupUID == false) {
|
||||
$response = new stdclass();
|
||||
$response->status = "ERROR";
|
||||
$response->message = "Error creating group";
|
||||
die($json->encode($response));
|
||||
$groupTitle = stripslashes($groupTitle);
|
||||
if (empty($groupTitle)) {
|
||||
continue;
|
||||
}
|
||||
$groupUid = $ldapAdvanced->getGroupUidByTitle($groupTitle);
|
||||
$groupwf = new Groupwf();
|
||||
if ($groupUid === "") {
|
||||
$group = [
|
||||
"GRP_TITLE" => $groupTitle,
|
||||
"GRP_LDAP_DN" => $groupDN
|
||||
];
|
||||
$groupwf->create($group);
|
||||
} else {
|
||||
$group = $groupwf->Load($groupUid);
|
||||
$group["GRP_LDAP_DN"] = $groupDN;
|
||||
$groupwf->update($group);
|
||||
}
|
||||
}
|
||||
|
||||
if (count($groupsToUncheck) > 0) {
|
||||
foreach ($groupsToUncheck as $groupDN) {
|
||||
$groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN);
|
||||
|
||||
if ($groupUID != "") {
|
||||
$group = new Groupwf();
|
||||
$groupInfo = $group->Load($groupUID);
|
||||
$groupInfo["GRP_LDAP_DN"] = "";
|
||||
$group->update($groupInfo);
|
||||
|
||||
$ous = custom_ldap_explode_dn($groupDN);
|
||||
$currentGroup = array_shift($ous);
|
||||
$groupAux = explode("=", $currentGroup);
|
||||
$groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : "";
|
||||
$groupTitle = stripslashes($groupTitle);
|
||||
if (empty($groupTitle)) {
|
||||
continue;
|
||||
}
|
||||
$groupUid = $ldapAdvanced->getGroupUidByTitle($groupTitle);
|
||||
if ($groupUid != "") {
|
||||
$groupwf = new Groupwf();
|
||||
$group = $groupwf->Load($groupUid);
|
||||
$group["GRP_LDAP_DN"] = "";
|
||||
$groupwf->update($group);
|
||||
if (!isset($authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"])) {
|
||||
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"] = array();
|
||||
}
|
||||
|
||||
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"][] = $groupUID;
|
||||
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"][] = $groupUid;
|
||||
}
|
||||
}
|
||||
|
||||
$RBAC->authSourcesObj->update($authenticationSource);
|
||||
}
|
||||
|
||||
$response = new stdclass();
|
||||
$response->status = "OK";
|
||||
if ($ldapAdvanced->checkDuplicateTitles()) {
|
||||
$response->warning = G::LoadTranslation("ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS");
|
||||
}
|
||||
die($json->encode($response));
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -143,6 +143,7 @@ Ext.onReady(function() {
|
||||
var response = Ext.util.JSON.decode(r.responseText);
|
||||
if (response.status == 'OK') {
|
||||
treeGroups.getLoader().load(treeGroups.root);
|
||||
treeGroups.responseMessage = response;
|
||||
}
|
||||
else {
|
||||
alert(response.message);
|
||||
@@ -164,9 +165,20 @@ Ext.onReady(function() {
|
||||
msg: 'All changes have been saved.',
|
||||
icon: Ext.Msg.INFO,
|
||||
minWidth: 200,
|
||||
buttons: Ext.Msg.OK,
|
||||
fn: function (btn) {
|
||||
if (btn == 'ok' && treeGroups.responseMessage && treeGroups.responseMessage.warning) {
|
||||
Ext.Msg.show({
|
||||
title: _('ID_WARNING'),
|
||||
msg: treeGroups.responseMessage.warning,
|
||||
icon: Ext.Msg.INFO,
|
||||
minWidth: 200,
|
||||
buttons: Ext.Msg.OK
|
||||
});
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
departmentsPanel = new Ext.Panel({
|
||||
|
||||
Reference in New Issue
Block a user