fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-4061 Departments are created multiple times when re-selected for ldap synchronization

Browse Source
This commit is contained in:
Roly Gutierrez
2022-11-24 09:46:41 -04:00
parent 8640a0b209
commit fc34a7cfdd
4 changed files with 83 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
workflow/engine/classes/LdapAdvanced.php
View File

@@ -4,6 +4,7 @@ use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;
use ProcessMaker\BusinessModel\User;
use ProcessMaker\Model\Department;
use ProcessMaker\Model\Groupwf;
/**
@@ -2593,6 +2594,45 @@ class LdapAdvanced
return true;
}
/**
* Get department Uid by title.
* @param string $title
* @return string
*/
public function getDepartmentUidByTitle(string $title): string
{
try {
$department = Department::query()
->where('DEP_STATUS', '=', 'ACTIVE')
->where('DEP_TITLE', '=', $title)
->first();
if (!empty($department)) {
return $department->DEP_UID;
}
} catch (Exception $e) {
$message = $e->getMessage();
Log::channel(':ldapSynchronizeGroups')->error($message, Bootstrap::context());
}
return "";
}
/**
* Check duplicate titles in DEPARTMENT table.
* @return bool
*/
public function checkDuplicateDepartmentTitles(): bool
{
$sql = ""
. "select DEP_TITLE,count(DEP_TITLE) "
. "from DEPARTMENT "
. "group by DEP_TITLE having count(DEP_TITLE)>1";
$results = DB::select(DB::raw($sql));
if (empty($results)) {
return false;
}
return true;
}
/**
* Get number of Users in each Group from the Database
*

6
workflow/engine/content/translations/english/processmaker.en.po
View File

@@ -11075,6 +11075,12 @@ msgstr "is not registered!"
msgid "is required"
msgstr "is required"
# TRANSLATION
# LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_DEPARTMENTS_PLEASE_REMOVE_THESE_DEPARTMENTS
#: LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_DEPARTMENTS_PLEASE_REMOVE_THESE_DEPARTMENTS
msgid "It was identified in the workspace duplicated departments, please remove manually these departments."
msgstr "It was identified in the workspace duplicated departments, please remove manually these departments."
# TRANSLATION
# LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS
#: LABEL/ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS

1
workflow/engine/data/mysql/insert.sql
View File

@@ -58710,6 +58710,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_ISSUED_TO','en','Issued to','2014-09-18') ,
( 'LABEL','ID_IS_NOT_REGISTERED','en','is not registered!','2014-01-15') ,
( 'LABEL','ID_IS_REQUIRED','en','is required','2014-01-15') ,
( 'LABEL','ID_IT_WAS_IDENTIFIED_DUPLICATED_DEPARTMENTS_PLEASE_REMOVE_THESE_DEPARTMENTS','en','It was identified in the workspace duplicated departments, please remove manually these departments.','2022-11-23') ,
( 'LABEL','ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS','en','It was identified in the workspace duplicated groups, please remove manually these groups.','2020-12-02') ,
( 'LABEL','ID_IUD','en','#','2014-01-15') ,
( 'LABEL','ID_JAVASCRIPTS','en','JavaScripts','2014-01-15') ,

76
workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php
View File

@@ -1,27 +1,4 @@
<?php
/**
* authSourcesSynchronizeAjax.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2011 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
**/
class treeNode extends stdclass
{
@@ -62,61 +39,58 @@ try {
foreach ($depsToCheck as $departmentDn) {
$departmentUid = $ldapAdvanced->getDepUidIfExistsDN($departmentDn);
if ($departmentUid == '') {
if (strcasecmp($departmentDn, $authenticationSource['AUTH_SOURCE_BASE_DN']) == 0) {
$departmentTitle = 'ROOT (' . $authenticationSource['AUTH_SOURCE_BASE_DN'] . ')';
$parentUid = '';
} else {
$arrayAux = custom_ldap_explode_dn($departmentDn);
$departmentCurrent = array_shift($arrayAux);
$parentDn = implode(',', $arrayAux);
$arrayAux = explode('=', $departmentCurrent);
$departmentTitle = trim($arrayAux[1]);
$ous = custom_ldap_explode_dn($departmentDn);
$departmentCurrent = array_shift($ous);
$parentDn = implode(',', $ous);
$ous = explode('=', $departmentCurrent);
$departmentTitle = trim($ous[1]);
$parentUid = $ldapAdvanced->getDepUidIfExistsDN($parentDn);
if (str_ireplace($authenticationSource['AUTH_SOURCE_BASE_DN'], '', $parentDn) != '' &&
$parentUid == ''
) {
if (str_ireplace($authenticationSource['AUTH_SOURCE_BASE_DN'], '', $parentDn) != '' && $parentUid == '') {
$response = new stdClass();
$response->status = 'ERROR';
$response->message = G::LoadTranslation(
'ID_DEPARTMENT_CHECK_PARENT_DEPARTMENT',
[$parentDn, $departmentTitle]
);
echo json_encode($response);
exit(0);
}
}
$departmentUid = $ldapAdvanced->getDepartmentUidByTitle($departmentTitle);
$department = new Department();
$departmentUid = $department->create([
if ($departmentUid === '') {
$data = [
'DEP_TITLE' => stripslashes($departmentTitle),
'DEP_PARENT' => $parentUid,
'DEP_LDAP_DN' => $departmentDn,
'DEP_REF_CODE' => ''
]);
];
$departmentUid = $department->create($data);
if ($departmentUid === false) {
$response = new stdClass();
$response->status = 'ERROR';
$response->message = G::LoadTranslation('ID_DEPARTMENT_ERROR_CREATE');
echo json_encode($response);
exit(0);
}
} else {
$data = $department->Load($departmentUid);
$data['DEP_LDAP_DN'] = $departmentDn;
$department->update($data);
}
}
}
if (!empty($depsToUncheck)) {
if (count($depsToUncheck) > 0) {
$baseDnLength = strlen($authenticationSource['AUTH_SOURCE_BASE_DN']);
foreach ($depsToUncheck as $departmentDn) {
$departmentUid = $ldapAdvanced->getDepUidIfExistsDN($departmentDn);
if ($departmentUid != '' &&
strcasecmp(
substr($departmentDn, strlen($departmentDn) - $baseDnLength),
@@ -124,25 +98,23 @@ try {
) == 0
) {
$department = new Department();
$arrayDepartmentData = $department->Load($departmentUid);
$arrayDepartmentData['DEP_LDAP_DN'] = '';
$result = $department->update($arrayDepartmentData);
$data = $department->Load($departmentUid);
$data['DEP_LDAP_DN'] = '';
$department->update($data);
if (!isset($authenticationSource['AUTH_SOURCE_DATA']['DEPARTMENTS_TO_UNASSIGN'])) {
$authenticationSource['AUTH_SOURCE_DATA']['DEPARTMENTS_TO_UNASSIGN'] = [];
}
$authenticationSource['AUTH_SOURCE_DATA']['DEPARTMENTS_TO_UNASSIGN'][] = $departmentUid;
}
}
$RBAC->authSourcesObj->update($authenticationSource);
}
$response = new stdclass();
$response->status = "OK";
if ($ldapAdvanced->checkDuplicateDepartmentTitles()) {
$response->warning = G::LoadTranslation("ID_IT_WAS_IDENTIFIED_DUPLICATED_DEPARTMENTS_PLEASE_REMOVE_THESE_DEPARTMENTS");
}
die(json_encode($response));
break;
case "loadGroups":
@@ -203,7 +175,7 @@ try {
$group["GRP_LDAP_DN"] = "";
$groupwf->update($group);
if (!isset($authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"])) {
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"] = array();
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"] = [];
}
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"][] = $groupUid;
}