Add AD domain to settings

This commit is contained in:
snipe 2016-07-14 15:52:52 -07:00
parent 8fd8e747d9
commit 0cf8ac1d95
5 changed files with 74 additions and 9 deletions

View file

@ -398,7 +398,6 @@ class SettingsController extends Controller
$setting->slack_botname = e(Input::get('slack_botname')); $setting->slack_botname = e(Input::get('slack_botname'));
$setting->ldap_enabled = e(Input::get('ldap_enabled', '0')); $setting->ldap_enabled = e(Input::get('ldap_enabled', '0'));
$setting->ldap_server = e(Input::get('ldap_server')); $setting->ldap_server = e(Input::get('ldap_server'));
$setting->is_ad = e(Input::get('is_ad', '0'));
$setting->ldap_server_cert_ignore = e(Input::get('ldap_server_cert_ignore', false)); $setting->ldap_server_cert_ignore = e(Input::get('ldap_server_cert_ignore', false));
$setting->ldap_uname = e(Input::get('ldap_uname')); $setting->ldap_uname = e(Input::get('ldap_uname'));
if (Input::has('ldap_pword')) { if (Input::has('ldap_pword')) {
@ -414,6 +413,8 @@ class SettingsController extends Controller
$setting->ldap_active_flag = e(Input::get('ldap_active_flag')); $setting->ldap_active_flag = e(Input::get('ldap_active_flag'));
$setting->ldap_emp_num = e(Input::get('ldap_emp_num')); $setting->ldap_emp_num = e(Input::get('ldap_emp_num'));
$setting->ldap_email = e(Input::get('ldap_email')); $setting->ldap_email = e(Input::get('ldap_email'));
$setting->ad_domain = e(Input::get('ad_domain'));
$setting->is_ad = e(Input::get('is_ad', '0'));
// If validation fails, we'll exit the operation now. // If validation fails, we'll exit the operation now.
if ($setting->save()) { if ($setting->save()) {

View file

@ -67,16 +67,24 @@ class Ldap extends Model
$connection = Ldap::connectToLdap(); $connection = Ldap::connectToLdap();
$ldap_username_field = Setting::getSettings()->ldap_username_field; $ldap_username_field = Setting::getSettings()->ldap_username_field;
$baseDn = Setting::getSettings()->ldap_basedn;
if (Setting::getSettings()->is_ad=='1') { if (Setting::getSettings()->is_ad=='1') {
$baseDn = $username;
// In case they haven't added an AD domain
if (Setting::getSettings()->ad_domain='') {
$userDn = $username.'@'.Setting::getSettings()->email_domain;
} else {
$userDn = $username.'@'.Setting::getSettings()->ad_domain;
}
} else { } else {
$baseDn = $ldap_username_field.'='.$username.','.Setting::getSettings()->ldap_basedn; $userDn = $ldap_username_field.'='.$username.','.Setting::getSettings()->ldap_basedn;
} }
$filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username; $filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username;
if (!$ldapbind = @ldap_bind($connection, $baseDn, $password)) { if (!$ldapbind = @ldap_bind($connection, $userDn, $password)) {
return false; return false;
} }

View file

@ -0,0 +1,31 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class AddAdDomainToSettings extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('settings', function (Blueprint $table) {
$table->text('ad_domain')->nullable()->default(NULL);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('settings', function ($table) {
$table->dropColumn('ad_domain');
});
}
}

View file

@ -1,6 +1,10 @@
<?php <?php
return array( return array(
'ad' => 'Active Directory',
'ad_domain' => 'Active Directory domain',
'ad_domain_help' => 'This is sometimes the same as your email domain, but not always.',
'is_ad' => 'This is an Active Directory server',
'alert_email' => 'Send alerts to', 'alert_email' => 'Send alerts to',
'alerts_enabled' => 'Alerts Enabled', 'alerts_enabled' => 'Alerts Enabled',
'alert_interval' => 'Expiring Alerts Threshold (in days)', 'alert_interval' => 'Expiring Alerts Threshold (in days)',
@ -37,6 +41,7 @@ return array(
'ldap_integration' => 'LDAP Integration', 'ldap_integration' => 'LDAP Integration',
'ldap_settings' => 'LDAP Settings', 'ldap_settings' => 'LDAP Settings',
'ldap_server' => 'LDAP Server', 'ldap_server' => 'LDAP Server',
'ldap_server_help' => 'This should start with ldap:// or ldaps://',
'ldap_server_cert' => 'LDAP SSL certificate validation', 'ldap_server_cert' => 'LDAP SSL certificate validation',
'ldap_server_cert_ignore' => 'Allow invalid SSL Certificate', 'ldap_server_cert_ignore' => 'Allow invalid SSL Certificate',
'ldap_server_cert_help' => 'Select this checkbox if you are using a self signed SSL cert and would like to accept an invalid SSL certificate.', 'ldap_server_cert_help' => 'Select this checkbox if you are using a self signed SSL cert and would like to accept an invalid SSL certificate.',

View file

@ -677,20 +677,40 @@
</div> </div>
<!-- Full Multiple Companies Support --> <!-- AD Flag -->
<div class="form-group {{ $errors->has('full_multiple_companies_support') ? 'error' : '' }}"> <div class="form-group">
<div class="col-md-3"> <div class="col-md-3">
{{ Form::label('is_ad','Active Directory') }} {{ Form::label('is_ad', trans('admin/settings/general.ad')) }}
</div> </div>
<div class="col-md-9"> <div class="col-md-9">
{{ Form::checkbox('is_ad', '1', Input::old('is_ad', $setting->is_ad),array('class' => 'minimal')) }} {{ Form::checkbox('is_ad', '1', Input::old('is_ad', $setting->is_ad),array('class' => 'minimal')) }}
{{ trans('admin/settings/general.is_ad') }}
{!! $errors->first('is_ad', '<span class="alert-msg">:message</span>') !!} {!! $errors->first('is_ad', '<span class="alert-msg">:message</span>') !!}
</div> </div>
</div> </div>
<!-- /.form-group --> <!-- /.form-group -->
<!-- AD Domain -->
<div class="form-group {{ $errors->has('ad_domain') ? 'error' : '' }}">
<div class="col-md-3">
{{ Form::label('ldap_server', trans('admin/settings/general.ad_domain')) }}
</div>
<div class="col-md-9">
@if (config('app.lock_passwords')===true)
{{ Form::text('ad_domain', Input::old('ad_domain', $setting->ad_domain), array('class' => 'form-control', 'disabled'=>'disabled','placeholder' => 'example.com')) }}
@else
{{ Form::text('ad_domain', Input::old('ldap_server', $setting->ad_domain), array('class' => 'form-control','placeholder' => 'example.com')) }}
@endif
<p class="help-block">{{ trans('admin/settings/general.ad_domain_help') }}</p>
{!! $errors->first('ad_domain', '<span class="alert-msg">:message</span>') !!}
</div>
</div><!-- LDAP Server -->
<!-- LDAP Server --> <!-- LDAP Server -->
<div class="form-group {{ $errors->has('ldap_server') ? 'error' : '' }}"> <div class="form-group {{ $errors->has('ldap_server') ? 'error' : '' }}">
<div class="col-md-3"> <div class="col-md-3">
@ -702,7 +722,7 @@
@else @else
{{ Form::text('ldap_server', Input::old('ldap_server', $setting->ldap_server), array('class' => 'form-control','placeholder' => 'ldap://ldap.example.com')) }} {{ Form::text('ldap_server', Input::old('ldap_server', $setting->ldap_server), array('class' => 'form-control','placeholder' => 'ldap://ldap.example.com')) }}
@endif @endif
<p class="help-block">{{ trans('admin/settings/general.ldap_server_help') }}</p>
{!! $errors->first('ldap_server', '<span class="alert-msg">:message</span>') !!} {!! $errors->first('ldap_server', '<span class="alert-msg">:message</span>') !!}
</div> </div>
</div><!-- LDAP Server --> </div><!-- LDAP Server -->