DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-09-19 23:37:38 -07:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Merge pull request #11736 from Godmartinz/gh6508_ldap_default_group

Browse source 
Adds a permission group selection for directory sync
This commit is contained in:
snipe 2022-12-15 11:06:53 -08:00 committed by GitHub
parent 418ddcfac3 9d44720ffd
commit 227fef76ee
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 99 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
app/Console/Commands/LdapSync.php
View file

@ -3,6 +3,7 @@
namespace App\Console\Commands;
use App\Models\Department;
use App\Models\Group;
use Illuminate\Console\Command;
use App\Models\Setting;
use App\Models\Ldap;
@ -57,6 +58,7 @@ class LdapSync extends Command
$ldap_result_country = Setting::getSettings()->ldap_country;
$ldap_result_dept = Setting::getSettings()->ldap_dept;
$ldap_result_manager = Setting::getSettings()->ldap_manager;
$ldap_default_group = Setting::getSettings()->ldap_default_group;
try {
$ldapconn = Ldap::connectToLdap();
@ -192,6 +194,7 @@ class LdapSync extends Command
$item['department'] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : '';
$item['manager'] = isset($results[$i][$ldap_result_manager][0]) ? $results[$i][$ldap_result_manager][0] : '';
$department = Department::firstOrCreate([
'name' => $item['department'],
]);
@ -218,6 +221,13 @@ class LdapSync extends Command
$user->country = $item['country'];
$user->department_id = $department->id;
if($ldap_default_group != null) {
$default = Group::select()->where('id', $ldap_default_group)->first();
$user->permissions = $default->permissions;
}
if($item['manager'] != null) {
// Check Cache first
if (isset($manager_cache[$item['manager']])) {
@ -326,6 +336,7 @@ class LdapSync extends Command
if ($user->save()) {
$item['note'] = $item['createorupdate'];
$item['status'] = 'success';
} else {
foreach ($user->getErrors()->getMessages() as $key => $err) {
$errors .= $err[0];

6
app/Http/Controllers/SettingsController.php
View file

@ -7,6 +7,7 @@ use App\Helpers\StorageHelper;
use App\Http\Requests\ImageUploadRequest;
use App\Http\Requests\SettingsSamlRequest;
use App\Http\Requests\SetupUserRequest;
use App\Models\Group;
use App\Models\Setting;
use App\Models\Asset;
use App\Models\User;
@ -911,6 +912,8 @@ class SettingsController extends Controller
public function getLdapSettings()
{
$setting = Setting::getSettings();
$groups = Group::pluck('name', 'id');
/**
* This validator is only temporary (famous last words.) - @snipe
@ -929,7 +932,7 @@ class SettingsController extends Controller
return view('settings.ldap', compact('setting'))->withErrors($validator);
return view('settings.ldap', compact('setting', 'groups'))->withErrors($validator);
}
/**
@ -956,6 +959,7 @@ class SettingsController extends Controller
$setting->ldap_pword = Crypt::encrypt($request->input('ldap_pword'));
}
$setting->ldap_basedn = $request->input('ldap_basedn');
$setting->ldap_default_group = $request->input('ldap_default_group');
$setting->ldap_filter = $request->input('ldap_filter');
$setting->ldap_username_field = $request->input('ldap_username_field');
$setting->ldap_lname_field = $request->input('ldap_lname_field');

33
database/migrations/2022_08_25_213308_adds_ldap_default_group_to_settings_table.php Normal file
View file

@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddsLdapDefaultGroupToSettingsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('settings', function (Blueprint $table) {
$table->integer('ldap_default_group')
->after('ldap_basedn')->default(null);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('settings', function (Blueprint $table) {
$table->dropColumn('ldap_default_group');
});
}
}

2
resources/lang/en/admin/settings/general.php
View file

@ -75,6 +75,8 @@ return [
'label_logo_size' => 'Square logos look best - will be displayed in the top right of each asset label. ',
'laravel' => 'Laravel Version',
'ldap' => 'LDAP',
'ldap_default_group' => 'Default Permissions Group',
'ldap_default_group_info' => 'Select a group to assign to newly synced users. Remember that a user takes on the permissions of the group they are assigned.',
'ldap_help' => 'LDAP/Active Directory',
'ldap_client_tls_key' => 'LDAP Client TLS Key',
'ldap_client_tls_cert' => 'LDAP Client-Side TLS Certificate',

47
resources/views/settings/ldap.blade.php
View file

@ -91,6 +91,53 @@
</div>
</div>
<!-- Default LDAP Permissions Group Select -->
<div class="form-group{{ $errors->has('group') ? ' has-error' : '' }}">
<div class="col-md-3">
{{ Form::label('ldap_default_group', trans('admin/settings/general.ldap_default_group')) }}
</div>
<div class="col-md-9">
@if ($groups->count())
@if ((Config::get('app.lock_passwords') || (!Auth::user()->isSuperUser())))
<ul>
@foreach ($groups as $id => $group)
{!! '<li>'.e($group).'</li>' !!}
@endforeach
</ul>
<span class="help-block">{{ trans('admin/users/general.group_memberships_helpblock') }}</span>
@else
<div class="controls">
<select
name="ldap_default_group"
aria-label="ldap_default_group"
id="ldap_default_group"
class="form-control"
>
<option></option>
@foreach ($groups as $id => $group)
<option value="{{ $id }}">
{{ $group }}
</option>
@endforeach
</select>
<span class="help-block">
{{ trans('admin/settings/general.ldap_default_group_info') }}
</span>
</div>
@endif
@else
<p>No groups have been created yet. Visit <code>Admin Settings > Permission Groups</code> to add one.</p>
@endif
</div>
</div>
<!-- AD Flag -->
<div class="form-group">
<div class="col-md-3">

2
resources/views/users/edit.blade.php
View file

@ -503,7 +503,7 @@
</ul>
@endif
<span class="help-block">{{ trans('admin/users/general.group_memberships_helpblock') }}</p>
<span class="help-block">{{ trans('admin/users/general.group_memberships_helpblock') }}</span>
@else
<div class="controls">
<select