mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-24 21:24:13 -08:00
refactor: Put LDAP attribute mapping in array
This commit is contained in:
parent
8774da3921
commit
31da47e046
|
@ -53,18 +53,22 @@ class LdapSync extends Command
|
||||||
|
|
||||||
ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
|
ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
|
||||||
ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));
|
ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));
|
||||||
$ldap_result_username = Setting::getSettings()->ldap_username_field;
|
|
||||||
$ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
|
$ldap_map = [
|
||||||
$ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
|
"username" => Setting::getSettings()->ldap_username_field,
|
||||||
$ldap_result_active_flag = Setting::getSettings()->ldap_active_flag;
|
"last_name" => Setting::getSettings()->ldap_lname_field,
|
||||||
$ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
|
"first_name" => Setting::getSettings()->ldap_fname_field,
|
||||||
$ldap_result_email = Setting::getSettings()->ldap_email;
|
"active_flag" => Setting::getSettings()->ldap_active_flag,
|
||||||
$ldap_result_phone = Setting::getSettings()->ldap_phone_field;
|
"emp_num" => Setting::getSettings()->ldap_emp_num,
|
||||||
$ldap_result_jobtitle = Setting::getSettings()->ldap_jobtitle;
|
"email" => Setting::getSettings()->ldap_email,
|
||||||
$ldap_result_country = Setting::getSettings()->ldap_country;
|
"phone" => Setting::getSettings()->ldap_phone_field,
|
||||||
$ldap_result_location = Setting::getSettings()->ldap_location;
|
"jobtitle" => Setting::getSettings()->ldap_jobtitle,
|
||||||
$ldap_result_dept = Setting::getSettings()->ldap_dept;
|
"country" => Setting::getSettings()->ldap_country,
|
||||||
$ldap_result_manager = Setting::getSettings()->ldap_manager;
|
"location" => Setting::getSettings()->ldap_location,
|
||||||
|
"dept" => Setting::getSettings()->ldap_dept,
|
||||||
|
"manager" => Setting::getSettings()->ldap_manager,
|
||||||
|
];
|
||||||
|
|
||||||
$ldap_default_group = Setting::getSettings()->ldap_default_group;
|
$ldap_default_group = Setting::getSettings()->ldap_default_group;
|
||||||
$search_base = Setting::getSettings()->ldap_base_dn;
|
$search_base = Setting::getSettings()->ldap_base_dn;
|
||||||
|
|
||||||
|
@ -183,17 +187,17 @@ class LdapSync extends Command
|
||||||
}
|
}
|
||||||
$usernames = [];
|
$usernames = [];
|
||||||
for ($i = 0; $i < $location_users['count']; $i++) {
|
for ($i = 0; $i < $location_users['count']; $i++) {
|
||||||
if (array_key_exists($ldap_result_username, $location_users[$i])) {
|
if (array_key_exists($ldap_map["username"], $location_users[$i])) {
|
||||||
$location_users[$i]['ldap_location_override'] = true;
|
$location_users[$i]['ldap_location_override'] = true;
|
||||||
$location_users[$i]['location_id'] = $ldap_loc['id'];
|
$location_users[$i]['location_id'] = $ldap_loc['id'];
|
||||||
$usernames[] = $location_users[$i][$ldap_result_username][0];
|
$usernames[] = $location_users[$i][$ldap_map["username"]][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Delete located users from the general group.
|
// Delete located users from the general group.
|
||||||
foreach ($results as $key => $generic_entry) {
|
foreach ($results as $key => $generic_entry) {
|
||||||
if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
|
if ((is_array($generic_entry)) && (array_key_exists($ldap_map["username"], $generic_entry))) {
|
||||||
if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
|
if (in_array($generic_entry[$ldap_map["username"]][0], $usernames)) {
|
||||||
unset($results[$key]);
|
unset($results[$key]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -219,22 +223,22 @@ class LdapSync extends Command
|
||||||
|
|
||||||
for ($i = 0; $i < $results['count']; $i++) {
|
for ($i = 0; $i < $results['count']; $i++) {
|
||||||
$item = [];
|
$item = [];
|
||||||
$item['username'] = $results[$i][$ldap_result_username][0] ?? '';
|
$item['username'] = $results[$i][$ldap_map["username"]][0] ?? '';
|
||||||
$item['employee_number'] = $results[$i][$ldap_result_emp_num][0] ?? '';
|
$item['employee_number'] = $results[$i][$ldap_map["emp_num"]][0] ?? '';
|
||||||
$item['lastname'] = $results[$i][$ldap_result_last_name][0] ?? '';
|
$item['lastname'] = $results[$i][$ldap_map["last_name"]][0] ?? '';
|
||||||
$item['firstname'] = $results[$i][$ldap_result_first_name][0] ?? '';
|
$item['firstname'] = $results[$i][$ldap_map["first_name"]][0] ?? '';
|
||||||
$item['email'] = $results[$i][$ldap_result_email][0] ?? '';
|
$item['email'] = $results[$i][$ldap_map["email"]][0] ?? '';
|
||||||
$item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? '';
|
$item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? '';
|
||||||
$item['location_id'] = $results[$i]['location_id'] ?? '';
|
$item['location_id'] = $results[$i]['location_id'] ?? '';
|
||||||
$item['telephone'] = $results[$i][$ldap_result_phone][0] ?? '';
|
$item['telephone'] = $results[$i][$ldap_map["phone"]][0] ?? '';
|
||||||
$item['jobtitle'] = $results[$i][$ldap_result_jobtitle][0] ?? '';
|
$item['jobtitle'] = $results[$i][$ldap_map["jobtitle"]][0] ?? '';
|
||||||
$item['country'] = $results[$i][$ldap_result_country][0] ?? '';
|
$item['country'] = $results[$i][$ldap_map["country"]][0] ?? '';
|
||||||
$item['department'] = $results[$i][$ldap_result_dept][0] ?? '';
|
$item['department'] = $results[$i][$ldap_map["dept"]][0] ?? '';
|
||||||
$item['manager'] = $results[$i][$ldap_result_manager][0] ?? '';
|
$item['manager'] = $results[$i][$ldap_map["manager"]][0] ?? '';
|
||||||
$item['location'] = $results[$i][$ldap_result_location][0] ?? '';
|
$item['location'] = $results[$i][$ldap_map["location"]][0] ?? '';
|
||||||
|
|
||||||
// ONLY if you are using the "ldap_location" option *AND* you have an actual result
|
// ONLY if you are using the "ldap_location" option *AND* you have an actual result
|
||||||
if ($ldap_result_location && $item['location']) {
|
if ($ldap_map["location"] && $item['location']) {
|
||||||
$location = Location::firstOrCreate([
|
$location = Location::firstOrCreate([
|
||||||
'name' => $item['location'],
|
'name' => $item['location'],
|
||||||
]);
|
]);
|
||||||
|
@ -257,38 +261,38 @@ class LdapSync extends Command
|
||||||
}
|
}
|
||||||
|
|
||||||
//If a sync option is not filled in on the LDAP settings don't populate the user field
|
//If a sync option is not filled in on the LDAP settings don't populate the user field
|
||||||
if($ldap_result_username != null){
|
if($ldap_map["username"] != null){
|
||||||
$user->username = $item['username'];
|
$user->username = $item['username'];
|
||||||
}
|
}
|
||||||
if($ldap_result_last_name != null){
|
if($ldap_map["last_name"] != null){
|
||||||
$user->last_name = $item['lastname'];
|
$user->last_name = $item['lastname'];
|
||||||
}
|
}
|
||||||
if($ldap_result_first_name != null){
|
if($ldap_map["first_name"] != null){
|
||||||
$user->first_name = $item['firstname'];
|
$user->first_name = $item['firstname'];
|
||||||
}
|
}
|
||||||
if($ldap_result_emp_num != null){
|
if($ldap_map["emp_num"] != null){
|
||||||
$user->employee_num = e($item['employee_number']);
|
$user->employee_num = e($item['employee_number']);
|
||||||
}
|
}
|
||||||
if($ldap_result_email != null){
|
if($ldap_map["email"] != null){
|
||||||
$user->email = $item['email'];
|
$user->email = $item['email'];
|
||||||
}
|
}
|
||||||
if($ldap_result_phone != null){
|
if($ldap_map["phone"] != null){
|
||||||
$user->phone = $item['telephone'];
|
$user->phone = $item['telephone'];
|
||||||
}
|
}
|
||||||
if($ldap_result_jobtitle != null){
|
if($ldap_map["jobtitle"] != null){
|
||||||
$user->jobtitle = $item['jobtitle'];
|
$user->jobtitle = $item['jobtitle'];
|
||||||
}
|
}
|
||||||
if($ldap_result_country != null){
|
if($ldap_map["country"] != null){
|
||||||
$user->country = $item['country'];
|
$user->country = $item['country'];
|
||||||
}
|
}
|
||||||
if($ldap_result_dept != null){
|
if($ldap_map["dept"] != null){
|
||||||
$user->department_id = $department->id;
|
$user->department_id = $department->id;
|
||||||
}
|
}
|
||||||
if($ldap_result_location != null){
|
if($ldap_map["location"] != null){
|
||||||
$user->location_id = $location ? $location->id : null;
|
$user->location_id = $location ? $location->id : null;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($ldap_result_manager != null){
|
if($ldap_map["manager"] != null){
|
||||||
if($item['manager'] != null) {
|
if($item['manager'] != null) {
|
||||||
// Check Cache first
|
// Check Cache first
|
||||||
if (isset($manager_cache[$item['manager']])) {
|
if (isset($manager_cache[$item['manager']])) {
|
||||||
|
@ -305,7 +309,7 @@ class LdapSync extends Command
|
||||||
$ldap_manager = [
|
$ldap_manager = [
|
||||||
"count" => 1,
|
"count" => 1,
|
||||||
0 => [
|
0 => [
|
||||||
$ldap_result_username => [$item['manager']]
|
$ldap_map["username"] => [$item['manager']]
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -314,7 +318,7 @@ class LdapSync extends Command
|
||||||
|
|
||||||
// Get the Manager's username
|
// Get the Manager's username
|
||||||
// PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array.
|
// PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array.
|
||||||
$ldapManagerUsername = $ldap_manager[0][$ldap_result_username][0];
|
$ldapManagerUsername = $ldap_manager[0][$ldap_map["username"]][0];
|
||||||
|
|
||||||
// Get User from Manager username.
|
// Get User from Manager username.
|
||||||
$ldap_manager = User::where('username', $ldapManagerUsername)->first();
|
$ldap_manager = User::where('username', $ldapManagerUsername)->first();
|
||||||
|
@ -331,10 +335,10 @@ class LdapSync extends Command
|
||||||
}
|
}
|
||||||
|
|
||||||
// Sync activated state for Active Directory.
|
// Sync activated state for Active Directory.
|
||||||
if ( !empty($ldap_result_active_flag)) { // IF we have an 'active' flag set....
|
if ( !empty($ldap_map["active_flag"])) { // IF we have an 'active' flag set....
|
||||||
// ....then *most* things that are truthy will activate the user. Anything falsey will deactivate them.
|
// ....then *most* things that are truthy will activate the user. Anything falsey will deactivate them.
|
||||||
// (Specifically, we don't handle a value of '0.0' correctly)
|
// (Specifically, we don't handle a value of '0.0' correctly)
|
||||||
$raw_value = @$results[$i][$ldap_result_active_flag][0];
|
$raw_value = @$results[$i][$ldap_map["active_flag"]][0];
|
||||||
$filter_var = filter_var($raw_value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
|
$filter_var = filter_var($raw_value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
|
||||||
$boolean_cast = (bool)$raw_value;
|
$boolean_cast = (bool)$raw_value;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue