Leave the activated state for users alone in normal LDAP synchronisation. (#6988)

This commit is contained in:
Joris van Eijden 2019-05-06 15:40:53 +02:00 committed by snipe
parent e5c2d77c7d
commit 486c708911

View file

@ -168,34 +168,31 @@ class LdapSync extends Command
$item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:""; $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
$item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:""; $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
$user = User::where('username', $item["username"])->first();
// This is active directory, not regular LDAP if ($user) {
if ( array_key_exists('useraccountcontrol', $results[$i]) ) { // Updating an existing user.
$enabled_accounts = [
'512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
];
$item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
// Fall through to LDAP
} else {
$item['activated'] = 0;
}
// User exists
$item["createorupdate"] = 'updated'; $item["createorupdate"] = 'updated';
if (!$user = User::where('username', $item["username"])->first()) { } else {
// Creating a new user.
$user = new User; $user = new User;
$user->password = $pass; $user->password = $pass;
$user->activated = 0;
$item["createorupdate"] = 'created'; $item["createorupdate"] = 'created';
} }
// Create the user if they don't exist.
$user->first_name = e($item["firstname"]); $user->first_name = e($item["firstname"]);
$user->last_name = e($item["lastname"]); $user->last_name = e($item["lastname"]);
$user->username = e($item["username"]); $user->username = e($item["username"]);
$user->email = e($item["email"]); $user->email = e($item["email"]);
$user->employee_num = e($item["employee_number"]); $user->employee_num = e($item["employee_number"]);
$user->activated = $item['activated'];
// Sync activated state for Active Directory.
if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
$enabled_accounts = [
'512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
];
$user->activated = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
}
if ($item['ldap_location_override'] == true) { if ($item['ldap_location_override'] == true) {
$user->location_id = $item['location_id']; $user->location_id = $item['location_id'];