DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-01-13 06:47:46 -08:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity

Few more LDAP/AD tweaks

Browse source
This commit is contained in:
snipe 2016-07-14 23:49:32 -07:00
parent 616f922306
commit 92175eb700
3 changed files with 53 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/Http/Controllers/Auth/AuthController.php
View file

@ -126,10 +126,15 @@ class AuthController extends Controller
LOG::debug("Local user ".Input::get('username')." exists in database. Authenticating existing user against LDAP."); LOG::debug("Local user ".Input::get('username')." exists in database. Authenticating existing user against LDAP.");
if (Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) { if ($ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
$ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
LOG::debug("Valid LDAP login. Updating the local data."); LOG::debug("Valid LDAP login. Updating the local data.");
$user = User::find($user->id); //need the Sentry object, not the Eloquent object, to access critical password hashing functions
$user->password = bcrypt($request->input('password')); $user->password = bcrypt($request->input('password'));
$user->email = $ldap_attr['email'];
$user->first_name = $ldap_attr['firstname'];
$user->last_name = $ldap_attr['lastname'];
$user->save(); $user->save();
} else { } else {

1
app/Http/Controllers/UsersController.php
View file

@ -1209,7 +1209,6 @@ class UsersController extends Controller
$user->password = bcrypt($pass); $user->password = bcrypt($pass);
$user->activated = 1; $user->activated = 1;
$user->location_id = e($location_id); $user->location_id = e($location_id);
$user->permissions = '{"user":1}';
$user->notes = 'Imported from LDAP'; $user->notes = 'Imported from LDAP';
$user->ldap_import = 1; $user->ldap_import = 1;

61
app/Models/Ldap.php
View file

@ -139,14 +139,16 @@ class Ldap extends Model
} }
/** /**
* Create user from LDAP attributes * Parse and map LDAP attributes based on settings
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
* *
* @param $ldapatttibutes * @param $ldapatttibutes
* @return array|bool * @return array|bool
*/ */
static function createUserFromLdap($ldapatttibutes) static function parseAndMapLdapAttributes($ldapatttibutes)
{ {
//Get LDAP attribute config //Get LDAP attribute config
$ldap_result_username = Setting::getSettings()->ldap_username_field; $ldap_result_username = Setting::getSettings()->ldap_username_field;
@ -163,22 +165,43 @@ class Ldap extends Model
$item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : ""; $item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : "";
$item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ; $item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ;
return $item;
}
/**
* Create user from LDAP attributes
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
* @param $ldapatttibutes
* @return array|bool
*/
static function createUserFromLdap($ldapatttibutes)
{
$item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);
// Create user from LDAP data // Create user from LDAP data
if (!empty($item["username"])) { if (!empty($item["username"])) {
$newuser = new User;
$newuser->first_name = $item["firstname"]; if (!$user) {
$newuser->last_name = $item["lastname"]; $user = new User;
$newuser->username = $item["username"]; }
$newuser->email = $item["email"];
$newuser->password = bcrypt(Input::get("password")); $user->first_name = $item["firstname"];
$newuser->activated = 1; $user->last_name = $item["lastname"];
$newuser->ldap_import = 1; $user->username = $item["username"];
$newuser->notes = 'Imported on first login from LDAP'; $user->email = $item["email"];
//dd($newuser); $user->password = bcrypt(Input::get("password"));
if ($newuser->save()) { $user->activated = 1;
$user->ldap_import = 1;
$user->notes = 'Imported on first login from LDAP';
if ($user->save()) {
return true; return true;
} else { } else {
LOG::debug('Could not create user.'.$newuser->getErrors()); LOG::debug('Could not create user.'.$user->getErrors());
exit; exit;
} }
} }
@ -187,6 +210,14 @@ class Ldap extends Model
} }
/**
* Searches LDAP
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
* @param $ldapatttibutes
* @return array|bool
*/
static function findLdapUsers() { static function findLdapUsers() {
$ldapconn = Ldap::connectToLdap(); $ldapconn = Ldap::connectToLdap();