Modify Snipe-IT v5 AD handling to use the same ldap_host, and improve OU handling

This commit is contained in:
Brady Wetherington 2020-10-06 18:31:06 -07:00
parent 0e632cc7fb
commit b015cff8bd
3 changed files with 14 additions and 9 deletions

View file

@ -197,14 +197,14 @@ class LdapSync extends Command
} else { } else {
$errors = ''; $errors = '';
foreach ($user->getErrors()->getMessages() as $error) { foreach ($user->getErrors()->getMessages() as $error) {
$errors .= $error[0]; $errors .= implode(", ",$error);
} }
$summary['note'] = $userMsg.' was not imported. REASON: '.$errors; $summary['note'] = $snipeUser->getDN().' was not imported. REASON: '.$errors;
$summary['status'] = 'ERROR'; $summary['status'] = 'ERROR';
} }
} }
$summary['note'] = ($user->getOriginal('username') ? 'UPDATED' : 'CREATED'); // $summary['note'] = ($user->getOriginal('username') ? 'UPDATED' : 'CREATED'); // this seems, kinda, like, superfluous, relative to the $summary['note'] thing above, yeah?
$this->summary->push($summary); $this->summary->push($summary);
} }
@ -265,7 +265,7 @@ class LdapSync extends Command
$this->info($msg); $this->info($msg);
} }
$this->mappedLocations = $locations->pluck('ldap_ou', 'id'); $this->mappedLocations = $locations->pluck('ldap_ou', 'id'); // TODO: this seems ok-ish, but the key-> value is going location_id -> OU name, and the primary action here is the opposite of that - going from OU's to location ID's.
} }
} }

View file

@ -286,13 +286,15 @@ class LdapAd extends LdapAdConfiguration
// Check to see if the user is in a mapped location // Check to see if the user is in a mapped location
if ($mappedLocations) { if ($mappedLocations) {
$location = $mappedLocations->filter(function ($value, $key) use ($user) { $location = $mappedLocations->filter(function ($value, $key) use ($user) {
if ($user->inOu($value)) { //if ($user->inOu($value)) { // <----- *THIS* seems not to be working, and it seems more 'intelligent' - but it's literally just a strpos() call, and it doesn't work quite right against plain strings
return $key; $user_ou = substr($user->getDn(), -strlen($value)); // get the LAST chars of the user's DN, the count of those chars being the length of the thing we're checking against
if(strcasecmp($user_ou, $value) === 0) { // case *IN*sensitive comparision - some people say OU=blah, some say ou=blah. returns 0 when strings are identical (which is a little odd, yeah)
return $key; // WARNING: we are doing a 'filter' - not a regular for-loop. So the answer(s) get "return"ed into the $location array
} }
}); });
if ($location->count() > 0) { if ($location->count() > 0) {
$locationId = $location->keys()->first(); $locationId = $location->keys()->first(); // from the returned $location array from the ->filter() method above, we return the first match - there should be only one
} }
} }

View file

@ -248,11 +248,14 @@ class LdapAdConfiguration
*/ */
private function getServerUrlBase(): array private function getServerUrlBase(): array
{ {
if ($this->ldapSettings['is_ad']) { /* if ($this->ldapSettings['is_ad']) {
return collect(explode(',', $this->ldapSettings['ad_domain']))->map(function ($item) { return collect(explode(',', $this->ldapSettings['ad_domain']))->map(function ($item) {
return trim($item); return trim($item);
})->toArray(); })->toArray();
} } */ // <- this was the *original* intent of the PR for AdLdap2, but we've been moving away from having
// two separate fields - one for "ldap_host" and one for "ad_domain" - towards just using "ldap_host"
// ad_domain for us just means "append this domain to your usernames for login, if you click that checkbox"
// that's all, nothing more (I hope).
$url = $this->getLdapServerData('host'); $url = $this->getLdapServerData('host');
return $url ? [$url] : []; return $url ? [$url] : [];