From cbffd105a28fb2b91079423f09318b0207ae7e27 Mon Sep 17 00:00:00 2001 From: Brady Wetherington Date: Mon, 9 Jan 2023 15:23:19 -0800 Subject: [PATCH] Fix LDAP default group feature --- app/Console/Commands/LdapSync.php | 20 +++++++++++++------- resources/lang/en/admin/settings/general.php | 1 + resources/views/settings/ldap.blade.php | 6 +++--- 3 files changed, 17 insertions(+), 10 deletions(-) diff --git a/app/Console/Commands/LdapSync.php b/app/Console/Commands/LdapSync.php index af94ac532..c6f8dd379 100755 --- a/app/Console/Commands/LdapSync.php +++ b/app/Console/Commands/LdapSync.php @@ -179,6 +179,16 @@ class LdapSync extends Command $manager_cache = []; + if($ldap_default_group != null) { + + $default = Group::find($ldap_default_group); + if (!$default) { + $ldap_default_group = null; // un-set the default group if that group doesn't exist + } + + } + + for ($i = 0; $i < $results['count']; $i++) { $item = []; $item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : ''; @@ -221,13 +231,6 @@ class LdapSync extends Command $user->country = $item['country']; $user->department_id = $department->id; - if($ldap_default_group != null) { - - $default = Group::select()->where('id', $ldap_default_group)->first(); - $user->permissions = $default->permissions; - - } - if($item['manager'] != null) { // Check Cache first if (isset($manager_cache[$item['manager']])) { @@ -336,6 +339,9 @@ class LdapSync extends Command if ($user->save()) { $item['note'] = $item['createorupdate']; $item['status'] = 'success'; + if ( $item['createorupdate'] === 'created' && $ldap_default_group) { + $user->groups()->attach($ldap_default_group); + } } else { foreach ($user->getErrors()->getMessages() as $key => $err) { diff --git a/resources/lang/en/admin/settings/general.php b/resources/lang/en/admin/settings/general.php index d41deaf93..e2879d98c 100644 --- a/resources/lang/en/admin/settings/general.php +++ b/resources/lang/en/admin/settings/general.php @@ -77,6 +77,7 @@ return [ 'ldap' => 'LDAP', 'ldap_default_group' => 'Default Permissions Group', 'ldap_default_group_info' => 'Select a group to assign to newly synced users. Remember that a user takes on the permissions of the group they are assigned.', + 'no_default_group' => 'No Default Group', 'ldap_help' => 'LDAP/Active Directory', 'ldap_client_tls_key' => 'LDAP Client TLS Key', 'ldap_client_tls_cert' => 'LDAP Client-Side TLS Certificate', diff --git a/resources/views/settings/ldap.blade.php b/resources/views/settings/ldap.blade.php index 628ca41c5..19153a0bb 100644 --- a/resources/views/settings/ldap.blade.php +++ b/resources/views/settings/ldap.blade.php @@ -116,11 +116,11 @@ name="ldap_default_group" aria-label="ldap_default_group" id="ldap_default_group" - class="form-control" + class="form-control select2" > - + @foreach ($groups as $id => $group) - @endforeach