kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-10-16 09:22:33 +00:00
Code Issues Projects Releases Wiki Activity

Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133

Browse Source
This commit is contained in:
James Cole
2021-10-30 06:53:21 +02:00
parent 280975b81a
commit 402d5748e4
4 changed files with 17 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.env.example
View File

@@ -201,11 +201,11 @@ LDAP_AUTH_FIELD=uid
# #
# If you wish to only authenticate users from a specific group, use the base DN above. # If you wish to only authenticate users from a specific group, use the base DN above.
# #
# If you require extra/special filters please use the LDAP_GROUP_FILTER with a valid DN. # If you require extra/special filters please use the LDAP_EXTRA_FILTER with a valid DN.
# #
# The group filter will only be applied after the user is authenticated. # The extra filter will only be applied after the user is authenticated.
# #
LDAP_GROUP_FILTER= LDAP_EXTRA_FILTER=
# #
# Remote user guard settings # Remote user guard settings

37
app/Ldap/Rules/UserDefinedRule.php
View File

@@ -21,35 +21,35 @@ class UserDefinedRule extends Rule
*/ */
public function isValid() public function isValid()
{ {
$groupFilter = config('ldap.group_filter'); $extraFilter = config('ldap.extra_filter');
Log::debug(sprintf('UserDefinedRule with group filter "%s"', $groupFilter)); Log::debug(sprintf('UserDefinedRule with extra filter "%s"', $extraFilter));
if (empty($groupFilter)) { if (empty($extraFilter)) {
Log::debug('Group filter is empty, return true.'); Log::debug('Extra filter is empty, return true.');
return true; return true;
} }
Log::debug('Group filter is not empty, continue.'); Log::debug('Extra filter is not empty, continue.');
// group class: // group class:
// use ; // use ;
$openLDAP = class_exists(\LdapRecord\Models\OpenLDAP\Group::class) ? \LdapRecord\Models\OpenLDAP\Group::class : ''; $openLDAP = class_exists(\LdapRecord\Models\OpenLDAP\Group::class) ? \LdapRecord\Models\OpenLDAP\Group::class : '';
$activeDirectory = class_exists(\LdapRecord\Models\ActiveDirectory\Group::class) ? \LdapRecord\Models\ActiveDirectory\Group::class : ''; $activeDirectory = class_exists(\LdapRecord\Models\ActiveDirectory\Group::class) ? \LdapRecord\Models\ActiveDirectory\Group::class : '';
$groupClass = env('LDAP_DIALECT') === 'OpenLDAP' ? $openLDAP : $activeDirectory; $groupClass = config('ldap.dialect') === 'OpenLDAP' ? $openLDAP : $activeDirectory;
Log::debug(sprintf('Will use group class "%s"', $groupClass)); Log::debug(sprintf('Will use dialect group class "%s"', $groupClass));
// We've been given an invalid group filter. We will assume the // We've been given an invalid group filter. We will assume the
// developer is using some group ANR attribute, and attempt // developer is using some group ANR attribute, and attempt
// to check the user's membership with the resulting group. // to check the user's membership with the resulting group.
if (!DistinguishedName::isValid($groupFilter)) { if (!DistinguishedName::isValid($extraFilter)) {
Log::debug('UserDefinedRule: Is not valid DN'); Log::debug('UserDefinedRule: Is not valid DN');
return $this->user->groups()->recursive()->exists($groupClass::findByAnrOrFail($groupFilter)); return $this->user->groups()->recursive()->exists($groupClass::findByAnrOrFail($extraFilter));
} }
$head = strtolower(DistinguishedName::make($groupFilter)->head()); $head = strtolower(DistinguishedName::make($extraFilter)->head());
Log::debug(sprintf('UserDefinedRule: Head is "%s"', $head)); Log::debug(sprintf('UserDefinedRule: Head is "%s"', $head));
// If the head of the DN we've been given is an OU, we will assume // If the head of the DN we've been given is an OU, we will assume
// the developer is looking to filter users based on hierarchy. // the developer is looking to filter users based on hierarchy.
@@ -58,23 +58,10 @@ class UserDefinedRule extends Rule
if ('ou' === $head) { if ('ou' === $head) {
Log::debug('UserDefinedRule: Will return if user is a descendant of.'); Log::debug('UserDefinedRule: Will return if user is a descendant of.');
return $this->user->isDescendantOf($groupFilter); return $this->user->isDescendantOf($extraFilter);
} }
Log::debug('UserDefinedRule: Will return if user exists in group.'); Log::debug('UserDefinedRule: Will return if user exists in group.');
return $this->user->groups()->recursive()->exists($groupClass::findOrFail($groupFilter)); return $this->user->groups()->recursive()->exists($groupClass::findOrFail($extraFilter));
//
//
// // old
// $groupFilter = config('ldap.group_filter');
//
// if (null !== $groupFilter && '' !== (string)$groupFilter) {
//
//
// return $this->user->groups()->recursive()->exists(Group::findOrFail($groupFilter));
// }
// Log::debug('Group filter is empty or NULL, so will return true.');
//
// return true;
} }
} }

7
app/Ldap/Scopes/UserDefinedScope.php
View File

@@ -23,12 +23,5 @@ class UserDefinedScope implements Scope
*/ */
public function apply(Builder $query, Model $model) public function apply(Builder $query, Model $model)
{ {
// $groupFilter = config('ldap.group_filter');
// Log::debug(sprintf('UserDefinedScope with group filter "%s"', $groupFilter));
// if (null !== $groupFilter && '' !== (string)$groupFilter) {
// Log::debug('UserDefinedScope: Group filter is not empty, will now apply it.');
// $query->in($groupFilter);
// }
// Log::debug('UserDefinedScope: done!');
} }
} }

4
config/ldap.php
View File

@@ -36,8 +36,8 @@ return [
*/ */
'default' => env('LDAP_CONNECTION', 'default'), 'default' => env('LDAP_CONNECTION', 'default'),
'extra_filter' => env('LDAP_EXTRA_FILTER'),
'group_filter' => env('LDAP_GROUP_FILTER'), 'dialect' => env('LDAP_DIALECT'),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------