tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Changed evaluates permissions

This commit is contained in:
marcos.alconada 2019-05-17 13:58:34 +02:00
parent 43547267a0
commit 0c9f8892e0
1 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
pandora_console/include/auth/mysql.php
View File

@ -1254,11 +1254,19 @@ function fill_permissions_ldap($sr)
global $config; global $config;
$permissions = []; $permissions = [];
$permissions_profile = []; $permissions_profile = [];
if ((bool) $config['ldap_save_profile'] === false && $config['ldap_advanced_config'] == 1) { if ((bool) $config['ldap_save_profile'] === false && $config['ldap_advanced_config'] == '') {
$result = db_get_all_rows_filter( $result = db_get_all_rows_filter(
'tusuario_perfil', 'tusuario_perfil',
['id_usuario' => $sr['uid'][0]] ['id_usuario' => $sr['uid'][0]]
); );
if ($result == false) {
$permissions[0]['profile'] = $config['default_remote_profile'];
$permissions[0]['groups'][] = $config['default_remote_group'];
$permissions[0]['tags'] = $config['default_assign_tags'];
$permissions[0]['no_hierarchy'] = $config['default_no_hierarchy'];
return $permissions;
}
foreach ($result as $perms) { foreach ($result as $perms) {
$permissions_profile[] = [ $permissions_profile[] = [
'profile' => $perms['id_perfil'], 'profile' => $perms['id_perfil'],
@ -1267,17 +1275,11 @@ function fill_permissions_ldap($sr)
'no_hierarchy' => (bool) $perms['no_hierarchy'] ? 1 : 0, 'no_hierarchy' => (bool) $perms['no_hierarchy'] ? 1 : 0,
]; ];
} }
return $permissions_profile;
} }
if ($config['autocreate_remote_users'] && $config['ldap_advanced_config'] == '') { if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == 1) {
$permissions[0]['profile'] = $config['default_remote_profile'];
$permissions[0]['groups'][] = $config['default_remote_group'];
$permissions[0]['tags'] = $config['default_assign_tags'];
$permissions[0]['no_hierarchy'] = $config['default_no_hierarchy'];
return $permissions;
}
if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == '') {
$ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true); $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true);
foreach ($ldap_adv_perms as $ldap_adv_perm) { foreach ($ldap_adv_perms as $ldap_adv_perm) {
$permissions[] = [ $permissions[] = [
@ -1291,7 +1293,7 @@ function fill_permissions_ldap($sr)
return $permissions; return $permissions;
} }
if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == 1) { if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == '') {
$result = db_get_all_rows_filter( $result = db_get_all_rows_filter(
'tusuario_perfil', 'tusuario_perfil',
['id_usuario' => $sr['uid'][0]] ['id_usuario' => $sr['uid'][0]]
@ -1321,6 +1323,14 @@ function fill_permissions_ldap($sr)
return $permissions_profile; return $permissions_profile;
} }
if ($config['autocreate_remote_users'] && $config['ldap_save_profile'] == 1) {
$permissions[0]['profile'] = $config['default_remote_profile'];
$permissions[0]['groups'][] = $config['default_remote_group'];
$permissions[0]['tags'] = $config['default_assign_tags'];
$permissions[0]['no_hierarchy'] = $config['default_no_hierarchy'];
return $permissions;
}
// Decode permissions in advanced mode // Decode permissions in advanced mode
$ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true); $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true);
foreach ($ldap_adv_perms as $ldap_adv_perm) { foreach ($ldap_adv_perms as $ldap_adv_perm) {