Changed condition for ldap Force automatically create profile user

Former-commit-id: caa1218b7ae4dc09649a6a4bb54b158255ea268f

pandora_console/include/auth/mysql.php

@@ -1254,7 +1254,7 @@ function fill_permissions_ldap($sr)
     global $config;
     $permissions = [];
     $permissions_profile = [];
-    if ((bool) $config['ldap_save_profile'] === false) {
+    if ((bool) $config['ldap_save_profile'] === false && $config['ldap_advanced_config'] == 1) {
         $result = db_get_all_rows_filter(
             'tusuario_perfil',
             ['id_usuario' => $sr['uid'][0]]
@@ -1267,19 +1267,9 @@ function fill_permissions_ldap($sr)
                    'no_hierarchy' => (bool) $perms['no_hierarchy'] ? 1 : 0,
                ];
         }
-
-        if (empty($permissions_profile)) {
-            $permissions[0]['profile'] = $config['default_remote_profile'];
-            $permissions[0]['groups'][] = $config['default_remote_group'];
-            $permissions[0]['tags'] = $config['default_assign_tags'];
-            $permissions[0]['no_hierarchy'] = $config['default_no_hierarchy'];
-            return $permissions;
-        } else {
-            return $permissions_profile;
-        }
     }
 
-    if ($config['autocreate_remote_users']) {
+    if ($config['autocreate_remote_users'] && $config['ldap_advanced_config'] == '') {
         $permissions[0]['profile'] = $config['default_remote_profile'];
         $permissions[0]['groups'][] = $config['default_remote_group'];
         $permissions[0]['tags'] = $config['default_assign_tags'];
@@ -1287,6 +1277,50 @@ function fill_permissions_ldap($sr)
         return $permissions;
     }
 
+    if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == '') {
+        $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true);
+        foreach ($ldap_adv_perms as $ldap_adv_perm) {
+            $permissions[] = [
+                'profile'      => $ldap_adv_perm['profile'],
+                'groups'       => $ldap_adv_perm['group'],
+                'tags'         => implode(',', $ldap_adv_perm['tags']),
+                'no_hierarchy' => (bool) $ldap_adv_perm['no_hierarchy'] ? 1 : 0,
+            ];
+        }
+
+        return $permissions;
+    }
+
+    if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == 1) {
+        $result = db_get_all_rows_filter(
+            'tusuario_perfil',
+            ['id_usuario' => $sr['uid'][0]]
+        );
+        if ($result == false) {
+            $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true);
+            foreach ($ldap_adv_perms as $ldap_adv_perm) {
+                $permissions[] = [
+                    'profile'      => $ldap_adv_perm['profile'],
+                    'groups'       => $ldap_adv_perm['group'],
+                    'tags'         => implode(',', $ldap_adv_perm['tags']),
+                    'no_hierarchy' => (bool) $ldap_adv_perm['no_hierarchy'] ? 1 : 0,
+                ];
+                return $permissions;
+            }
+        }
+
+        foreach ($result as $perms) {
+               $permissions_profile[] = [
+                   'profile'      => $perms['id_perfil'],
+                   'groups'       => [$perms['id_grupo']],
+                   'tags'         => $perms['tags'],
+                   'no_hierarchy' => (bool) $perms['no_hierarchy'] ? 1 : 0,
+               ];
+        };
+
+        return $permissions_profile;
+    }
+
     // Decode permissions in advanced mode
     $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true);
     foreach ($ldap_adv_perms as $ldap_adv_perm) {