fixed ad authentication

2020-06-03 17:37:12 +02:00 · 2020-06-03 17:37:12 +02:00 · 43701f953d
parent 6cf96a0fad
commit 43701f953d
1 changed files with 25 additions and 20 deletions
--- a/pandora_console/include/auth/mysql.php
+++ b/pandora_console/include/auth/mysql.php
@ -85,7 +85,7 @@ function process_user_login($login, $pass, $api=false)
        return process_user_login_local($login, $pass, $api);
    } else {
        $login_remote = process_user_login_remote($login, io_safe_output($pass), $api);
-        if ($login_remote == false) {
+        if ($login_remote == false && $config['fallback_local_auth']) {
            return process_user_login_local($login, $pass, $api);
        } else {
            return $login_remote;
@ -258,27 +258,32 @@ function process_user_login_remote($login, $pass, $api=false)
            return false;
        }
-        if (($config['auth'] === 'ad')
+        if (($config['auth'] === 'ad')) {
-            && (isset($config['ad_advanced_config']) && $config['ad_advanced_config'])
+            // Check if autocreate  remote users is active.
-        ) {
+            if ($config['autocreate_remote_users'] == 1) {
-            $return = enterprise_hook(
+                change_local_user_pass_ldap($login, $pass);
-                'prepare_permissions_groups_of_user_ad',
+            }
                [
                    $login,
                    $pass,
                    false,
                    true,
                    defined('METACONSOLE'),
                ]
            );
-            if ($return === 'error_permissions') {
+            if (isset($config['ad_advanced_config']) && $config['ad_advanced_config']) {
-                $config['auth_error'] = __('Problems with configuration permissions. Please contact with Administrator');
+                $return = enterprise_hook(
-                return false;
+                    'prepare_permissions_groups_of_user_ad',
-            } else {
+                    [
-                if ($return === 'permissions_changed') {
+                        $login,
-                    $config['auth_error'] = __('Your permissions have changed. Please, login again.');
+                        $pass,
                        false,
                        true,
                        defined('METACONSOLE'),
                    ]
                );
                if ($return === 'error_permissions') {
                    $config['auth_error'] = __('Problems with configuration permissions. Please contact with Administrator');
                    return false;
                } else {
                    if ($return === 'permissions_changed') {
                        $config['auth_error'] = __('Your permissions have changed. Please, login again.');
                        return false;
                    }
                }
            }
        } else if ($config['auth'] === 'ldap') {