Fixed the login of new user from ldap in metaconsole. TICKET: #3118

This commit is contained in:
mdtrooper 2016-01-04 16:46:18 +01:00
parent 1e220f00ac
commit 7892d6bcb8
2 changed files with 54 additions and 45 deletions

View File

@ -172,7 +172,9 @@ function process_user_login_local ($login, $pass, $api = false) {
function process_user_login_remote ($login, $pass, $api = false) {
global $config, $mysql_cache;
// Remote authentication
switch ($config["auth"]) {
// LDAP
@ -225,23 +227,29 @@ function process_user_login_remote ($login, $pass, $api = false) {
// Authentication ok, check if the user exists in the local database
if (is_user ($login)) {
if (!user_can_login($login)) {
return false;
}
if (($config["auth"] === 'ad') && (isset($config['ad_advanced_config']) && $config['ad_advanced_config'])){
if (($config["auth"] === 'ad') &&
(isset($config['ad_advanced_config']) && $config['ad_advanced_config'])) {
$return = enterprise_hook ('prepare_permissions_groups_of_user_ad',
array ($login, $pass, false, true));
if ($return === "error_permissions") {
$config["auth_error"] = __("Problems with configuration
permissions. Please contact with Administrator");
$config["auth_error"] =
__("Problems with configuration permissions. Please contact with Administrator");
return false;
}
else
{
else {
if ($return === "permissions_changed") {
$config["auth_error"] = __("Your permissions have changed. Please, login again.");
$config["auth_error"] =
__("Your permissions have changed. Please, login again.");
return false;
}
}
@ -250,6 +258,8 @@ function process_user_login_remote ($login, $pass, $api = false) {
}
// The user does not exist and can not be created
if ($config['autocreate_remote_users'] == 0 || is_user_blacklisted ($login)) {
$config["auth_error"] = __("Ooops User not found in
@ -260,11 +270,33 @@ function process_user_login_remote ($login, $pass, $api = false) {
// Create the user in the local database
if (isset($config['ad_advanced_config']) && $config['ad_advanced_config']) {
// Create the user in the local database enterprise_hook ('prepare_permissions_groups_of_user_ad', array ($login, $pass))
if ( defined('METACONSOLE') ) {
enterprise_include_once('include/functions_metaconsole.php');
enterprise_include_once ('meta/include/functions_groups_meta.php');
$return = groups_meta_synchronizing();
if ($return["group_create_err"] > 0 || $return["group_update_err"] > 0) {
$config["auth_error"] = __('Fail the group synchronizing');
return false;
}
$return = meta_tags_synchronizing();
if ($return['tag_create_err'] > 0 || $return['tag_update_err'] > 0) {
$config["auth_error"] = __('Fail the tag synchronizing');
return false;
}
}
// Create the user
if (enterprise_hook ('prepare_permissions_groups_of_user_ad',
array ($login, $pass, array ('fullname' => $login,
'comments' => 'Imported from ' .
$config['auth']))) === false) {
array($login,
$pass,
array ('fullname' => $login,
'comments' => 'Imported from ' . $config['auth']),
false, defined('METACONSOLE'))) === false) {
$config["auth_error"] = __("User not found in database
or incorrect password");
@ -281,45 +313,16 @@ function process_user_login_remote ($login, $pass, $api = false) {
$config["auth_error"] = __("User not found in database or incorrect password");
return false;
}
//TODO: Check the creation in the nodes
profile_create_user_profile ($login, $config['default_remote_profile'],
$config['default_remote_group'], false, $config['default_assign_tags']);
}
if ( defined('METACONSOLE') ) {
if ( (isset($config['ad_autosyn']) && $config['ad_autosyn']) &&
$config["auth"] === 'ad' ) {
enterprise_include_once('include/functions_metaconsole.php');
$servers = metaconsole_get_servers();
$error_count = 0;
$error_servers = array();
foreach ($servers as $server) {
if ( metaconsole_connect($server) == NOERR ) {
if (create_user ($login, $pass,
array ('fullname' => $login,
'comments' => 'Imported from ' . $config['auth'])
) === false) {
$config["auth_error"] = __("User not found in database or incorrect password");
return false;
}
profile_create_user_profile ($login, $config['default_remote_profile'],
$config['default_remote_group'], false, $config['default_assign_tags']);
}
else {
$error_count++;
$error_servers[$error_count] = $server['server_name'];
}
metaconsole_restore_db();
}
if ($error_count > 0) {
$config["auth_error"] = __("Error synching with the following servers: ") . implode(',', $error_servers);
return false;
}
}
}
return $login;
}
/**
* Checks if a user is administrator.
*

View File

@ -18,6 +18,10 @@
* @package Include
* @subpackage Profile_Functions
*/
function profile_exist($name) {
return (bool)db_get_value('id_perfil', 'tperfil', 'name', $name);
}
/**
* Get profile name from id.
@ -67,7 +71,9 @@ function profile_get_profiles ($filter = false) {
*
* @return mixed Number id if succesful, false if not
*/
function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') {
function profile_create_user_profile ($id_user,
$id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') {
global $config;
if (empty ($id_profile) || $id_group < 0)