Fixed the login of new user from ldap in metaconsole. TICKET: #3118
This commit is contained in:
mdtrooper
parent
1e220f00ac
commit
7892d6bcb8
|
|
@ -173,6 +173,8 @@ function process_user_login_local ($login, $pass, $api = false) {
|
||||||
function process_user_login_remote ($login, $pass, $api = false) {
|
function process_user_login_remote ($login, $pass, $api = false) {
|
||||||
global $config, $mysql_cache;
|
global $config, $mysql_cache;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// Remote authentication
|
// Remote authentication
|
||||||
switch ($config["auth"]) {
|
switch ($config["auth"]) {
|
||||||
// LDAP
|
// LDAP
|
||||||
|
|
@ -225,23 +227,29 @@ function process_user_login_remote ($login, $pass, $api = false) {
|
||||||
|
|
||||||
// Authentication ok, check if the user exists in the local database
|
// Authentication ok, check if the user exists in the local database
|
||||||
if (is_user ($login)) {
|
if (is_user ($login)) {
|
||||||
|
|
||||||
|
|
||||||
if (!user_can_login($login)) {
|
if (!user_can_login($login)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (($config["auth"] === 'ad') && (isset($config['ad_advanced_config']) && $config['ad_advanced_config'])){
|
if (($config["auth"] === 'ad') &&
|
||||||
|
(isset($config['ad_advanced_config']) && $config['ad_advanced_config'])) {
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$return = enterprise_hook ('prepare_permissions_groups_of_user_ad',
|
$return = enterprise_hook ('prepare_permissions_groups_of_user_ad',
|
||||||
array ($login, $pass, false, true));
|
array ($login, $pass, false, true));
|
||||||
|
|
||||||
if ($return === "error_permissions") {
|
if ($return === "error_permissions") {
|
||||||
$config["auth_error"] = __("Problems with configuration
|
$config["auth_error"] =
|
||||||
permissions. Please contact with Administrator");
|
__("Problems with configuration permissions. Please contact with Administrator");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
else
|
else {
|
||||||
{
|
|
||||||
if ($return === "permissions_changed") {
|
if ($return === "permissions_changed") {
|
||||||
$config["auth_error"] = __("Your permissions have changed. Please, login again.");
|
$config["auth_error"] =
|
||||||
|
__("Your permissions have changed. Please, login again.");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -250,6 +258,8 @@ function process_user_login_remote ($login, $pass, $api = false) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// The user does not exist and can not be created
|
// The user does not exist and can not be created
|
||||||
if ($config['autocreate_remote_users'] == 0 || is_user_blacklisted ($login)) {
|
if ($config['autocreate_remote_users'] == 0 || is_user_blacklisted ($login)) {
|
||||||
$config["auth_error"] = __("Ooops User not found in
|
$config["auth_error"] = __("Ooops User not found in
|
||||||
|
|
@ -260,11 +270,33 @@ function process_user_login_remote ($login, $pass, $api = false) {
|
||||||
|
|
||||||
// Create the user in the local database
|
// Create the user in the local database
|
||||||
if (isset($config['ad_advanced_config']) && $config['ad_advanced_config']) {
|
if (isset($config['ad_advanced_config']) && $config['ad_advanced_config']) {
|
||||||
// Create the user in the local database enterprise_hook ('prepare_permissions_groups_of_user_ad', array ($login, $pass))
|
|
||||||
|
|
||||||
|
if ( defined('METACONSOLE') ) {
|
||||||
|
enterprise_include_once('include/functions_metaconsole.php');
|
||||||
|
enterprise_include_once ('meta/include/functions_groups_meta.php');
|
||||||
|
|
||||||
|
$return = groups_meta_synchronizing();
|
||||||
|
|
||||||
|
if ($return["group_create_err"] > 0 || $return["group_update_err"] > 0) {
|
||||||
|
$config["auth_error"] = __('Fail the group synchronizing');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$return = meta_tags_synchronizing();
|
||||||
|
if ($return['tag_create_err'] > 0 || $return['tag_update_err'] > 0) {
|
||||||
|
$config["auth_error"] = __('Fail the tag synchronizing');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create the user
|
||||||
if (enterprise_hook ('prepare_permissions_groups_of_user_ad',
|
if (enterprise_hook ('prepare_permissions_groups_of_user_ad',
|
||||||
array ($login, $pass, array ('fullname' => $login,
|
array($login,
|
||||||
'comments' => 'Imported from ' .
|
$pass,
|
||||||
$config['auth']))) === false) {
|
array ('fullname' => $login,
|
||||||
|
'comments' => 'Imported from ' . $config['auth']),
|
||||||
|
false, defined('METACONSOLE'))) === false) {
|
||||||
|
|
||||||
$config["auth_error"] = __("User not found in database
|
$config["auth_error"] = __("User not found in database
|
||||||
or incorrect password");
|
or incorrect password");
|
||||||
|
|
@ -281,41 +313,12 @@ function process_user_login_remote ($login, $pass, $api = false) {
|
||||||
$config["auth_error"] = __("User not found in database or incorrect password");
|
$config["auth_error"] = __("User not found in database or incorrect password");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
profile_create_user_profile ($login, $config['default_remote_profile'],
|
|
||||||
$config['default_remote_group'], false, $config['default_assign_tags']);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( defined('METACONSOLE') ) {
|
//TODO: Check the creation in the nodes
|
||||||
if ( (isset($config['ad_autosyn']) && $config['ad_autosyn']) &&
|
|
||||||
$config["auth"] === 'ad' ) {
|
|
||||||
enterprise_include_once('include/functions_metaconsole.php');
|
|
||||||
$servers = metaconsole_get_servers();
|
|
||||||
$error_count = 0;
|
|
||||||
$error_servers = array();
|
|
||||||
foreach ($servers as $server) {
|
|
||||||
if ( metaconsole_connect($server) == NOERR ) {
|
|
||||||
if (create_user ($login, $pass,
|
|
||||||
array ('fullname' => $login,
|
|
||||||
'comments' => 'Imported from ' . $config['auth'])
|
|
||||||
) === false) {
|
|
||||||
$config["auth_error"] = __("User not found in database or incorrect password");
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
profile_create_user_profile ($login, $config['default_remote_profile'],
|
profile_create_user_profile ($login, $config['default_remote_profile'],
|
||||||
$config['default_remote_group'], false, $config['default_assign_tags']);
|
$config['default_remote_group'], false, $config['default_assign_tags']);
|
||||||
}
|
}
|
||||||
else {
|
|
||||||
$error_count++;
|
|
||||||
$error_servers[$error_count] = $server['server_name'];
|
|
||||||
}
|
|
||||||
metaconsole_restore_db();
|
|
||||||
}
|
|
||||||
if ($error_count > 0) {
|
|
||||||
$config["auth_error"] = __("Error synching with the following servers: ") . implode(',', $error_servers);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return $login;
|
return $login;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -19,6 +19,10 @@
|
||||||
* @subpackage Profile_Functions
|
* @subpackage Profile_Functions
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
function profile_exist($name) {
|
||||||
|
return (bool)db_get_value('id_perfil', 'tperfil', 'name', $name);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get profile name from id.
|
* Get profile name from id.
|
||||||
*
|
*
|
||||||
|
|
@ -67,7 +71,9 @@ function profile_get_profiles ($filter = false) {
|
||||||
*
|
*
|
||||||
* @return mixed Number id if succesful, false if not
|
* @return mixed Number id if succesful, false if not
|
||||||
*/
|
*/
|
||||||
function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') {
|
function profile_create_user_profile ($id_user,
|
||||||
|
$id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') {
|
||||||
|
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if (empty ($id_profile) || $id_group < 0)
|
if (empty ($id_profile) || $id_group < 0)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue