From 85a41af644b97bab9d2b32f592ed581379e6d33d Mon Sep 17 00:00:00 2001
From: Marcos Alconada <marcos.alconada@artica.es>
Date: Fri, 18 Sep 2020 14:50:50 +0200
Subject: [PATCH] Ent 5296 anadir boton guardar contrasena en active directory

---
 pandora_console/include/auth/mysql.php       | 13 +++++++++++--
 pandora_console/include/functions_config.php |  8 ++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/pandora_console/include/auth/mysql.php b/pandora_console/include/auth/mysql.php
index 064be4a93e..930e2cdbd2 100644
--- a/pandora_console/include/auth/mysql.php
+++ b/pandora_console/include/auth/mysql.php
@@ -261,7 +261,16 @@ function process_user_login_remote($login, $pass, $api=false)
         if (($config['auth'] === 'ad')) {
             // Check if autocreate  remote users is active.
             if ($config['autocreate_remote_users'] == 1) {
-                change_local_user_pass_ldap($login, $pass);
+                if ($config['ad_save_password']) {
+                    $update_credentials = change_local_user_pass_ldap($login, $pass);
+
+                    if ($update_credentials) {
+                        $config['auth_error'] = __('Your permissions have changed. Please, login again.');
+                        return false;
+                    }
+                } else {
+                    delete_user_pass_ldap($login);
+                }
             }
 
             if (isset($config['ad_advanced_config']) && $config['ad_advanced_config']) {
@@ -948,7 +957,7 @@ function create_user_and_permisions_ldap(
     $values = $user_info;
     $values['id_user'] = $id_user;
 
-    if ($config['ldap_save_password']) {
+    if ($config['ldap_save_password'] || $config['ad_save_password']) {
         $values['password'] = md5($password);
     }
 
diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php
index 3554f091ed..ca997f5a6e 100644
--- a/pandora_console/include/functions_config.php
+++ b/pandora_console/include/functions_config.php
@@ -720,6 +720,14 @@ function config_update_config()
                     if (!config_update_value('session_timeout', get_parameter('session_timeout'))) {
                         $error_update[] = __('Session timeout');
                     }
+
+                    if (isset($config['fallback_local_auth']) && $config['fallback_local_auth'] == 0) {
+                        if (!config_update_value('ad_save_password', get_parameter('ad_save_password'))) {
+                            $error_update[] = __('Save Password');
+                        }
+                    } else if (isset($config['fallback_local_auth']) && $config['fallback_local_auth'] == 1) {
+                        config_update_value('ad_save_password', 1);
+                    }
                 break;
 
                 case 'perf':