AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't force role of user if no ldap groups defined

Browse Source 
We should not force role of user on LDAP logins if there are not Manager/Admin groups defined, return null to get the one from database as before.
This commit is contained in:
Eskiso
2020-12-03 06:44:39 +00:00
committed by GitHub
parent 23ec1986da
commit 4d1205a0fe
2 changed files with 8 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
app/Core/Ldap/User.php
View File

@@ -121,15 +121,14 @@ class User
*/ */
protected function getRole(array $groupIds) protected function getRole(array $groupIds)
{ {
$role = Role::APP_USER;
if (! $this->hasGroupsConfigured()) { if (! $this->hasGroupsConfigured()) {
if (LDAP_USER_DEFAULT_ROLE_MANAGER) { return null;
$role = Role::APP_MANAGER; }
} else {
$role = Role::APP_USER; if (LDAP_USER_DEFAULT_ROLE_MANAGER) {
} $role = Role::APP_MANAGER;
return $role; } else {
$role = Role::APP_USER;
} }
foreach ($groupIds as $groupId) { foreach ($groupIds as $groupId) {

2
tests/units/Core/Ldap/LdapUserTest.php
View File

@@ -136,7 +136,7 @@ class LdapUserTest extends Base
$this->assertEquals('my_ldap_user', $user->getUsername()); $this->assertEquals('my_ldap_user', $user->getUsername());
$this->assertEquals('My LDAP user', $user->getName()); $this->assertEquals('My LDAP user', $user->getName());
$this->assertEquals('user1@localhost', $user->getEmail()); $this->assertEquals('user1@localhost', $user->getEmail());
$this->assertEquals(Role::APP_USER, $user->getRole()); $this->assertEquals(null, $user->getRole());
$this->assertSame('', $user->getPhoto()); $this->assertSame('', $user->getPhoto());
$this->assertEquals(array(), $user->getExternalGroupIds()); $this->assertEquals(array(), $user->getExternalGroupIds());
$this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes()); $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());