AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve LDAP user group membership synchronization

This commit is contained in:
Frederic Guillot 2016-05-03 22:51:48 -04:00
parent 38e9f9928e
commit 60c8867fee
4 changed files with 105 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -11,6 +11,7 @@ New features:
Improvements:
* Improve LDAP user group membership synchronization
* Category and user filters do not append anymore in search field
* Added more template hooks
* Added tasks search with the API

50
app/Core/User/GroupSync.php
View File

@ -16,16 +16,52 @@ class GroupSync extends Base
* Synchronize group membership
*
* @access public
* @param integer $userId
* @param array $groupIds
* @param integer $userId
* @param array $externalGroupIds
*/
public function synchronize($userId, array $groupIds)
public function synchronize($userId, array $externalGroupIds)
{
foreach ($groupIds as $groupId) {
$group = $this->group->getByExternalId($groupId);
$userGroups = $this->groupMember->getGroups($userId);
$this->addGroups($userId, $userGroups, $externalGroupIds);
$this->removeGroups($userId, $userGroups, $externalGroupIds);
}
if (! empty($group) && ! $this->groupMember->isMember($group['id'], $userId)) {
$this->groupMember->addUser($group['id'], $userId);
/**
* Add missing groups to the user
*
* @access protected
* @param integer $userId
* @param array $userGroups
* @param array $externalGroupIds
*/
protected function addGroups($userId, array $userGroups, array $externalGroupIds)
{
$userGroupIds = array_column($userGroups, 'external_id', 'external_id');
foreach ($externalGroupIds as $externalGroupId) {
if (! isset($userGroupIds[$externalGroupId])) {
$group = $this->group->getByExternalId($externalGroupId);
if (! empty($group)) {
$this->groupMember->addUser($group['id'], $userId);
}
}
}
}
/**
* Remove groups from the user
*
* @access protected
* @param integer $userId
* @param array $userGroups
* @param array $externalGroupIds
*/
protected function removeGroups($userId, array $userGroups, array $externalGroupIds)
{
foreach ($userGroups as $userGroup) {
if (! empty($userGroup['external_id']) && ! in_array($userGroup['external_id'], $externalGroupIds)) {
$this->groupMember->removeUser($userGroup['id'], $userId);
}
}
}

2
app/Model/GroupMember.php
View File

@ -119,7 +119,7 @@ class GroupMember extends Base
public function getGroups($user_id)
{
return $this->db->table(self::TABLE)
->columns(Group::TABLE.'.id', Group::TABLE.'.name')
->columns(Group::TABLE.'.id', Group::TABLE.'.external_id', Group::TABLE.'.name')
->join(Group::TABLE, 'id', 'group_id')
->eq(self::TABLE.'.user_id', $user_id)
->asc(Group::TABLE.'.name')

61
tests/units/Core/User/GroupSyncTest.php
View File

@ -8,7 +8,7 @@ use Kanboard\Model\GroupMember;
class GroupSyncTest extends Base
{
public function testSynchronize()
public function testAddGroups()
{
$group = new Group($this->container);
$groupMember = new GroupMember($this->container);
@ -27,4 +27,63 @@ class GroupSyncTest extends Base
$this->assertTrue($groupMember->isMember(1, 1));
$this->assertTrue($groupMember->isMember(2, 1));
}
public function testRemoveGroups()
{
$group = new Group($this->container);
$groupMember = new GroupMember($this->container);
$groupSync = new GroupSync($this->container);
$this->assertEquals(1, $group->create('My Group 1', 'externalId1'));
$this->assertEquals(2, $group->create('My Group 2', 'externalId2'));
$this->assertTrue($groupMember->addUser(1, 1));
$this->assertTrue($groupMember->isMember(1, 1));
$this->assertFalse($groupMember->isMember(2, 1));
$groupSync->synchronize(1, array('externalId3'));
$this->assertFalse($groupMember->isMember(1, 1));
$this->assertFalse($groupMember->isMember(2, 1));
}
public function testBoth()
{
$group = new Group($this->container);
$groupMember = new GroupMember($this->container);
$groupSync = new GroupSync($this->container);
$this->assertEquals(1, $group->create('My Group 1', 'externalId1'));
$this->assertEquals(2, $group->create('My Group 2', 'externalId2'));
$this->assertEquals(3, $group->create('My Group 3', 'externalId3'));
$this->assertTrue($groupMember->addUser(1, 1));
$this->assertTrue($groupMember->addUser(2, 1));
$this->assertTrue($groupMember->isMember(1, 1));
$this->assertTrue($groupMember->isMember(2, 1));
$this->assertFalse($groupMember->isMember(3, 1));
$groupSync->synchronize(1, array('externalId1', 'externalId3'));
$this->assertTrue($groupMember->isMember(1, 1));
$this->assertFalse($groupMember->isMember(2, 1));
$this->assertTrue($groupMember->isMember(3, 1));
}
public function testThatInternalGroupsAreNotTouched()
{
$group = new Group($this->container);
$groupMember = new GroupMember($this->container);
$groupSync = new GroupSync($this->container);
$this->assertEquals(1, $group->create('My Group 1'));
$this->assertTrue($groupMember->addUser(1, 1));
$this->assertTrue($groupMember->isMember(1, 1));
$groupSync->synchronize(1, array('externalId3'));
$this->assertTrue($groupMember->isMember(1, 1));
}
}