AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enable external group synchronization deactivation.

This commit is contained in:
Erwan Colin 2021-09-22 12:55:32 +02:00 committed by fguillot
parent e5d22682cb
commit 76a81d0675
4 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Core/User/UserProfile.php
View File

@ -52,8 +52,10 @@ class UserProfile extends Base
$profile = $this->userModel->getById($user->getInternalId());
} elseif ($user->getExternalIdColumn() && $user->getExternalId()) {
$profile = $this->userSync->synchronize($user);
if (LDAP_GROUP_SYNC) {
$this->groupSync->synchronize($profile['id'], $user->getExternalGroupIds());
}
}
if (! empty($profile) && $profile['is_active'] == 1) {
$this->userSession->initialize($profile);

2
app/constants.php
View File

@ -92,6 +92,8 @@ defined('LDAP_GROUP_FILTER') or define('LDAP_GROUP_FILTER', getenv('LDAP_GROUP_F
defined('LDAP_GROUP_USER_FILTER') or define('LDAP_GROUP_USER_FILTER', getenv('LDAP_GROUP_USER_FILTER') ?: '');
defined('LDAP_GROUP_USER_ATTRIBUTE') or define('LDAP_GROUP_USER_ATTRIBUTE', getenv('LDAP_GROUP_USER_ATTRIBUTE') ?: 'username');
defined('LDAP_GROUP_ATTRIBUTE_NAME') or define('LDAP_GROUP_ATTRIBUTE_NAME', getenv('LDAP_GROUP_ATTRIBUTE_NAME') ?: 'cn');
defined('LDAP_GROUP_SYNC') or define('LDAP_GROUP_SYNC', getenv('LDAP_GROUP_SYNC') ?: true);
// Proxy authentication
defined('REVERSE_PROXY_AUTH') or define('REVERSE_PROXY_AUTH', strtolower(getenv('REVERSE_PROXY_AUTH')) === 'true');

3
config.default.php
View File

@ -195,6 +195,9 @@ define('LDAP_GROUP_USER_ATTRIBUTE', 'username');
// LDAP attribute for the group name
define('LDAP_GROUP_ATTRIBUTE_NAME', 'cn');
// Enable/Disable groups synchronization when external authentication is used.
define('LDAP_GROUP_SYNC', true);
// Enable/disable the reverse proxy authentication
define('REVERSE_PROXY_AUTH', false);

3
docker/etc/php7/php-fpm.d/env.conf
View File

@ -154,6 +154,9 @@ env[TOTP_ISSUER] = $TOTP_ISSUER
; Comma separated list of fields to not synchronize when using external authentication providers
env[EXTERNAL_AUTH_EXCLUDE_FIELDS] = $EXTERNAL_AUTH_EXCLUDE_FIELDS
; Enable/Disable groups synchronization when external authentication is used.
env[LDAP_GROUP_SYNC] = $LDAP_GROUP_SYNC
env[SHOW_GROUP_MEMBERSHIPS_IN_USERLIST] = $SHOW_GROUP_MEMBERSHIPS_IN_USERLIST
env[SHOW_GROUP_MEMBERSHIPS_IN_USERLIST_WITH_LIMIT] = $SHOW_GROUP_MEMBERSHIPS_IN_USERLIST_WITH_LIMIT