Added setting that makes possible any new LDAP user to be Manager by default

app/Core/Ldap/User.php

@@ -121,25 +121,27 @@ class User
      */
     protected function getRole(array $groupIds)
     {
-        if (! $this->hasGroupsConfigured()) {
+        $role = Role::APP_USER;
-            return null;
-        }
 
-        // Init with smallest role
+        if (! $this->hasGroupsConfigured()) {
-        $role = Role::APP_USER ;
+            if (LDAP_USER_DEFAULT_ROLE_MANAGER) {
+                $role = Role::APP_MANAGER;
+            } else {
+                $role = Role::APP_USER;
+            }
+            return $role;
+        }
 
         foreach ($groupIds as $groupId) {
             $groupId = strtolower($groupId);
 
             if ($groupId === strtolower($this->getGroupAdminDn())) {
-                // Highest role found : we can and we must exit the loop
                 $role = Role::APP_ADMIN;
                 break;
             }
 
             if ($groupId === strtolower($this->getGroupManagerDn())) {
-                // Intermediate role found : we must continue to loop, maybe admin role after ?
+                $role = Role::APP_MANAGER;
-	        $role = Role::APP_MANAGER;
             }
         }
 

app/constants.php

@@ -81,6 +81,7 @@ defined('LDAP_USER_ATTRIBUTE_GROUPS') or define('LDAP_USER_ATTRIBUTE_GROUPS', ge
 defined('LDAP_USER_ATTRIBUTE_PHOTO') or define('LDAP_USER_ATTRIBUTE_PHOTO', getenv('LDAP_USER_ATTRIBUTE_PHOTO') ?: '');
 defined('LDAP_USER_ATTRIBUTE_LANGUAGE') or define('LDAP_USER_ATTRIBUTE_LANGUAGE', getenv('LDAP_USER_ATTRIBUTE_LANGUAGE') ?: '');
 defined('LDAP_USER_CREATION') or define('LDAP_USER_CREATION', getenv('LDAP_USER_CREATION') ? strtolower(getenv('LDAP_USER_CREATION')) === 'true' : true);
+defined('LDAP_USER_DEFAULT_ROLE_MANAGER') or define('LDAP_USER_DEFAULT_ROLE_MANAGER', getenv('LDAP_USER_DEFAULT_ROLE_MANAGER') ? strtolower(getenv('LDAP_USER_DEFAULT_ROLE_MANAGER')) === 'true' : false);
 
 defined('LDAP_GROUP_ADMIN_DN') or define('LDAP_GROUP_ADMIN_DN', getenv('LDAP_GROUP_ADMIN_DN') ?: '');
 defined('LDAP_GROUP_MANAGER_DN') or define('LDAP_GROUP_MANAGER_DN', getenv('LDAP_GROUP_MANAGER_DN') ?: '');

config.default.php

@@ -161,6 +161,9 @@ define('LDAP_USER_ATTRIBUTE_LANGUAGE', '');
 // Allow automatic LDAP user creation
 define('LDAP_USER_CREATION', true);
 
+// Set new user as Manager
+define('LDAP_USER_DEFAULT_ROLE_MANAGER', false);
+
 // LDAP DN for administrators
 // Example: CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local
 define('LDAP_GROUP_ADMIN_DN', '');

tests/units/Core/Ldap/LdapUserTest.php

@@ -136,7 +136,7 @@ class LdapUserTest extends Base
         $this->assertEquals('my_ldap_user', $user->getUsername());
         $this->assertEquals('My LDAP user', $user->getName());
         $this->assertEquals('user1@localhost', $user->getEmail());
-        $this->assertEquals(null, $user->getRole());
+        $this->assertEquals(Role::APP_USER, $user->getRole());
         $this->assertSame('', $user->getPhoto());
         $this->assertEquals(array(), $user->getExternalGroupIds());
         $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());