From 18aa824206c1ed75a76fac6440357179c23b5d1d Mon Sep 17 00:00:00 2001 From: bne86 Date: Fri, 10 Mar 2017 16:27:45 +0100 Subject: [PATCH] first version for group-mapping. groups are added and user assigned to groups. until now no group removal Signed-off-by: bne86 --- appinfo/app.php | 3 ++- lib/Settings/Admin.php | 5 +++++ lib/UserBackend.php | 28 +++++++++++++++++++++++++++- tests/unit/Settings/AdminTest.php | 5 +++++ tests/unit/UserBackendTest.php | 10 ++++++++-- 5 files changed, 47 insertions(+), 4 deletions(-) diff --git a/appinfo/app.php b/appinfo/app.php index 841bb54..d1ef671 100644 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -44,7 +44,8 @@ $userBackend = new \OCA\User_SAML\UserBackend( $urlGenerator, \OC::$server->getSession(), \OC::$server->getDatabaseConnection(), - \OC::$server->getUserManager() + \OC::$server->getUserManager(), + \OC::$server->getGroupManager() ); $userBackend->registerBackends(\OC::$server->getUserManager()->getBackends()); OC_User::useBackend($userBackend); diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php index 7ae9e9c..919f4bd 100644 --- a/lib/Settings/Admin.php +++ b/lib/Settings/Admin.php @@ -112,6 +112,11 @@ class Admin implements ISettings { 'type' => 'line', 'required' => false, ], + 'group_mapping' => [ + 'text' => $this->l10n->t('Attribute to map the users groups to.'), + 'type' => 'line', + 'required' => true, + ], ]; $type = $this->config->getAppValue('user_saml', 'type'); diff --git a/lib/UserBackend.php b/lib/UserBackend.php index aa5bf40..d5d3c84 100644 --- a/lib/UserBackend.php +++ b/lib/UserBackend.php @@ -25,6 +25,7 @@ use OCP\Authentication\IApacheBackend; use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\IDBConnection; use OCP\IUserManager; +use OCP\IGroupManager; use OCP\UserInterface; use OCP\IUserBackend; use OCP\IConfig; @@ -42,6 +43,8 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend { private $db; /** @var IUserManager */ private $userManager; + /** @var IGroupManager */ + private $groupManager; /** @var \OCP\UserInterface[] */ private static $backends = []; @@ -51,17 +54,20 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend { * @param ISession $session * @param IDBConnection $db * @param IUserManager $userManager + * @param IGroupManager $groupManager */ public function __construct(IConfig $config, IURLGenerator $urlGenerator, ISession $session, IDBConnection $db, - IUserManager $userManager) { + IUserManager $userManager, + IGroupManager $groupManager) { $this->config = $config; $this->urlGenerator = $urlGenerator; $this->session = $session; $this->db = $db; $this->userManager = $userManager; + $this->groupManager = $groupManager; } /** @@ -466,6 +472,13 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend { $newQuota = null; } + try { + $newGroups = $this->getAttributeValue('saml-attribute-mapping-group_mapping', $attributes); + } catch (\InvalidArgumentException $e) { + $newGroups = null; + } + + if ($user !== null) { $currentEmail = (string)$user->getEMailAddress(); if ($newEmail !== null @@ -488,6 +501,19 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend { if ($newQuota !== null) { $user->setQuota($newQuota); } + + if ($newGroups !==null) { + $groups = explode(' ', $newGroups); + foreach ($groups as $group) { + if (!($this->groupManager->groupExists($group))) { + $this->groupManager->createGroup($group); + } + $groupInBackend = $this->groupManager->get($group); + if (!$groupInBackend->inGroup($user)) { + $groupInBackend->addUser($user); + } + } + } } } } diff --git a/tests/unit/Settings/AdminTest.php b/tests/unit/Settings/AdminTest.php index e42ebcd..8a189d4 100644 --- a/tests/unit/Settings/AdminTest.php +++ b/tests/unit/Settings/AdminTest.php @@ -120,6 +120,11 @@ class AdminTest extends \Test\TestCase { 'type' => 'line', 'required' => false, ], + 'group_mapping' => [ + 'text' => $this->l10n->t('Attribute to map the users groups to.'), + 'type' => 'line', + 'required' => true, + ], ]; $params = [ diff --git a/tests/unit/UserBackendTest.php b/tests/unit/UserBackendTest.php index 81ea066..36b975f 100644 --- a/tests/unit/UserBackendTest.php +++ b/tests/unit/UserBackendTest.php @@ -24,6 +24,7 @@ namespace OCA\User_SAML\Tests\Settings; use OCA\User_SAML\UserBackend; use OCP\IConfig; use OCP\IDBConnection; +use OCP\IGroupManager; use OCP\ISession; use OCP\IURLGenerator; use OCP\IUser; @@ -42,6 +43,8 @@ class UserBackendTest extends TestCase { private $db; /** @var IUserManager|\PHPUnit_Framework_MockObject_MockObject */ private $userManager; + /** @var IGroupManager|\PHPUnit_Framework_MockObject_MockObject */ + private $groupManager; /** @var UserBackend|\PHPUnit_Framework_MockObject_MockObject */ private $userBackend; @@ -53,6 +56,7 @@ class UserBackendTest extends TestCase { $this->session = $this->createMock(ISession::class); $this->db = $this->createMock(IDBConnection::class); $this->userManager = $this->createMock(IUserManager::class); + $this->groupManager = $this->createMock(IGroupManager::class); } public function getMockedBuilder(array $mockedFunctions = []) { @@ -63,7 +67,8 @@ class UserBackendTest extends TestCase { $this->urlGenerator, $this->session, $this->db, - $this->userManager + $this->userManager, + $this->groupManager ]) ->setMethods($mockedFunctions) ->getMock(); @@ -73,7 +78,8 @@ class UserBackendTest extends TestCase { $this->urlGenerator, $this->session, $this->db, - $this->userManager + $this->userManager, + $this->groupManager ); } }