mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-24 00:43:20 +01:00
* ActiveDirectory: fix import was not detecting members removed from groups
as for AD always the full import is used for groups and setting/removing members was skipped for the full/initial import
This commit is contained in:
parent
9d96eb7875
commit
2cdc2818c2
@ -597,18 +597,35 @@ class Ads
|
|||||||
{
|
{
|
||||||
if (!($data = $this->filter(array('objectsid' => $this->get_sid($account_id)), 'g', self::$group_attributes)))
|
if (!($data = $this->filter(array('objectsid' => $this->get_sid($account_id)), 'g', self::$group_attributes)))
|
||||||
{
|
{
|
||||||
return false; // group not found
|
return false; // group not found
|
||||||
}
|
}
|
||||||
$group = $this->_ldap2group(array_shift($data));
|
$group = $this->_ldap2group(array_shift($data));
|
||||||
|
|
||||||
// for memberships we have to query primaryGroupId and memberOf of users
|
$group['members'] = $this->getMembers($group);
|
||||||
$group['members'] = $this->filter(array('memberOf' => $group['account_dn']), 'u');
|
|
||||||
// primary group is not stored in memberOf attribute, need to add them too
|
|
||||||
$group['members'] = $this->filter(array('primaryGroupId' => abs($account_id)), 'u', null, $group['members']);
|
|
||||||
|
|
||||||
return $group;
|
return $group;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Query members of group
|
||||||
|
*
|
||||||
|
* @param array $group with values for keys account_id and account_dn
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function getMembers(array $group)
|
||||||
|
{
|
||||||
|
if (empty($group['account_dn']) || empty($group['account_id']))
|
||||||
|
{
|
||||||
|
throw new \InvalidArgumentException(__METHOD__.'('.json_encode($group).') missing account_id and/or account_dn attribute');
|
||||||
|
}
|
||||||
|
// for memberships, we have to query primaryGroupId and memberOf of users
|
||||||
|
$members = $this->filter(array('memberOf' => $group['account_dn']), 'u');
|
||||||
|
// primary group is not stored in memberOf attribute, need to add them too
|
||||||
|
$members = $this->filter(array('primaryGroupId' => abs($group['account_id'])), 'u', null, $members);
|
||||||
|
|
||||||
|
return $members;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Convert ldap data of a user
|
* Convert ldap data of a user
|
||||||
*
|
*
|
||||||
|
@ -825,8 +825,12 @@ class Import
|
|||||||
$groups[$sql_id] = self::strtolower($group['account_lid']);
|
$groups[$sql_id] = self::strtolower($group['account_lid']);
|
||||||
|
|
||||||
// we need to record and return the id's to update members, AFTER users are created/updated
|
// we need to record and return the id's to update members, AFTER users are created/updated
|
||||||
// only for incremental run, initial run set's memberships with the user anyway (more efficient for LDAP!)
|
if (is_a($this->accounts, Ads::class))
|
||||||
if (!empty($modified))
|
{
|
||||||
|
// ADS::members() calls the frontend, have to use ADS::getMembers() instead
|
||||||
|
$set_members[$sql_id] = $this->accounts->getMembers($group);
|
||||||
|
}
|
||||||
|
else
|
||||||
{
|
{
|
||||||
$set_members[$sql_id] = $this->accounts->members($group['account_id']);
|
$set_members[$sql_id] = $this->accounts->members($group['account_id']);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user