diff options
| author | Frederic Guillot <fred@kanboard.net> | 2016-05-03 22:51:48 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2016-05-03 22:51:48 -0400 |
| commit | 60c8867feeeefcf160fb1432419887f17a0d957b (patch) | |
| tree | 0cb7e413ad920bf196fb1df21695d7f7039bc1e5 /app/Core | |
| parent | 38e9f9928e3f13658af3c6bbe9ec0bf078f1c177 (diff) | |
Improve LDAP user group membership synchronization
Diffstat (limited to 'app/Core')
| -rw-r--r-- | app/Core/User/GroupSync.php | 50 |
1 files changed, 43 insertions, 7 deletions
diff --git a/app/Core/User/GroupSync.php b/app/Core/User/GroupSync.php index 573acd47..4e08d574 100644 --- a/app/Core/User/GroupSync.php +++ b/app/Core/User/GroupSync.php @@ -16,16 +16,52 @@ class GroupSync extends Base * Synchronize group membership * * @access public - * @param integer $userId - * @param array $groupIds + * @param integer $userId + * @param array $externalGroupIds */ - public function synchronize($userId, array $groupIds) + public function synchronize($userId, array $externalGroupIds) { - foreach ($groupIds as $groupId) { - $group = $this->group->getByExternalId($groupId); + $userGroups = $this->groupMember->getGroups($userId); + $this->addGroups($userId, $userGroups, $externalGroupIds); + $this->removeGroups($userId, $userGroups, $externalGroupIds); + } + + /** + * Add missing groups to the user + * + * @access protected + * @param integer $userId + * @param array $userGroups + * @param array $externalGroupIds + */ + protected function addGroups($userId, array $userGroups, array $externalGroupIds) + { + $userGroupIds = array_column($userGroups, 'external_id', 'external_id'); - if (! empty($group) && ! $this->groupMember->isMember($group['id'], $userId)) { - $this->groupMember->addUser($group['id'], $userId); + foreach ($externalGroupIds as $externalGroupId) { + if (! isset($userGroupIds[$externalGroupId])) { + $group = $this->group->getByExternalId($externalGroupId); + + if (! empty($group)) { + $this->groupMember->addUser($group['id'], $userId); + } + } + } + } + + /** + * Remove groups from the user + * + * @access protected + * @param integer $userId + * @param array $userGroups + * @param array $externalGroupIds + */ + protected function removeGroups($userId, array $userGroups, array $externalGroupIds) + { + foreach ($userGroups as $userGroup) { + if (! empty($userGroup['external_id']) && ! in_array($userGroup['external_id'], $externalGroupIds)) { + $this->groupMember->removeUser($userGroup['id'], $userId); } } } |