/**
* Returns all profile fields with user data by given category
*
* @todo Optimize me
* @param ProfileFieldCategory $category
* @return Array ProfileFields
*/
public function getProfileFields(ProfileFieldCategory $category = null)
{
if ($this->user === null) {
return [];
}
$fields = [];
$query = ProfileField::find();
$query->where(['visible' => 1]);
$query->orderBy('sort_order');
if ($category !== null) {
$query->andWhere(['profile_field_category_id' => $category->id]);
}
foreach ($query->all() as $field) {
if ($field->getUserValue($this->user) != "") {
$fields[] = $field;
}
}
return $fields;
}
/**
* @inheritdoc
*/
public function getSyncAttributes()
{
$attributes = ['username', 'email'];
foreach (ProfileField::find()->andWhere(['!=', 'ldap_attribute', ''])->all() as $profileField) {
$attributes[] = $profileField->internal_name;
}
return $attributes;
}
/**
* Updates or creates user by given ldap node
*
* @param Zend_Ldap_Node $node
* @return User User Object
*/
public function handleLdapUser($node)
{
$usernameAttribute = Setting::Get('usernameAttribute', 'authentication_ldap');
if ($usernameAttribute == '') {
$usernameAttribute = 'sAMAccountName';
}
$emailAttribute = Setting::Get('emailAttribute', 'authentication_ldap');
if ($emailAttribute == '') {
$emailAttribute = 'mail';
}
$username = $node->getAttribute($usernameAttribute, 0);
$email = $node->getAttribute($emailAttribute, 0);
$guid = $this->binToStrGuid($node->getAttribute('objectGUID', 0));
// Try to load User:
$userChanged = false;
$user = null;
if ($guid != "") {
$user = User::findOne(array('guid' => $guid, 'auth_mode' => User::AUTH_MODE_LDAP));
} else {
// Fallback use e-mail
$user = User::findOne(array('email' => $email, 'auth_mode' => User::AUTH_MODE_LDAP));
}
if ($user === null) {
$user = new User();
if ($guid != "") {
$user->guid = $guid;
}
$user->status = User::STATUS_ENABLED;
$user->auth_mode = User::AUTH_MODE_LDAP;
$user->group_id = 1;
Yii::info('Create ldap user ' . $username . '!');
}
// Update Users Field
if ($user->username != $username) {
$userChanged = true;
$user->username = $username;
}
if ($user->email != $email) {
$userChanged = true;
$user->email = $email;
}
if ($user->validate()) {
// Only Save user when something is changed
if ($userChanged || $user->isNewRecord) {
$user->save();
}
// Update Profile Fields
foreach (ProfileField::find()->andWhere(['!=', 'ldap_attribute', ''])->all() as $profileField) {
$ldapAttribute = $profileField->ldap_attribute;
$profileFieldName = $profileField->internal_name;
$user->profile->{$profileFieldName} = $node->getAttribute($ldapAttribute, 0);
}
if ($user->profile->validate() && $user->profile->save()) {
$this->trigger(self::EVENT_UPDATE_USER, new ParameterEvent(['user' => $user, 'node' => $node]));
} else {
Yii::error('Could not create or update ldap user profile! (' . print_r($user->profile->getErrors(), true) . ")");
}
} else {
Yii::error('Could not create or update ldap user! (' . print_r($user->getErrors(), true) . ")");
}
return $user;
}
/**
* Updates or creates user by given ldap node
*
* @param Zend_Ldap_Node $node
* @return User User Object
*/
public function handleLdapUser($node)
{
$username = $node->getAttribute(Setting::Get('usernameAttribute', 'authentication_ldap'), 0);
$email = $node->getAttribute('mail', 0);
$guid = $this->binToStrGuid($node->getAttribute('objectGUID', 0));
// Try to load User:
$userChanged = false;
$user = null;
if ($guid != "") {
$user = User::findOne(array('guid' => $guid, 'auth_mode' => User::AUTH_MODE_LDAP));
} else {
// Fallback use e-mail
$user = User::findOne(array('email' => $email, 'auth_mode' => User::AUTH_MODE_LDAP));
}
if ($user === null) {
$user = new User();
if ($guid != "") {
$user->guid = $guid;
}
$user->status = User::STATUS_ENABLED;
$user->auth_mode = User::AUTH_MODE_LDAP;
$user->group_id = 1;
Yii::info('Create ldap user ' . $username . '!');
}
// Update Group Mapping
foreach (Group::find()->andWhere(['!=', 'ldap_dn', ""])->all() as $group) {
if (in_array($group->ldap_dn, $node->getAttribute('memberOf'))) {
if ($user->group_id != $group->id) {
$userChanged = true;
$user->group_id = $group->id;
}
}
}
// Update Users Field
if ($user->username != $username) {
$userChanged = true;
$user->username = $username;
}
if ($user->email != $email) {
$userChanged = true;
$user->email = $email;
}
if ($user->validate()) {
// Only Save user when something is changed
if ($userChanged || $user->isNewRecord) {
$user->save();
}
// Update Profile Fields
foreach (ProfileField::find()->andWhere(['!=', 'ldap_attribute', ''])->all() as $profileField) {
$ldapAttribute = $profileField->ldap_attribute;
$profileFieldName = $profileField->internal_name;
$user->profile->{$profileFieldName} = $node->getAttribute($ldapAttribute, 0);
}
if ($user->profile->validate()) {
$user->profile->save();
// Update Space Mapping
foreach (Space::find()->andWhere(['!=', 'ldap_dn', ''])->all() as $space) {
if (in_array($space->ldap_dn, $node->getAttribute('memberOf'))) {
$space->addMember($user->id);
}
}
} else {
Yii::error('Could not create or update ldap user profile! (' . print_r($user->profile->getErrors(), true) . ")");
}
} else {
Yii::error('Could not create or update ldap user! (' . print_r($user->getErrors(), true) . ")");
}
return $user;
}
