/**
* @test
* @dataProvider usernameFilterProvider
*/
public function canGetUsernameAttribute($filter, $expected)
{
$attribute = Configuration::getUsernameAttribute($filter);
$this->assertSame($expected, $attribute);
}
/**
* Synchronizes a user.
*
* @param string $userdn
* @param $username
* @return array|FALSE
*/
public static function synchroniseUser($userdn, $username = NULL)
{
// User is valid. Get it from DN.
$ldapUser = static::getLdapUser($userdn);
if ($ldapUser === NULL) {
return FALSE;
}
if (!$username) {
$userAttribute = Configuration::getUsernameAttribute(static::$config['users']['filter']);
$username = $ldapUser[$userAttribute][0];
}
// Get user pid from user mapping.
$typo3_users_pid = Configuration::getPid(static::$config['users']['mapping']);
// Get TYPO3 user from username, DN and pid.
$typo3_user = static::getTypo3User($username, $userdn, $typo3_users_pid);
if ($typo3_user === NULL) {
// Non-existing local users are not allowed to authenticate
return FALSE;
}
// Get LDAP and TYPO3 user groups for user
// First reset the LDAP groups
static::$ldapGroups = NULL;
$typo3_groups = static::getUserGroups($ldapUser);
if ($typo3_groups === NULL) {
// Required LDAP groups are missing
static::$lastAuthenticationDiagnostic = 'Missing required LDAP groups.';
return FALSE;
}
if (Configuration::getValue('IfUserExist') && !$typo3_user['uid']) {
return FALSE;
// User does not exist in TYPO3.
} elseif (!$typo3_user['uid'] && (!empty($typo3_groups) || !Configuration::getValue('DeleteUserIfNoTYPO3Groups'))) {
// Insert new user: use TCA configuration to override default values
$table = static::$authenticationService->authInfo['db_user']['table'];
if (is_array($GLOBALS['TCA'][$table]['columns'])) {
foreach ($GLOBALS['TCA'][$table]['columns'] as $column => $columnConfig) {
if (isset($columnConfig['config']['default'])) {
$defaultValue = $columnConfig['config']['default'];
$typo3_user[$column] = $defaultValue;
}
}
}
$typo3_user['username'] = Typo3UserRepository::setUsername($typo3_user['username']);
$typo3_user = Typo3UserRepository::add($table, $typo3_user);
}
if (!empty($typo3_user['uid'])) {
$typo3_user['deleted'] = 0;
$typo3_user['endtime'] = 0;
$typo3_user['password'] = Typo3UserRepository::setRandomPassword();
if (empty($typo3_groups) && Configuration::getValue('DeleteUserIfNoTYPO3Groups')) {
$typo3_user['deleted'] = 1;
$typo3_user['endtime'] = $GLOBALS['EXEC_TIME'];
}
// Delete user if no LDAP groups found.
if (Configuration::getValue('DeleteUserIfNoLDAPGroups') && !static::$ldapGroups) {
$typo3_user['deleted'] = 1;
$typo3_user['endtime'] = $GLOBALS['EXEC_TIME'];
}
// Set groups to user.
$typo3_user = Typo3UserRepository::setUserGroups($typo3_user, $typo3_groups);
// Merge LDAP user with TYPO3 user from mapping.
if ($typo3_user) {
$typo3_user = static::merge($ldapUser, $typo3_user, static::$config['users']['mapping']);
if (Configuration::getValue('forceLowerCaseUsername')) {
// Possible enhancement: use \TYPO3\CMS\Core\Charset\CharsetConverter::conv_case instead
$typo3_user['username'] = strtolower($typo3_user['username']);
}
// Update TYPO3 user.
Typo3UserRepository::update(static::$authenticationService->authInfo['db_user']['table'], $typo3_user);
$typo3_user['tx_igldapssoauth_from'] = 'LDAP';
}
} else {
$typo3_user = FALSE;
}
return $typo3_user;
}
