public function test_getPiwikUserAccessForLdapUser_IgnoresSitesThatDoNotExist() { $access = $this->userAccessMapper->getPiwikUserAccessForLdapUser(array('view' => array(15, 16, '17,18'), 'admin' => '11,12,13')); $expectedAccess = array(); $this->assertEquals($expectedAccess, $access); }
/** * Returns a configured UserAccessMapper instance. The instance is configured * using INI config option values. * * @return UserAccessMapper */ public static function makeConfigured() { $result = new UserAccessMapper(); $result->setUserAccessAttributeParser(UserAccessAttributeParser::makeConfigured()); $viewAttributeName = Config::getLdapViewAccessField(); if (!empty($viewAttributeName)) { $result->setViewAttributeName($viewAttributeName); } $adminAttributeName = Config::getLdapAdminAccessField(); if (!empty($adminAttributeName)) { $result->setAdminAttributeName($adminAttributeName); } $superuserAttributeName = Config::getSuperUserAccessField(); if (!empty($superuserAttributeName)) { $result->setSuperuserAttributeName($superuserAttributeName); } return $result; }
/** * Returns a configured UserAccessMapper instance. The instance is configured * using INI config option values. * * @return UserAccessMapper */ public static function makeConfigured() { $result = new UserAccessMapper(); $result->setUserAccessAttributeParser(UserAccessAttributeParser::makeConfigured()); $viewAttributeName = Config::getLdapViewAccessField(); if (!empty($viewAttributeName)) { $result->setViewAttributeName($viewAttributeName); } $adminAttributeName = Config::getLdapAdminAccessField(); if (!empty($adminAttributeName)) { $result->setAdminAttributeName($adminAttributeName); } $superuserAttributeName = Config::getSuperUserAccessField(); if (!empty($superuserAttributeName)) { $result->setSuperuserAttributeName($superuserAttributeName); } Log::debug("UserAccessMapper::%s: configuring with viewAttributeName = '%s', adminAttributeName = '%s', superuserAttributeName = '%s'", __FUNCTION__, $viewAttributeName, $adminAttributeName, $superuserAttributeName); return $result; }
/** * Creates a UserSynchronizer using INI configuration. * * @return UserSynchronizer */ public static function makeConfigured() { $result = new UserSynchronizer(); $result->setUserMapper(UserMapper::makeConfigured()); $result->setUsersManagerApi(UsersManagerAPI::getInstance()); $result->setUserModel(new UserModel()); if (Config::isAccessSynchronizationEnabled()) { $result->setUserAccessMapper(UserAccessMapper::makeConfigured()); Log::debug("UserSynchronizer::%s(): Using UserAccessMapper when synchronizing users.", __FUNCTION__); } else { Log::debug("UserSynchronizer::%s(): LDAP access synchronization not enabled.", __FUNCTION__); } $defaultSitesWithViewAccess = Config::getDefaultSitesToGiveViewAccessTo(); if (!empty($defaultSitesWithViewAccess)) { $siteIds = Access::doAsSuperUser(function () use($defaultSitesWithViewAccess) { return Site::getIdSitesFromIdSitesString($defaultSitesWithViewAccess); }); if (empty($siteIds)) { Log::warning("UserSynchronizer::%s(): new_user_default_sites_view_access INI config option has no " . "entries. Newly synchronized users will not have any access.", __FUNCTION__); } $result->setNewUserDefaultSitesWithViewAccess($siteIds); } Log::debug("UserSynchronizer::%s: configuring with defaultSitesWithViewAccess = %s", __FUNCTION__, $defaultSitesWithViewAccess); return $result; }
/** * Creates a UserSynchronizer using INI configuration. * * @return UserSynchronizer */ public static function makeConfigured() { $result = new UserSynchronizer(); $result->setUserMapper(UserMapper::makeConfigured()); $result->setUsersManagerApi(UsersManagerAPI::getInstance()); $result->setUserModel(new UserModel()); /** @var LoggerInterface $logger */ $logger = StaticContainer::get('Psr\\Log\\LoggerInterface'); if (Config::isAccessSynchronizationEnabled()) { $result->setUserAccessMapper(UserAccessMapper::makeConfigured()); $logger->debug("UserSynchronizer::{func}(): Using UserAccessMapper when synchronizing users.", array('func' => __FUNCTION__)); } else { $logger->debug("UserSynchronizer::{func}(): LDAP access synchronization not enabled.", array('func' => __FUNCTION__)); } $defaultSitesWithViewAccess = Config::getDefaultSitesToGiveViewAccessTo(); if (!empty($defaultSitesWithViewAccess)) { $siteIds = Access::doAsSuperUser(function () use($defaultSitesWithViewAccess) { return Site::getIdSitesFromIdSitesString($defaultSitesWithViewAccess); }); if (empty($siteIds)) { $logger->warning("UserSynchronizer::{func}(): new_user_default_sites_view_access INI config option has no " . "entries. Newly synchronized users will not have any access.", array('func' => __FUNCTION__)); } $result->setNewUserDefaultSitesWithViewAccess($siteIds); } $logger->debug("UserSynchronizer::{func}: configuring with defaultSitesWithViewAccess = {sites}", array('func' => __FUNCTION__, 'sites' => $defaultSitesWithViewAccess)); return $result; }