/** * Synchronizes a single user in LDAP. This method can be used by superusers to synchronize * a user before (s)he logs in. * * @param string $login The login of the user. * @throws Exception if the user cannot be found or a problem occurs during synchronization. */ public function synchronizeUser($login) { Piwik::checkUserHasSuperUserAccess(); $ldapUser = $this->ldapUsers->getUser($login); if (empty($ldapUser)) { throw new Exception(Piwik::translate('LoginLdap_UserNotFound', $login)); } $this->userSynchronizer->synchronizeLdapUser($login, $ldapUser); $this->userSynchronizer->synchronizePiwikAccessFromLdap($login, $ldapUser); }
/** * Returns a WebServerAuth instance configured with INI config. * @return SynchronizedAuth */ public static function makeConfigured() { $result = new SynchronizedAuth(); $result->setLdapUsers(LdapUsers::makeConfigured()); $result->setUsersManagerAPI(UsersManagerAPI::getInstance()); $result->setUsersModel(new UserModel()); $result->setUserSynchronizer(UserSynchronizer::makeConfigured()); $synchronizeUsersAfterSuccessfulLogin = Config::getShouldSynchronizeUsersAfterLogin(); $result->setSynchronizeUsersAfterSuccessfulLogin($synchronizeUsersAfterSuccessfulLogin); return $result; }
/** * Returns a WebServerAuth instance configured with INI config. * * @return LdapAuth */ public static function makeConfigured() { $result = new LdapAuth(); $result->setLdapUsers(LdapUsers::makeConfigured()); $result->setUsersManagerAPI(UsersManagerAPI::getInstance()); $result->setUsersModel(new UserModel()); $result->setUserSynchronizer(UserSynchronizer::makeConfigured()); Log::debug("LdapAuth::%s: creating with configured components", __FUNCTION__); return $result; }
private function setUserModelMock($returnValue) { $mock = $this->getMock('Piwik\\Plugins\\UsersManager\\Model', array('getUser', 'deleteUserAccess')); $mock->expects($this->any())->method('getUser')->will($this->returnValue($returnValue)); $this->userSynchronizer->setUserModel($mock); }
/** * Returns a WebServerAuth instance configured with INI config. * * @return WebServerAuth */ public static function makeConfigured() { $result = new WebServerAuth(); $result->setLdapUsers(LdapUsers::makeConfigured()); $result->setUsersManagerAPI(UsersManagerAPI::getInstance()); $result->setUsersModel(new UserModel()); $result->setUserSynchronizer(UserSynchronizer::makeConfigured()); $synchronizeUsersAfterSuccessfulLogin = Config::getShouldSynchronizeUsersAfterLogin(); $result->setSynchronizeUsersAfterSuccessfulLogin($synchronizeUsersAfterSuccessfulLogin); if (Config::getUseLdapForAuthentication()) { $fallbackAuth = LdapAuth::makeConfigured(); } else { $fallbackAuth = SynchronizedAuth::makeConfigured(); } $result->setFallbackAuth($fallbackAuth); return $result; }
/** * Returns a WebServerAuth instance configured with INI config. * * @return LdapAuth */ public static function makeConfigured() { $result = new LdapAuth(); $result->setLdapUsers(LdapUsers::makeConfigured()); $result->setUsersManagerAPI(UsersManagerAPI::getInstance()); $result->setUsersModel(new UserModel()); $result->setUserSynchronizer(UserSynchronizer::makeConfigured()); return $result; }
/** * Creates a UserSynchronizer using INI configuration. * * @return UserSynchronizer */ public static function makeConfigured() { $result = new UserSynchronizer(); $result->setUserMapper(UserMapper::makeConfigured()); $result->setUsersManagerApi(UsersManagerAPI::getInstance()); $result->setUserModel(new UserModel()); if (Config::isAccessSynchronizationEnabled()) { $result->setUserAccessMapper(UserAccessMapper::makeConfigured()); Log::debug("UserSynchronizer::%s(): Using UserAccessMapper when synchronizing users.", __FUNCTION__); } else { Log::debug("UserSynchronizer::%s(): LDAP access synchronization not enabled.", __FUNCTION__); } $defaultSitesWithViewAccess = Config::getDefaultSitesToGiveViewAccessTo(); if (!empty($defaultSitesWithViewAccess)) { $siteIds = Access::doAsSuperUser(function () use($defaultSitesWithViewAccess) { return Site::getIdSitesFromIdSitesString($defaultSitesWithViewAccess); }); if (empty($siteIds)) { Log::warning("UserSynchronizer::%s(): new_user_default_sites_view_access INI config option has no " . "entries. Newly synchronized users will not have any access.", __FUNCTION__); } $result->setNewUserDefaultSitesWithViewAccess($siteIds); } Log::debug("UserSynchronizer::%s: configuring with defaultSitesWithViewAccess = %s", __FUNCTION__, $defaultSitesWithViewAccess); return $result; }
protected function synchronizeLdapUser($ldapUser) { $this->userForLogin = $this->userSynchronizer->synchronizeLdapUser($this->login, $ldapUser); $this->userSynchronizer->synchronizePiwikAccessFromLdap($this->login, $ldapUser); }
/** * Creates a UserSynchronizer using INI configuration. * * @return UserSynchronizer */ public static function makeConfigured() { $result = new UserSynchronizer(); $result->setUserMapper(UserMapper::makeConfigured()); $result->setUsersManagerApi(UsersManagerAPI::getInstance()); $result->setUserModel(new UserModel()); /** @var LoggerInterface $logger */ $logger = StaticContainer::get('Psr\\Log\\LoggerInterface'); if (Config::isAccessSynchronizationEnabled()) { $result->setUserAccessMapper(UserAccessMapper::makeConfigured()); $logger->debug("UserSynchronizer::{func}(): Using UserAccessMapper when synchronizing users.", array('func' => __FUNCTION__)); } else { $logger->debug("UserSynchronizer::{func}(): LDAP access synchronization not enabled.", array('func' => __FUNCTION__)); } $defaultSitesWithViewAccess = Config::getDefaultSitesToGiveViewAccessTo(); if (!empty($defaultSitesWithViewAccess)) { $siteIds = Access::doAsSuperUser(function () use($defaultSitesWithViewAccess) { return Site::getIdSitesFromIdSitesString($defaultSitesWithViewAccess); }); if (empty($siteIds)) { $logger->warning("UserSynchronizer::{func}(): new_user_default_sites_view_access INI config option has no " . "entries. Newly synchronized users will not have any access.", array('func' => __FUNCTION__)); } $result->setNewUserDefaultSitesWithViewAccess($siteIds); } $logger->debug("UserSynchronizer::{func}: configuring with defaultSitesWithViewAccess = {sites}", array('func' => __FUNCTION__, 'sites' => $defaultSitesWithViewAccess)); return $result; }