/** * Attaches roles depending on the users active directory group. * * @param User $user * @param AdldapUser $adldapUser * * @return void */ protected function handleLdapUserWasAuthenticated(User $user, AdldapUser $adldapUser) { if ($adldapUser->inGroup('Help Desk')) { $admin = Role::whereName(Role::getAdministratorName())->first(); // If we have the administrator role and the user isn't // already a member, then we'll assign them the role. if ($admin instanceof Role && !$user->hasRole($admin)) { $user->assignRole($admin); } } $user->from_ad = true; $user->save(); }
/** * Creates a local User from Active Directory * * @param User $user * @param string $password * * @return \Illuminate\Database\Eloquent\Model */ protected function getModelFromAdldap(User $user, $password) { $email = $user->getEmail(); $model = $this->createModel()->newQuery()->where(compact('email'))->first(); if (!$model) { $model = $this->createModel(); $model->email = $email; $model->password = bcrypt($password); } $model = $this->syncModelFromAdldap($user, $model); if ($this->getBindUserToModel()) { $model = $this->bindAdldapToModel($user, $model); } return $model; }
/** * Imports an active directory user. * * @param User $user * * @return bool */ public function handle(User $user) { $user = $user->where('email', $this->user->getEmail())->first(); if (!$user instanceof User) { $email = $this->user->getEmail(); $password = str_random(40); $fullName = $this->user->getName(); $user = $this->dispatch(new CreateUser($email, $password, $fullName)); } // Synchronize their AD attributes. $user->from_ad = true; if ($user->isDirty()) { // Check if there's any changed before // firing a save to save on inserts. $user->save(); } return $user; }
protected function mapDataToUserModel(adLDAPUserModel $user, $password) { $model = new UserModel(['username' => $user->getAccountName(), 'password' => $password ? $this->_hasher->make($password) : null]); $model->setUserInfo($user); return $model; }
/** * Handles retrieving the specified field from the User model. * * @param User $user * @param string $field * * @return string|null */ protected function handleAttributeRetrieval(User $user, $field) { if ($field === $this->getSchema()->thumbnail()) { // If the field we're retrieving is the users thumbnail photo, we need // to retrieve it encoded so we're able to save it to the database. $value = $user->getThumbnailEncoded(); } else { $value = $user->{$field}; // If the AD Value is an array, we'll // retrieve the first value. $value = is_array($value) ? array_get($value, 0) : $value; } return $value; }
/** * Handles retrieving the specified field from the User model. * * @param User $user * @param string $field * * @return string|null */ protected function handleAttributeRetrieval(User $user, $field) { if ($field === ActiveDirectory::THUMBNAIL) { // If the field we're retrieving is the users thumbnail photo, we need // to retrieve it encoded so we're able to save it to the database. $value = $user->getThumbnailEncoded(); } else { $value = $user->{$field}; if (is_array($value)) { // If the AD Value is an array, we'll // retrieve the first value. $value = Arr::get($value, 0); } } return $value; }
/** * Attaches roles depending on the users active directory group. * * @param User $user * @param AdldapUser $adldapUser */ protected function handleLdapUserWasAuthenticated(User $user, AdldapUser $adldapUser) { if ($adldapUser->inGroup('Help Desk')) { $admin = Role::admin(); if ($admin instanceof Role) { $user->attachRole($admin->getKey()); } } }
/** * Update roles * * @param User $user * @param Models\User $adUser */ protected function updateRole(User &$user, Models\User $adUser) { $memberOf = []; foreach ($adUser->getMemberOfNames() as $group) { $memberOf[] = \Adldap\Classes\Utilities::unescape($group); } foreach ($this->group2Role as $group => $role) { if (in_array($group, $memberOf, true)) { if ($this->roleExists($role)) { $user->addRole($role); } } } }
/** * Soft deletes the specified model if the specified AD account is disabled. * * @param User $user * @param Model $model */ protected function delete(User $user, Model $model) { if (method_exists($model, 'trashed') && !$model->trashed() && $user->isDisabled()) { // If deleting is enabled, the model supports soft deletes, the model // isn't already deleted, and the AD user is disabled, we'll // go ahead and delete the users model. $model->delete(); if ($this->isLogging()) { logger()->info("Soft-deleted user {$user->getCommonName()}. Their AD user account is disabled."); } } }
/** * Fills a models attributes by the specified Users attributes. * * @param User $user * @param Authenticatable $model * * @return Authenticatable */ protected function syncModelFromAdldap(User $user, Authenticatable $model) { $attributes = $this->getSyncAttributes(); foreach ($attributes as $modelField => $adField) { if ($adField === ActiveDirectory::THUMBNAIL) { // If the field we're retrieving is the users thumbnail photo, we need // to retrieve it encoded so we're able to save it to the database. $adValue = $user->getThumbnailEncoded(); } else { $adValue = $user->{$adField}; if (is_array($adValue)) { // If the AD Value is an array, we'll // retrieve the first value. $adValue = Arr::get($adValue, 0); } } $model->{$modelField} = $adValue; } if ($model instanceof Model) { $model->save(); } return $model; }