Updated user interfaces for LDAP and added email from LDAP

2025-08-09 10:22:51 +03:00 · 2016-01-13 22:22:30 +00:00
parent 1c8c9e65c5
commit 14feef3679
14 changed files with 106 additions and 21 deletions
--- a/app/Http/Controllers/Auth/AuthController.php
+++ b/app/Http/Controllers/Auth/AuthController.php
@@ -118,11 +118,22 @@ class AuthController extends Controller
     */
    protected function authenticated(Request $request, Authenticatable $user)
    {
+        if(!$user->exists && $user->email === null && !$request->has('email')) {
+            $request->flash();
+            session()->flash('request-email', true);
+            return redirect('/login');
+        }
+
+        if(!$user->exists && $user->email === null && $request->has('email')) {
+            $user->email = $request->get('email');
+        }
+
        if(!$user->exists) {
            $user->save();
            $this->userRepo->attachDefaultRole($user);
            auth()->login($user);
        }
+
        return redirect()->intended($this->redirectPath());
    }

@@ -183,7 +194,7 @@ class AuthController extends Controller
    }

    /**
-     * Show the page to tell the user to check thier email
+     * Show the page to tell the user to check their email
     * and confirm their address.
     */
    public function getRegisterConfirmation()
@@ -243,7 +254,7 @@ class AuthController extends Controller
        ]);
        $user = $this->userRepo->getByEmail($request->get('email'));
        $this->emailConfirmationService->sendConfirmation($user);
-        \Session::flash('success', 'Confirmation email resent, Please check your inbox.');
+        session()->flash('success', 'Confirmation email resent, Please check your inbox.');
        return redirect('/register/confirm');
    }

--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -46,7 +46,8 @@ class UserController extends Controller
    public function create()
    {
        $this->checkPermission('user-create');
-        return view('users/create');
+        $authMethod = config('auth.method');
+        return view('users/create', ['authMethod' => $authMethod]);
    }

    /**
@@ -94,10 +95,12 @@ class UserController extends Controller
            return $this->currentUser->id == $id;
        });

+        $authMethod = config('auth.method');
+
        $user = $this->user->findOrFail($id);
        $activeSocialDrivers = $socialAuthService->getActiveDrivers();
        $this->setPageTitle('User Profile');
-        return view('users/edit', ['user' => $user, 'activeSocialDrivers' => $activeSocialDrivers]);
+        return view('users/edit', ['user' => $user, 'activeSocialDrivers' => $activeSocialDrivers, 'authMethod' => $authMethod]);
    }

    /**
@@ -124,17 +127,24 @@ class UserController extends Controller
        ]);

        $user = $this->user->findOrFail($id);
-        $user->fill($request->except('password'));
+        $user->fill($request->all());

+        // Role updates
        if ($this->currentUser->can('user-update') && $request->has('role')) {
            $user->attachRoleId($request->get('role'));
        }

+        // Password updates
        if ($request->has('password') && $request->get('password') != '') {
            $password = $request->get('password');
            $user->password = bcrypt($password);
        }

+        // External auth id updates
+        if ($this->currentUser->can('user-update') && $request->has('external_auth_id')) {
+            $user->external_auth_id = $request->get('external_auth_id');
+        }
+
        $user->save();
        return redirect('/users');
    }
--- a/app/Providers/LdapUserProvider.php
+++ b/app/Providers/LdapUserProvider.php
@@ -87,7 +87,6 @@ class LdapUserProvider implements UserProvider
    public function updateRememberToken(Authenticatable $user, $token)
    {
        $user->setRememberToken($token);
-
        $user->save();
    }

@@ -113,6 +112,7 @@ class LdapUserProvider implements UserProvider

        $model->name = $userDetails['name'];
        $model->external_auth_id = $userDetails['uid'];
+        $model->email = $userDetails['email'];
        return $model;
    }

--- a/app/Repos/UserRepo.php
+++ b/app/Repos/UserRepo.php
@@ -88,7 +88,7 @@ class UserRepo
     */
    public function create(array $data)
    {
-        return $this->user->create([
+        return $this->user->forceCreate([
            'name'     => $data['name'],
            'email'    => $data['email'],
            'password' => bcrypt($data['password'])
--- a/app/Services/LdapService.php
+++ b/app/Services/LdapService.php
@@ -23,7 +23,7 @@ class LdapService
        // Find user
        $userFilter = $this->buildFilter(config('services.ldap.user_filter'), ['user' => $userName]);
        $baseDn = config('services.ldap.base_dn');
-        $ldapSearch = ldap_search($ldapConnection, $baseDn, $userFilter, ['cn', 'uid', 'dn']);
+        $ldapSearch = ldap_search($ldapConnection, $baseDn, $userFilter, ['cn', 'uid', 'dn', 'mail']);
        $users = ldap_get_entries($ldapConnection, $ldapSearch);
        if ($users['count'] === 0) return null;

@@ -31,7 +31,8 @@ class LdapService
        return [
            'uid'  => $user['uid'][0],
            'name' => $user['cn'][0],
-            'dn'   => $user['dn']
+            'dn'   => $user['dn'],
+            'email' => (isset($user['mail'])) ? $user['mail'][0] : null
        ];
    }

--- a/app/Services/SettingService.php
+++ b/app/Services/SettingService.php
@@ -38,7 +38,7 @@ class SettingService
     */
    public function get($key, $default = false)
    {
-        $value =  $this->getValueFromStore($key, $default);
+        $value = $this->getValueFromStore($key, $default);
        return $this->formatValue($value, $default);
    }

@@ -50,13 +50,17 @@ class SettingService
     */
    protected function getValueFromStore($key, $default)
    {
+        $overrideValue = $this->getOverrideValue($key);
+        if ($overrideValue !== null) return $overrideValue;
+
        $cacheKey = $this->cachePrefix . $key;
        if ($this->cache->has($cacheKey)) {
            return $this->cache->get($cacheKey);
        }

        $settingObject = $this->getSettingObjectByKey($key);
-        if($settingObject !== null) {
+
+        if ($settingObject !== null) {
            $value = $settingObject->value;
            $this->cache->forever($cacheKey, $value);
            return $value;
@@ -65,6 +69,10 @@ class SettingService
        return $default;
    }

+    /**
+     * Clear an item from the cache completely.
+     * @param $key
+     */
    protected function clearFromCache($key)
    {
        $cacheKey = $this->cachePrefix . $key;
@@ -136,9 +144,23 @@ class SettingService
     * @param $key
     * @return mixed
     */
-    private function getSettingObjectByKey($key)
+    protected function getSettingObjectByKey($key)
    {
        return $this->setting->where('setting_key', '=', $key)->first();
    }

+
+    /**
+     * Returns an override value for a setting based on certain app conditions.
+     * Used where certain configuration options overrule others.
+     * Returns null if no override value is available.
+     * @param $key
+     * @return bool|null
+     */
+    protected function getOverrideValue($key)
+    {
+        if ($key === 'registration-enabled' && config('auth.method') === 'ldap') return false;
+        return null;
+    }
+
 }
--- a/app/User.php
+++ b/app/User.php
@@ -24,7 +24,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     *
     * @var array
     */
-    protected $fillable = ['name', 'email', 'password', 'image_id'];
+    protected $fillable = ['name', 'email', 'image_id'];

    /**
     * The attributes excluded from the model's JSON form.
@@ -68,7 +68,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
    }

    /**
-     * Loads the user's permissions from thier role.
+     * Loads the user's permissions from their role.
     */
    private function loadPermissions()
    {