fusiondirectory issueshttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues2024-03-29T00:41:29Zhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6321[Tasks] - Make the generic tasks even more generic, allowing the object type ...2024-03-29T00:41:29Zdockx thibault[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins
Currently, the creation of subTasks is handled by :
`public function createSlaveTasks (array $listOfDN, string $a...[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins
Currently, the creation of subTasks is handled by :
`public function createSlaveTasks (array $listOfDN, string $attributeType, array $attrs = NULL): void`
example :
```php
// Call the method from parent tasks object (first tab) to create sub-tasks.
$this->parent->getBaseObject()->createSlaveTasks($listOfDN, $attributeType);
```
The variable attributeType was previously set for life cycle and mail tasks. (fdTasksGranularDN, fdTasksGranularMail).
To differentiate the usage of DN (CN/UID or MAIL).
We can still use that logic that could become beneficial for harder tasks in the future, set in the CORE.
_Currently, a new argument should be passed to define fdTasksGranularType._
Modification should occur here :
```php
case 'fdTasksGranularDN' :
$prepData['tasksGranular'] = [
"fdTasksGranularDN" => $dn,
"fdTasksGranularType" => 'Life Cycle',
];
break;
}
```
Life Cycle was hard-coded on purpose but could definitely receive a string variable now.
As more plugins will be developed, such as notifications, which also base itself on the concept of "pure" DN such as life cycle.
**Added Note**
LastExec is currently using date format based on time() which is unix UTC format.
Somehow using Date changes the local dateTime to local time. We have to have UTC globally.
gmDate instead of Date could resolve the issue easily. As generalizeTime in FD use Z which is UTC already.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6309Support SSHA512 password if overlay pw-sha2 is installed2024-03-28T10:51:25ZJonathan SwaelensSupport SSHA512 password if overlay pw-sha2 is installedHello @tdockx
We need to support SSHA512 password type when pw-sha2 is installed.
FusionDirectory must be able to accept SSHA512 type of password and also to generate them.
CheersHello @tdockx
We need to support SSHA512 password type when pw-sha2 is installed.
FusionDirectory must be able to accept SSHA512 type of password and also to generate them.
CheersFusionDirectory 1.4.1dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6319Add a check / warning when adding ssha512 password method that overlay pw-sha...2024-03-28T10:51:25ZJonathan SwaelensAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be usedAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be usedAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be useddockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6320[Tasks] - Mail class can have one method static to be reused outside object c...2024-03-25T16:25:24Zdockx thibault[Tasks] - Mail class can have one method static to be reused outside object call by others[Tasks] - Mail class can have one method static to be reused outside object call by others
```
// send the objectype and attrs name to the below method
$this->setEmailsFromSelectedDN($mailObject, $mailAttr);
```
The above metho...[Tasks] - Mail class can have one method static to be reused outside object call by others
```
// send the objectype and attrs name to the below method
$this->setEmailsFromSelectedDN($mailObject, $mailAttr);
```
The above method can be statically called and shared outside group instance.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6318The "default policy" is not applied2024-03-24T18:04:51ZJonathan SwaelensThe "default policy" is not appliedHello @tdockx
- Install ppolicy plugin and overlay
- Add a default policy
```
dn: cn=default,ou=ppolicies,dc=example,dc=com
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
cn: defaul...Hello @tdockx
- Install ppolicy plugin and overlay
- Add a default policy
```
dn: cn=default,ou=ppolicies,dc=example,dc=com
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
cn: default
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE
pwdCheckQuality: 0
pwdLockout: TRUE
pwdInHistory: 2
pwdMustChange: FALSE
```
- Add a user to the ACL editownpassword
- Connect with this user and change your password
- It will not trigger the history error or same password error if you don't assign the policy to the user explicitly
Cheers
![image](/uploads/d10b3a6cebc9b0362ba274c167e70f2c/image.png)
![image](/uploads/d2250270307e95b9ade38548d21d281c/image.png)
![image](/uploads/06a0f87a0439c115d5a3e3560b545f28/image.png)dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6317[core] - new column for primary and secondary supann affiliation2024-03-19T17:23:45Zdockx thibault[core] - new column for primary and secondary supann affiliation[core] - new column for primary and secondary supann affiliation
The idea is that a new column type should be available in case there would be a supann affiliation required to be seen.
Only the code is actually seen, it should be evalua...[core] - new column for primary and secondary supann affiliation
The idea is that a new column type should be available in case there would be a supann affiliation required to be seen.
Only the code is actually seen, it should be evaluated to its related string value.dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6311system template error2024-03-12T16:25:54Zemmanuel thetassystem template error### Description
when validate a new system template,
### Distribution Name and Version
debian 11
### FusionDirectory Version
1.4
### PHP version used
PHP 7.4.33
### Origin of php packages
Distribution packages
### Steps to Re...### Description
when validate a new system template,
### Distribution Name and Version
debian 11
### FusionDirectory Version
1.4
### PHP version used
PHP 7.4.33
### Origin of php packages
Distribution packages
### Steps to Reproduce
1. add systems template
2. add dhcp tab
3. validate!
4. [template](/uploads/f0314df8bf4cfcc642341d25dcab2361/template.png)
**Expected behavior:**
save template
**Actual behavior:**
when add template with dhcp tab:
Erreur Fatale
Non attrapé : TypeError : Argument 4 passed to DhcpHostsAttribute::postLdapSave() must be of the type array, string given, called in /usr/share/fusiondirectory/plugins/admin/systems/class_dhcpSystem.inc on line 412
when delete template :
Non attrapé : TypeError : Argument 2 passed to dnsHost::removeIpsFromZones() must be of the type array, string given, called in /usr/share/fusiondirectory/plugins/admin/systems/class_dnsHost.inc on line 504
**Reproduces how often:**
100%
### Additional Information
template save anyway2024-02-27https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6315delete server systems delete user manager2024-03-12T16:18:46Zemmanuel thetasdelete server systems delete user manager### Description
delete system server, workstation etc delete user manager
### Distribution Name and Version
debian 11
### FusionDirectory Version
1.4
### PHP version used
7.4
### Origin of php packages
Distribution packages
##...### Description
delete system server, workstation etc delete user manager
### Distribution Name and Version
debian 11
### FusionDirectory Version
1.4
### PHP version used
7.4
### Origin of php packages
Distribution packages
### Steps to Reproduce
1. Install fusiondirectory 1.4 with systems plugins, empty ldap
2. create 2 users, do user1 like manager on user2
3. create a server (for example) in systems
4. delete this server
5. manager on user2 is empty
**Expected behavior:**
no change on user data
**Actual behavior:**
deletion of manager attribut
**Reproduces how often:**
100%
### Additional InformationFusionDirectory 1.4https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6316[CORE] - Snapshots - listing view of modifications per snapshot2024-03-12T16:18:45Zdockx thibault[CORE] - Snapshots - listing view of modifications per snapshot[CORE] - Snapshots - listing view of modifications per snapshot
Within the restoration management page of snapshots, it would be great to be able to visual easily the LDIF of a selected snapshot.
It would be great to also have the possi...[CORE] - Snapshots - listing view of modifications per snapshot
Within the restoration management page of snapshots, it would be great to be able to visual easily the LDIF of a selected snapshot.
It would be great to also have the possibility to export the snapshots' history, explain which data has been modified and a which date.
Without forgetting the current data present on the user file.
Without forgetting to set a better text message saying that automatic snapshots is only present for user (for now).FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6314[CORE] - Snapshots - review of the current automatic creation logic2024-03-12T16:17:01Zdockx thibault[CORE] - Snapshots - review of the current automatic creation logic[CORE] - Snapshots - review of the current automatic creation logic
There are currently multiple issues :
- The first automatic snapshot only contains data from tab USER
- Other tabs are not considered when USER is not updated
- When ta...[CORE] - Snapshots - review of the current automatic creation logic
There are currently multiple issues :
- The first automatic snapshot only contains data from tab USER
- Other tabs are not considered when USER is not updated
- When tab USER is updated, only the last values of other tabs are being saved.
**Team Discussion**
__CONSTRUCT must have the automatic creation and related verification within.
- If no modification, verification based on the MD5 stored in previous snapshots (new attribute schema).
Only the first tab __construct should contain the snapshot creation call
- IF automatic snapshots is allowed.
- IF MD5 verification is not equal.
The concept is based on the creation of the existing into snapshots, not the modification.
In the project of notifications via Orchestrator - there will be a verification upon the last snapshots and the existing user information.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6313[CORE] - Snapshots - review of the current automatic creation logic2024-03-12T16:13:33Zdockx thibault[CORE] - Snapshots - review of the current automatic creation logic[CORE] - Snapshots - review of the current automatic creation logic
There are currently multiple issues :
- The first automatic snapshot only contains data from tab USER
- Other tabs are not considered when USER is not updated
- When ta...[CORE] - Snapshots - review of the current automatic creation logic
There are currently multiple issues :
- The first automatic snapshot only contains data from tab USER
- Other tabs are not considered when USER is not updated
- When tab USER is updated, only the last values of other tabs are being saved.
**Team Discussion**
__CONSTRUCT must have the automatic creation and related verification within.
- If no modification, verification based on the MD5 stored in previous snapshots (new attribute schema).
Only the first tab __construct should contain the snapshot creation call
- IF automatic snapshots is allowed.
- IF MD5 verification is not equal.
The concept is based on the creation of the existing into snapshots, not the modification.
In the project of notifications via Orchestrator - there will be a verification upon the last snapshots and the existing user information.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6307[CORE] - Supann life cycle - automation via Orchestrator2024-03-05T18:04:31Zdockx thibault[CORE] - Supann life cycle - automation via OrchestratorThe goal is to have FusionDirectory tasks system, embedded within its core, ready for Orchestrator when the automatism of supann life cycle is being developed.
The following steps must be taken into consideration. **(OBSOLETE)**
Please ...The goal is to have FusionDirectory tasks system, embedded within its core, ready for Orchestrator when the automatism of supann life cycle is being developed.
The following steps must be taken into consideration. **(OBSOLETE)**
Please confer to the simple design document that can be found here : [Cycle_de_vie_-_development_-_design_document__DRAFT__.odt](/uploads/f967363d809fb7f8d2ba1c7b7d0266b4/Cycle_de_vie_-_development_-_design_document__DRAFT__.odt)
**Note that this document is subject to update and is definitely not in its final form**
**BELOW contains historical design - somecontent is obsolete - see above design document**
1. A new attribute in tasks generic must best added, and the schema therefore must be modified to have the "lastExec" date present. (Done).
2. The generic task must be updated accordingly if tab supann is selected:
- The redundancy should be automatically set to daily, and the case “new members only” should be unpicked. (Done).
- The mail tab should therefore not be possible to be activated. (Done)
- A message when opening the tab supann should appear explaining this behavior. (It makes no sense to no do it as supannRessourceEtat are fix dates - daily check). (Done)
3. The tab supann Task
- ObjectClass supannTask, should make visible the behavior set in the configuration backend. Read-only. With message to change it in the configuration if required. (No schema update as noLdapSave).
- The list of members will be processed automatically, only the members having an active account with expired date as end.
- The creation of subtasks will be triggered the same way as for the mail tasks, only, maybe lesser information required. Although emails in subclass can be left as is. Still is a referenced to the user account.
4. (Plugins) FD must have an updated schema of supann-fd-conf as we need to add a new section about the behavior required in case of Account closure.
- This must include a tick box saying that we will manage this via Orchestrator
- An array of related existing supannRessourceEtat should be available and a matching with the behavior required for others supannRessourceEtat.
- An array of one-to-one match departing from AccountStatus seems the good way to perform it.
5. (Plugins) An update of the plugin tab Mail containing calls to Partage and Zimbra is required, if the above tick box of "usage of Orchestrator" is set, the plugin should not perform anything itself.
6. A documentation on all this process is required in sphinx on FD core website.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6088Logout in cas mode make a redirection error2024-03-05T18:03:33ZbmortierLogout in cas mode make a redirection error### Description
When we click on logout in CAS we are not forwark to the cas portail again
### Distribution Name and Version
Debian Buster
### FusionDirectory Version
1.4
### PHP version used
7
### Origin of php packages
Debian ...### Description
When we click on logout in CAS we are not forwark to the cas portail again
### Distribution Name and Version
Debian Buster
### FusionDirectory Version
1.4
### PHP version used
7
### Origin of php packages
Debian repo
### Steps to Reproduce
1. Enable CAS
2. Connect with CAS
3. Logout through CAS
4. The URL look like "http://fd.example.com/index.php?signout=1&ticket=ST-6fd6710d15749e5d7f51e9813043d718" but the browser said it's miss redirect
Maybe https://apereo.github.io/cas/4.2.x/installation/Logout-Single-Signout.html can help.
**Expected behavior:**
Redirect on CAS portail URL (auth.example.com in my case)
**Actual behavior:**
Redirect error by the browser
**Reproduces how often:**
100%FusionDirectory 1.4bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6297[CAS] - Issues with discovered SLO (SSO) not implemented. Making a new SSO au...2024-03-05T18:03:13Zdockx thibault[CAS] - Issues with discovered SLO (SSO) not implemented. Making a new SSO auth validated not used and last login (session) being used.[CAS] – Issues with discovered SLO (SSO) not implemented. Making a new SSO auth validated not used and last login (session) being used.
Please follow the below link to some information.
- https://apereo.github.io/cas/6.5.x/installatio...[CAS] – Issues with discovered SLO (SSO) not implemented. Making a new SSO auth validated not used and last login (session) being used.
Please follow the below link to some information.
- https://apereo.github.io/cas/6.5.x/installation/Logout-Single-Signout.html
- https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6088
The current CAS (v1.6 not verified) - does not properly logout / remove (adapt) user sessions.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6312[Tasks] - Allow an array of members emails for BCC - Mail Template2024-03-05T14:44:45Zdockx thibault[Tasks] - Allow an array of members emails for BCC - Mail Template[Tasks] - Allow an array of members emails for BCC, as one string (one email) is not sufficient for most clients[Tasks] - Allow an array of members emails for BCC, as one string (one email) is not sufficient for most clientsFusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6310Add a screenshot dirrectory into the contrib directory to be used by the yaml...2024-02-24T10:46:53ZbmortierAdd a screenshot dirrectory into the contrib directory to be used by the yaml and the marketplaceHello,
We need a screenshot directory into the contrib directory to place the screenshot that will be used in the yaml for the marketplace
CheersHello,
We need a screenshot directory into the contrib directory to place the screenshot that will be used in the yaml for the marketplace
CheersFusionDirectory 1.5bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6308Having a way to create ordered away with a column as reference2024-02-06T14:34:00ZJonathan SwaelensHaving a way to create ordered away with a column as referenceHello @tdockx
When we add elements, it would be nice to have a way to specify which column must be seen as reference in so that we cannot have multiple entries.
It would be nice to have a concept of one unique key instead of one key w...Hello @tdockx
When we add elements, it would be nice to have a way to specify which column must be seen as reference in so that we cannot have multiple entries.
It would be nice to have a concept of one unique key instead of one key with multiple status. With the latest one overwritting the old one).dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6305[CORE][Task] - type mail should include a BCC field2024-02-05T16:36:55Zdockx thibault[CORE][Task] - type mail should include a BCC field[CORE][Task]- type mail should include a BCC field
Orchestrator has already the capabilities to integrate BCC but the arrays of attributes returned do not receives replyTo or BCC values yet.[CORE][Task]- type mail should include a BCC field
Orchestrator has already the capabilities to integrate BCC but the arrays of attributes returned do not receives replyTo or BCC values yet.dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6303[CORE][MAIL] – Attachments for emails must be created as sub nodes2024-01-22T09:53:32Zdockx thibault[CORE][MAIL] – Attachments for emails must be created as sub nodes[CORE][MAIL] – Attachments for emails must be created as sub nodes
The idea is like FAI script, able to adds multiple entry within an array.
Sub nodes will be created under the parent CN.
This allows taking all enclosed files and ...[CORE][MAIL] – Attachments for emails must be created as sub nodes
The idea is like FAI script, able to adds multiple entry within an array.
Sub nodes will be created under the parent CN.
This allows taking all enclosed files and their related names correctly.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6306[CORE] - Issues of services not triggered by account deactivation via lock ic...2023-12-21T09:24:42Zdockx thibault[CORE] - Issues of services not triggered by account deactivation via lock icon on user list[CORE] - Issues of services not triggered by account deactivation via lock icon on user list[CORE] - Issues of services not triggered by account deactivation via lock icon on user listFusionDirectory 1.5dockx thibaultdockx thibault