fusiondirectory issueshttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues2024-03-29T00:41:29Zhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6321[Tasks] - Make the generic tasks even more generic, allowing the object type ...2024-03-29T00:41:29Zdockx thibault[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins
Currently, the creation of subTasks is handled by :
`public function createSlaveTasks (array $listOfDN, string $a...[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins
Currently, the creation of subTasks is handled by :
`public function createSlaveTasks (array $listOfDN, string $attributeType, array $attrs = NULL): void`
example :
```php
// Call the method from parent tasks object (first tab) to create sub-tasks.
$this->parent->getBaseObject()->createSlaveTasks($listOfDN, $attributeType);
```
The variable attributeType was previously set for life cycle and mail tasks. (fdTasksGranularDN, fdTasksGranularMail).
To differentiate the usage of DN (CN/UID or MAIL).
We can still use that logic that could become beneficial for harder tasks in the future, set in the CORE.
_Currently, a new argument should be passed to define fdTasksGranularType._
Modification should occur here :
```php
case 'fdTasksGranularDN' :
$prepData['tasksGranular'] = [
"fdTasksGranularDN" => $dn,
"fdTasksGranularType" => 'Life Cycle',
];
break;
}
```
Life Cycle was hard-coded on purpose but could definitely receive a string variable now.
As more plugins will be developed, such as notifications, which also base itself on the concept of "pure" DN such as life cycle.
**Added Note**
LastExec is currently using date format based on time() which is unix UTC format.
Somehow using Date changes the local dateTime to local time. We have to have UTC globally.
gmDate instead of Date could resolve the issue easily. As generalizeTime in FD use Z which is UTC already.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6320[Tasks] - Mail class can have one method static to be reused outside object c...2024-03-25T16:25:24Zdockx thibault[Tasks] - Mail class can have one method static to be reused outside object call by others[Tasks] - Mail class can have one method static to be reused outside object call by others
```
// send the objectype and attrs name to the below method
$this->setEmailsFromSelectedDN($mailObject, $mailAttr);
```
The above metho...[Tasks] - Mail class can have one method static to be reused outside object call by others
```
// send the objectype and attrs name to the below method
$this->setEmailsFromSelectedDN($mailObject, $mailAttr);
```
The above method can be statically called and shared outside group instance.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6319Add a check / warning when adding ssha512 password method that overlay pw-sha...2024-03-28T10:51:25ZJonathan SwaelensAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be usedAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be usedAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be useddockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6318The "default policy" is not applied2024-03-24T18:04:51ZJonathan SwaelensThe "default policy" is not appliedHello @tdockx
- Install ppolicy plugin and overlay
- Add a default policy
```
dn: cn=default,ou=ppolicies,dc=example,dc=com
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
cn: defaul...Hello @tdockx
- Install ppolicy plugin and overlay
- Add a default policy
```
dn: cn=default,ou=ppolicies,dc=example,dc=com
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
cn: default
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE
pwdCheckQuality: 0
pwdLockout: TRUE
pwdInHistory: 2
pwdMustChange: FALSE
```
- Add a user to the ACL editownpassword
- Connect with this user and change your password
- It will not trigger the history error or same password error if you don't assign the policy to the user explicitly
Cheers
![image](/uploads/d10b3a6cebc9b0362ba274c167e70f2c/image.png)
![image](/uploads/d2250270307e95b9ade38548d21d281c/image.png)
![image](/uploads/06a0f87a0439c115d5a3e3560b545f28/image.png)dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6317[core] - new column for primary and secondary supann affiliation2024-03-19T17:23:45Zdockx thibault[core] - new column for primary and secondary supann affiliation[core] - new column for primary and secondary supann affiliation
The idea is that a new column type should be available in case there would be a supann affiliation required to be seen.
Only the code is actually seen, it should be evalua...[core] - new column for primary and secondary supann affiliation
The idea is that a new column type should be available in case there would be a supann affiliation required to be seen.
Only the code is actually seen, it should be evaluated to its related string value.dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6316[CORE] - Snapshots - listing view of modifications per snapshot2024-03-12T16:18:45Zdockx thibault[CORE] - Snapshots - listing view of modifications per snapshot[CORE] - Snapshots - listing view of modifications per snapshot
Within the restoration management page of snapshots, it would be great to be able to visual easily the LDIF of a selected snapshot.
It would be great to also have the possi...[CORE] - Snapshots - listing view of modifications per snapshot
Within the restoration management page of snapshots, it would be great to be able to visual easily the LDIF of a selected snapshot.
It would be great to also have the possibility to export the snapshots' history, explain which data has been modified and a which date.
Without forgetting the current data present on the user file.
Without forgetting to set a better text message saying that automatic snapshots is only present for user (for now).FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6314[CORE] - Snapshots - review of the current automatic creation logic2024-03-12T16:17:01Zdockx thibault[CORE] - Snapshots - review of the current automatic creation logic[CORE] - Snapshots - review of the current automatic creation logic
There are currently multiple issues :
- The first automatic snapshot only contains data from tab USER
- Other tabs are not considered when USER is not updated
- When ta...[CORE] - Snapshots - review of the current automatic creation logic
There are currently multiple issues :
- The first automatic snapshot only contains data from tab USER
- Other tabs are not considered when USER is not updated
- When tab USER is updated, only the last values of other tabs are being saved.
**Team Discussion**
__CONSTRUCT must have the automatic creation and related verification within.
- If no modification, verification based on the MD5 stored in previous snapshots (new attribute schema).
Only the first tab __construct should contain the snapshot creation call
- IF automatic snapshots is allowed.
- IF MD5 verification is not equal.
The concept is based on the creation of the existing into snapshots, not the modification.
In the project of notifications via Orchestrator - there will be a verification upon the last snapshots and the existing user information.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6312[Tasks] - Allow an array of members emails for BCC - Mail Template2024-03-05T14:44:45Zdockx thibault[Tasks] - Allow an array of members emails for BCC - Mail Template[Tasks] - Allow an array of members emails for BCC, as one string (one email) is not sufficient for most clients[Tasks] - Allow an array of members emails for BCC, as one string (one email) is not sufficient for most clientsFusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6310Add a screenshot dirrectory into the contrib directory to be used by the yaml...2024-02-24T10:46:53ZbmortierAdd a screenshot dirrectory into the contrib directory to be used by the yaml and the marketplaceHello,
We need a screenshot directory into the contrib directory to place the screenshot that will be used in the yaml for the marketplace
CheersHello,
We need a screenshot directory into the contrib directory to place the screenshot that will be used in the yaml for the marketplace
CheersFusionDirectory 1.5bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6308Having a way to create ordered away with a column as reference2024-02-06T14:34:00ZJonathan SwaelensHaving a way to create ordered away with a column as referenceHello @tdockx
When we add elements, it would be nice to have a way to specify which column must be seen as reference in so that we cannot have multiple entries.
It would be nice to have a concept of one unique key instead of one key w...Hello @tdockx
When we add elements, it would be nice to have a way to specify which column must be seen as reference in so that we cannot have multiple entries.
It would be nice to have a concept of one unique key instead of one key with multiple status. With the latest one overwritting the old one).dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6307[CORE] - Supann life cycle - automation via Orchestrator2024-03-05T18:04:31Zdockx thibault[CORE] - Supann life cycle - automation via OrchestratorThe goal is to have FusionDirectory tasks system, embedded within its core, ready for Orchestrator when the automatism of supann life cycle is being developed.
The following steps must be taken into consideration. **(OBSOLETE)**
Please ...The goal is to have FusionDirectory tasks system, embedded within its core, ready for Orchestrator when the automatism of supann life cycle is being developed.
The following steps must be taken into consideration. **(OBSOLETE)**
Please confer to the simple design document that can be found here : [Cycle_de_vie_-_development_-_design_document__DRAFT__.odt](/uploads/f967363d809fb7f8d2ba1c7b7d0266b4/Cycle_de_vie_-_development_-_design_document__DRAFT__.odt)
**Note that this document is subject to update and is definitely not in its final form**
**BELOW contains historical design - somecontent is obsolete - see above design document**
1. A new attribute in tasks generic must best added, and the schema therefore must be modified to have the "lastExec" date present. (Done).
2. The generic task must be updated accordingly if tab supann is selected:
- The redundancy should be automatically set to daily, and the case “new members only” should be unpicked. (Done).
- The mail tab should therefore not be possible to be activated. (Done)
- A message when opening the tab supann should appear explaining this behavior. (It makes no sense to no do it as supannRessourceEtat are fix dates - daily check). (Done)
3. The tab supann Task
- ObjectClass supannTask, should make visible the behavior set in the configuration backend. Read-only. With message to change it in the configuration if required. (No schema update as noLdapSave).
- The list of members will be processed automatically, only the members having an active account with expired date as end.
- The creation of subtasks will be triggered the same way as for the mail tasks, only, maybe lesser information required. Although emails in subclass can be left as is. Still is a referenced to the user account.
4. (Plugins) FD must have an updated schema of supann-fd-conf as we need to add a new section about the behavior required in case of Account closure.
- This must include a tick box saying that we will manage this via Orchestrator
- An array of related existing supannRessourceEtat should be available and a matching with the behavior required for others supannRessourceEtat.
- An array of one-to-one match departing from AccountStatus seems the good way to perform it.
5. (Plugins) An update of the plugin tab Mail containing calls to Partage and Zimbra is required, if the above tick box of "usage of Orchestrator" is set, the plugin should not perform anything itself.
6. A documentation on all this process is required in sphinx on FD core website.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6306[CORE] - Issues of services not triggered by account deactivation via lock ic...2023-12-21T09:24:42Zdockx thibault[CORE] - Issues of services not triggered by account deactivation via lock icon on user list[CORE] - Issues of services not triggered by account deactivation via lock icon on user list[CORE] - Issues of services not triggered by account deactivation via lock icon on user listFusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6305[CORE][Task] - type mail should include a BCC field2024-02-05T16:36:55Zdockx thibault[CORE][Task] - type mail should include a BCC field[CORE][Task]- type mail should include a BCC field
Orchestrator has already the capabilities to integrate BCC but the arrays of attributes returned do not receives replyTo or BCC values yet.[CORE][Task]- type mail should include a BCC field
Orchestrator has already the capabilities to integrate BCC but the arrays of attributes returned do not receives replyTo or BCC values yet.dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6303[CORE][MAIL] – Attachments for emails must be created as sub nodes2024-01-22T09:53:32Zdockx thibault[CORE][MAIL] – Attachments for emails must be created as sub nodes[CORE][MAIL] – Attachments for emails must be created as sub nodes
The idea is like FAI script, able to adds multiple entry within an array.
Sub nodes will be created under the parent CN.
This allows taking all enclosed files and ...[CORE][MAIL] – Attachments for emails must be created as sub nodes
The idea is like FAI script, able to adds multiple entry within an array.
Sub nodes will be created under the parent CN.
This allows taking all enclosed files and their related names correctly.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6302[CORE][TASKS] - Tasks must be set as repeatable and updatable2023-10-31T12:33:48Zdockx thibault[CORE][TASKS] - Tasks must be set as repeatable and updatable[CORE][TASKS] – Tasks must be set as repeatable and updatable
The concept is the following :
- **Repeatable**
- Makes a task able to repeat based on the time (days / Hours) set in the task settings.
- By default, re-create subtasks...[CORE][TASKS] – Tasks must be set as repeatable and updatable
The concept is the following :
- **Repeatable**
- Makes a task able to repeat based on the time (days / Hours) set in the task settings.
- By default, re-create subtasks for ALREADY existing members. (If updatable field not set).
- **Updatable**
- Allows creation of sub-tasks ONLY for new members (Context of dynamic group).FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6301[CORE] - Tasks Mail must take into account dynGroups2023-10-31T12:35:03Zdockx thibault[CORE] - Tasks Mail must take into account dynGroupsDyngroup can now be selected thanks to :
https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/merge_requests/1054
In order to get the proper emails of dyngroup members, the task mail must be enhanced.Dyngroup can now be selected thanks to :
https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/merge_requests/1054
In order to get the proper emails of dyngroup members, the task mail must be enhanced.dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6300[CORE] - UsersGroupsRolesAttribute attribute must include dyngroup as well2023-10-31T12:34:24Zdockx thibault[CORE] - UsersGroupsRolesAttribute attribute must include dyngroup as wellFollowing code must be adapted in order to include dyngroup in the below constructor.
['user', 'group', 'role', 'ogroup', 'dyngroup'],
```php
class UsersGroupsRolesAttribute extends ObjectsAttribute
{
function __construct (string $l...Following code must be adapted in order to include dyngroup in the below constructor.
['user', 'group', 'role', 'ogroup', 'dyngroup'],
```php
class UsersGroupsRolesAttribute extends ObjectsAttribute
{
function __construct (string $label, string $description, string $ldapName, bool $required = FALSE, array $defaultValue = [], string $store_attr = 'dn', string $display_attr = 'nameAttr', array $filterElementDefinitions = NULL, string $acl = '')
{
parent::__construct($label, $description, $ldapName, $required, ['user', 'group', 'role', 'ogroup'], $defaultValue, $store_attr, $display_attr, $filterElementDefinitions, $acl);
}
}
```dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6299Adapt the ci to the reorganisation of the dev-tools and fixing the trigger do...2023-10-03T12:41:22ZbmortierAdapt the ci to the reorganisation of the dev-tools and fixing the trigger downstream pipelinesFusionDirectory 1.4.1bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6297[CAS] - Issues with discovered SLO (SSO) not implemented. Making a new SSO au...2024-03-05T18:03:13Zdockx thibault[CAS] - Issues with discovered SLO (SSO) not implemented. Making a new SSO auth validated not used and last login (session) being used.[CAS] – Issues with discovered SLO (SSO) not implemented. Making a new SSO auth validated not used and last login (session) being used.
Please follow the below link to some information.
- https://apereo.github.io/cas/6.5.x/installatio...[CAS] – Issues with discovered SLO (SSO) not implemented. Making a new SSO auth validated not used and last login (session) being used.
Please follow the below link to some information.
- https://apereo.github.io/cas/6.5.x/installation/Logout-Single-Signout.html
- https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6088
The current CAS (v1.6 not verified) - does not properly logout / remove (adapt) user sessions.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6295We cannot create template for department types object2023-10-03T12:38:32ZJonathan SwaelensWe cannot create template for department types objectHello @tdockx
We cannot create or use templates in the department category. There is no template mention in the dropdown action or filter.
CheersHello @tdockx
We cannot create or use templates in the department category. There is no template mention in the dropdown action or filter.
Cheersdockx thibaultdockx thibault