Skip to content
GitLab
Verified Commit 3f259ae4 authored by dockx thibault's avatar dockx thibault
Browse files

:sparkles: Feat(Orchestrator) - posix shadowExpire verifications 

Adds verification for posix shadowExpire.
parent 52c35aff
dev 63-orchestrator-mail-controller-format-of-mail-text-and-signature-are-not-utf8-usage-of-accents-is 70-create-unitests-for-orchestrator 73-orchestrator-create-a-librabry-in-core-orchestrator 78-redesign-audit-class 79-redesign-mail 80-redesign-notifications-class 81-redesign-reminders-class 82-redesign-lifecycle-class main revert-55863b23 1.1
2 merge requests!72Releasing Fusiondirectory Orchestrator 1.1,!61Resolve "[Orchestrator] - New endpoint for userReminder allowing to send notification to use with token to extend their account longevity"
Pipeline #30444 failed with stages
in 2 minutes and 10 seconds
Hide whitespace changes
Inline Side-by-side
Showing
with 89 additions and 0 deletions
+89 -0
plugins/tasks/Reminder.php
+ 89
0
View file @ 3f259ae4
......@@ -121,6 +121,34 @@ class Reminder implements EndpointInterface
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['mail'] = $tokenMailTemplateForm;
} else {
// Not about to expire, delete subTask
$result[$task['dn']]['Removed'] = $this->gateway->removeSubTask($task['dn']);
$result[$task['dn']]['Status'] = 'No reminder triggers were found, therefore removing the sub-task!';
}
}
// Case where prolongation is set without supann. Case of posix and PPolicy
if ($monitoredResources['resource'][0] === 'NONE' && $monitoredResources['prolongation'] === 'TRUE') {
if ($this->posixAboutToExpire($task['fdtasksgranulardn'][0], $task['fdtasksgranularhelper'][0]) ||
$this->pPolicyAboutToExpire($task['fdtasksgranulardn'][0], $task['fdtasksgranularhelper'][0])) {
// Require to be set for updating the status of the task later on and sent the email.
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['dn'] = $task['dn'];
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['uid'] = $task['fdtasksgranulardn'][0];
// Create timeStamp expiration for token
$tokenExpire = $this->getTokenExpiration($task['fdtasksgranularhelper'][0],
$remindersMainTask[0]['fdtasksreminderfirstcall'][0],
$remindersMainTask[0]['fdtasksremindersecondcall'][0]);
// Create token for SubTask
$token = $this->generateToken($task['fdtasksgranulardn'][0], $tokenExpire);
// Edit the mailForm with the url link containing the token
$tokenMailTemplateForm = $this->generateTokenUrl($token, $mailTemplateForm, $remindersMainTaskName);
// Recipient email form
$reminders[$remindersMainTaskName]['subTask'][$task['cn'][0]]['mail'] = $tokenMailTemplateForm;
} else {
// Not about to expire, delete subTask
$result[$task['dn']]['Removed'] = $this->gateway->removeSubTask($task['dn']);
......@@ -137,6 +165,67 @@ class Reminder implements EndpointInterface
return $result;
}
/**
* @param $dn
* @param $days
* @return bool
* Note : Compare the date of today and the shadowExpire epoch to see if expiration is soon to happen.
*/
private function posixAboutToExpire ($dn, $days) : bool
{
$result = FALSE;
$userShadowExpire = $this->retrieveUserPosix($dn);
// Verification if shadowExpire was retrieved
if (!empty($userShadowExpire)) {
// Create the date of today
$today = new DateTime();
// Create a proper timestamp for verification
$epoch = new DateTime("1970-01-01");
// Add the shadowExpire days to the epoch
$epoch->add(new DateInterval("P{$userShadowExpire}D"));
// Get the interval between today and the expiration of shadow expire.
$interval = $today->diff($epoch);
// Interval can be negative if date is in the past - we make sure it is not in the past by using invert.
if ($interval->days <= $days && $interval->invert == 0) {
$result = TRUE;
}
}
return $result;
}
/**
* @param $dn
* @return string
* Note : Simply retrieve shadowExpire attribute for the DN specified.
*/
private function retrieveUserPosix ($dn) : string
{
$result = '';
$userPosix = $this->gateway->getLdapTasks('(objectClass=shadowAccount)', ['shadowExpire'],
'', $dn);
// Simply remove key "count"
$this->gateway->unsetCountKeys($userPosix);
// Removing un-required keys
if (!empty($userPosix[0]['shadowexpire'][0])) {
$result = $userPosix[0]['shadowexpire'][0];
}
return $result;
}
private function pPolicyAboutToExpire ($dn, $days) : bool
{
$result = FALSE;
return $result;
}
/**
* @param string $token
* @param array $mailTemplateForm
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment