fusiondirectory issueshttps://gitlab.fusiondirectory.org/groups/fusiondirectory/-/issues2022-12-07T10:40:06Zhttps://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6023If mailbox creation failed at user creation, you get stuck2022-12-07T10:40:06ZJonathan SwaelensIf mailbox creation failed at user creation, you get stuck### Description
I was trying to create a user with a mailbox (on cyrus). The mailbox creation failed but when I wanted apply again FusionDirectory told me that an user with my uid already exist.
### Distribution Name and Version
Debia...### Description
I was trying to create a user with a mailbox (on cyrus). The mailbox creation failed but when I wanted apply again FusionDirectory told me that an user with my uid already exist.
### Distribution Name and Version
Debian Buster
### FusionDirectory Version
1.4
### Plugin with the defect
mail
### PHP version used
7
### Origin of php packages
Distribution
### Steps to Reproduce
1. Set fdMailAttribute on mail and disable cyrus unix style
2. Create an user with a mail on cyrus server
3. If you try to apply again after the mailbox creation error it will say the uid already exist
**Expected behavior:**
Not create the user if the mailbox creation fail
**Actual behavior:**
It create the user same if the mailbox creation fail
**Reproduces how often:**
100%FusionDirectory 1.5Jonathan SwaelensJonathan Swaelens2019-12-18https://gitlab.fusiondirectory.org/fusiondirectory/smarty3-gettext/-/issues/1put in place the gitlab-ci to build tarballs2021-03-25T09:05:53Zbmortierput in place the gitlab-ci to build tarballsJonathan SwaelensJonathan Swaelens2021-03-25https://gitlab.fusiondirectory.org/fusiondirectory/scriptaculous/-/issues/1put in place the gitlab-ci to build tarballs2021-10-22T14:42:17Zbmortierput in place the gitlab-ci to build tarballsJonathan SwaelensJonathan Swaelens2021-03-25https://gitlab.fusiondirectory.org/fusiondirectory/prototype/-/issues/1put in place the gitlab-ci to build tarballs2022-06-09T07:27:51Zbmortierput in place the gitlab-ci to build tarballsJonathan SwaelensJonathan Swaelens2021-03-25https://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6149Add webservice overlay functions that matches the interface2022-12-07T10:31:26ZJonathan SwaelensAdd webservice overlay functions that matches the interface## Descriptive title for this enhancement
Each type element (user, server, ogroup, posixgroup...) must have his endpoint and the different method GET, POST, PUT, PATCH, DELETE
For example, /user, /ogroup, /posixgroup... for POST and /...## Descriptive title for this enhancement
Each type element (user, server, ogroup, posixgroup...) must have his endpoint and the different method GET, POST, PUT, PATCH, DELETE
For example, /user, /ogroup, /posixgroup... for POST and /user/dn for PATCH, PUT and DELETE
### Actual behavior
We use the "generic" endpoint like /objects/user/
### Expected behavior
Instead of the "generic" endpoint, we want something more user-friendly like /user
### Step by step description of new behavior
1. The new endpoint not replace the generic one
2. The new endpoint will use the generic endpoint inside the code
### Benefits
It will be more user-friendly to use /posixgroup to create a group instead of /objects/posixgroup
### Possible Drawbacks
None because it's an overlay of the actual code
### Applicable Issues
NoneFusionDirectory 1.5dockx thibaultdockx thibault2022-03-25https://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6148Fix webservice to add functions functions related to serviceManagement2022-12-07T10:31:38ZJonathan SwaelensFix webservice to add functions functions related to serviceManagement### Description
We cannot do any operations on services
### Distribution Name and Version
Debian Buster
### FusionDirectory Version
1.4
### Plugin with the defect
webservice
### PHP version used
php7
### Origin of php packages
...### Description
We cannot do any operations on services
### Distribution Name and Version
Debian Buster
### FusionDirectory Version
1.4
### Plugin with the defect
webservice
### PHP version used
php7
### Origin of php packages
Debian
### Steps to Reproduce
1. Create a server with argonautDNSConfig as service
2. Source the script and run the command
```
#!/bin/env bash
declare URL='https://demo-dev-all-buster.fusiondirectory.org/fusiondirectory//rest.php/v1/'
declare LOGIN='X'
declare PASSWORD='X'
# Short CURL
function C(){
command -- "curl" "-s" "-H" "Content-Type: application/json" "${URL}${@}"
}
# Grab TOKEN
TOKEN=$(C \
'/login' \
-X POST \
--data \
'{
"user": "'"$LOGIN"'",
"password": "'"$PASSWORD"'"
}'
)
TOKEN=$(tr -d '"' <<< "$TOKEN")
# Redfine C
function C(){
command -- "curl" "-s" "-H" "Content-Type: application/json" "-H" "SESSION-TOKEN: $TOKEN" "${URL}${@}" | jq .
}
```
```
C /objects/server/cn=demo-dev,ou=servers,ou=systems,dc=demo-fusiondirectory,dc=org/servicesManagement
{}
```
3. the result doesn't show the argonautDNSConfig service
**Expected behavior:**
We must see something like
```
Argonaut DNS settings
```
And be able to see the content and modify / add other services
**Actual behavior:**
Actually, it shows an empty JSON
**Reproduces how often:**
100FusionDirectory 1.5dockx thibaultdockx thibault2022-03-28https://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6081Do not record empty memberUid within mixedgroups2023-02-02T11:25:07ZDanjean VincentDo not record empty memberUid within mixedgroups### Description
I'm using fusiondirectory 1.3 through Debian package (locally recompiled for buster).
I'm using the mixedgroups plugin.
When I create a mixedgroup with one user and several (sub-)groups, I got an error about duplicate (...### Description
I'm using fusiondirectory 1.3 through Debian package (locally recompiled for buster).
I'm using the mixedgroups plugin.
When I create a mixedgroup with one user and several (sub-)groups, I got an error about duplicate (empty) memberUid.
Indeed, this is due to the fact that the plugin gets a 'uid' attribute for all its entries, even for (sub-)groups that do not have 'uid' attribute.
I fixed this locally with this patch:
In ogroups/mixedgroups/class_mixedGroup.inc, in prepare_save(), I replace:
```php
foreach ($members as $dn) {
$ldap->cat($dn, array('uid'));
$attrs = $ldap->fetch();
$memberUid[] = $attrs['uid'][0];
}
```
by
```php
foreach ($members as $dn) {
$ldap->cat($dn, array('uid'));
$attrs = $ldap->fetch();
/* Some members (other groups) do not have uid
* Adding a empty uid is not a problem, but adding two or more is */
if ($attrs['uid'][0] != '') {
$memberUid[] = $attrs['uid'][0];
}
}
```
Note: it solve my problem but you might want to do other things, for example:
- allows empty uid but skip entries with no uid attribute (my patch does the same thing for both cases)
- check that there are no duplicate uid (empty or not). If there are:
- return an error
- cleanup the list to keep only unique values
- or ...
Regards
Vincent
PS: the code in gitlab seems to be the same in the 1.4 branch, so this bug does not seem already fixed.FusionDirectory 1.5dockx thibaultdockx thibault2022-04-13https://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6176FusionDirectory to mimic memberOf feature in a new plugin2022-12-07T10:16:05ZJonathan SwaelensFusionDirectory to mimic memberOf feature in a new plugin## Descriptive title for this enhancement
There are cases where the memberOf attribute is still useful but the overlay can suffer from performance for very big groups.
FusionDirectory already have many kind of references between users ...## Descriptive title for this enhancement
There are cases where the memberOf attribute is still useful but the overlay can suffer from performance for very big groups.
FusionDirectory already have many kind of references between users and groups. The idea would be to mimic the overlay comportment in FusionDirectory. It will minimize the impact on big groups because we are already dealing with references.
### Actual behavior
Plugin doesn't exist
### Expected behavior
Making a new plugin
### Step by step description of new behaviour
1. Installing the new plugin
2. Make options if needed for fusiondirectory configuration
3. Any modification in a group will add the memberOf attribute in the user
### Benefits
Advantage of memberOf overlay without the downside for bigger groups
### Possible Drawbacks
NoneFusionDirectory 1.5dockx thibaultdockx thibault2022-07-05https://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6179[SupannExt] - Adding elements to the main code_population list2022-12-07T10:25:54Zdockx thibault[SupannExt] - Adding elements to the main code_population list### Requirements
## Descriptive title for this enhancement
[SupannExt] - Adding elements to the main code_population list
### Actual behavior
List is not exhaustive
### Expected behavior
Below elements that would be interesting to ...### Requirements
## Descriptive title for this enhancement
[SupannExt] - Adding elements to the main code_population list
### Actual behavior
List is not exhaustive
### Expected behavior
Below elements that would be interesting to add to the default list of main population code.
'RGPST' 'RGPET' 'RGPFT' 'RGNFC' 'RGNFA' 'RGNE' 'RGNS' 'RGNFD' 'RGNSP' 'RGIS' 'RGIE' 'RGNCC' 'RGNCD' 'RHTC' 'PXR' 'RHJSG' 'RHLE' 'RHLS' 'RHTCE' 'RHMF' 'RHJCF' 'PXSP' 'PXE' 'TER' 'RHTSO' 'PXU' 'PXL'
### Step by step description of new behaviour
Add the above elements to the default list.
### Benefits
More default elements.
### Possible Drawbacks
User interface might feel overcharged
### Applicable Issues
NoneFusionDirectory 1.5dockx thibaultdockx thibault2022-07-25https://gitlab.fusiondirectory.org/fusiondirectory/fusiondirectory-orchestrator/-/issues/42[Orchestrator] - taskGateway compare lastExec in UTC format with a variable n...2024-03-29T14:34:15Zdockx thibault[Orchestrator] - taskGateway compare lastExec in UTC format with a variable now - set without arg, taking local time insteadWe must change line 309 of tastGateway to be sure to generate a now time in UTC.
We could have used Unix timestamp (always generated in UTC) but dateTime object are easy to use.
Let's change line 309
```php
// Is used to verify c...We must change line 309 of tastGateway to be sure to generate a now time in UTC.
We could have used Unix timestamp (always generated in UTC) but dateTime object are easy to use.
Let's change line 309
```php
// Is used to verify cyclic schedule with date format.
$now = new DateTime();
```
with
`$now = new DateTime('now', new DateTimeZone('UTC'));`FusionDirectory Orchestrator 1.0dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6321[Tasks] - Make the generic tasks even more generic, allowing the object type ...2024-03-29T00:41:29Zdockx thibault[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins
Currently, the creation of subTasks is handled by :
`public function createSlaveTasks (array $listOfDN, string $a...[Tasks] - Make the generic tasks even more generic, allowing the object type string to be custom in case of added plugins
Currently, the creation of subTasks is handled by :
`public function createSlaveTasks (array $listOfDN, string $attributeType, array $attrs = NULL): void`
example :
```php
// Call the method from parent tasks object (first tab) to create sub-tasks.
$this->parent->getBaseObject()->createSlaveTasks($listOfDN, $attributeType);
```
The variable attributeType was previously set for life cycle and mail tasks. (fdTasksGranularDN, fdTasksGranularMail).
To differentiate the usage of DN (CN/UID or MAIL).
We can still use that logic that could become beneficial for harder tasks in the future, set in the CORE.
_Currently, a new argument should be passed to define fdTasksGranularType._
Modification should occur here :
```php
case 'fdTasksGranularDN' :
$prepData['tasksGranular'] = [
"fdTasksGranularDN" => $dn,
"fdTasksGranularType" => 'Life Cycle',
];
break;
}
```
Life Cycle was hard-coded on purpose but could definitely receive a string variable now.
As more plugins will be developed, such as notifications, which also base itself on the concept of "pure" DN such as life cycle.
**Added Note**
LastExec is currently using date format based on time() which is unix UTC format.
Somehow using Date changes the local dateTime to local time. We have to have UTC globally.
gmDate instead of Date could resolve the issue easily. As generalizeTime in FD use Z which is UTC already.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6320[Tasks] - Mail class can have one method static to be reused outside object c...2024-03-25T16:25:24Zdockx thibault[Tasks] - Mail class can have one method static to be reused outside object call by others[Tasks] - Mail class can have one method static to be reused outside object call by others
```
// send the objectype and attrs name to the below method
$this->setEmailsFromSelectedDN($mailObject, $mailAttr);
```
The above metho...[Tasks] - Mail class can have one method static to be reused outside object call by others
```
// send the objectype and attrs name to the below method
$this->setEmailsFromSelectedDN($mailObject, $mailAttr);
```
The above method can be statically called and shared outside group instance.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6319Add a check / warning when adding ssha512 password method that overlay pw-sha...2024-03-28T10:51:25ZJonathan SwaelensAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be usedAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be usedAdd a check / warning when adding ssha512 password method that overlay pw-sha2 must be useddockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/dev-manual/-/issues/85[Dev-Manual] - Update of the new plugin schema ID2024-03-25T10:20:24Zdockx thibault[Dev-Manual] - Update of the new plugin schema ID[Dev-Manual] - Update of the new plugin schema ID for Notifications.
Current last being use is : dolibarr-fd.schema - 89
Notifications will use 90 for is default schema and 91 for its configuration[Dev-Manual] - Update of the new plugin schema ID for Notifications.
Current last being use is : dolibarr-fd.schema - 89
Notifications will use 90 for is default schema and 91 for its configurationFusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fusiondirectory-orchestrator/-/issues/40[Orchestrator] - Re-activate failed sub-tasks linked to a specific main task.2024-03-25T11:06:14Zdockx thibault[Orchestrator] - Re-activate failed sub-tasks linked to a specific main task.[Orchestrator] - Re-activate failed sub-tasks linked to a specific main task.
The concept is to be able to re-activate failed tasks via the specification of the "main" task related.[Orchestrator] - Re-activate failed sub-tasks linked to a specific main task.
The concept is to be able to re-activate failed tasks via the specification of the "main" task related.FusionDirectory 1.5dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6318The "default policy" is not applied2024-03-24T18:04:51ZJonathan SwaelensThe "default policy" is not appliedHello @tdockx
- Install ppolicy plugin and overlay
- Add a default policy
```
dn: cn=default,ou=ppolicies,dc=example,dc=com
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
cn: defaul...Hello @tdockx
- Install ppolicy plugin and overlay
- Add a default policy
```
dn: cn=default,ou=ppolicies,dc=example,dc=com
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
cn: default
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE
pwdCheckQuality: 0
pwdLockout: TRUE
pwdInHistory: 2
pwdMustChange: FALSE
```
- Add a user to the ACL editownpassword
- Connect with this user and change your password
- It will not trigger the history error or same password error if you don't assign the policy to the user explicitly
Cheers
![image](/uploads/d10b3a6cebc9b0362ba274c167e70f2c/image.png)
![image](/uploads/d2250270307e95b9ade38548d21d281c/image.png)
![image](/uploads/06a0f87a0439c115d5a3e3560b545f28/image.png)dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/6317[core] - new column for primary and secondary supann affiliation2024-03-19T17:23:45Zdockx thibault[core] - new column for primary and secondary supann affiliation[core] - new column for primary and secondary supann affiliation
The idea is that a new column type should be available in case there would be a supann affiliation required to be seen.
Only the code is actually seen, it should be evalua...[core] - new column for primary and secondary supann affiliation
The idea is that a new column type should be available in case there would be a supann affiliation required to be seen.
Only the code is actually seen, it should be evaluated to its related string value.dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/user-manual/-/issues/248[Tasks] - Explaination in details with screenshots of the new tabs life cycle...2024-03-19T16:45:11Zdockx thibault[Tasks] - Explaination in details with screenshots of the new tabs life cycle and the incoming notificationshttps://fusiondirectory-user-manual.readthedocs.io/en/1.4/fusiondirectory/core/tasks.html
We should add more details on the new generic tasks as well as the new utilization of the
- mail
- lifeCycle
- notifications
new tasks tabs.
No...https://fusiondirectory-user-manual.readthedocs.io/en/1.4/fusiondirectory/core/tasks.html
We should add more details on the new generic tasks as well as the new utilization of the
- mail
- lifeCycle
- notifications
new tasks tabs.
Note: It would be very interesting to link the documentation of such tasks to their related endpoints within the fusiondirectory-orchestrator documentation.dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fusiondirectory-orchestrator/-/issues/39[Orchestrator] - New endpoint notifications in order to manage notifications ...2024-03-29T14:34:38Zdockx thibault[Orchestrator] - New endpoint notifications in order to manage notifications tasksHere below a list of step by step requirements for the above concept to be feasible:
- A new endpoint “notifications”
- Making sure the tasks notification is well processed based on its cycle of repetition.
- Treat every subtasks and sen...Here below a list of step by step requirements for the above concept to be feasible:
- A new endpoint “notifications”
- Making sure the tasks notification is well processed based on its cycle of repetition.
- Treat every subtasks and send the notification if required + update status of the subtask.
- Remove the subtasks if no attributes listed match the alert specified in the main task.
A design document can be found about notifications [here](https://gitlab.fusiondirectory.org/documentation/fusiondirectory-fusiondirectory/-/tree/master/designs-documents)FusionDirectory Orchestrator 1.0dockx thibaultdockx thibaulthttps://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6258[NewPlugin] - Notifications, based on automatic snapshots, send email to requ...2024-03-28T11:09:02Zdockx thibault[NewPlugin] - Notifications, based on automatic snapshots, send email to required personal about attributes changes[NewPlugin] - Notifications, based on automatic snapshots, send email to required personal about attributes changes.
A design document can be found in the gitlab documentation [Here](https://gitlab.fusiondirectory.org/documentation/fusi...[NewPlugin] - Notifications, based on automatic snapshots, send email to required personal about attributes changes.
A design document can be found in the gitlab documentation [Here](https://gitlab.fusiondirectory.org/documentation/fusiondirectory-fusiondirectory/-/tree/master/designs-documents)
Le concept est d'envoyer un e-mail à un individu, un responsable, un gestionnaire, en fonction de la modification d'un ou plusieurs attribut(s) spécifique(s).
L'idée générale est d'utiliser le mécanisme des instantanés automatiques, une nouvelle tâche de type "Notifications" et la configuration du backend grâce à un nouveau plugin "Notifications" permettant de définir des attributs spécifiques qui doivent être vérifiés s'ils ont été modifiés.
La nouvelle tâche de notification sera une tâche cyclique, réglée par défaut sur une fréquence horaire. Une fois la tâche activée, elle collectera les DN des utilisateurs en se basant sur l'horodatage des snapshots pris pour ces utilisateurs et la dernière exécution de la tâche. Création de sous-tâches pertinentes, comme d'habitude, de type Notifications.
Ces nouvelles tâches pourront sélectionner une liste d'attributs définis précédemment dans la configuration du backend et une liste d'utilisateurs où la notification doit être envoyée.
Plusieurs changements sont nécessaires pour l'Orchestrator :
- Orchestrator fonctionnera donc comme d'habitude sur la base de sa configuration cron, en activant des tâches cycliques si cela est nécessaire.
- Un nouveau point de terminaison "notifications" sera créé, permettant de passer en revue toutes les sous-tâches de notification.
Dans la sous-tâche se trouvera le DN de l'utilisateur où les instantanés ont été pris, il y aura une vérification basée sur les attributs des tâches principales énumérés, si un attribut a changé, il doit être notifié. Une liste doit être produite
- Si une notification est nécessaire, envoyez un courriel au responsable éventuel de cet utilisateur spécifique et signalez l'état des sous-tâches. Si aucune modification n'est nécessaire, les sous-tâches concernées seront supprimées.
Ce ticket supportera les changements sous format plugin de :
- Schema LDAP notifications.schema et notifications-conf.schema
- Un nouveau tab pour "Tasks" permettant la configuration de notifications (membres et attributs)
- Un nouveau tab dans configuration (backend) permettant la configuration des attributs devant / pouvant etre suivis par la tache.FusionDirectory 1.5dockx thibaultdockx thibault