Skip to content
GitLab
Commit 7ed10135 authored by Côme Chilliet's avatar Côme Chilliet
Browse files

Merge branch... 

Merge branch '5851-creating-a-user-from-a-template-with-a-non-existing-group-crashes' into '1.3-dev'

Resolve "Creating a user from a template with a non-existing group crashes"

See merge request fusiondirectory/fd!316
parents f7036396 76dc418e
master 1.3-fixes 6009-updating-the-locales-for-1-3-1 fusiondirectory-1.3
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 72 additions and 50 deletions
+72 -50
plugins/personal/roles/class_userRoles.inc
+ 72
50
View file @ 7ed10135
...@@ -174,15 +174,21 @@ class userRoles extends simplePlugin ...@@ -174,15 +174,21 @@ class userRoles extends simplePlugin
} elseif (($this->dn != '') && ($this->dn != 'new')) { } elseif (($this->dn != '') && ($this->dn != 'new')) {
/* Remove all groups */ /* Remove all groups */
foreach ($this->savedGroupsMembership as $ogroupdn) { foreach ($this->savedGroupsMembership as $ogroupdn) {
$g = objects::open($ogroupdn, 'ogroup'); try {
$g->getBaseObject()->attributesAccess['member']->searchAndRemove($this->dn); $g = objects::open($ogroupdn, 'ogroup');
$g->save(); $g->getBaseObject()->attributesAccess['member']->searchAndRemove($this->dn);
$g->save();
} catch (NonExistingLdapNodeException $e) {
}
} }
/* Remove all roles */ /* Remove all roles */
foreach ($this->savedRolesMembership as $roledn) { foreach ($this->savedRolesMembership as $roledn) {
$r = objects::open($roledn, 'role'); try {
$r->getBaseObject()->attributesAccess['roleOccupant']->searchAndRemove($this->dn); $r = objects::open($roledn, 'role');
$r->save(); $r->getBaseObject()->attributesAccess['roleOccupant']->searchAndRemove($this->dn);
$r->save();
} catch (NonExistingLdapNodeException $e) {
}
} }
} }
return array(); return array();
...@@ -248,17 +254,21 @@ class userRoles extends simplePlugin ...@@ -248,17 +254,21 @@ class userRoles extends simplePlugin
$groupsMembership = $this->attributesAccess['groupsMembership']->getValue(); $groupsMembership = $this->attributesAccess['groupsMembership']->getValue();
foreach ($groupsMembership as $ogroupdn) { foreach ($groupsMembership as $ogroupdn) {
if (!in_array($ogroupdn, $this->savedGroupsMembership)) { if (!in_array($ogroupdn, $this->savedGroupsMembership)) {
$g = objects::open($ogroupdn, 'ogroup'); try {
if (!in_array($ogroupdn, $this->templateGroups) && !$g->getBaseObject()->attrIsWriteable('member')) { $g = objects::open($ogroupdn, 'ogroup');
$errors[] = msgPool::permModify($ogroupdn, 'member'); if (!in_array($ogroupdn, $this->templateGroups) && !$g->getBaseObject()->attrIsWriteable('member')) {
continue; $errors[] = msgPool::permModify($ogroupdn, 'member');
} continue;
$g->getBaseObject()->attributesAccess['member']->addValue($this->dn, $fake_attrs); }
$msg = $g->save(); $g->getBaseObject()->attributesAccess['member']->addValue($this->dn, $fake_attrs);
if (empty($msg)) { $msg = $g->save();
$this->savedGroupsMembership[] = $ogroupdn; if (empty($msg)) {
} else { $this->savedGroupsMembership[] = $ogroupdn;
$errors = array_merge($errors, $msg); } else {
$errors = array_merge($errors, $msg);
}
} catch (NonExistingLdapNodeException $e) {
$errors[] = $e->getMessage();
} }
} }
} }
...@@ -266,17 +276,21 @@ class userRoles extends simplePlugin ...@@ -266,17 +276,21 @@ class userRoles extends simplePlugin
/* Remove groups not listed in groupsMembership */ /* Remove groups not listed in groupsMembership */
foreach ($this->savedGroupsMembership as $key => $ogroupdn) { foreach ($this->savedGroupsMembership as $key => $ogroupdn) {
if (!in_array($ogroupdn, $groupsMembership)) { if (!in_array($ogroupdn, $groupsMembership)) {
$g = objects::open($ogroupdn, 'ogroup'); try {
if (!$g->getBaseObject()->attrIsWriteable('member')) { $g = objects::open($ogroupdn, 'ogroup');
$errors[] = msgPool::permModify($ogroupdn, 'member'); if (!$g->getBaseObject()->attrIsWriteable('member')) {
continue; $errors[] = msgPool::permModify($ogroupdn, 'member');
} continue;
$g->getBaseObject()->attributesAccess['member']->searchAndRemove($this->dn); }
$msg = $g->save(); $g->getBaseObject()->attributesAccess['member']->searchAndRemove($this->dn);
if (empty($msg)) { $msg = $g->save();
unset($this->savedGroupsMembership[$key]); if (empty($msg)) {
} else { unset($this->savedGroupsMembership[$key]);
$errors = array_merge($errors, $msg); } else {
$errors = array_merge($errors, $msg);
}
} catch (NonExistingLdapNodeException $e) {
$errors[] = $e->getMessage();
} }
} }
} }
...@@ -285,17 +299,21 @@ class userRoles extends simplePlugin ...@@ -285,17 +299,21 @@ class userRoles extends simplePlugin
$rolesMembership = $this->attributesAccess['rolesMembership']->getValue(); $rolesMembership = $this->attributesAccess['rolesMembership']->getValue();
foreach ($rolesMembership as $roledn) { foreach ($rolesMembership as $roledn) {
if (!in_array($roledn, $this->savedRolesMembership)) { if (!in_array($roledn, $this->savedRolesMembership)) {
$r = objects::open($roledn, 'role'); try {
if (!in_array($roledn, $this->templateRoles) && !$r->getBaseObject()->attrIsWriteable('roleOccupant')) { $r = objects::open($roledn, 'role');
$errors[] = msgPool::permModify($roledn, 'roleOccupant'); if (!in_array($roledn, $this->templateRoles) && !$r->getBaseObject()->attrIsWriteable('roleOccupant')) {
continue; $errors[] = msgPool::permModify($roledn, 'roleOccupant');
} continue;
$r->getBaseObject()->attributesAccess['roleOccupant']->addValue($this->dn, $fake_attrs); }
$msg = $r->save(); $r->getBaseObject()->attributesAccess['roleOccupant']->addValue($this->dn, $fake_attrs);
if (empty($msg)) { $msg = $r->save();
$this->savedRolesMembership[] = $roledn; if (empty($msg)) {
} else { $this->savedRolesMembership[] = $roledn;
$errors = array_merge($errors, $msg); } else {
$errors = array_merge($errors, $msg);
}
} catch (NonExistingLdapNodeException $e) {
$errors[] = $e->getMessage();
} }
} }
} }
...@@ -303,17 +321,21 @@ class userRoles extends simplePlugin ...@@ -303,17 +321,21 @@ class userRoles extends simplePlugin
/* Remove roles not listed in rolesMembership */ /* Remove roles not listed in rolesMembership */
foreach ($this->savedRolesMembership as $key => $roledn) { foreach ($this->savedRolesMembership as $key => $roledn) {
if (!in_array($roledn, $rolesMembership)) { if (!in_array($roledn, $rolesMembership)) {
$r = objects::open($roledn, 'role'); try {
if (!$r->getBaseObject()->attrIsWriteable('roleOccupant')) { $r = objects::open($roledn, 'role');
$errors[] = msgPool::permModify($roledn, 'roleOccupant'); if (!$r->getBaseObject()->attrIsWriteable('roleOccupant')) {
continue; $errors[] = msgPool::permModify($roledn, 'roleOccupant');
} continue;
$r->getBaseObject()->attributesAccess['roleOccupant']->searchAndRemove($this->dn); }
$msg = $r->save(); $r->getBaseObject()->attributesAccess['roleOccupant']->searchAndRemove($this->dn);
if (empty($msg)) { $msg = $r->save();
unset($this->savedRolesMembership[$key]); if (empty($msg)) {
} else { unset($this->savedRolesMembership[$key]);
$errors = array_merge($errors, $msg); } else {
$errors = array_merge($errors, $msg);
}
} catch (NonExistingLdapNodeException $e) {
$errors[] = $e->getMessage();
} }
} }
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment