delete group claim type if None is selected

Yvand · Apr 12, 2024 · b779e93 · b779e93
1 parent b4c5d97
commit b779e93
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 19 deletions.
diff --git a/Yvand.LDAPCPSE/TEMPLATE/ADMIN/LDAPCPSE/GlobalSettings.ascx.cs b/Yvand.LDAPCPSE/TEMPLATE/ADMIN/LDAPCPSE/GlobalSettings.ascx.cs
@@ -229,23 +229,34 @@ protected bool UpdateConfiguration(bool commitChanges)
             Settings.ClaimTypes.SetAdditionalLdapFilterForEntity(this.TxtUserIdAdditionalLdapFilter.Text, DirectoryObjectType.User);
 
             // Group identifier settings
-            ClaimTypeConfig groupIdConfig = Settings.ClaimTypes.GroupIdentifierConfig;
-            bool newGroupConfigObject = false;
-            if (groupIdConfig == null)
+            if (!String.Equals(this.DdlGroupClaimType.SelectedValue, "None", StringComparison.OrdinalIgnoreCase))
             {
-                groupIdConfig = new ClaimTypeConfig { DirectoryObjectType = DirectoryObjectType.Group };
-                newGroupConfigObject = true;
+                ClaimTypeConfig groupIdConfig = Settings.ClaimTypes.GroupIdentifierConfig;
+                bool newGroupConfigObject = false;
+                if (groupIdConfig == null)
+                {
+                    groupIdConfig = new ClaimTypeConfig { DirectoryObjectType = DirectoryObjectType.Group };
+                    newGroupConfigObject = true;
+                }
+                groupIdConfig.ClaimType = this.DdlGroupClaimType.SelectedValue;
+                groupIdConfig.DirectoryObjectClass = this.TxtGroupLdapClass.Text;
+                groupIdConfig.DirectoryObjectAttribute = this.TxtGroupLdapAttribute.Text;
+                groupIdConfig.DirectoryObjectAttributeForDisplayText = this.TxtGroupDisplayTextAttribute.Text;
+                groupIdConfig.ClaimValueLeadingToken = this.TxtGroupLeadingToken.Text;
+                Settings.ClaimTypes.SetSearchAttributesForEntity(this.TxtGroupAdditionalLdapAttributes.Text, groupIdConfig.DirectoryObjectClass, DirectoryObjectType.Group);
+                Settings.ClaimTypes.SetAdditionalLdapFilterForEntity(this.TxtGroupAdditionalLdapFilter.Text, DirectoryObjectType.Group);
+                if (newGroupConfigObject)
+                {
+                    Settings.ClaimTypes.Add(groupIdConfig);
+                }
             }
-            groupIdConfig.ClaimType = this.DdlGroupClaimType.SelectedValue;
-            groupIdConfig.DirectoryObjectClass = this.TxtGroupLdapClass.Text;
-            groupIdConfig.DirectoryObjectAttribute = this.TxtGroupLdapAttribute.Text;
-            groupIdConfig.DirectoryObjectAttributeForDisplayText = this.TxtGroupDisplayTextAttribute.Text;
-            groupIdConfig.ClaimValueLeadingToken = this.TxtGroupLeadingToken.Text;
-            Settings.ClaimTypes.SetSearchAttributesForEntity(this.TxtGroupAdditionalLdapAttributes.Text, groupIdConfig.DirectoryObjectClass, DirectoryObjectType.Group);
-            Settings.ClaimTypes.SetAdditionalLdapFilterForEntity(this.TxtGroupAdditionalLdapFilter.Text, DirectoryObjectType.Group);
-            if (newGroupConfigObject)
+            else
             {
-                Settings.ClaimTypes.Add(groupIdConfig);
+                ClaimTypeConfig groupIdConfig = Settings.ClaimTypes.GroupIdentifierConfig;
+                if (groupIdConfig != null)
+                {
+                    Settings.ClaimTypes.Remove(groupIdConfig);
+                }
             }
 
             // Augmentation settings

diff --git a/Yvand.LDAPCPSE/Yvand.LdapClaimsProvider/Configuration/ClaimTypeConfig.cs b/Yvand.LDAPCPSE/Yvand.LdapClaimsProvider/Configuration/ClaimTypeConfig.cs
@@ -745,7 +745,7 @@ public void SetSearchAttributesForEntity(string newSearchAttributesCsv, string l
                     {
                         Add(newSearchAttributeConfig);
                     }
-                    catch (InvalidOperationException ex) 
+                    catch (InvalidOperationException ex)
                     {
                         // A InvalidOperationException is thrown if the LDAP attribute already exists as metadata
                         Logger.LogException(String.Empty, $"while trying to set the LDAP attribute {newAttribute} for entity type {entityType} as a search attribute", TraceCategory.Core, ex);
@@ -770,11 +770,14 @@ public void SetSearchAttributesForEntity(string newSearchAttributesCsv, string l
         public void SetAdditionalLdapFilterForEntity(string newAdditionalLdapFilter, DirectoryObjectType entityType)
         {
             ClaimTypeConfig mainConfig = GetIdentifierConfiguration(entityType);
-            mainConfig.DirectoryObjectAdditionalFilter = newAdditionalLdapFilter;
-            IEnumerable<ClaimTypeConfig> additionalConfigurations = GetAdditionalConfigurationsForEntity(entityType);
-            foreach (ClaimTypeConfig additionalConfiguration in additionalConfigurations)
+            if (mainConfig != null)
             {
-                additionalConfiguration.DirectoryObjectAdditionalFilter = newAdditionalLdapFilter;
+                mainConfig.DirectoryObjectAdditionalFilter = newAdditionalLdapFilter;
+                IEnumerable<ClaimTypeConfig> additionalConfigurations = GetAdditionalConfigurationsForEntity(entityType);
+                foreach (ClaimTypeConfig additionalConfiguration in additionalConfigurations)
+                {
+                    additionalConfiguration.DirectoryObjectAdditionalFilter = newAdditionalLdapFilter;
+                }
             }
         }
     }