Merge branch 'master' into PHRAS-4093-bump-base-image-1.2.0

alchemy-fr · Dec 3, 2024 · d79e1b7 · d79e1b7
2 parents 42e39fc + 7ac7417
commit d79e1b7
Show file tree

Hide file tree

Showing 4 changed files with 73 additions and 5 deletions.
diff --git a/config/configuration.sample.yml b/config/configuration.sample.yml
@@ -220,6 +220,7 @@ authentication:
                 realm-name: phrasea
                 exclusive: false
                 icon-uri: null
+                usegroups: false
                 birth-group: _firstlog
                 everyone-group: _everyone
                 metamodel: _metamodel

diff --git a/lib/Alchemy/Phrasea/Authentication/Provider/Openid.php b/lib/Alchemy/Phrasea/Authentication/Provider/Openid.php
@@ -349,13 +349,14 @@ public function onCallback(Request $request)
             $userName = $data['email'];// login to be an email
         }
 
+        $usegroups = isset($this->config['usegroups']) ? $this->config['usegroups'] : false;
         $userUA = $this->CreateUser([
             'id'        => $distantUserId = $data['sub'],
             'login'     => $userName,
             'firstname' => isset($data['given_name']) ? $data['given_name'] : '',
             'lastname'  => isset($data['family_name']) ? $data['family_name'] : '' ,
             'email'     => isset($data['email']) ? $data['email'] : '',
-            '_groups'   => isset($data['groups']) ? $data['groups'] : ''
+            '_groups'   => isset($data['groups']) && $usegroups ? $data['groups'] : ''
         ]);
 
         $userAuthProviderRepository = $this->getUsrAuthProviderRepository();
@@ -488,8 +489,8 @@ private function CreateUser(Array $data)
                 $this->debug(sprintf("found user \"%s\" with id=%s \n", $login, $userUA->getId()));
 
                 // if the id provider does NOT return groups, the new user will get "birth" privileges
-                if (!is_array($data['_groups']) && array_key_exists('birth-group', $this->config)) {
-                    $data['_groups'] = [$this->config['birth-group']];
+                if (!is_array($data['_groups']) && array_key_exists('birth-group', $this->config) && trim($this->config['birth-group']) !== '') {
+                    $data['_groups'] = [trim($this->config['birth-group'])];
                 }
             }
             else {
@@ -534,8 +535,8 @@ private function CreateUser(Array $data)
                 }
 
                 // add "everyone-group"
-                if(array_key_exists('everyone-group', $this->config)) {
-                    $models[] = ['name' => $this->config['model-gpfx'] . $this->config['everyone-group'], 'autocreate' => true];
+                if(array_key_exists('everyone-group', $this->config) && trim($this->config['everyone-group']) !== '') {
+                    $models[] = ['name' => $this->config['model-gpfx'] . trim($this->config['everyone-group']), 'autocreate' => true];
                 }
 
                 // add a specific model for the user

diff --git a/lib/classes/patch/4111PHRAS4106.php b/lib/classes/patch/4111PHRAS4106.php
@@ -0,0 +1,65 @@
+<?php
+
+use Alchemy\Phrasea\Application;
+use Alchemy\Phrasea\Core\Configuration\PropertyAccess;
+
+class patch_4111PHRAS4106 implements patchInterface
+{
+    /** @var string */
+    private $release = '4.1.11';
+
+    /** @var array */
+    private $concern = [base::APPLICATION_BOX];
+
+    /**
+     * Returns the release version.
+     *
+     * @return string
+     */
+    public function get_release()
+    {
+        return $this->release;
+    }
+    /**
+     * {@inheritdoc}
+     */
+    public function concern()
+    {
+        return $this->concern;
+    }
+    /**
+     * {@inheritdoc}
+     */
+    public function require_all_upgrades()
+    {
+        return false;
+    }
+    /**
+     * {@inheritdoc}
+     */
+    public function getDoctrineMigrations()
+    {
+        return [];
+    }
+    /**
+     * {@inheritdoc}
+     */
+    public function apply(base $appbox, Application $app)
+    {
+        /** @var PropertyAccess $conf */
+        $conf = $app['conf'];
+        foreach ($app['conf']->get(['authentication', 'providers'], []) as $providerId => $data) {
+            if ($data['type'] === "openid") {
+                if(!isset($data['options']['usegroups'])) {
+                    $data['options']['usegroups'] = false;
+
+                    $providerConfig[$providerId] = $data;
+
+                    $conf->merge(['authentication', 'providers'], $providerConfig);
+                }
+            }
+        }
+
+        return true;
+    }
+}
diff --git a/lib/conf.d/configuration.yml b/lib/conf.d/configuration.yml
@@ -237,6 +237,7 @@ authentication:
                 realm-name: phrasea
                 exclusive: false
                 icon-uri: null
+                usegroups: false
                 birth-group: _firstlog
                 everyone-group: _everyone
                 metamodel: _metamodel