From 98d99252415c8001b72b98723ea46a6b57211a8d Mon Sep 17 00:00:00 2001 From: Andrew Ruthven Date: Sat, 3 Feb 2024 23:34:34 +1300 Subject: [PATCH] Always update groups from LDAP The logic actually handled updated group details, but only new groups were being passed in. This will cause changes to what is being used for the fullname to flow through. --- inc/drivers_ldap.php | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/inc/drivers_ldap.php b/inc/drivers_ldap.php index cdb8e58e..56e7cfc0 100644 --- a/inc/drivers_ldap.php +++ b/inc/drivers_ldap.php @@ -558,16 +558,15 @@ function sync_LDAP_groups(){ $ldap_groups = array_keys($ldap_groups_info); - // groups only in ldap - $groups_to_create = array_diff($ldap_groups, $db_groups); + // Groups only in LDAP or in both LDAP and DB. To be created or updated. + $groups_to_create = array_merge( + array_diff($ldap_groups, $db_groups), + array_intersect($db_groups, $ldap_groups)); - // groups only in db + // Groups only in DB. To be disabled.. $groups_to_deactivate = array_diff($db_groups, $ldap_groups); - // groups present in ldap and in the db - $groups_to_update = array_intersect($db_groups, $ldap_groups); - - // groups where nothing was done + // Groups where nothing was done $groups_nothing_done[] = null; if ( sizeof ( $groups_to_create ) ){ @@ -633,15 +632,15 @@ function sync_LDAP_groups(){ Principal::cacheDelete('username', $group); - // mark group for updating, so users get synced - $groups_to_update[] = $group; + // mark group for sync'ing the members + $groups_to_sync_members[] = $group; } $c->messages[] = sprintf( i18n('- creating groups : %s'), join(', ',$groups_to_create) ); } - if ( sizeof ( $groups_to_update ) ){ - $c->messages[] = sprintf(i18n('- updating groups : %s'),join(', ',$groups_to_update)); + if ( sizeof ( $groups_to_sync_members ) ){ + $c->messages[] = sprintf(i18n('- updating groups : %s'),join(', ',$groups_to_sync_members)); // Support the old name of user_mapping_field.. $user_mapping = NULL; @@ -651,7 +650,7 @@ function sync_LDAP_groups(){ $user_mapping = $c->authenticate_hook['config']['mapping_field']; } - foreach ( $groups_to_update as $group ){ + foreach ( $groups_to_sync_members as $group ) { $db_members = is_array( $db_group_members[$group] ) ? array_values( $db_group_members[$group] ) : array();