Plugin: Azure: Add option to set the verification order por existing user - refs BT#21930

1 year ago · 994244bb02
parent c492a14086
commit 994244bb02
6 changed files with 74 additions and 36 deletions
--- a/plugin/azure_active_directory/lang/dutch.php
+++ b/plugin/azure_active_directory/lang/dutch.php
@ -22,6 +22,10 @@ $strings['management_login_enable_help'] = 'Schakel de chamilo-login uit en scha
    .'U zult moeten kopiëren de <code>/plugin/azure_active_directory/layout/login_form.tpl</code> bestand in het <code>/main/template/overrides/layout/</code> dossier.';
 $strings['management_login_name'] = 'Naam voor de beheeraanmelding';
 $strings['management_login_name_help'] = 'De standaardinstelling is "Beheer login".';
+$strings['existing_user_verification_order'] = 'Existing user verification order';
+$strings['existing_user_verification_order_help'] = 'This value indicates the order in which the user will be searched in Chamilo to verify its existence. '
+    .'By default is <code>1, 2, 3</code>.'
+    .'<ol><li>EXTRA_FIELD_ORGANISATION_EMAIL (<code>mail</code>)</li><li>EXTRA_FIELD_AZURE_ID (<code>mailNickname</code>)</li><li>EXTRA_FIELD_AZURE_UID (<code>id</code> of <code>objectId</code>)</li></ol>';
 $strings['OrganisationEmail'] = 'Organisatie e-mail';
 $strings['AzureId'] = 'Azure ID (mailNickname)';
 $strings['AzureUid'] = 'Azure UID (internal ID)';
--- a/plugin/azure_active_directory/lang/english.php
+++ b/plugin/azure_active_directory/lang/english.php
@ -22,6 +22,10 @@ $strings['management_login_enable_help'] = 'Disable the chamilo login and enable
    .'You will need to copy the <code>/plugin/azure_active_directory/layout/login_form.tpl</code> file to <code>/main/template/overrides/layout/</code> directory.';
 $strings['management_login_name'] = 'Name for the management login';
 $strings['management_login_name_help'] = 'The default is "Management Login".';
+$strings['existing_user_verification_order'] = 'Existing user verification order';
+$strings['existing_user_verification_order_help'] = 'This value indicates the order in which the user will be searched in Chamilo to verify its existence. '
+    .'By default is <code>1, 2, 3</code>.'
+    .'<ol><li>EXTRA_FIELD_ORGANISATION_EMAIL (<code>mail</code>)</li><li>EXTRA_FIELD_AZURE_ID (<code>mailNickname</code>)</li><li>EXTRA_FIELD_AZURE_UID (<code>id</code> or <code>objectId</code>)</li></ol>';
 $strings['OrganisationEmail'] = 'Organisation e-mail';
 $strings['AzureId'] = 'Azure ID (mailNickname)';
 $strings['AzureUid'] = 'Azure UID (internal ID)';
--- a/plugin/azure_active_directory/lang/french.php
+++ b/plugin/azure_active_directory/lang/french.php
@ -22,6 +22,10 @@ $strings['management_login_enable_help'] = 'Désactiver le login de Chamilo et p
    .'Vous devez, pour cela, copier le fichier <code>/plugin/azure_active_directory/layout/login_form.tpl</code> dans le répertoire <code>/main/template/overrides/layout/</code>.';
 $strings['management_login_name'] = 'Nom du login de gestion';
 $strings['management_login_name_help'] = 'Le nom par défaut est "Login de gestion".';
+$strings['existing_user_verification_order'] = 'Existing user verification order';
+$strings['existing_user_verification_order_help'] = 'This value indicates the order in which the user will be searched in Chamilo to verify its existence. '
+    .'By default is <code>1, 2, 3</code>.'
+    .'<ol><li>EXTRA_FIELD_ORGANISATION_EMAIL (<code>mail</code>)</li><li>EXTRA_FIELD_AZURE_ID (<code>mailNickname</code>)</li><li>EXTRA_FIELD_AZURE_UID (<code>id</code> ou <code>objectId</code>)</li></ol>';
 $strings['OrganisationEmail'] = 'E-mail professionnel';
 $strings['AzureId'] = 'ID Azure (mailNickname)';
 $strings['AzureUid'] = 'Azure UID (internal ID)';
--- a/plugin/azure_active_directory/lang/spanish.php
+++ b/plugin/azure_active_directory/lang/spanish.php
@ -22,6 +22,10 @@ $strings['management_login_enable_help'] = 'Desactivar el login de Chamilo y act
    .'Para ello, tendrá que copiar el archivo <code>/plugin/azure_active_directory/layout/login_form.tpl</code> en la carpeta <code>/main/template/overrides/layout/</code>.';
 $strings['management_login_name'] = 'Nombre del bloque de login de gestión';
 $strings['management_login_name_help'] = 'El nombre por defecto es "Login de gestión".';
+$strings['existing_user_verification_order'] = 'Orden de verificación de usuario existente';
+$strings['existing_user_verification_order_help'] = 'Este valor indica el orden en que el usuario serña buscado en Chamilo para verificar su existencia. '
+    .'Por defecto es <code>1, 2, 3</code>.'
+    .'<ol><li>EXTRA_FIELD_ORGANISATION_EMAIL (<code>mail</code>)</li><li>EXTRA_FIELD_AZURE_ID (<code>mailNickname</code>)</li><li>EXTRA_FIELD_AZURE_UID (<code>id</code> o <code>objectId</code>)</li></ol>';
 $strings['OrganisationEmail'] = 'E-mail profesional';
 $strings['AzureId'] = 'ID Azure (mailNickname)';
 $strings['AzureUid'] = 'UID Azure (ID interno)';
--- a/plugin/azure_active_directory/src/AzureActiveDirectory.php
+++ b/plugin/azure_active_directory/src/AzureActiveDirectory.php
@ -23,6 +23,7 @@ class AzureActiveDirectory extends Plugin
    public const SETTING_GROUP_ID_ADMIN = 'group_id_admin';
    public const SETTING_GROUP_ID_SESSION_ADMIN = 'group_id_session_admin';
    public const SETTING_GROUP_ID_TEACHER = 'group_id_teacher';
+    public const SETTING_EXISTING_USER_VERIFICATION_ORDER = 'existing_user_verification_order';

    public const URL_TYPE_AUTHORIZE = 'login';
    public const URL_TYPE_LOGOUT = 'logout';
@ -48,6 +49,7 @@ class AzureActiveDirectory extends Plugin
            self::SETTING_GROUP_ID_ADMIN => 'text',
            self::SETTING_GROUP_ID_SESSION_ADMIN => 'text',
            self::SETTING_GROUP_ID_TEACHER => 'text',
+            self::SETTING_EXISTING_USER_VERIFICATION_ORDER => 'text',
        ];

        parent::__construct('2.3', 'Angel Fernando Quiroz Campos, Yannick Warnier', $settings);
@ -131,4 +133,59 @@ class AzureActiveDirectory extends Plugin
            ''
        );
    }
+
+    public function getExistingUserVerificationOrder(): array
+    {
+        $defaultOrder = [1, 2, 3];
+
+        $settingValue = $this->get(self::SETTING_EXISTING_USER_VERIFICATION_ORDER);
+        $selectedOrder = array_filter(
+            array_map(
+                'trim',
+                explode(',', $settingValue)
+            )
+        );
+        $selectedOrder = array_map('intval', $selectedOrder);
+        $selectedOrder = array_filter(
+            $selectedOrder,
+            function ($position) use ($defaultOrder): bool {
+                return in_array($position, $defaultOrder);
+            }
+        );
+
+        if ($selectedOrder) {
+            return $selectedOrder;
+        }
+
+        return $defaultOrder;
+    }
+
+    public function getUserIdByVerificationOrder(array $azureUserData): ?int
+    {
+        $selectedOrder = $this->getExistingUserVerificationOrder();
+
+        $extraFieldValue = new ExtraFieldValue('user');
+        $positionsAndFields = [
+            1 => $extraFieldValue->get_item_id_from_field_variable_and_field_value(
+                AzureActiveDirectory::EXTRA_FIELD_ORGANISATION_EMAIL,
+                $azureUserData['mail']
+            ),
+            2 => $extraFieldValue->get_item_id_from_field_variable_and_field_value(
+                AzureActiveDirectory::EXTRA_FIELD_AZURE_ID,
+                $azureUserData['mailNickname']
+            ),
+            3 => $extraFieldValue->get_item_id_from_field_variable_and_field_value(
+                AzureActiveDirectory::EXTRA_FIELD_AZURE_UID,
+                $azureUserData['objectId']
+            ),
+        ];
+
+        foreach ($selectedOrder as $position) {
+            if (!empty($positionsAndFields[$position]) && isset($positionsAndFields[$position]['item_id'])) {
+                return (int) $positionsAndFields[$position]['item_id'];
+            }
+        }
+
+        return null;
+    }
 }
--- a/plugin/azure_active_directory/src/callback.php
+++ b/plugin/azure_active_directory/src/callback.php
@ -85,42 +85,7 @@ try {
        throw new Exception('The id field is empty in Azure AD and is needed to set the unique Azure ID for this user.');
    }

-    $extraFieldValue = new ExtraFieldValue('user');
-    $organisationValue = $extraFieldValue->get_item_id_from_field_variable_and_field_value(
-        AzureActiveDirectory::EXTRA_FIELD_ORGANISATION_EMAIL,
-        $me['mail']
-    );
-    $azureValue = $extraFieldValue->get_item_id_from_field_variable_and_field_value(
-        AzureActiveDirectory::EXTRA_FIELD_AZURE_ID,
-        $me['mailNickname']
-    );
-    $uidValue = $extraFieldValue->get_item_id_from_field_variable_and_field_value(
-        AzureActiveDirectory::EXTRA_FIELD_AZURE_UID,
-        $me['objectId']
-    );
-
-    $userId = null;
-    // Get the user ID (if any) from the EXTRA_FIELD_ORGANISATION_EMAIL extra
-    // field
-    if (!empty($organisationValue) && isset($organisationValue['item_id'])) {
-        $userId = $organisationValue['item_id'];
-    }
-
-    if (empty($userId)) {
-        // If the previous step didn't work, get the user ID from
-        // EXTRA_FIELD_AZURE_ID
-        if (!empty($azureValue) && isset($azureValue['item_id'])) {
-            $userId = $azureValue['item_id'];
-        }
-    }
-
-    if (empty($userId)) {
-        // If the previous step didn't work, get the user ID from
-        // EXTRA_FIELD_AZURE_UID
-        if (!empty($uidValue) && isset($uidValue['item_id'])) {
-            $userId = $uidValue['item_id'];
-        }
-    }
+    $userId = $plugin->getUserIdByVerificationOrder($me);

    if (empty($userId)) {
        // If we didn't find the user