chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Plugin: Azure: Move code to function - refs BT#21930

Browse Source
pull/5763/head
Angel Fernando Quiroz Campos 1 year ago
parent 994244bb02
commit 9cecd7bf71
No known key found for this signature in database
GPG Key ID: B284841AE3E562CD
2 changed files with 112 additions and 66 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 110
      plugin/azure_active_directory/src/AzureActiveDirectory.php
  2. 68
      plugin/azure_active_directory/src/callback.php

110
plugin/azure_active_directory/src/AzureActiveDirectory.php
Unescape View File

@ -1,6 +1,7 @@
<?php
/* For license terms, see /license.txt */
use League\OAuth2\Client\Token\AccessTokenInterface;
use TheNetworg\OAuth2\Client\Provider\Azure;
/**
@ -160,8 +161,7 @@ class AzureActiveDirectory extends Plugin
return $defaultOrder;
}
public function getUserIdByVerificationOrder(array $azureUserData): ?int
{
public function getUserIdByVerificationOrder(array $azureUserData, string $azureUidKey = 'objectId'): ?int {
$selectedOrder = $this->getExistingUserVerificationOrder();
$extraFieldValue = new ExtraFieldValue('user');
@ -176,7 +176,7 @@ class AzureActiveDirectory extends Plugin
),
3 => $extraFieldValue->get_item_id_from_field_variable_and_field_value(
AzureActiveDirectory::EXTRA_FIELD_AZURE_UID,
$azureUserData['objectId']
$azureUserData[$azureUidKey]
),
];
@ -188,4 +188,108 @@ class AzureActiveDirectory extends Plugin
return null;
}
/**
* @throws Exception
*/
public function registerUser(
AccessTokenInterface $token,
Azure $provider,
array $azureUserInfo,
string $apiGroupsRef = 'me/memberOf',
string $objectIdKey = 'objectId',
string $azureUidKey = 'objectId'
) {
if (empty($azureUserInfo)) {
throw new Exception('Groups info not found.');
}
$userId = $this->getUserIdByVerificationOrder($azureUserInfo, $azureUidKey);
if (empty($userId)) {
// If we didn't find the user
if ($this->get(self::SETTING_PROVISION_USERS) === 'true') {
[$userRole, $isAdmin] = $this->getUserRoleAndCheckIsAdmin(
$token,
$provider,
$apiGroupsRef,
$objectIdKey
);
$phone = null;
if (isset($azureUserInfo['telephoneNumber'])) {
$phone = $azureUserInfo['telephoneNumber'];
} elseif (isset($azureUserInfo['businessPhones'][0])) {
$phone = $azureUserInfo['businessPhones'][0];
} elseif (isset($azureUserInfo['mobilePhone'])) {
$phone = $azureUserInfo['mobilePhone'];
}
// If the option is set to create users, create it
$userId = UserManager::create_user(
$azureUserInfo['givenName'],
$azureUserInfo['surname'],
$userRole,
$azureUserInfo['mail'],
$azureUserInfo['userPrincipalName'],
'',
null,
null,
$phone,
null,
'azure',
null,
($azureUserInfo['accountEnabled'] ? 1 : 0),
null,
[
'extra_'.self::EXTRA_FIELD_ORGANISATION_EMAIL => $azureUserInfo['mail'],
'extra_'.self::EXTRA_FIELD_AZURE_ID => $azureUserInfo['mailNickname'],
'extra_'.self::EXTRA_FIELD_AZURE_UID => $azureUserInfo[$azureUidKey],
],
null,
null,
$isAdmin
);
if (!$userId) {
throw new Exception(get_lang('UserNotAdded').' '.$azureUserInfo['userPrincipalName']);
}
} else {
throw new Exception('User not found when checking the extra fields from '.$azureUserInfo['mail'].' or '.$azureUserInfo['mailNickname'].' or '.$azureUserInfo[$azureUidKey].'.');
}
}
return $userId;
}
private function getUserRoleAndCheckIsAdmin(
AccessTokenInterface $token,
Azure $provider = null,
string $apiRef = 'me/memberOf',
string $objectIdKey = 'objectId'
): array {
$provider = $provider ?: $this->getProvider();
$groups = $provider->get($apiRef, $token);
// If any specific group ID has been defined for a specific role, use that
// ID to give the user the right role
$givenAdminGroup = $this->get(self::SETTING_GROUP_ID_ADMIN);
$givenSessionAdminGroup = $this->get(self::SETTING_GROUP_ID_SESSION_ADMIN);
$givenTeacherGroup = $this->get(self::SETTING_GROUP_ID_TEACHER);
$userRole = STUDENT;
$isAdmin = false;
foreach ($groups as $group) {
if ($givenAdminGroup == $group[$objectIdKey]) {
$userRole = COURSEMANAGER;
$isAdmin = true;
} elseif ($givenSessionAdminGroup == $group[$objectIdKey]) {
$userRole = SESSIONADMIN;
} elseif ($userRole != SESSIONADMIN && $givenTeacherGroup == $group[$objectIdKey]) {
$userRole = COURSEMANAGER;
}
}
return [$userRole, $isAdmin];
}
}

68
plugin/azure_active_directory/src/callback.php
Unescape View File

@ -85,69 +85,11 @@ try {
throw new Exception('The id field is empty in Azure AD and is needed to set the unique Azure ID for this user.');
}
$userId = $plugin->getUserIdByVerificationOrder($me);
if (empty($userId)) {
// If we didn't find the user
if ($plugin->get(AzureActiveDirectory::SETTING_PROVISION_USERS) === 'true') {
// Get groups info, if any
$groups = $provider->get('me/memberOf', $token);
if (empty($me)) {
throw new Exception('Groups info not found.');
}
// If any specific group ID has been defined for a specific role, use that
// ID to give the user the right role
$givenAdminGroup = $plugin->get(AzureActiveDirectory::SETTING_GROUP_ID_ADMIN);
$givenSessionAdminGroup = $plugin->get(AzureActiveDirectory::SETTING_GROUP_ID_SESSION_ADMIN);
$givenTeacherGroup = $plugin->get(AzureActiveDirectory::SETTING_GROUP_ID_TEACHER);
$userRole = STUDENT;
$isAdmin = false;
foreach ($groups as $group) {
if ($isAdmin) {
break;
}
if ($givenAdminGroup == $group['objectId']) {
$userRole = COURSEMANAGER;
$isAdmin = true;
} elseif (!$isAdmin && $givenSessionAdminGroup == $group['objectId']) {
$userRole = SESSIONADMIN;
} elseif (!$isAdmin && $userRole != SESSIONADMIN && $givenTeacherGroup == $group['objectId']) {
$userRole = COURSEMANAGER;
}
}
// If the option is set to create users, create it
$userId = UserManager::create_user(
$me['givenName'],
$me['surname'],
$userRole,
$me['mail'],
$me['mailNickname'],
'',
null,
null,
$me['telephoneNumber'],
null,
'azure',
null,
($me['accountEnabled'] ? 1 : 0),
null,
[
'extra_'.AzureActiveDirectory::EXTRA_FIELD_ORGANISATION_EMAIL => $me['mail'],
'extra_'.AzureActiveDirectory::EXTRA_FIELD_AZURE_ID => $me['mailNickname'],
'extra_'.AzureActiveDirectory::EXTRA_FIELD_AZURE_UID => $me['id'],
],
null,
null,
$isAdmin
);
if (!$userId) {
throw new Exception(get_lang('UserNotAdded').' '.$me['mailNickname']);
}
} else {
throw new Exception('User not found when checking the extra fields from '.$me['mail'].' or '.$me['mailNickname'].' or '.$me['id'].'.');
}
}
$userId = $plugin->registerUser(
$token,
$provider,
$me
);
$userInfo = api_get_user_info($userId);

Write Preview
Loading…
Cancel
Save