From b39944b2d77211bfffaf66e18e8d6c6f9e2ee61e Mon Sep 17 00:00:00 2001 From: Micael Rodrigues Date: Wed, 28 Oct 2015 22:59:48 +0000 Subject: [PATCH 01/43] Create user on the fly from sucessful LDAP authentication, if it does not already exists. --- app/controllers/AuthController.php | 97 ++++++++++++++++++++++++++---- 1 file changed, 85 insertions(+), 12 deletions(-) diff --git a/app/controllers/AuthController.php b/app/controllers/AuthController.php index 4121faa042..8d06b83843 100755 --- a/app/controllers/AuthController.php +++ b/app/controllers/AuthController.php @@ -22,11 +22,14 @@ class AuthController extends BaseController /** * Authenticates a user to LDAP * - * @return true if the username and/or password provided are valid - * false if the username and/or password provided are invalid - * + * @param $username + * @param $password + * @param bool|false $returnUser + * @return bool true if the username and/or password provided are valid + * false if the username and/or password provided are invalid + * array of ldap_attributes if $returnUser is true */ - function ldap($username, $password) { + function ldap($username, $password, $returnUser = false) { $ldaphost = Config::get('ldap.url'); $ldaprdn = Config::get('ldap.username'); @@ -35,11 +38,11 @@ class AuthController extends BaseController $filterQuery = Config::get('ldap.authentication.filter.query') . $username; $ldapversion = Config::get('ldap.version'); - // Connecting to LDAP - $connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}"); - // Needed for AD - ldap_set_option($connection, LDAP_OPT_REFERRALS, 0); - ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION,$ldapversion); + // Connecting to LDAP + $connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}"); + // Needed for AD + ldap_set_option($connection, LDAP_OPT_REFERRALS, 0); + ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION,$ldapversion); try { if ($connection) { @@ -49,7 +52,9 @@ class AuthController extends BaseController $entry = ldap_first_entry($connection, $results); if ( ($userDn = @ldap_get_dn($connection, $entry)) !== false ) { if( ($isBound = ldap_bind($connection, $userDn, $password)) == "true") { - return true; + return $returnUser ? + array_change_key_case(ldap_get_attributes($connection, $entry),CASE_LOWER) + : true; } } } @@ -61,6 +66,65 @@ class AuthController extends BaseController return false; } + /** + * Create user from LDAP attributes + * + * @param $ldapatttibutes + * @return array|bool + */ + function createUserFromLdap($ldapatttibutes){ + //Get LDAP attribute config + $ldap_result_username = Config::get('ldap.result.username'); + $ldap_result_emp_num = Config::get('ldap.result.emp.num'); + $ldap_result_last_name = Config::get('ldap.result.last.name'); + $ldap_result_first_name = Config::get('ldap.result.first.name'); + $ldap_result_email = Config::get('ldap.result.email'); + + //Get LDAP user data + $item = array(); + $item["username"] = isset( $ldapatttibutes[$ldap_result_username][0] ) ? $ldapatttibutes[$ldap_result_username][0] : ""; + $item["employee_number"] = isset( $ldapatttibutes[$ldap_result_emp_num][0] ) ? $ldapatttibutes[$ldap_result_emp_num][0] : ""; + $item["lastname"] = isset( $ldapatttibutes[$ldap_result_last_name][0] ) ? $ldapatttibutes[$ldap_result_last_name][0] : ""; + $item["firstname"] = isset( $ldapatttibutes[$ldap_result_first_name][0] ) ? $ldapatttibutes[$ldap_result_first_name][0] : ""; + $item["email"] = isset( $ldapatttibutes[$ldap_result_email][0] ) ? $ldapatttibutes[$ldap_result_email][0] : "" ; + + //create user + if(!empty($item["username"]) && !empty($item['email'])) { + $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10); + + $newuser = array( + 'first_name' => $item["firstname"], + 'last_name' => $item["lastname"], + 'username' => $item["username"], + 'email' => $item["email"], + 'employee_num' => $item["employee_number"], + 'password' => $pass, + 'activated' => 1, + 'location_id' => null, + 'permissions' => '{"user":1}', + 'notes' => 'Imported from LDAP' + ); + + DB::table('users')->insert($newuser); + $updateuser = Sentry::findUserByLogin($item["username"]); + + // Update the user details + $updateuser->password = $pass; + + // Update the user + $updateuser->save(); + } else { + throw new Cartalyst\Sentry\Users\UserNotFoundException(); + } + + //$item["note"] = "created"; + $credentials = array( + 'username' => $item["username"], + 'password' => $pass, + ); + return $credentials; + } + /** * Account sign in form processing. @@ -83,7 +147,6 @@ class AuthController extends BaseController // Ooops.. something went wrong return Redirect::back()->withInput()->withErrors($validator); } - try { /** @@ -93,8 +156,18 @@ class AuthController extends BaseController // Try to get the user from the database. $user = (array) DB::table('users')->where('username', Input::get('username'))->first(); + //If user does not exist and authenticates sucessfully with LDAP we will create it onf the fly and sign in with default permissions + if(!$user){ + if($userattr = $this->ldap(Input::get('username'), Input::get('password'),true) ){ + LOG::debug("Creating LDAP authenticated user."); + $credentials = $this->createUserFromLdap($userattr); + Sentry::authenticate($credentials, Input::get('remember-me', 0)); - if ($user && strpos($user["notes"],'LDAP') !== false) { + + } + } + + else if ($user && strpos($user["notes"],'LDAP') !== false) { LOG::debug("Authenticating user against LDAP."); if( $this->ldap(Input::get('username'), Input::get('password')) ) { LOG::debug("valid login"); From 5c820d49a606f596cdaf905b6b63ae05f16e3356 Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 2 Nov 2015 16:44:17 -0800 Subject: [PATCH 02/43] Fixes #1305 --- app/controllers/admin/StatuslabelsController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/admin/StatuslabelsController.php b/app/controllers/admin/StatuslabelsController.php index 1266a8dfb0..c184fbd700 100755 --- a/app/controllers/admin/StatuslabelsController.php +++ b/app/controllers/admin/StatuslabelsController.php @@ -271,7 +271,7 @@ class StatuslabelsController extends AdminController $label_type = Lang::get('admin/statuslabels/table.undeployable'); } - $actions = ''; + $actions = ''; $rows[] = array( 'id' => $statuslabel->id, From c8551367cb56cc608a2f96f6f86c3e4aa937ace6 Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 2 Nov 2015 16:44:46 -0800 Subject: [PATCH 03/43] Moved sample file so people can't accidentally import it --- {app/private_uploads/imports/assets => public}/sample.csv | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {app/private_uploads/imports/assets => public}/sample.csv (100%) diff --git a/app/private_uploads/imports/assets/sample.csv b/public/sample.csv similarity index 100% rename from app/private_uploads/imports/assets/sample.csv rename to public/sample.csv From 712e415f4da7e74a5d86758d4be6b0f9e7ec6bfa Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 2 Nov 2015 16:45:02 -0800 Subject: [PATCH 04/43] Updated deleted seats language --- app/lang/en/general.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/lang/en/general.php b/app/lang/en/general.php index e1fc1fe930..c9ddda5ab5 100755 --- a/app/lang/en/general.php +++ b/app/lang/en/general.php @@ -43,6 +43,7 @@ 'date' => 'Date', 'delete' => 'Delete', 'deleted' => 'Deleted', + 'delete_seats' => 'Deleted Seats', 'deployed' => 'Deployed', 'depreciation_report' => 'Depreciation Report', 'download' => 'Download', From e07dcf259876e19dadd86d22c44366254debce60 Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 2 Nov 2015 16:45:19 -0800 Subject: [PATCH 05/43] Added location detail view --- app/controllers/admin/LocationsController.php | 66 +++++++- app/routes.php | 4 + app/views/backend/locations/view.blade.php | 151 ++++++++++++++++++ 3 files changed, 220 insertions(+), 1 deletion(-) create mode 100644 app/views/backend/locations/view.blade.php diff --git a/app/controllers/admin/LocationsController.php b/app/controllers/admin/LocationsController.php index e1d27421bd..6dbf6cf440 100755 --- a/app/controllers/admin/LocationsController.php +++ b/app/controllers/admin/LocationsController.php @@ -254,6 +254,31 @@ class LocationsController extends AdminController } + + /** + * Get the consumable information to present to the consumable view page + * + * @param int $consumableId + * @return View + **/ + public function getView($locationId = null) + { + $location = Location::find($locationId); + + if (isset($location->id)) { + return View::make('backend/locations/view', compact('location')); + } else { + // Prepare the error message + $error = Lang::get('admin/locations/message.does_not_exist', compact('id')); + + // Redirect to the user management page + return Redirect::route('locations')->with('error', $error); + } + + + } + + public function getDatatable() { $locations = Location::select(array('id','name','address','address2','city','state','zip','country','parent_id','currency'))->with('assets') @@ -291,7 +316,7 @@ class LocationsController extends AdminController $rows[] = array( 'id' => $location->id, - 'name' => link_to('admin/locations/'.$location->id.'/view', $location->name), + 'name' => link_to('admin/settings/locations/'.$location->id.'/view', $location->name), 'parent' => ($location->parent) ? $location->parent->name : '', 'assets' => ($location->assets->count() + $location->assignedassets->count()), 'address' => ($location->address) ? $location->address: '', @@ -310,5 +335,44 @@ class LocationsController extends AdminController } + public function getDataViewUsers($locationID) + { + $location = Location::find($locationID); + $location_users = $location->users; + $count = $location_users->count(); + + $rows = array(); + + foreach ($location_users as $user) { + $rows[] = array( + 'name' => link_to('/admin/users/'.$user->id.'/view', $user->fullName()) + ); + } + + $data = array('total' => $count, 'rows' => $rows); + + return $data; + } + + + public function getDataViewAssets($locationID) + { + $location = Location::find($locationID)->with('assets'); + $count = $location->assets->count(); + + $rows = array(); + + foreach ($location->assets as $asset) { + $rows[] = array( + 'name' => link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()) + ); + } + + $data = array('total' => $count, 'rows' => $rows); + + return $data; +} + + } diff --git a/app/routes.php b/app/routes.php index eefcdda15e..a927aef8ad 100755 --- a/app/routes.php +++ b/app/routes.php @@ -52,6 +52,9 @@ /*---Locations API---*/ Route::group(array('prefix'=>'locations'), function () { Route::get('list', array('as'=>'api.locations.list', 'uses'=>'LocationsController@getDatatable')); + Route::get('{locationID}/view', array('as'=>'api.locations.view', 'uses'=>'LocationsController@getDataView')); + Route::get('{locationID}/users', array('as'=>'api.locations.viewusers', 'uses'=>'LocationsController@getDataViewUsers')); + Route::get('{locationID}/assets', array('as'=>'api.locations.viewassets', 'uses'=>'LocationsController@getDataViewAssets')); }); /*---Depreciations API---*/ @@ -420,6 +423,7 @@ Route::get( '{locationId}/edit', [ 'as' => 'update/location', 'uses' => 'LocationsController@getEdit' ] ); Route::post( '{locationId}/edit', 'LocationsController@postEdit' ); + Route::get( '{locationId}/view', 'LocationsController@getView' ); Route::get( '{locationId}/delete', [ 'as' => 'delete/location', 'uses' => 'LocationsController@getDelete' ] ); } ); diff --git a/app/views/backend/locations/view.blade.php b/app/views/backend/locations/view.blade.php new file mode 100644 index 0000000000..aae2abea34 --- /dev/null +++ b/app/views/backend/locations/view.blade.php @@ -0,0 +1,151 @@ +@extends('backend/layouts/default') + +{{-- Page title --}} +@section('title') + + {{{ $location->name }}} + @lang('general.locations') :: +@parent +@stop + +{{-- Page content --}} +@section('content') + + +
+
+ +

+ {{{ $location->name }}} + @lang('general.locations') + +

+
+
+ + @@ -35,37 +33,65 @@