firefly-iii/app/Ldap/Rules/UserDefinedRule.php

<?php
declare(strict_types=1);

namespace FireflyIII\Ldap\Rules;

use LdapRecord\Laravel\Auth\Rule;
use LdapRecord\Models\Attributes\DistinguishedName;
use LdapRecord\Query\ObjectNotFoundException;
use Log;

/**
 * Class UserDefinedRule
 */
class UserDefinedRule extends Rule
{
    /**
     * Check if the rule passes validation.
     *
     * @return bool
     * @throws ObjectNotFoundException
     */
    public function isValid()
    {
        $extraFilter = config('ldap.extra_filter');
        Log::debug(sprintf('UserDefinedRule with extra filter "%s"', $extraFilter));

        if (empty($extraFilter)) {
            Log::debug('Extra filter is empty, return true.');

            return true;
        }
        Log::debug('Extra filter is not empty, continue.');

        // group class:
        // use ;
        $openLDAP        = class_exists(\LdapRecord\Models\OpenLDAP\Group::class) ? \LdapRecord\Models\OpenLDAP\Group::class : '';
        $activeDirectory = class_exists(\LdapRecord\Models\ActiveDirectory\Group::class) ? \LdapRecord\Models\ActiveDirectory\Group::class : '';
        $groupClass      = config('ldap.dialect') === 'OpenLDAP' ? $openLDAP : $activeDirectory;

        Log::debug(sprintf('Will use dialect group class "%s"', $groupClass));


        // We've been given an invalid group filter. We will assume the
        // developer is using some group ANR attribute, and attempt
        // to check the user's membership with the resulting group.
        if (!DistinguishedName::isValid($extraFilter)) {
            Log::debug('UserDefinedRule: Is not valid DN');

            return $this->user->groups()->recursive()->exists($groupClass::findByAnrOrFail($extraFilter));
        }

        $head = strtolower(DistinguishedName::make($extraFilter)->head());
        Log::debug(sprintf('UserDefinedRule: Head is "%s"', $head));
        // If the head of the DN we've been given is an OU, we will assume
        // the developer is looking to filter users based on hierarchy.
        // Otherwise, we'll attempt locating a group by the given
        // group filter and checking the users group membership.
        if ('ou' === $head) {
            Log::debug('UserDefinedRule: Will return if user is a descendant of.');

            return $this->user->isDescendantOf($extraFilter);
        }
        Log::debug('UserDefinedRule: Will return if user exists in group.');

        return $this->user->groups()->recursive()->exists($groupClass::findOrFail($extraFilter));
    }
}
Group filter for #5133 2021-10-02 14:33:14 +02:00			`<?php`
Update meta files and rebuild. 2021-10-02 16:58:33 +02:00			`declare(strict_types=1);`
Group filter for #5133 2021-10-02 14:33:14 +02:00
			`namespace FireflyIII\Ldap\Rules;`

			`use LdapRecord\Laravel\Auth\Rule;`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00			`use LdapRecord\Models\Attributes\DistinguishedName;`
Update code to reflect latest changes. 2021-10-23 08:32:33 +02:00			`use LdapRecord\Query\ObjectNotFoundException;`
Add log for #5133 2021-10-03 15:31:36 +02:00			`use Log;`
Group filter for #5133 2021-10-02 14:33:14 +02:00
			`/**`
			`* Class UserDefinedRule`
			`*/`
			`class UserDefinedRule extends Rule`
			`{`
			`/**`
			`* Check if the rule passes validation.`
			`*`
			`* @return bool`
Update code to reflect latest changes. 2021-10-23 08:32:33 +02:00			`* @throws ObjectNotFoundException`
Group filter for #5133 2021-10-02 14:33:14 +02:00			`*/`
			`public function isValid()`
			`{`
Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`$extraFilter = config('ldap.extra_filter');`
			`Log::debug(sprintf('UserDefinedRule with extra filter "%s"', $extraFilter));`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00
Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`if (empty($extraFilter)) {`
			`Log::debug('Extra filter is empty, return true.');`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00
			`return true;`
			`}`
Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`Log::debug('Extra filter is not empty, continue.');`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00
			`// group class:`
			`// use ;`
			`$openLDAP = class_exists(\LdapRecord\Models\OpenLDAP\Group::class) ? \LdapRecord\Models\OpenLDAP\Group::class : '';`
			`$activeDirectory = class_exists(\LdapRecord\Models\ActiveDirectory\Group::class) ? \LdapRecord\Models\ActiveDirectory\Group::class : '';`
Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`$groupClass = config('ldap.dialect') === 'OpenLDAP' ? $openLDAP : $activeDirectory;`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00
Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`Log::debug(sprintf('Will use dialect group class "%s"', $groupClass));`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00

			`// We've been given an invalid group filter. We will assume the`
			`// developer is using some group ANR attribute, and attempt`
			`// to check the user's membership with the resulting group.`
Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`if (!DistinguishedName::isValid($extraFilter)) {`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00			`Log::debug('UserDefinedRule: Is not valid DN');`

Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`return $this->user->groups()->recursive()->exists($groupClass::findByAnrOrFail($extraFilter));`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00			`}`

Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`$head = strtolower(DistinguishedName::make($extraFilter)->head());`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00			`Log::debug(sprintf('UserDefinedRule: Head is "%s"', $head));`
			`// If the head of the DN we've been given is an OU, we will assume`
			`// the developer is looking to filter users based on hierarchy.`
			`// Otherwise, we'll attempt locating a group by the given`
			`// group filter and checking the users group membership.`
			`if ('ou' === $head) {`
			`Log::debug('UserDefinedRule: Will return if user is a descendant of.');`

Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`return $this->user->isDescendantOf($extraFilter);`
Group filter for #5133 2021-10-02 14:33:14 +02:00			`}`
Improvements for https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:50:04 +02:00			`Log::debug('UserDefinedRule: Will return if user exists in group.');`
Group filter for #5133 2021-10-02 14:33:14 +02:00
Rename variable https://github.com/firefly-iii/firefly-iii/issues/5133 2021-10-30 06:53:21 +02:00			`return $this->user->groups()->recursive()->exists($groupClass::findOrFail($extraFilter));`
Group filter for #5133 2021-10-02 14:33:14 +02:00			`}`
			`}`