From b6d02eab8955bc63f84171ed2180dd0211590061 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philipp=20Sch=C3=BCle?= Date: Tue, 11 Feb 2025 11:22:37 +0100 Subject: [PATCH 1/2] fix(Tinebase/User/AD): fix user add for ActiveDirectory --- tine20/Tinebase/User/ActiveDirectory.php | 6 ++++-- tine20/Tinebase/User/Ldap.php | 9 +++++++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/tine20/Tinebase/User/ActiveDirectory.php b/tine20/Tinebase/User/ActiveDirectory.php index 8187362e1b9..bdca74beef9 100644 --- a/tine20/Tinebase/User/ActiveDirectory.php +++ b/tine20/Tinebase/User/ActiveDirectory.php @@ -167,12 +167,14 @@ public function addUserToSyncBackend(Tinebase_Model_FullUser $_user) // add user to primary group and set primary group /** @noinspection PhpUndefinedMethodInspection */ - Tinebase_Group::getInstance()->addGroupMemberInSyncBackend(Tinebase_Config::getInstance()->{Tinebase_Config::USERBACKEND}->{Tinebase_Config::SYNCOPTIONS}->{Tinebase_Config::SYNC_DEVIATED_PRIMARY_GROUP_UUID} ?: $_user->accountPrimaryGroup, $_user, false); + Tinebase_Group::getInstance()->addGroupMemberInSyncBackend(Tinebase_Config::getInstance()-> + {Tinebase_Config::USERBACKEND}->{Tinebase_Config::SYNCOPTIONS}->{Tinebase_Config::SYNC_DEVIATED_PRIMARY_GROUP_UUID} + ?: $_user->accountPrimaryGroup, $userId, false); // set primary group id $this->_ldap->updateProperty($dn, array('primarygroupid' => $primaryGroupId)); - $user = $this->getUserByPropertyFromSyncBackend('accountId', $_user, 'Tinebase_Model_FullUser'); + $user = $this->getUserByPropertyFromSyncBackend('accountId', $userId, 'Tinebase_Model_FullUser'); if (Tinebase_Config::getInstance()->{Tinebase_Config::USERBACKEND}->{Tinebase_Config::SYNCOPTIONS}->{Tinebase_Config::PWD_CANT_CHANGE}) { $user->accountId = $_user->accountId; diff --git a/tine20/Tinebase/User/Ldap.php b/tine20/Tinebase/User/Ldap.php index 09927e59192..5cbade6b4a1 100644 --- a/tine20/Tinebase/User/Ldap.php +++ b/tine20/Tinebase/User/Ldap.php @@ -350,7 +350,7 @@ public function getLdap() } /** - * get user by login name + * get user by given property * * @param string $_property * @param string $_accountId @@ -364,8 +364,13 @@ public function getUserByPropertyFromSyncBackend($_property, $_accountId, $_acco throw new Tinebase_Exception_NotFound("can't get user by property $_property. property not supported by ldap backend."); } + // TODO this seems not to be correct - only do this in certain cases? if ('accountId' === $_property && ! $_accountId instanceof Tinebase_Model_FullUser) { - $_accountId = $this->getFullUserById($_accountId); + try { + $_accountId = $this->getFullUserById($_accountId); + } catch (Tinebase_Exception_NotFound $tenf) { + // user might not exist, yet (i.e. was just added via \Tinebase_User_ActiveDirectory::addUserToSyncBackend) + } } $ldapEntry = $this->_getLdapEntry($_property, $_accountId); From f44a27d2d10895f4cd736297195a06bb6461d2b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philipp=20Sch=C3=BCle?= Date: Tue, 11 Feb 2025 15:45:08 +0100 Subject: [PATCH 2/2] test(Tinebase/Auth): skip testWebAuthNPwdLessLogin with ad/ldap user backend There was 1 error: 1) Tinebase_Auth_MFATest::testWebAuthNPwdLessLogin TypeError: method_exists(): Argument #1 ($object_or_class) must be of type object|string, array given /builds/tine20/tine20/tine20/Tinebase/Model/MFA/UserConfig.php:113 /builds/tine20/tine20/tine20/Tinebase/User/Sql.php:1056 /builds/tine20/tine20/tine20/Tinebase/User/Sql.php:1097 --- tests/tine20/Tinebase/Auth/MFATest.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/tine20/Tinebase/Auth/MFATest.php b/tests/tine20/Tinebase/Auth/MFATest.php index c9300e4197d..9b2467f66c2 100644 --- a/tests/tine20/Tinebase/Auth/MFATest.php +++ b/tests/tine20/Tinebase/Auth/MFATest.php @@ -461,6 +461,8 @@ public function testGenericSmsAdapter() public function testWebAuthNPwdLessLogin(): void { + $this->_skipIfLDAPBackend('fails with TypeError in \Tinebase_Model_MFA_UserConfig::updateUserOldRecordCallback'); + $this->_originalTestUser->mfa_configs = new Tinebase_Record_RecordSet( Tinebase_Model_MFA_UserConfig::class, [[ Tinebase_Model_MFA_UserConfig::FLD_ID => 'unittest',