Skip to content

Commit

Permalink
fix(groups): do not handle groups without mapping
Browse files Browse the repository at this point in the history
- the backend would aggressively

Signed-off-by: Arthur Schiwon <[email protected]>
  • Loading branch information
blizzz committed Jan 30, 2024
1 parent ae07a7d commit 579bf97
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 3 deletions.
11 changes: 9 additions & 2 deletions lib/GroupManager.php
Original file line number Diff line number Diff line change
Expand Up @@ -115,12 +115,19 @@ private function getGroupsToAdd(array $samlGroupNames, array $assignedGroupIds):
}

public function handleIncomingGroups(IUser $user, array $samlGroupNames): void {
$id = $this->settings->getProviderId();
$groupMapping = $this->settings->get($id)['saml-attribute-mapping-group_mapping'] ?? null;
if ($groupMapping === null || $groupMapping === '') {
// When no group mapping is set up, it is not our business
return;
}

$this->updateUserGroups($user, $samlGroupNames);
// TODO: drop following line with dropping NC 28 support
$this->evaluateGroupMigrations($samlGroupNames);
}

public function updateUserGroups(IUser $user, array $samlGroupNames): void {
protected function updateUserGroups(IUser $user, array $samlGroupNames): void {
$this->translateGroupToIds($samlGroupNames);
$assignedGroups = $this->groupManager->getUserGroups($user);
$assignedGroupIds = array_map(function (IGroup $group) {
Expand Down Expand Up @@ -250,7 +257,7 @@ protected function hasSamlBackend(IGroup $group): bool {
return in_array('user_saml', $group->getBackendNames());
}

public function evaluateGroupMigrations(array $groups): void {
protected function evaluateGroupMigrations(array $groups): void {
$candidateInfo = $this->config->getAppValue('user_saml', self::LOCAL_GROUPS_CHECK_FOR_MIGRATION, '');
if ($candidateInfo === '') {
return;
Expand Down
2 changes: 1 addition & 1 deletion tests/unit/GroupManagerTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,7 @@ public function testUpdateUserGroups() {
->with($user, ['groupC']);

// assert SAML provides user groups groupB and groupC
$this->ownGroupManager->updateUserGroups($user, ['groupB', 'groupC']);
$this->invokePrivate($this->ownGroupManager, 'updateUserGroups', [$user, ['groupB', 'groupC']]);
}

public function testUnassignUserFromGroups() {
Expand Down

0 comments on commit 579bf97

Please sign in to comment.