From 2c65b5256e1a902db0948395c59819342e23178d Mon Sep 17 00:00:00 2001 From: thabart Date: Wed, 19 Jun 2024 14:41:08 +0200 Subject: [PATCH] Ticket #760 : Fix different issues --- .../DisplayConditionEvaluator.cs | 10 +++++++-- .../MobileOptions.cs | 2 +- .../WebauthnOptions.cs | 2 +- ...LDAPRepresentationsExtractionJobOptions.cs | 22 ++++++++++--------- .../Services/LDAPProvisioningService.cs | 9 +++++--- .../KeyValueRepository.cs | 2 +- .../Shared/EditConfiguration.razor | 10 +++++++-- .../Provisioning/ImportUsersConsumer.cs | 3 ++- 8 files changed, 39 insertions(+), 21 deletions(-) diff --git a/src/IdServer/SimpleIdServer.Configuration/DisplayConditionEvaluator.cs b/src/IdServer/SimpleIdServer.Configuration/DisplayConditionEvaluator.cs index c5314caa9..eb272c987 100644 --- a/src/IdServer/SimpleIdServer.Configuration/DisplayConditionEvaluator.cs +++ b/src/IdServer/SimpleIdServer.Configuration/DisplayConditionEvaluator.cs @@ -7,13 +7,19 @@ namespace SimpleIdServer.Configuration { public static class DisplayConditionEvaluator { - public static bool IsValid(Dictionary values, string condition) + public static bool IsLogicalOperationValid(Dictionary values, string condition) { if (string.IsNullOrWhiteSpace(condition)) return true; + var conditions = condition.Split("&&").Select(c => c.Trim()); + return conditions.All(c => IsEqualityOperationValid(values, c)); + } + + public static bool IsEqualityOperationValid(Dictionary values, string condition) + { var splitted = condition.Split('='); var key = splitted[0]; var value = splitted[1]; - return values.Any(kvp => kvp.Key == key && kvp.Value == value); + return values.Any(kvp => kvp.Key == key && kvp.Value.Equals(value, System.StringComparison.InvariantCultureIgnoreCase)); } } } diff --git a/src/IdServer/SimpleIdServer.IdServer.Fido/MobileOptions.cs b/src/IdServer/SimpleIdServer.IdServer.Fido/MobileOptions.cs index 5b91afe65..672e3f9dc 100644 --- a/src/IdServer/SimpleIdServer.IdServer.Fido/MobileOptions.cs +++ b/src/IdServer/SimpleIdServer.IdServer.Fido/MobileOptions.cs @@ -5,7 +5,7 @@ namespace SimpleIdServer.IdServer.Fido { - public class MobileOptions + public class MobileOptions : IFidoOptions { /// /// Expiration time in seconds of the U2F FIDO session identifier. diff --git a/src/IdServer/SimpleIdServer.IdServer.Fido/WebauthnOptions.cs b/src/IdServer/SimpleIdServer.IdServer.Fido/WebauthnOptions.cs index f2d626210..07ecda9ce 100644 --- a/src/IdServer/SimpleIdServer.IdServer.Fido/WebauthnOptions.cs +++ b/src/IdServer/SimpleIdServer.IdServer.Fido/WebauthnOptions.cs @@ -5,7 +5,7 @@ namespace SimpleIdServer.IdServer.Fido { - public class WebauthnOptions + public class WebauthnOptions : IFidoOptions { /// /// Expiration time in seconds of the U2F FIDO session identifier. diff --git a/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/LDAPRepresentationsExtractionJobOptions.cs b/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/LDAPRepresentationsExtractionJobOptions.cs index 9e301982f..be515c5b7 100644 --- a/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/LDAPRepresentationsExtractionJobOptions.cs +++ b/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/LDAPRepresentationsExtractionJobOptions.cs @@ -27,29 +27,31 @@ public class LDAPRepresentationsExtractionJobOptions #region Groups - [ConfigurationRecord("Groups DN", "Full DN of LDAP tree where your groups are.", order: 6)] + [ConfigurationRecord("Synchronize groups", "Enable or disabled groups synchronization", order: 6)] + public bool IsGroupSyncEnabled { get; set; } = false; + [ConfigurationRecord("Groups DN", "Full DN of LDAP tree where your groups are.", order: 7, "IsGroupSyncEnabled=true")] public string GroupsDN { get; set; } - [ConfigurationRecord("Group object classes", "All values of LDAP objectClass attribute for groups in LDAP, divided by commas.", order: 7)] + [ConfigurationRecord("Group object classes", "All values of LDAP objectClass attribute for groups in LDAP, divided by commas.", order: 8, "IsGroupSyncEnabled=true")] public string GroupObjectClasses { get; set; } = "posixGroup"; - [ConfigurationRecord("Membership Group LDAP Attribute.", "It is the name of the LDAP Attribute on the group, which is used for membership mappings, for example memberUid", order: 8)] + [ConfigurationRecord("Membership Group LDAP Attribute.", "It is the name of the LDAP Attribute on the group, which is used for membership mappings, for example memberUid", order: 9, "IsGroupSyncEnabled=true")] public string MembershipLDAPAttribute { get; set; } - [ConfigurationRecord("Membership User LDAP Attribute.", "It is the name of the LDAP Attribute on the user, which is used for membership mappings, for example uidNumber", order: 9)] + [ConfigurationRecord("Membership User LDAP Attribute.", "It is the name of the LDAP Attribute on the user, which is used for membership mappings, for example uidNumber", order: 10, "IsGroupSyncEnabled=true")] public string MembershipUserLDAPAttribute { get; set; } - [ConfigurationRecord("User Groups Retrieve Strategy", "Membership User LDAP Attribute.", order: 10)] + [ConfigurationRecord("User Groups Retrieve Strategy", "Membership User LDAP Attribute.", order: 11, "IsGroupSyncEnabled=true")] public LoadingStrategies RetrievingStrategies { get; set; } - [ConfigurationRecord("Member of LDAP Attribute", "Specifies the name of the LDAP Attribute on the LDAP user which contains the groups, which the user is member of.", order: 11, "RetrievingStrategies=LOAD_FROM_USER_MEMBEROF_ATTRIBUTE")] + [ConfigurationRecord("Member of LDAP Attribute", "Specifies the name of the LDAP Attribute on the LDAP user which contains the groups, which the user is member of.", order: 12, "RetrievingStrategies=LOAD_FROM_USER_MEMBEROF_ATTRIBUTE && IsGroupSyncEnabled=true")] public string MemberOfAttribute { get; set; } #endregion - [ConfigurationRecord("User Identifier LDAP Attribute", "Name of the LDAP attribute, which is used as a unique object identifier for objects in LDAP, objectSID for Active Directory or uidNumber of Open Ldap", order: 12)] + [ConfigurationRecord("User Identifier LDAP Attribute", "Name of the LDAP attribute, which is used as a unique object identifier for objects in LDAP, objectSID for Active Directory or uidNumber of Open Ldap", order: 13)] public string UserIdLDAPAttribute { get; set; } - [ConfigurationRecord("Group Identifier LDAP Attribute", "Name of the LDAP attribute, which is used as a unique object identifier for objects in LDAP, objectSID for Active Directory or gidNumber of Open Ldap", order: 13)] + [ConfigurationRecord("Group Identifier LDAP Attribute", "Name of the LDAP attribute, which is used as a unique object identifier for objects in LDAP, objectSID for Active Directory or gidNumber of Open Ldap", order: 14, "IsGroupSyncEnabled=true")] public string GroupIdLDAPAttribute { get; set; } - [ConfigurationRecord("Modification Date Attribute", "Name of the LDAP Attribute, which is used as the modification date for objects in LDAP", order: 14)] + [ConfigurationRecord("Modification Date Attribute", "Name of the LDAP Attribute, which is used as the modification date for objects in LDAP", order: 15)] public string ModificationDateAttribute { get; set; } = "modificationDate"; - [ConfigurationRecord("Batch size", "Number of records", order: 15)] + [ConfigurationRecord("Batch size", "Number of records", order: 16)] public int BatchSize { get; set; } = 1; } diff --git a/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/Services/LDAPProvisioningService.cs b/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/Services/LDAPProvisioningService.cs index bd5796d6a..84d03ecbc 100644 --- a/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/Services/LDAPProvisioningService.cs +++ b/src/IdServer/SimpleIdServer.IdServer.Provisioning.LDAP/Services/LDAPProvisioningService.cs @@ -101,9 +101,12 @@ private ExtractedResult Extract(SearchResultEntryCollection entries, LDAPReprese Version = version }; users.Add(user); - var userGroups = ResolveUserGroups(userId, entry, options, ldapConnection, definition); - groups.AddRange(userGroups); - user.GroupIds = userGroups.Select(g => g.Id).ToList(); + if(options.IsGroupSyncEnabled) + { + var userGroups = ResolveUserGroups(userId, entry, options, ldapConnection, definition); + groups.AddRange(userGroups); + user.GroupIds = userGroups.Select(g => g.Id).ToList(); + } } return new ExtractedResult { Users = users, Groups = groups }; diff --git a/src/IdServer/SimpleIdServer.IdServer.Store.EF/KeyValueRepository.cs b/src/IdServer/SimpleIdServer.IdServer.Store.EF/KeyValueRepository.cs index 48ee083f5..6b7f64335 100644 --- a/src/IdServer/SimpleIdServer.IdServer.Store.EF/KeyValueRepository.cs +++ b/src/IdServer/SimpleIdServer.IdServer.Store.EF/KeyValueRepository.cs @@ -28,7 +28,7 @@ public Task Get(string key, CancellationToken c public Task> GetAll(CancellationToken cancellationToken) { - if (_dbContext.Database.GetPendingMigrations().Any()) return Task.FromResult(new List()); + if (!_dbContext.Database.IsInMemory() && _dbContext.Database.GetPendingMigrations().Any()) return Task.FromResult(new List()); return _dbContext.ConfigurationKeyPairValueRecords.ToListAsync(cancellationToken); } diff --git a/src/IdServer/SimpleIdServer.IdServer.Website/Shared/EditConfiguration.razor b/src/IdServer/SimpleIdServer.IdServer.Website/Shared/EditConfiguration.razor index 5344f9668..c3b231765 100644 --- a/src/IdServer/SimpleIdServer.IdServer.Website/Shared/EditConfiguration.razor +++ b/src/IdServer/SimpleIdServer.IdServer.Website/Shared/EditConfiguration.razor @@ -98,7 +98,7 @@ {
- +

@property.Description

@@ -190,11 +190,17 @@ Refresh(); } + private void Select(EditableProperty p, bool o) + { + p.Value = o.ToString(); + Refresh(); + } + private void Refresh() { var values = GetValues(); var configuration = configurationDefsState.Value.ConfigurationDefs.Single(c => c.Id == Name); - Properties = AllProperties.Where(p => DisplayConditionEvaluator.IsValid(values, p.DisplayCondition)).ToList(); + Properties = AllProperties.Where(p => DisplayConditionEvaluator.IsLogicalOperationValid(values, p.DisplayCondition)).ToList(); } private Dictionary GetValues() diff --git a/src/IdServer/SimpleIdServer.IdServer/Provisioning/ImportUsersConsumer.cs b/src/IdServer/SimpleIdServer.IdServer/Provisioning/ImportUsersConsumer.cs index 764be5e21..ee67eaa9e 100644 --- a/src/IdServer/SimpleIdServer.IdServer/Provisioning/ImportUsersConsumer.cs +++ b/src/IdServer/SimpleIdServer.IdServer/Provisioning/ImportUsersConsumer.cs @@ -215,7 +215,8 @@ private ExtractionUserResult ExtractUsersAndClaims(IdentityProvisioning idProvis Id = extractedUser.RepresentationId, Source = idProvisioning.Definition.Name, IdentityProvisioningId = idProvisioning.Id, - UpdateDateTime = DateTime.UtcNow + UpdateDateTime = DateTime.UtcNow, + CreateDateTime = DateTime.UtcNow }; if (!string.IsNullOrWhiteSpace(extractedUser.Values)) {