2022-03-08 05:37:20 +00:00
|
|
|
|
/*
|
|
|
|
|
|
*
|
|
|
|
|
|
* (c) Copyright Ascensio System Limited 2010-2021
|
|
|
|
|
|
*
|
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
|
*
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
using Constants = ASC.Core.Users.Constants;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
using Mapping = ASC.ActiveDirectory.Base.Settings.LdapSettings.MappingFields;
|
2022-03-17 19:44:34 +00:00
|
|
|
|
using SecurityContext = ASC.Core.SecurityContext;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
namespace ASC.ActiveDirectory;
|
|
|
|
|
|
[Scope]
|
|
|
|
|
|
public class LdapUserManager
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private readonly ILog _log;
|
|
|
|
|
|
private readonly UserManager _userManager;
|
|
|
|
|
|
private readonly TenantManager _tenantManager;
|
|
|
|
|
|
private readonly TenantUtil _tenantUtil;
|
|
|
|
|
|
private readonly SecurityContext _securityContext;
|
|
|
|
|
|
private readonly CommonLinkUtility _commonLinkUtility;
|
|
|
|
|
|
private readonly SettingsManager _settingsManager;
|
|
|
|
|
|
private readonly DisplayUserSettingsHelper _displayUserSettingsHelper;
|
|
|
|
|
|
private readonly UserFormatter _userFormatter;
|
|
|
|
|
|
private readonly IServiceProvider _serviceProvider;
|
|
|
|
|
|
private readonly IServiceScope _serviceScope;
|
|
|
|
|
|
private readonly NovellLdapUserImporter _novellLdapUserImporter;
|
|
|
|
|
|
private readonly LdapNotifySource _ldapNotifySource;
|
|
|
|
|
|
private LdapLocalization _resource;
|
|
|
|
|
|
|
|
|
|
|
|
public LdapUserManager(
|
|
|
|
|
|
IOptionsMonitor<ILog> option,
|
|
|
|
|
|
IServiceProvider serviceProvider,
|
|
|
|
|
|
IServiceScope serviceScope,
|
|
|
|
|
|
UserManager userManager,
|
|
|
|
|
|
TenantManager tenantManager,
|
|
|
|
|
|
TenantUtil tenantUtil,
|
|
|
|
|
|
SecurityContext securityContext,
|
|
|
|
|
|
CommonLinkUtility commonLinkUtility,
|
|
|
|
|
|
SettingsManager settingsManager,
|
|
|
|
|
|
DisplayUserSettingsHelper displayUserSettingsHelper,
|
|
|
|
|
|
UserFormatter userFormatter,
|
|
|
|
|
|
LdapNotifySource ldapNotifySource,
|
|
|
|
|
|
NovellLdapUserImporter novellLdapUserImporter)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log = option.Get("ASC");
|
|
|
|
|
|
_userManager = userManager;
|
|
|
|
|
|
_ldapNotifySource = ldapNotifySource;
|
|
|
|
|
|
_tenantManager = tenantManager;
|
|
|
|
|
|
_serviceScope = serviceScope;
|
|
|
|
|
|
_tenantUtil = tenantUtil;
|
|
|
|
|
|
_securityContext = securityContext;
|
|
|
|
|
|
_commonLinkUtility = commonLinkUtility;
|
|
|
|
|
|
_settingsManager = settingsManager;
|
|
|
|
|
|
_displayUserSettingsHelper = displayUserSettingsHelper;
|
|
|
|
|
|
_userFormatter = userFormatter;
|
|
|
|
|
|
_serviceProvider = serviceProvider;
|
|
|
|
|
|
_novellLdapUserImporter = novellLdapUserImporter;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
public void Init(LdapLocalization resource = null)
|
|
|
|
|
|
{
|
|
|
|
|
|
_resource = resource ?? new LdapLocalization();
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private bool TestUniqueUserName(string uniqueName)
|
|
|
|
|
|
{
|
|
|
|
|
|
return !string.IsNullOrEmpty(uniqueName) && Equals(_userManager.GetUserByUserName(uniqueName), Constants.LostUser);
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private string MakeUniqueName(UserInfo userInfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (string.IsNullOrEmpty(userInfo.Email))
|
|
|
|
|
|
throw new ArgumentException(_resource.ErrorEmailEmpty, "userInfo");
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var uniqueName = new MailAddress(userInfo.Email).User;
|
|
|
|
|
|
var startUniqueName = uniqueName;
|
|
|
|
|
|
var i = 0;
|
|
|
|
|
|
while (!TestUniqueUserName(uniqueName))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
uniqueName = string.Format("{0}{1}", startUniqueName, (++i).ToString(CultureInfo.InvariantCulture));
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return uniqueName;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private bool CheckUniqueEmail(Guid userId, string email)
|
|
|
|
|
|
{
|
|
|
|
|
|
var foundUser = _userManager.GetUserByEmail(email);
|
|
|
|
|
|
return Equals(foundUser, Constants.LostUser) || foundUser.ID == userId;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
public bool TryAddLDAPUser(UserInfo ldapUserInfo, bool onlyGetChanges, out UserInfo portalUserInfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
portalUserInfo = Constants.LostUser;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ldapUserInfo == null)
|
|
|
|
|
|
throw new ArgumentNullException("ldapUserInfo");
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("TryAddLDAPUser(SID: {0}): Email '{1}' UserName: {2}", ldapUserInfo.Sid,
|
|
|
|
|
|
ldapUserInfo.Email, ldapUserInfo.UserName);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!CheckUniqueEmail(ldapUserInfo.ID, ldapUserInfo.Email))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("TryAddLDAPUser(SID: {0}): Email '{1}' already exists.",
|
|
|
|
|
|
ldapUserInfo.Sid, ldapUserInfo.Email);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!TryChangeExistingUserName(ldapUserInfo.UserName, onlyGetChanges))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("TryAddLDAPUser(SID: {0}): Username '{1}' already exists.",
|
|
|
|
|
|
ldapUserInfo.Sid, ldapUserInfo.UserName);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var q = _tenantManager.GetTenantQuota(_tenantManager.GetCurrentTenant().TenantId);
|
|
|
|
|
|
if (q.ActiveUsers <= _userManager.GetUsersByGroup(Constants.GroupUser.ID).Length)
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("TryAddLDAPUser(SID: {0}): Username '{1}' adding this user would exceed quota.",
|
|
|
|
|
|
ldapUserInfo.Sid, ldapUserInfo.UserName);
|
|
|
|
|
|
throw new TenantQuotaException(string.Format("Exceeds the maximum active users ({0})", q.ActiveUsers));
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!ldapUserInfo.WorkFromDate.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
ldapUserInfo.WorkFromDate = _tenantUtil.DateTimeNow();
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
{
|
|
|
|
|
|
portalUserInfo = ldapUserInfo;
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("CoreContext.UserManager.SaveUserInfo({0})", ldapUserInfo.GetUserInfoString());
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
portalUserInfo = _userManager.SaveUserInfo(ldapUserInfo);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var passwordHash = LdapUtils.GeneratePassword();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("SecurityContext.SetUserPassword(ID:{0})", portalUserInfo.ID);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_securityContext.SetUserPasswordHash(portalUserInfo.ID, passwordHash);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
catch (TenantQuotaException ex)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
// rethrow if quota
|
|
|
|
|
|
throw ex;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ldapUserInfo != null)
|
|
|
|
|
|
_log.ErrorFormat("TryAddLDAPUser(UserName='{0}' Sid='{1}') failed: Error: {2}", ldapUserInfo.UserName,
|
|
|
|
|
|
ldapUserInfo.Sid, ex);
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private bool TryChangeExistingUserName(string ldapUserName, bool onlyGetChanges)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
if (string.IsNullOrEmpty(ldapUserName))
|
|
|
|
|
|
return false;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var otherUser = _userManager.GetUserByUserName(ldapUserName);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (Equals(otherUser, Constants.LostUser))
|
|
|
|
|
|
return true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (otherUser.IsLDAP())
|
|
|
|
|
|
return false;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
otherUser.UserName = MakeUniqueName(otherUser);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
return true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.Debug("TryChangeExistingUserName()");
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("CoreContext.UserManager.SaveUserInfo({0})", otherUser.GetUserInfoString());
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_userManager.SaveUserInfo(otherUser);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
catch (Exception ex)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.ErrorFormat("TryChangeOtherUserName({0}) failed. Error: {1}", ldapUserName, ex);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
public UserInfo GetLDAPSyncUserChange(UserInfo ldapUserInfo, List<UserInfo> ldapUsers, out LdapChangeCollection changes)
|
|
|
|
|
|
{
|
|
|
|
|
|
return SyncLDAPUser(ldapUserInfo, ldapUsers, out changes, true);
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
public UserInfo SyncLDAPUser(UserInfo ldapUserInfo, List<UserInfo> ldapUsers = null)
|
|
|
|
|
|
{
|
|
|
|
|
|
LdapChangeCollection changes;
|
|
|
|
|
|
return SyncLDAPUser(ldapUserInfo, ldapUsers, out changes);
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private UserInfo SyncLDAPUser(UserInfo ldapUserInfo, List<UserInfo> ldapUsers, out LdapChangeCollection changes, bool onlyGetChanges = false)
|
|
|
|
|
|
{
|
|
|
|
|
|
UserInfo result;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
changes = new LdapChangeCollection(_userFormatter);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
UserInfo userToUpdate;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var userBySid = _userManager.GetUserBySid(ldapUserInfo.Sid);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (Equals(userBySid, Constants.LostUser))
|
|
|
|
|
|
{
|
|
|
|
|
|
var userByEmail = _userManager.GetUserByEmail(ldapUserInfo.Email);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (Equals(userByEmail, Constants.LostUser))
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ldapUserInfo.Status != EmployeeStatus.Active)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
changes.SetSkipUserChange(ldapUserInfo);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("SyncUserLDAP(SID: {0}, Username: '{1}') ADD failed: Status is {2}",
|
|
|
|
|
|
ldapUserInfo.Sid, ldapUserInfo.UserName,
|
|
|
|
|
|
Enum.GetName(typeof(EmployeeStatus), ldapUserInfo.Status));
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return Constants.LostUser;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!TryAddLDAPUser(ldapUserInfo, onlyGetChanges, out result))
|
|
|
|
|
|
{
|
|
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
changes.SetSkipUserChange(ldapUserInfo);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return Constants.LostUser;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
changes.SetAddUserChange(result, _log);
|
|
|
|
|
|
|
|
|
|
|
|
if (!onlyGetChanges && _settingsManager.Load<LdapSettings>().SendWelcomeEmail &&
|
|
|
|
|
|
(ldapUserInfo.ActivationStatus != EmployeeActivationStatus.AutoGenerated))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var client = WorkContext.NotifyContext.NotifyService.RegisterClient(_ldapNotifySource, _serviceScope);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var confirmLink = _commonLinkUtility.GetConfirmationUrl(ldapUserInfo.Email, ConfirmType.EmailActivation);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
client.SendNoticeToAsync(
|
|
|
|
|
|
NotifyConstants.ActionLdapActivation,
|
|
|
|
|
|
null,
|
|
|
|
|
|
new[] { new DirectRecipient(ldapUserInfo.Email, null, new[] { ldapUserInfo.Email }, false) },
|
|
|
|
|
|
new[] { ASC.Core.Configuration.Constants.NotifyEMailSenderSysName },
|
|
|
|
|
|
null,
|
|
|
|
|
|
new TagValue(NotifyConstants.TagUserName, ldapUserInfo.DisplayUserName(_displayUserSettingsHelper)),
|
|
|
|
|
|
new TagValue(NotifyConstants.TagUserEmail, ldapUserInfo.Email),
|
|
|
|
|
|
new TagValue(NotifyConstants.TagMyStaffLink, _commonLinkUtility.GetFullAbsolutePath(_commonLinkUtility.GetMyStaff())),
|
|
|
|
|
|
NotifyConstants.TagGreenButton(_resource.NotifyButtonJoin, confirmLink),
|
|
|
|
|
|
new TagValue(NotifyCommonTags.WithoutUnsubscribe, true));
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return result;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (userByEmail.IsLDAP())
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (ldapUsers == null || ldapUsers.Any(u => u.Sid.Equals(userByEmail.Sid)))
|
|
|
|
|
|
{
|
|
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
changes.SetSkipUserChange(ldapUserInfo);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat(
|
|
|
|
|
|
"SyncUserLDAP(SID: {0}, Username: '{1}') ADD failed: Another ldap user with email '{2}' already exists",
|
|
|
|
|
|
ldapUserInfo.Sid, ldapUserInfo.UserName, ldapUserInfo.Email);
|
|
|
|
|
|
|
|
|
|
|
|
return Constants.LostUser;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
userToUpdate = userByEmail;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
userToUpdate = userBySid;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
UpdateLdapUserContacts(ldapUserInfo, userToUpdate.ContactsList);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!NeedUpdateUser(userToUpdate, ldapUserInfo))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("SyncUserLDAP(SID: {0}, Username: '{1}') No need to update, skipping", ldapUserInfo.Sid, ldapUserInfo.UserName);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
if (onlyGetChanges)
|
2022-03-17 19:44:34 +00:00
|
|
|
|
changes.SetNoneUserChange(ldapUserInfo);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return userBySid;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("SyncUserLDAP(SID: {0}, Username: '{1}') Userinfo is outdated, updating", ldapUserInfo.Sid, ldapUserInfo.UserName);
|
|
|
|
|
|
if (!TryUpdateUserWithLDAPInfo(userToUpdate, ldapUserInfo, onlyGetChanges, out result))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
changes.SetSkipUserChange(ldapUserInfo);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return Constants.LostUser;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (onlyGetChanges)
|
|
|
|
|
|
changes.SetUpdateUserChange(ldapUserInfo, result, _log);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return result;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private const string EXT_MOB_PHONE = "extmobphone";
|
|
|
|
|
|
private const string EXT_MAIL = "extmail";
|
|
|
|
|
|
private const string EXT_PHONE = "extphone";
|
|
|
|
|
|
private const string EXT_SKYPE = "extskype";
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private static void UpdateLdapUserContacts(UserInfo ldapUser, List<string> portalUserContacts)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (!portalUserContacts.Any())
|
|
|
|
|
|
return;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var ldapUserContacts = ldapUser.Contacts;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var newContacts = new List<string>(ldapUser.ContactsList);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
for (int i = 0; i < portalUserContacts.Count; i += 2)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (portalUserContacts[i] == EXT_MOB_PHONE || portalUserContacts[i] == EXT_MAIL
|
|
|
|
|
|
|| portalUserContacts[i] == EXT_PHONE || portalUserContacts[i] == EXT_SKYPE)
|
|
|
|
|
|
continue;
|
|
|
|
|
|
if (i + 1 >= portalUserContacts.Count)
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
newContacts.Add(portalUserContacts[i]);
|
|
|
|
|
|
newContacts.Add(portalUserContacts[i + 1]);
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
ldapUser.ContactsList = newContacts;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private bool NeedUpdateUser(UserInfo portalUser, UserInfo ldapUser)
|
|
|
|
|
|
{
|
|
|
|
|
|
var needUpdate = false;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
var settings = _settingsManager.Load<LdapSettings>();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
Func<string, string, bool> notEqual =
|
|
|
|
|
|
(f1, f2) =>
|
|
|
|
|
|
f1 == null && f2 != null ||
|
|
|
|
|
|
f1 != null && !f1.Equals(f2, StringComparison.InvariantCultureIgnoreCase);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (notEqual(portalUser.FirstName, ldapUser.FirstName))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by FirstName -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.FirstName ?? "NULL",
|
|
|
|
|
|
ldapUser.FirstName ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (notEqual(portalUser.LastName, ldapUser.LastName))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by LastName -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.LastName ?? "NULL",
|
|
|
|
|
|
ldapUser.LastName ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (notEqual(portalUser.UserName, ldapUser.UserName))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by UserName -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.UserName ?? "NULL",
|
|
|
|
|
|
ldapUser.UserName ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (notEqual(portalUser.Email, ldapUser.Email) &&
|
|
|
|
|
|
(ldapUser.ActivationStatus != EmployeeActivationStatus.AutoGenerated
|
|
|
|
|
|
|| ldapUser.ActivationStatus == EmployeeActivationStatus.AutoGenerated && portalUser.ActivationStatus == EmployeeActivationStatus.AutoGenerated))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by Email -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.Email ?? "NULL",
|
|
|
|
|
|
ldapUser.Email ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (notEqual(portalUser.Sid, ldapUser.Sid))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by Sid -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.Sid ?? "NULL",
|
|
|
|
|
|
ldapUser.Sid ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.TitleAttribute) && notEqual(portalUser.Title, ldapUser.Title))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by Title -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.Title ?? "NULL",
|
|
|
|
|
|
ldapUser.Title ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.LocationAttribute) && notEqual(portalUser.Location, ldapUser.Location))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by Location -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.Location ?? "NULL",
|
|
|
|
|
|
ldapUser.Location ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (portalUser.ActivationStatus != ldapUser.ActivationStatus &&
|
|
|
|
|
|
(!portalUser.ActivationStatus.HasFlag(EmployeeActivationStatus.Activated) || portalUser.Email != ldapUser.Email) &&
|
|
|
|
|
|
ldapUser.ActivationStatus != EmployeeActivationStatus.AutoGenerated)
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by ActivationStatus -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.ActivationStatus,
|
|
|
|
|
|
ldapUser.ActivationStatus);
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (portalUser.Status != ldapUser.Status)
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by Status -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.Status,
|
|
|
|
|
|
ldapUser.Status);
|
|
|
|
|
|
needUpdate = true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
|
|
|
|
|
|
if (ldapUser.ContactsList.Count != portalUser.ContactsList.Count ||
|
|
|
|
|
|
!ldapUser.Contacts.All(portalUser.Contacts.Contains))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("NeedUpdateUser by Contacts -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
string.Join("|", portalUser.Contacts),
|
|
|
|
|
|
string.Join("|", ldapUser.Contacts));
|
|
|
|
|
|
needUpdate = true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.MobilePhoneAttribute) && notEqual(portalUser.MobilePhone, ldapUser.MobilePhone))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by PrimaryPhone -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.MobilePhone ?? "NULL",
|
|
|
|
|
|
ldapUser.MobilePhone ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.BirthDayAttribute) && portalUser.BirthDate == null && ldapUser.BirthDate != null || portalUser.BirthDate != null && !portalUser.BirthDate.Equals(ldapUser.BirthDate))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser by BirthDate -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.BirthDate.ToString() ?? "NULL",
|
|
|
|
|
|
ldapUser.BirthDate.ToString() ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.GenderAttribute) && portalUser.Sex == null && ldapUser.Sex != null || portalUser.Sex != null && !portalUser.Sex.Equals(ldapUser.Sex))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("NeedUpdateUser by Sex -> portal: '{0}', ldap: '{1}'",
|
|
|
|
|
|
portalUser.Sex.ToString() ?? "NULL",
|
|
|
|
|
|
ldapUser.Sex.ToString() ?? "NULL");
|
|
|
|
|
|
needUpdate = true;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NeedUpdateUser failed: error: {0}", ex);
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return needUpdate;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private bool TryUpdateUserWithLDAPInfo(UserInfo userToUpdate, UserInfo updateInfo, bool onlyGetChanges, out UserInfo portlaUserInfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
portlaUserInfo = Constants.LostUser;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.Debug("TryUpdateUserWithLDAPInfo()");
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var settings = _settingsManager.Load<LdapSettings>();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!userToUpdate.UserName.Equals(updateInfo.UserName, StringComparison.InvariantCultureIgnoreCase)
|
|
|
|
|
|
&& !TryChangeExistingUserName(updateInfo.UserName, onlyGetChanges))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat(
|
|
|
|
|
|
"UpdateUserWithLDAPInfo(ID: {0}): New username already exists. (Old: '{1})' New: '{2}'",
|
|
|
|
|
|
userToUpdate.ID, userToUpdate.UserName, updateInfo.UserName);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!userToUpdate.Email.Equals(updateInfo.Email, StringComparison.InvariantCultureIgnoreCase)
|
|
|
|
|
|
&& !CheckUniqueEmail(userToUpdate.ID, updateInfo.Email))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat(
|
|
|
|
|
|
"UpdateUserWithLDAPInfo(ID: {0}): New email already exists. (Old: '{1})' New: '{2}'",
|
|
|
|
|
|
userToUpdate.ID, userToUpdate.Email, updateInfo.Email);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (userToUpdate.Email != updateInfo.Email && !(updateInfo.ActivationStatus == EmployeeActivationStatus.AutoGenerated &&
|
|
|
|
|
|
userToUpdate.ActivationStatus == (EmployeeActivationStatus.AutoGenerated | EmployeeActivationStatus.Activated)))
|
|
|
|
|
|
{
|
|
|
|
|
|
userToUpdate.ActivationStatus = updateInfo.ActivationStatus;
|
|
|
|
|
|
userToUpdate.Email = updateInfo.Email;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
userToUpdate.UserName = updateInfo.UserName;
|
|
|
|
|
|
userToUpdate.FirstName = updateInfo.FirstName;
|
|
|
|
|
|
userToUpdate.LastName = updateInfo.LastName;
|
|
|
|
|
|
userToUpdate.Sid = updateInfo.Sid;
|
|
|
|
|
|
userToUpdate.Contacts = updateInfo.Contacts;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.TitleAttribute)) userToUpdate.Title = updateInfo.Title;
|
|
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.LocationAttribute)) userToUpdate.Location = updateInfo.Location;
|
|
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.GenderAttribute)) userToUpdate.Sex = updateInfo.Sex;
|
|
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.BirthDayAttribute)) userToUpdate.BirthDate = updateInfo.BirthDate;
|
|
|
|
|
|
if (settings.LdapMapping.ContainsKey(Mapping.MobilePhoneAttribute)) userToUpdate.MobilePhone = updateInfo.MobilePhone;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!userToUpdate.IsOwner(_tenantManager.GetCurrentTenant())) // Owner must never be terminated by LDAP!
|
|
|
|
|
|
{
|
|
|
|
|
|
userToUpdate.Status = updateInfo.Status;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
|
|
|
|
|
|
if (!onlyGetChanges)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("CoreContext.UserManager.SaveUserInfo({0})", userToUpdate.GetUserInfoString());
|
|
|
|
|
|
|
|
|
|
|
|
portlaUserInfo = _userManager.SaveUserInfo(userToUpdate);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
catch (Exception ex)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.ErrorFormat("UpdateUserWithLDAPInfo(Id='{0}' UserName='{1}' Sid='{2}') failed: Error: {3}",
|
|
|
|
|
|
userToUpdate.ID, userToUpdate.UserName,
|
|
|
|
|
|
userToUpdate.Sid, ex);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
public bool TryGetAndSyncLdapUserInfo(string login, string password, out UserInfo userInfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
userInfo = Constants.LostUser;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
var settings = _settingsManager.Load<LdapSettings>();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!settings.EnableLdapAuthentication)
|
|
|
|
|
|
return false;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("TryGetAndSyncLdapUserInfo(login: \"{0}\")", login);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_novellLdapUserImporter.Init(settings, _resource);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var ldapUserInfo = _novellLdapUserImporter.Login(login, password);
|
|
|
|
|
|
|
|
|
|
|
|
if (ldapUserInfo == null || ldapUserInfo.Item1.Equals(Constants.LostUser))
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("NovellLdapUserImporter.Login('{0}') failed.", login);
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var portalUser = _userManager.GetUserBySid(ldapUserInfo.Item1.Sid);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (portalUser.Status == EmployeeStatus.Terminated || portalUser.Equals(Constants.LostUser))
|
|
|
|
|
|
{
|
|
|
|
|
|
if (!ldapUserInfo.Item2.IsDisabled)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.DebugFormat("TryCheckAndSyncToLdapUser(Username: '{0}', Email: {1}, DN: {2})",
|
|
|
|
|
|
ldapUserInfo.Item1.UserName, ldapUserInfo.Item1.Email, ldapUserInfo.Item2.DistinguishedName);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!TryCheckAndSyncToLdapUser(ldapUserInfo, _novellLdapUserImporter, out userInfo))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
|
|
|
|
|
_novellLdapUserImporter.Dispose();
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.Debug("TryCheckAndSyncToLdapUser() failed");
|
2022-03-08 05:37:20 +00:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_novellLdapUserImporter.Dispose();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_novellLdapUserImporter.Dispose();
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("TryCheckAndSyncToLdapUser(Username: '{0}', Email: {1}, DN: {2})",
|
|
|
|
|
|
ldapUserInfo.Item1.UserName, ldapUserInfo.Item1.Email, ldapUserInfo.Item2.DistinguishedName);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var tenant = _tenantManager.GetCurrentTenant();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
new Task(() =>
|
|
|
|
|
|
{
|
|
|
|
|
|
using var scope = _serviceProvider.CreateScope();
|
2022-03-25 07:38:09 +00:00
|
|
|
|
var tenantManager = scope.ServiceProvider.GetRequiredService<TenantManager>();
|
|
|
|
|
|
var securityContext = scope.ServiceProvider.GetRequiredService<SecurityContext>();
|
|
|
|
|
|
var novellLdapUserImporter = scope.ServiceProvider.GetRequiredService<NovellLdapUserImporter>();
|
|
|
|
|
|
var userManager = scope.ServiceProvider.GetRequiredService<UserManager>();
|
|
|
|
|
|
var cookiesManager = scope.ServiceProvider.GetRequiredService<CookiesManager>();
|
|
|
|
|
|
var log = scope.ServiceProvider.GetRequiredService<IOptionsMonitor<ILog>>().Get("ASC");
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
tenantManager.SetCurrentTenant(tenant);
|
|
|
|
|
|
securityContext.AuthenticateMe(Core.Configuration.Constants.CoreSystem);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var uInfo = SyncLDAPUser(ldapUserInfo.Item1);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var newLdapUserInfo = new Tuple<UserInfo, LdapObject>(uInfo, ldapUserInfo.Item2);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (novellLdapUserImporter.Settings.GroupMembership)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (!novellLdapUserImporter.TrySyncUserGroupMembership(newLdapUserInfo))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
log.DebugFormat("TryGetAndSyncLdapUserInfo(login: \"{0}\") disabling user {1} due to not being included in any ldap group", login, uInfo);
|
|
|
|
|
|
uInfo.Status = EmployeeStatus.Terminated;
|
|
|
|
|
|
uInfo.Sid = null;
|
|
|
|
|
|
userManager.SaveUserInfo(uInfo);
|
|
|
|
|
|
cookiesManager.ResetUserCookie(uInfo.ID);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
}
|
|
|
|
|
|
novellLdapUserImporter.Dispose();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
}).Start();
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (ldapUserInfo.Item2.IsDisabled)
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.DebugFormat("TryGetAndSyncLdapUserInfo(login: \"{0}\") failed, user is disabled in ldap", login);
|
|
|
|
|
|
return false;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
else
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
userInfo = portalUser;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (_novellLdapUserImporter != null)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_novellLdapUserImporter.Dispose();
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
_log.ErrorFormat("TryGetLdapUserInfo(login: '{0}') failed. Error: {1}", login, ex);
|
|
|
|
|
|
userInfo = Constants.LostUser;
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
private bool TryCheckAndSyncToLdapUser(Tuple<UserInfo, LdapObject> ldapUserInfo, LdapUserImporter importer,
|
|
|
|
|
|
out UserInfo userInfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
_securityContext.AuthenticateMe(Core.Configuration.Constants.CoreSystem);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
userInfo = SyncLDAPUser(ldapUserInfo.Item1);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (userInfo == null || userInfo.Equals(Constants.LostUser))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new Exception("The user did not pass the configuration check by ldap user settings");
|
|
|
|
|
|
}
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
var newLdapUserInfo = new Tuple<UserInfo, LdapObject>(userInfo, ldapUserInfo.Item2);
|
2022-03-08 05:37:20 +00:00
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
if (!importer.Settings.GroupMembership)
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
|
|
|
|
|
|
if (!importer.TrySyncUserGroupMembership(newLdapUserInfo))
|
2022-03-08 05:37:20 +00:00
|
|
|
|
{
|
2022-03-17 19:44:34 +00:00
|
|
|
|
userInfo.Sid = null;
|
|
|
|
|
|
userInfo.Status = EmployeeStatus.Terminated;
|
|
|
|
|
|
_userManager.SaveUserInfo(userInfo);
|
|
|
|
|
|
throw new Exception("The user did not pass the configuration check by ldap group settings");
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-17 19:44:34 +00:00
|
|
|
|
return true;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
2022-03-17 19:44:34 +00:00
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
_log.ErrorFormat("TrySyncLdapUser(SID: '{0}', Email: {1}) failed. Error: {2}", ldapUserInfo.Item1.Sid,
|
|
|
|
|
|
ldapUserInfo.Item1.Email, ex);
|
|
|
|
|
|
}
|
|
|
|
|
|
finally
|
|
|
|
|
|
{
|
|
|
|
|
|
_securityContext.Logout();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
userInfo = Constants.LostUser;
|
|
|
|
|
|
return false;
|
2022-03-08 05:37:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
