From 01522781a30e7ffec9cd9caf3bc1c6a8940d6e42 Mon Sep 17 00:00:00 2001 From: Giuliano Mele Date: Mon, 26 Jul 2021 16:52:34 +0200 Subject: [PATCH] Gid collision: append SAML prefix to gid --- appinfo/app.php | 19 ++++++++++--------- lib/GroupManager.php | 11 +++++++++-- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/appinfo/app.php b/appinfo/app.php index ac0818001..f4ef5b564 100644 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -50,7 +50,14 @@ $groupBackend = new \OCA\User_SAML\GroupBackend(\OC::$server->getDatabaseConnection()); \OC::$server->getGroupManager()->addBackend($groupBackend); -\OC::$server->registerService('SAMLGroupManager', function(\OCA\User_SAML\GroupBackend $groupBackend) { +$samlSettings = new \OCA\User_SAML\SAMLSettings( + $urlGenerator, + $config, + $request, + $session +); + +\OC::$server->registerService('SAMLGroupManager', function(\OCA\User_SAML\GroupBackend $groupBackend, $samlSettings) { return new OCA\User_SAML\GroupManager( \OC::$server->getDatabaseConnection(), \OC::$server->query('SAMLGroupDuplicateChecker'), @@ -58,17 +65,11 @@ \OC::$server->getUserManager(), $groupBackend, \OC::$server->getConfig(), - \OC::$server->getJobList() + \OC::$server->getJobList(), + $samlSettings, ); }); -$samlSettings = new \OCA\User_SAML\SAMLSettings( - $urlGenerator, - $config, - $request, - $session -); - $userData = new \OCA\User_SAML\UserData( new \OCA\User_SAML\UserResolver(\OC::$server->getUserManager()), $samlSettings, diff --git a/lib/GroupManager.php b/lib/GroupManager.php index b3153cc6b..e43b177b1 100644 --- a/lib/GroupManager.php +++ b/lib/GroupManager.php @@ -5,6 +5,7 @@ use OC\BackgroundJob\JobList; use OC\Hooks\PublicEmitter; use OCA\User_SAML\Jobs\MigrateGroups; +use OCA\User_SAML\SAMLSettings; use OCP\IConfig; use OCP\IDBConnection; use OCP\IGroup; @@ -35,6 +36,8 @@ class GroupManager private $config; /** @var JobList */ private $jobList; + /** @var SAMLSettings */ + private $settings; public function __construct( @@ -44,7 +47,8 @@ public function __construct( IUserManager $userManager, GroupBackend $ownGroupBackend, IConfig $config, - JobList $jobList + JobList $jobList, + SAMLSettings $settings ) { $this->db = $db; $this->duplicateChecker = $duplicateChecker; @@ -53,6 +57,7 @@ public function __construct( $this->ownGroupBackend = $ownGroupBackend; $this->config = $config; $this->jobList = $jobList; + $this->settings = $settings; } public function replaceGroups($uid, $samlGroups) { @@ -106,7 +111,9 @@ public function addGroup(IUser $user, $gid) { $group = $this->createGroupInBackend($gid); } else if($e->getCode() === 2) { //FIXME: probably need config flag. Previous to 17, gid was used as displayname - $group = $this->createGroupInBackend('__saml__' . $gid, $gid); + $idpPrefix = $this->settings->getPrefix('saml-attribute-mapping-group_mapping_prefix'); + $groupPrefix = $this->config->getAppValue('user_saml', $idpPrefix . 'saml-attribute-mapping-group_mapping_prefix', 'SAML_'); + $group = $this->createGroupInBackend($groupPrefix . $gid, $gid); } else { throw $e; }