Skip to content

Commit 0fce71f

Browse files
AngelFQCAngelFQC
committed
Plugin: Azure: Add option to update existing users - refs BT#21930
1 parent 9cecd7b commit 0fce71f

File tree

1 file changed

+111
-27
lines changed

1 file changed

+111
-27
lines changed

plugin/azure_active_directory/src/AzureActiveDirectory.php

Lines changed: 111 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ class AzureActiveDirectory extends Plugin
2121
public const SETTING_MANAGEMENT_LOGIN_ENABLE = 'management_login_enable';
2222
public const SETTING_MANAGEMENT_LOGIN_NAME = 'management_login_name';
2323
public const SETTING_PROVISION_USERS = 'provisioning';
24+
public const SETTING_UPDATE_USERS = 'update_users';
2425
public const SETTING_GROUP_ID_ADMIN = 'group_id_admin';
2526
public const SETTING_GROUP_ID_SESSION_ADMIN = 'group_id_session_admin';
2627
public const SETTING_GROUP_ID_TEACHER = 'group_id_teacher';
@@ -47,6 +48,7 @@ protected function __construct()
4748
self::SETTING_MANAGEMENT_LOGIN_ENABLE => 'boolean',
4849
self::SETTING_MANAGEMENT_LOGIN_NAME => 'text',
4950
self::SETTING_PROVISION_USERS => 'boolean',
51+
self::SETTING_UPDATE_USERS => 'boolean',
5052
self::SETTING_GROUP_ID_ADMIN => 'text',
5153
self::SETTING_GROUP_ID_SESSION_ADMIN => 'text',
5254
self::SETTING_GROUP_ID_TEACHER => 'text',
@@ -209,44 +211,36 @@ public function registerUser(
209211
if (empty($userId)) {
210212
// If we didn't find the user
211213
if ($this->get(self::SETTING_PROVISION_USERS) === 'true') {
212-
[$userRole, $isAdmin] = $this->getUserRoleAndCheckIsAdmin(
213-
$token,
214-
$provider,
215-
$apiGroupsRef,
216-
$objectIdKey
217-
);
218-
219-
$phone = null;
220-
221-
if (isset($azureUserInfo['telephoneNumber'])) {
222-
$phone = $azureUserInfo['telephoneNumber'];
223-
} elseif (isset($azureUserInfo['businessPhones'][0])) {
224-
$phone = $azureUserInfo['businessPhones'][0];
225-
} elseif (isset($azureUserInfo['mobilePhone'])) {
226-
$phone = $azureUserInfo['mobilePhone'];
227-
}
214+
[
215+
$firstNme,
216+
$lastName,
217+
$username,
218+
$email,
219+
$phone,
220+
$authSource,
221+
$active,
222+
$extra,
223+
$userRole,
224+
$isAdmin,
225+
] = $this->formatUserData($token, $provider, $azureUserInfo, $apiGroupsRef, $objectIdKey, $azureUidKey);
228226

229227
// If the option is set to create users, create it
230228
$userId = UserManager::create_user(
231-
$azureUserInfo['givenName'],
232-
$azureUserInfo['surname'],
229+
$firstNme,
230+
$lastName,
233231
$userRole,
234-
$azureUserInfo['mail'],
235-
$azureUserInfo['userPrincipalName'],
232+
$email,
233+
$username,
236234
'',
237235
null,
238236
null,
239237
$phone,
240238
null,
241-
'azure',
239+
$authSource,
242240
null,
243-
($azureUserInfo['accountEnabled'] ? 1 : 0),
241+
$active,
244242
null,
245-
[
246-
'extra_'.self::EXTRA_FIELD_ORGANISATION_EMAIL => $azureUserInfo['mail'],
247-
'extra_'.self::EXTRA_FIELD_AZURE_ID => $azureUserInfo['mailNickname'],
248-
'extra_'.self::EXTRA_FIELD_AZURE_UID => $azureUserInfo[$azureUidKey],
249-
],
243+
$extra,
250244
null,
251245
null,
252246
$isAdmin
@@ -257,11 +251,101 @@ public function registerUser(
257251
} else {
258252
throw new Exception('User not found when checking the extra fields from '.$azureUserInfo['mail'].' or '.$azureUserInfo['mailNickname'].' or '.$azureUserInfo[$azureUidKey].'.');
259253
}
254+
} else {
255+
if ($this->get(self::SETTING_UPDATE_USERS) === 'true') {
256+
[
257+
$firstNme,
258+
$lastName,
259+
$username,
260+
$email,
261+
$phone,
262+
$authSource,
263+
$active,
264+
$extra,
265+
$userRole,
266+
$isAdmin,
267+
] = $this->formatUserData($token, $provider, $azureUserInfo, $apiGroupsRef, $objectIdKey, $azureUidKey);
268+
269+
$userId = UserManager::update_user(
270+
$userId,
271+
$firstNme,
272+
$lastName,
273+
$username,
274+
'',
275+
$authSource,
276+
$email,
277+
$userRole,
278+
null,
279+
$phone,
280+
null,
281+
null,
282+
$active,
283+
null,
284+
0,
285+
$extra
286+
);
287+
288+
if (!$userId) {
289+
throw new Exception(get_lang('CouldNotUpdateUser').' '.$azureUserInfo['userPrincipalName']);
290+
}
291+
}
260292
}
261293

262294
return $userId;
263295
}
264296

297+
private function formatUserData(
298+
AccessTokenInterface $token,
299+
Azure $provider,
300+
array $azureUserInfo,
301+
string $apiGroupsRef,
302+
string $objectIdKey,
303+
string $azureUidKey
304+
): array {
305+
[$userRole, $isAdmin] = $this->getUserRoleAndCheckIsAdmin(
306+
$token,
307+
$provider,
308+
$apiGroupsRef,
309+
$objectIdKey
310+
);
311+
312+
$phone = null;
313+
314+
if (isset($azureUserInfo['telephoneNumber'])) {
315+
$phone = $azureUserInfo['telephoneNumber'];
316+
} elseif (isset($azureUserInfo['businessPhones'][0])) {
317+
$phone = $azureUserInfo['businessPhones'][0];
318+
} elseif (isset($azureUserInfo['mobilePhone'])) {
319+
$phone = $azureUserInfo['mobilePhone'];
320+
}
321+
322+
// If the option is set to create users, create it
323+
$firstNme = $azureUserInfo['givenName'];
324+
$lastName = $azureUserInfo['surname'];
325+
$email = $azureUserInfo['mail'];
326+
$username = $azureUserInfo['userPrincipalName'];
327+
$authSource = 'azure';
328+
$active = ($azureUserInfo['accountEnabled'] ? 1 : 0);
329+
$extra = [
330+
'extra_'.self::EXTRA_FIELD_ORGANISATION_EMAIL => $azureUserInfo['mail'],
331+
'extra_'.self::EXTRA_FIELD_AZURE_ID => $azureUserInfo['mailNickname'],
332+
'extra_'.self::EXTRA_FIELD_AZURE_UID => $azureUserInfo[$azureUidKey],
333+
];
334+
335+
return [
336+
$firstNme,
337+
$lastName,
338+
$username,
339+
$email,
340+
$phone,
341+
$authSource,
342+
$active,
343+
$extra,
344+
$userRole,
345+
$isAdmin,
346+
];
347+
}
348+
265349
private function getUserRoleAndCheckIsAdmin(
266350
AccessTokenInterface $token,
267351
Azure $provider = null,

0 commit comments

Comments
 (0)