diff options
| author | Jan-Hendrik Willms <tleilax+studip@gmail.com> | 2025-09-01 13:59:14 +0200 |
|---|---|---|
| committer | Jan-Hendrik Willms <tleilax+studip@gmail.com> | 2025-09-01 14:13:04 +0200 |
| commit | 872e1ab3316b63b0b6e19b34647c29a7ae9d76f6 (patch) | |
| tree | 5386d795fd44d6b0ce4f68c6284139ad0ce51117 | |
| parent | eb47fd27fea403bbad268b6e0a2d30f4f4c8f5bd (diff) | |
don't sync all domains (if not configured) with shibboleth login, fixes #2055
Closes #2055
Merge request studip/studip!3515
| -rw-r--r-- | config/config_defaults.inc.php | 1 | ||||
| -rw-r--r-- | lib/classes/auth_plugins/StudipAuthAbstract.class.php | 29 |
2 files changed, 21 insertions, 9 deletions
diff --git a/config/config_defaults.inc.php b/config/config_defaults.inc.php index 24375f4..629b737 100644 --- a/config/config_defaults.inc.php +++ b/config/config_defaults.inc.php @@ -377,6 +377,7 @@ $STUDIP_AUTH_CONFIG_SHIB = [ 'validate_url' => 'https://sp.studip.de/auth/studip-sp.php', 'logout_url' => 'https://sp.studip.de/Shibboleth.sso/Logout', 'local_domain' => 'studip.de', + 'sync_all_domains' => false, // Set to false to only add new domains, true will remove domains! 'user_data_mapping' => [ 'auth_user_md5.username' => ['callback' => 'dummy', 'map_args' => ''], 'auth_user_md5.password' => ['callback' => 'dummy', 'map_args' => ''], diff --git a/lib/classes/auth_plugins/StudipAuthAbstract.class.php b/lib/classes/auth_plugins/StudipAuthAbstract.class.php index 623f067..f72b9f8 100644 --- a/lib/classes/auth_plugins/StudipAuthAbstract.class.php +++ b/lib/classes/auth_plugins/StudipAuthAbstract.class.php @@ -56,11 +56,14 @@ class StudipAuthAbstract /** * array of user domains to assign to each user, can be set in local.inc - * - * @access public - * @var array $user_domains */ - public $user_domains; + public ?array $user_domains = null; + + /** + * Flag that decides whether all domains should be synced or if only new + * ones should be added. + */ + public bool $sync_all_domains = true; /** * associative array with mapping for database fields @@ -421,10 +424,18 @@ class StudipAuthAbstract $uid = $user->id; if (isset($user_domains)) { $old_domains = UserDomain::getUserDomainsForUser($uid); - - foreach ($old_domains as $domain) { - if (!in_array($domain->id, $user_domains)) { - $domain->removeUser($uid); + $old_domain_ids = array_map( + function (UserDomain $domain) { + return $domain->id; + }, + $old_domains + ); + + if ($this->sync_all_domains) { + foreach ($old_domains as $domain) { + if (!in_array($domain->id, $user_domains)) { + $domain->removeUser($uid); + } } } @@ -436,7 +447,7 @@ class StudipAuthAbstract $domain->store(); } - if (!in_array($domain, $old_domains)) { + if (!in_array($domain->id, $old_domain_ids)) { $domain->addUser($uid); } } |