Index: kernel/classes/datatypes/ezuser/ezldapuser.php =================================================================== --- kernel/classes/datatypes/ezuser/ezldapuser.php (revision 24108) +++ kernel/classes/datatypes/ezuser/ezldapuser.php (working copy) @@ -723,6 +723,12 @@ $last_name = $userAttributes[ 'last_name' ]; $email = $userAttributes[ 'email' ]; + if ( $isUtf8Encoding ) + { + $first_name = utf8_decode( $first_name ); + $last_name = utf8_decode( $last_name ); + } + $user = eZUser::fetchByName( $login ); $createNewUser = ( is_object( $user ) ) ? false : true; @@ -762,19 +768,18 @@ $userID = $contentObjectID = $user->attribute( 'contentobject_id' ); $contentObject = eZContentObject::fetch( $userID ); $version = $contentObject->attribute( 'current' ); - //$currentVersion = $contentObject->attribute( 'current_version' ); } - //================= common part : start ======================== + //================= common part 1: start ======================== $contentObjectAttributes = $version->contentObjectAttributes(); - // find ant set 'name' and 'description' attributes (as standard user group class) + // find and set 'name' and 'description' attributes (as standard user group class) $firstNameIdentifier = 'first_name'; $lastNameIdentifier = 'last_name'; $firstNameAttribute = null; $lastNameAttribute = null; - foreach( $contentObjectAttributes as $attribute ) + foreach ( $contentObjectAttributes as $attribute ) { if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == $firstNameIdentifier ) { @@ -785,35 +790,98 @@ $lastNameAttribute = $attribute; } } + //================= common part 1: end ========================== + + // If we are updating an existing user, we must find out if some data should be changed. + // In that case, we must create a new version and publish it. + if ( !$createNewUser ) + { + $userDataChanged = false; + $firstNameChanged = false; + $lastNameChanged = false; + $emailChanged = false; + + if ( $firstNameAttribute and $firstNameAttribute->attribute( 'data_text' ) != $first_name ) + { + $firstNameChanged = true; + } + $firstNameAttribute = false; // We will load this again from the new version we will create, if it has changed + if ( $lastNameAttribute and $lastNameAttribute->attribute( 'data_text' ) != $last_name ) + { + $lastNameChanged = true; + } + $lastNameAttribute = false; // We will load this again from the new version we will create, if it has changed + if ( $user->attribute( 'email' ) != $email ) + { + $emailChanged = true; + } + + if ( $firstNameChanged or $lastNameChanged or $emailChanged ) + { + $userDataChanged = true; + // Create new version + $version = $contentObject->createNewVersion(); + $contentObjectAttributes = $version->contentObjectAttributes(); + foreach ( $contentObjectAttributes as $attribute ) + { + if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == $firstNameIdentifier ) + { + $firstNameAttribute = $attribute; + } + else if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == $lastNameIdentifier ) + { + $lastNameAttribute = $attribute; + } + } + } + } + + //================= common part 2: start ======================== if ( $firstNameAttribute ) { - if ( $isUtf8Encoding ) - $first_name = utf8_decode( $first_name ); $firstNameAttribute->setAttribute( 'data_text', $first_name ); $firstNameAttribute->store(); } if ( $lastNameAttribute ) { - if ( $isUtf8Encoding ) - $last_name = utf8_decode( $last_name ); $lastNameAttribute->setAttribute( 'data_text', $last_name ); $lastNameAttribute->store(); } - $contentClass = $contentObject->attribute( 'content_class' ); - $name = $contentClass->contentObjectName( $contentObject ); - $contentObject->setName( $name ); + if ( !isset( $userDataChanged ) or $userDataChanged === true ) + { + $contentClass = $contentObject->attribute( 'content_class' ); + $name = $contentClass->contentObjectName( $contentObject ); + $contentObject->setName( $name ); + } - $user->setAttribute( 'email', $email ); + if ( !isset( $emailChanged ) or $emailChanged === true ) + { + $user->setAttribute( 'email', $email ); + } + $user->setAttribute( 'password_hash', "" ); $user->setAttribute( 'password_hash_type', 0 ); $user->store(); - //================= common part : end ========================== + $debugArray = array( 'Updating user data', + 'createNewUser' => $createNewUser, + 'userDataChanged' => $userDataChanged, + 'login' => $login, + 'first_name' => $first_name, + 'last_name' => $last_name, + 'email' => $email, + 'firstNameAttribute is_object' => is_object( $firstNameAttribute ), + 'lastNameAttribute is_object' => is_object( $lastNameAttribute ), + 'content object id' => $contentObjectID, + 'version id' => $version->attribute( 'version' ) + ); + eZDebug::writeNotice( var_export( $debugArray, true ), __METHOD__ ); + //================= common part 2: end ========================== + if ( $createNewUser ) { reset( $parentNodeIDs ); - //$defaultPlacement = current( $parentNodeIDs ); // prepare node assignments for publishing new user foreach( $parentNodeIDs as $parentNodeID ) { @@ -825,14 +893,18 @@ $newNodeAssignment->store(); } - //$adminUser = eZUser::fetchByName( 'admin' ); - //eZUser::setCurrentlyLoggedInUser( $adminUser, $adminUser->attribute( 'contentobject_id' ) ); - $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID, 'version' => 1 ) ); } else { + if ( $userDataChanged ) + { + // Publish object + $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID, + 'version' => $version->attribute( 'version' ) ) ); + } + $LDAPIni = eZINI::instance( 'ldap.ini' ); $keepGroupAssignment = ( $LDAPIni->hasVariable( 'LDAPSettings', 'KeepGroupAssignment' ) ) ? ( $LDAPIni->variable( 'LDAPSettings', 'KeepGroupAssignment' ) == "enabled" ) : false; Index: tests/tests/kernel/datatypes/ezuser/ezldapuser_test.php =================================================================== --- tests/tests/kernel/datatypes/ezuser/ezldapuser_test.php (revision 24108) +++ tests/tests/kernel/datatypes/ezuser/ezldapuser_test.php (working copy) @@ -291,6 +291,81 @@ } /** + * Test scenario for LDAP login using UseGroupAttribute, and editing the local user object + * + * Test Outline + * ------------ + * 1. Set correct LDAPGroupMappingType + * 2. Login with username and password + * 3. Check parent nodes of user object + * 4. Edit the object, verify it has changed + * 5. Login again, verify that the locally changed data was overwritten by LDAP data and that the version number has increased + * + * @result: + * User is placed in the StarWars, Rogues and RebelAlliance groups. + * Last name is 'Cola' + * Version number is '2' + * Last name is 'Solo' + * Version number is '2' + * (Meaning: The object was updated, but no new version created.) + * @expected: + * User is placed in the StarWars, Rogues and RebelAlliance groups. + * Last name is 'Cola' + * Version number is '2' + * Last name is 'Solo' + * Version number is '3' + */ + public function testLoginUserUseGroupAttributeEditUserObject() + { + if ( !self::ldapIsEnabled() ) + { + $this->markTestSkipped( 'LDAP is not loaded' ); + return; + } + + $this->ldapINI->setVariable( 'LDAPSettings', 'LDAPGroupMappingType', 'UseGroupAttribute' ); + $this->ldapINI->setVariable( 'LDAPSettings', 'LDAPCreateMissingGroups', 'disabled' ); + $this->ldapINI->setVariable( 'LDAPSettings', 'LDAPUserGroupAttributeType', 'name' ); + $this->ldapINI->setVariable( 'LDAPSettings', 'LDAPUserGroupAttribute', 'ou' ); + + $user = eZLDAPUser::loginUser( 'han.solo', 'leiaishot' ); + $contentObject = $user->attribute( 'contentobject' ); + $parentNodeIDs = $contentObject->attribute( 'parent_nodes' ); + sort( $parentNodeIDs ); + self::assertEquals( array( $this->starWarsGroupNodeId, $this->rebelGroupNodeId, $this->rogueGroupNodeId ), + $parentNodeIDs ); + + // Edit the local user object, change last name + $version = $contentObject->createNewVersion(); + $contentObjectAttributes = $version->contentObjectAttributes(); + foreach ( $contentObjectAttributes as $attribute ) + { + if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == 'last_name' ) + { + $attribute->setAttribute( 'data_text', 'Cola' ); + $attribute->store(); + break; + } + } + $contentObjectID = $contentObject->attribute( 'id' ); + $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID, + 'version' => $version->attribute( 'version' ) ) ); + $contentObject = eZContentObject::fetch( $contentObjectID ); + $dataMap = $contentObject->dataMap(); + self::assertEquals( 'Cola', $dataMap['last_name']->attribute( 'data_text' ) ); + self::assertEquals( '2', $version->attribute( 'version' ) ); + + // Login again, verify that the locally changed data was overwritten by LDAP data and that the version number has increased + eZUser::logoutCurrent(); + $user = eZLDAPUser::loginUser( 'han.solo', 'leiaishot' ); + $contentObject = $user->attribute( 'contentobject' ); + $dataMap = $contentObject->dataMap(); + $version = $contentObject->currentVersion(); + self::assertEquals( 'Solo', $dataMap['last_name']->attribute( 'data_text' ) ); + self::assertEquals( '3', $version->attribute( 'version' ) ); + } + + /** * Test scenario for LDAP login using SimpleMapping * * Test Outline