check Unix membership before LDAP add

This commit is contained in:
Roland Gruber 2018-08-18 10:32:39 +02:00
parent 828fdc08c5
commit 316ed2d0a8
1 changed files with 19 additions and 9 deletions

View File

@ -2848,7 +2848,16 @@ class posixAccount extends baseModule implements passwordService {
// add users to groups // add users to groups
elseif ($temp['counter'] < sizeof($temp['groups'])) { elseif ($temp['counter'] < sizeof($temp['groups'])) {
if (isset($temp['dn'][$temp['groups'][$temp['counter']]])) { if (isset($temp['dn'][$temp['groups'][$temp['counter']]])) {
$success = @ldap_mod_add($_SESSION['ldap']->server(), $temp['dn'][$temp['groups'][$temp['counter']]], array('memberUID' => $temp['members'][$temp['groups'][$temp['counter']]])); $memberUid = $temp['members'][$temp['groups'][$temp['counter']]];
$dnToUpdate = $temp['dn'][$temp['groups'][$temp['counter']]];
$groupAttrs = ldapGetDN($dnToUpdate, array('memberUID'));
if (!empty($groupAttrs['memberuid'])) {
// skip members that are already set
$memberUid = array_delete($groupAttrs['memberuid'], $memberUid);
}
if (!empty($memberUid)) {
$toAdd = array('memberUID' => $memberUid);
$success = @ldap_mod_add($_SESSION['ldap']->server(), $dnToUpdate, $toAdd);
$errors = array(); $errors = array();
if (!$success) { if (!$success) {
$errors[] = array( $errors[] = array(
@ -2858,6 +2867,7 @@ class posixAccount extends baseModule implements passwordService {
array($temp['groups'][$temp['counter']]) array($temp['groups'][$temp['counter']])
); );
} }
}
$temp['counter']++; $temp['counter']++;
return array ( return array (
'status' => 'inProgress', 'status' => 'inProgress',