Improved auth backend.

2013-01-25 23:17:24 +01:00 · 2013-01-25 23:17:24 +01:00 · 4b9f33f542
parent c33985ddaa
commit 4b9f33f542
2 changed files with 40 additions and 22 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -73,13 +73,16 @@ class User < ApplicationModel
        :bind_pw    => 'some pw',
      },
      :otrs => {
-        :adapter        => 'otrs',
-        :required_group => 'stats',
-        :group_role_map => {
+        :adapter           => 'otrs',
+        :required_group_ro => 'stats',
+        :group_rw_role_map => {
          'admin' => 'Admin',
          'stats' => 'Report',
        },
-        :always_role    => {
+        :group_ro_role_map => {
+          'stats' => 'Report',
+        },
+        :always_role => {
          'Agent' => true,
        },
      },
--- a/lib/auth/otrs.rb
+++ b/lib/auth/otrs.rb
@ -4,36 +4,51 @@ class Auth::OTRS
    # connect to OTRS
    result = Import::OTRS.auth( username, password )
    return false if !result
+    return false if !result['groups_ro']
    return false if !result['groups_rw']

    # check if required OTRS group exists
-    return false if !result['groups_rw'].has_value?( config[:required_group] )
+    types = {
+      :required_group_ro => 'groups_ro',
+      :required_group_rw => 'groups_rw',
+    }
+    types.each {|config_key,result_key|
+      if config[config_key]
+        return false if !result[result_key].has_value?( config[config_key] )
+      end
+    }

    # sync roles / groups
-    if config[:group_role_map]
-      config[:group_role_map].each {|otrs_group, role|
-        if result['groups_rw'].has_value?( otrs_group )
-          role_ids = user.role_ids
-          role = Role.where( :name => role ).first
-          if role
-            role_ids.push role.id
-            user.role_ids = role_ids
-            user.save
-          end
-        end
-      }
+    if config[:group_ro_role_map] || config[:group_rw_role_map]
+      user.role_ids = []
+      user.save
    end
+    types = {
+      :group_ro_role_map => 'groups_ro',
+      :group_rw_role_map => 'groups_rw',
+    }
+    types.each {|config_key,result_key|
+      next if !config[config_key]
+      config[config_key].each {|otrs_group, role|
+        next if !result[result_key].has_value?( otrs_group )
+        role_ids = user.role_ids
+        role = Role.where( :name => role ).first
+        next if !role
+        role_ids.push role.id
+        user.role_ids = role_ids
+        user.save
+      }
+    }

    if config[:always_role]
      config[:always_role].each {|role, active|
        next if !active
        role_ids = user.role_ids
        role = Role.where( :name => role ).first
-        if role
-          role_ids.push role.id
-          user.role_ids = role_ids
-          user.save
-        end
+        next if !role
+        role_ids.push role.id
+        user.role_ids = role_ids
+        user.save
      }
    end