From 4b9f33f54263cce49a2e171ad9f493e9f3446de8 Mon Sep 17 00:00:00 2001 From: Martin Edenhofer Date: Fri, 25 Jan 2013 23:17:24 +0100 Subject: [PATCH] Improved auth backend. --- app/models/user.rb | 11 ++++++---- lib/auth/otrs.rb | 51 ++++++++++++++++++++++++++++++---------------- 2 files changed, 40 insertions(+), 22 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 82c8be56d..b951628ae 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -73,13 +73,16 @@ class User < ApplicationModel :bind_pw => 'some pw', }, :otrs => { - :adapter => 'otrs', - :required_group => 'stats', - :group_role_map => { + :adapter => 'otrs', + :required_group_ro => 'stats', + :group_rw_role_map => { 'admin' => 'Admin', 'stats' => 'Report', }, - :always_role => { + :group_ro_role_map => { + 'stats' => 'Report', + }, + :always_role => { 'Agent' => true, }, }, diff --git a/lib/auth/otrs.rb b/lib/auth/otrs.rb index 99dcf06e3..8b604c70e 100644 --- a/lib/auth/otrs.rb +++ b/lib/auth/otrs.rb @@ -4,36 +4,51 @@ class Auth::OTRS # connect to OTRS result = Import::OTRS.auth( username, password ) return false if !result + return false if !result['groups_ro'] return false if !result['groups_rw'] # check if required OTRS group exists - return false if !result['groups_rw'].has_value?( config[:required_group] ) + types = { + :required_group_ro => 'groups_ro', + :required_group_rw => 'groups_rw', + } + types.each {|config_key,result_key| + if config[config_key] + return false if !result[result_key].has_value?( config[config_key] ) + end + } # sync roles / groups - if config[:group_role_map] - config[:group_role_map].each {|otrs_group, role| - if result['groups_rw'].has_value?( otrs_group ) - role_ids = user.role_ids - role = Role.where( :name => role ).first - if role - role_ids.push role.id - user.role_ids = role_ids - user.save - end - end - } + if config[:group_ro_role_map] || config[:group_rw_role_map] + user.role_ids = [] + user.save end + types = { + :group_ro_role_map => 'groups_ro', + :group_rw_role_map => 'groups_rw', + } + types.each {|config_key,result_key| + next if !config[config_key] + config[config_key].each {|otrs_group, role| + next if !result[result_key].has_value?( otrs_group ) + role_ids = user.role_ids + role = Role.where( :name => role ).first + next if !role + role_ids.push role.id + user.role_ids = role_ids + user.save + } + } if config[:always_role] config[:always_role].each {|role, active| next if !active role_ids = user.role_ids role = Role.where( :name => role ).first - if role - role_ids.push role.id - user.role_ids = role_ids - user.save - end + next if !role + role_ids.push role.id + user.role_ids = role_ids + user.save } end