Skip to content

Commit

Permalink
feat: delimiter is optional for group whitelist regex
Browse files Browse the repository at this point in the history 
Signed-off-by: Armin Berger <[email protected]>
  • Loading branch information
@bergerar
bergerar committed Nov 12, 2024
1 parent f3e3fe4 commit 9c9b822
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 3 deletions.
16 changes: 14 additions & 2 deletions lib/Service/ProvisioningService.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -384,7 +384,7 @@ public function getSyncGroupsOfToken(int $providerId, object $idTokenPayload) {
$groupsAttribute = $this->providerService->getSetting($providerId, ProviderService::SETTING_MAPPING_GROUPS, 'groups');
$groupsData = $idTokenPayload->{$groupsAttribute} ?? null;

$groupsWhitelistRegex = $this->providerService->getSetting($providerId, ProviderService::SETTING_GROUP_WHITELIST_REGEX, '');
$groupsWhitelistRegex = $this->getGroupWhitelistRegex($providerId);

$event = new AttributeMappedEvent(ProviderService::SETTING_MAPPING_GROUPS, $idTokenPayload, json_encode($groupsData));
$this->eventDispatcher->dispatchTyped($event);
Expand Down Expand Up @@ -426,7 +426,7 @@ public function getSyncGroupsOfToken(int $providerId, object $idTokenPayload) {
}

public function provisionUserGroups(IUser $user, int $providerId, object $idTokenPayload): void {
$groupsWhitelistRegex = $this->providerService->getSetting($providerId, ProviderService::SETTING_GROUP_WHITELIST_REGEX, '');
$groupsWhitelistRegex = $this->getGroupWhitelistRegex($providerId);

$syncGroups = $this->getSyncGroupsOfToken($providerId, $idTokenPayload);

Expand Down Expand Up @@ -455,4 +455,16 @@ public function provisionUserGroups(IUser $user, int $providerId, object $idToke
}
}
}

public function getGroupWhitelistRegex(int $providerId): string {
$regex = $this->providerService->getSetting($providerId, ProviderService::SETTING_GROUP_WHITELIST_REGEX, '');

// If regex does not start with '/', add '/' to the beginning and end
// Only check first character to allow for flags at the end of the regex
if ($regex && substr($regex, 0, 1) !== '/') {
$regex = '/' . $regex . '/';
}

return $regex;
}
}
2 changes: 1 addition & 1 deletion tests/unit/Service/ProvisioningServiceTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,7 +210,7 @@ public function dataProvisionUserGroups() {
'users',
],
],
'/nextcloud/',
'nextcloud',
false,
],
];
Expand Down

0 comments on commit 9c9b822

Please sign in to comment.