From 9c9b822b64f9452a05b2849ee16729e95022bf53 Mon Sep 17 00:00:00 2001
From: Armin Berger <contribute@arminberger.ch>
Date: Tue, 12 Nov 2024 21:41:59 +0100
Subject: [PATCH] feat: delimiter is optional for group whitelist regex

Signed-off-by: Armin Berger <contribute@arminberger.ch>
---
 lib/Service/ProvisioningService.php            | 16 ++++++++++++++--
 tests/unit/Service/ProvisioningServiceTest.php |  2 +-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/lib/Service/ProvisioningService.php b/lib/Service/ProvisioningService.php
index a0107ca7..7c7701df 100644
--- a/lib/Service/ProvisioningService.php
+++ b/lib/Service/ProvisioningService.php
@@ -384,7 +384,7 @@ public function getSyncGroupsOfToken(int $providerId, object $idTokenPayload) {
 		$groupsAttribute = $this->providerService->getSetting($providerId, ProviderService::SETTING_MAPPING_GROUPS, 'groups');
 		$groupsData = $idTokenPayload->{$groupsAttribute} ?? null;
 
-		$groupsWhitelistRegex = $this->providerService->getSetting($providerId, ProviderService::SETTING_GROUP_WHITELIST_REGEX, '');
+		$groupsWhitelistRegex = $this->getGroupWhitelistRegex($providerId);
 
 		$event = new AttributeMappedEvent(ProviderService::SETTING_MAPPING_GROUPS, $idTokenPayload, json_encode($groupsData));
 		$this->eventDispatcher->dispatchTyped($event);
@@ -426,7 +426,7 @@ public function getSyncGroupsOfToken(int $providerId, object $idTokenPayload) {
 	}
 
 	public function provisionUserGroups(IUser $user, int $providerId, object $idTokenPayload): void {
-		$groupsWhitelistRegex = $this->providerService->getSetting($providerId, ProviderService::SETTING_GROUP_WHITELIST_REGEX, '');
+		$groupsWhitelistRegex = $this->getGroupWhitelistRegex($providerId);
 
 		$syncGroups = $this->getSyncGroupsOfToken($providerId, $idTokenPayload);
 
@@ -455,4 +455,16 @@ public function provisionUserGroups(IUser $user, int $providerId, object $idToke
 			}
 		}
 	}
+
+	public function getGroupWhitelistRegex(int $providerId): string {
+		$regex = $this->providerService->getSetting($providerId, ProviderService::SETTING_GROUP_WHITELIST_REGEX, '');
+
+		// If regex does not start with '/', add '/' to the beginning and end
+		// Only check first character to allow for flags at the end of the regex
+		if ($regex && substr($regex, 0, 1) !== '/') {
+			$regex = '/' . $regex . '/';
+		}
+
+		return $regex;
+	}
 }
diff --git a/tests/unit/Service/ProvisioningServiceTest.php b/tests/unit/Service/ProvisioningServiceTest.php
index 6d04b307..3bb3ae29 100644
--- a/tests/unit/Service/ProvisioningServiceTest.php
+++ b/tests/unit/Service/ProvisioningServiceTest.php
@@ -210,7 +210,7 @@ public function dataProvisionUserGroups() {
 						'users',
 					],
 				],
-				'/nextcloud/',
+				'nextcloud',
 				false,
 			],
 		];