Mon 3316 default contactgroup ldap import (#7220)

* enh(UI): adding default user's contactgroup in LDAP form and cleaning code

doc/en/administration_guide/parameters.rst

@@ -126,14 +126,15 @@ To add a new directory:
 * **Configuration name** and **Description** fields define the name and the description of the LDAP server
 * **Enable LDAP authentication** field serves to enable authentication via the LDAP server
 * **Store LDAP password** field can be used to store user passwords in the database, useful to authenticate users in the event of loss of connection with the LDAP
-* **Auto import users** field serves to import the users of the LDAP directory automatically into Centreon. By clicking on **Import users manually**, you can chose the users that you want to import
+* **Auto import users** field used to import the users of the LDAP directory automatically into Centreon. By clicking on **Import users manually**, you can chose the users that you want to import
 
 .. note::
    If the **Auto import users** option is checked, the LDAP settings of any new user who logs into the Centreon interface will automatically be imported into Centreon (name, first name, e-mail address, etc.). ACL profiles will be applied on access (link to :ref:`ACL <acl>`). However, if this option is not checked, only the users imported manually will be able to authenticate.
 
 * **LDAP search size limit** field can be used to limit the size of user searches
 * **LDAP search timeout** field can be used define the maximum time for the LDAP search
 * **Contact template** field defines the contact template that will be linked to all the users imported from this LDAP directory
+* **Default contactgroup** optional field, which is used to add a new user to a default contactgroup.
 * **Use service DNS** field indicates if it is necessary to use the DNS server to solve the IP address of the LDAP directory
 * **LDAP servers** field can be used to add one or more LDAP directories to which Centreon will connect
 

doc/en/release_notes/centreon-18.10/centreon-18.10.4.rst

@@ -39,3 +39,4 @@ Security
 * Fix rce vulnerability when using command's testing feature (PR/#7245)
 * Fix SQL injection for GET parameter (PR/#7229)
 * Fix unauthorized file upload (PR/#7171)
+

doc/fr/administration_guide/parameters.rst

@@ -140,6 +140,7 @@ Pour ajouter un nouvel annuaire :
 * Le champ **Taille limite de la recherche LDAP** permet de limiter la taille de la recherche des utilisateurs
 * Le champ **Temps maximum d'exécution de la recherche LDAP** permet de définir le temps maximum de la recherche LDAP
 * Le champ **Modèle de contact** définit le modèle de contact qui sera lié pour tous les utilisateurs importés depuis cet annuaire LDAP
+* Le champ optionnel **Groupe de contacts par défaut** permet d'ajouter à un groupe de contact les contacts importés
 * Le champ **Utiliser le service DNS** indique s'il faut utiliser le serveur DNS pour résoudre l'adresse IP de l'annuaire LDAP
 * Le champ **LDAP servers** permet d'ajouter un ou plusieurs annuaires LDAP vers lequel Centreon va se connecter.
 

lang/es_ES.UTF-8/LC_MESSAGES/help.po

@@ -273,8 +273,10 @@ msgstr ""
 "La configuración del servidor LDAP debe ser válida y el usuario debe coincidir con los criterios de búsqueda definidos."
 
 #: centreon-web/www/include/Administration/parameters/ldap/help.php:14
-msgid "The contact template for auto imported user.<br/>This template is applied for Monitoring Engine contact configuration and ACLs"
-msgstr "La plantilla de contacto para usuarios automáticos importados. <br/> Esta plantilla se aplica para configurar los contactos del programador y para las ACL."
+msgid "The contact template for auto imported user.<br/>This template is applied for "
+"Monitoring Engine contact configuration and ACLs."
+msgstr "La plantilla de contacto para usuarios automáticos importados. <br/>"
+"Esta plantilla se aplica para configurar los contactos del programador y para las ACL."
 
 #: centreon-web/www/include/Administration/parameters/ldap/help.php:17
 msgid "Use the DNS service for get LDAP host"

lang/fr_FR.UTF-8/LC_MESSAGES/help.po

@@ -414,11 +414,19 @@ msgstr ""
 #: centreon-web/www/include/Administration/parameters/ldap/help.php:14
 msgid ""
 "The contact template for auto imported user.<br/>This template is applied for "
-"Monitoring Engine contact configuration and ACLs"
+"Monitoring Engine contact configuration and ACLs."
 msgstr ""
 "Le modèle de contact pour les utilisateurs auto importés.<br/>Ce modèle est "
 "appliqué pour la configuration des contacts de l'ordonnanceur et pour les ACLs."
 
+#: centreon-web/www/include/Administration/parameters/ldap/help.php:14
+msgid ""
+"Default contact group applied to new users.<br/>All imported users will join "
+"this contactgroup."
+msgstr ""
+"Groupe de contact par défaut.<br/>Tous les nouveaux utilisateurs rejoindront "
+"ce groupe de contact."
+
 #: centreon-web/www/include/Administration/parameters/ldap/help.php:17
 msgid "Use the DNS service for get LDAP host"
 msgstr "Utilise le service DNS pour obtenir les hôtes LDAP"

lang/fr_FR.UTF-8/LC_MESSAGES/messages.po

@@ -2116,10 +2116,15 @@ msgid "Contact"
 msgstr "Contact"
 
 #: centreon-web/www/install/smarty_translate.php:624
-#: centreon-web/www/include/Administration/parameters/ldap/form.php:117
+#: centreon-web/www/include/Administration/parameters/ldap/form.php:111
 msgid "Contact template"
 msgstr "Modèle de contact"
 
+#: centreon-web/www/install/smarty_translate.php:672
+#: centreon-web/www/include/Administration/parameters/ldap/form.php:125
+msgid "Default contact group"
+msgstr "Groupe de contacts par défaut"
+
 #: centreon-web/www/install/smarty_translate.php:633
 msgid "Escalation"
 msgstr "Escalade de notification"

lang/pt_BR.UTF-8/LC_MESSAGES/help.po

@@ -838,7 +838,7 @@ msgstr ""
 #: /home/lgcosta/devel/centreon/centreon/www/include/Administration/parameters/ldap/help.php:14
 msgid ""
 "The contact template for auto imported user.<br/>This template is applied "
-"for Monitoring Engine contact configuration and ACLs"
+"for Monitoring Engine contact configuration and ACLs."
 msgstr ""
 "O modelo de contato para usuários automáticos importados. <br/> Este modelo "
 "é aplicado para configurar os contatos do agendador e para as ACLs."

lang/pt_PT.UTF-8/LC_MESSAGES/help.po

@@ -276,8 +276,10 @@ msgstr ""
 "A configuração do servidor LDAP deve ser válida e o utilizador deve corresponder aos critérios de pesquisa definidos."
 
 #: centreon-web/www/include/Administration/parameters/ldap/help.php:14
-msgid "The contact template for auto imported user.<br/>This template is applied for Monitoring Engine contact configuration and ACLs"
-msgstr "O modelo de contacto para utilizadors automáticos importados. <br/> Este modelo é aplicado para configurar os contactos do agendador e para as ACLs."
+msgid "The contact template for auto imported user.<br/>This template is applied for "
+"Monitoring Engine contact configuration and ACLs."
+msgstr "O modelo de contacto para utilizadors automáticos importados. <br/>"
+"Este modelo é aplicado para configurar os contactos do agendador e para as ACLs."
 
 #: centreon-web/www/include/Administration/parameters/ldap/help.php:17
 msgid "Use the DNS service for get LDAP host"

www/class/centreonAuth.LDAP.class.php

@@ -1,7 +1,7 @@
 <?php
 /*
- * Copyright 2005-2015 Centreon
- * Centreon is developped by : Julien Mathis and Romain Le Merlus under
+ * Copyright 2005-2019 Centreon
+ * Centreon is developed by : Julien Mathis and Romain Le Merlus under
  * GPL Licence 2.0.
  *
  * This program is free software; you can redistribute it and/or modify it under
@@ -95,7 +95,7 @@ private function getLogFlag()
         global $pearDB;
 
         $res = $this->pearDB->query("SELECT value FROM options WHERE `key` = 'debug_ldap_import'");
-        $data = $res->fetchRow();
+        $data = $res->fetch();
         if (isset($data["value"])) {
             return $data["value"];
         }
@@ -209,32 +209,24 @@ public function updateUserDn()
                 return false;
             }
 
-            /*
-             * Get ldap user informations
-             */
+            // Get ldap user informations
             $userInfos = $this->ldap->getEntry($userDn);
             $userDisplay = $userInfos[$this->ldap->getAttrName('user', 'name')];
-            /*
-             * Get the first if there are multiple entries
-             */
+
+            // Get the first if there are multiple entries
             if (is_array($userDisplay)) {
                 $userDisplay = $userDisplay[0];
             }
-            /*
-             * Replace space by underscore
-             */
+            // Replace space by underscore
             $userDisplay = str_replace(array(' ', ','), '_', $userDisplay);
-            /*
-             * Delete parenthesis
-             */
+
+            // Delete parenthesis
             $userDisplay = str_replace(array('(', ')'), '', $userDisplay);
             $userEmail = "'".$this->contactInfos['contact_email']."'";
             if (isset($userInfos[$this->ldap->getAttrName('user', 'email')]) &&
                 trim($userInfos[$this->ldap->getAttrName('user', 'email')]) != '') {
                 if (is_array($userInfos[$this->ldap->getAttrName('user', 'email')])) {
-                    /*
-                     * Get the first if there are multiple entries
-                     */
+                    // Get the first if there are multiple entries
                     if ($userInfos[$this->ldap->getAttrName('user', 'email')][0]) {
                         $userEmail = "'" . $userInfos[$this->ldap->getAttrName('user', 'email')][0] . "'";
                     }
@@ -246,9 +238,7 @@ public function updateUserDn()
             if (isset($userInfos[$this->ldap->getAttrName('user', 'pager')]) &&
                 trim($userInfos[$this->ldap->getAttrName('user', 'pager')]) != '') {
                 if (is_array($userInfos[$this->ldap->getAttrName('user', 'pager')])) {
-                    /*
-                     * Get the first if there are multiple entries
-                     */
+                    // Get the first if there are multiple entries
                     if ($userInfos[$this->ldap->getAttrName('user', 'pager')][0]) {
                         $userPager = "'" . $userInfos[$this->ldap->getAttrName('user', 'pager')][0] . "'";
                     }
@@ -257,9 +247,7 @@ public function updateUserDn()
                 }
             }
             if (isset($this->contactInfos['contact_id'])) {
-                /*
-                 * Update the user dn and extended informations for user
-                 */
+                // Update the user dn and extended informations for user
                 $this->CentreonLog->insertLog(3, "LDAP AUTH : Update user DN for user " .
                     html_entity_decode($this->contactInfos['contact_alias'], ENT_QUOTES, 'UTF-8'));
                 $queryUpdateExtInfos = "UPDATE contact SET
@@ -279,9 +267,7 @@ public function updateUserDn()
                 }
                 $this->contactInfos['contact_ldap_dn'] = $userDn;
 
-                /*
-                 * try to update user groups from AD
-                 */
+                // try to update user groups from AD
                 try {
                     include_once(realpath(dirname(__FILE__) .  '/centreonContactgroup.class.php'));
                     $cgs = new CentreonContactgroup($this->pearDB);
@@ -292,24 +278,21 @@ public function updateUserDn()
 
                 return true;
             } else {
-                /*
-                 * Find the template ID
-                 */
+                // Find the template ID
                 $query = "SELECT ari_value
                           FROM `auth_ressource_info` a, `contact` c
                           WHERE a.`ari_name` = 'ldap_contact_tmpl'
                           AND a.ar_id = ".$this->pearDB->escape($this->arId)."
                           AND a.ari_value = c.contact_id";
                 $res = $this->pearDB->query($query);
-                $row = $res->fetchRow();
+                $row = $res->fetch();
                 if (!isset($row['ari_value']) || !$row['ari_value']) {
                     $this->CentreonLog->insertLog(3, "LDAP AUTH : No contact template defined.");
                     return false;
                 }
                 $tmplId = $row['ari_value'];
-                /*
-                 * Insert user in database
-                 */
+
+                // Insert user in database
                 $query = "INSERT INTO contact
                     (contact_template_id, contact_alias, contact_name, contact_auth_type, contact_ldap_dn, ar_id,
                     contact_email, contact_pager, contact_oreon, contact_activate, contact_register,
@@ -320,14 +303,13 @@ public function updateUserDn()
                     ", " . $userEmail . ", " . $userPager . ", '1', '1', '1', '2')";
                 try {
                     $this->pearDB->query($query);
-                    /*
-                     * Get the contact_id
-                     */
+
+                    // Get the contact_id
                     $query = "SELECT contact_id FROM contact
                         WHERE contact_ldap_dn = '" . $this->pearDB->escape($userDn) . "'";
                     $res = $this->pearDB->query($query);
-                    $row = $res->fetchRow();
-                    $contact_id = $row['contact_id'];
+                    $row = $res->fetch();
+                    $this->contactInfos['contact_id'] = $row['contact_id'];
                     $listGroup = $this->ldap->listGroupsForUser($userDn);
                     $listGroupStr = "";
                     foreach ($listGroup as $gName) {
@@ -341,16 +323,22 @@ public function updateUserDn()
                     }
                     $query = "SELECT cg_id FROM contactgroup WHERE cg_name IN (" . $listGroupStr . ")";
                     $res = $this->pearDB->query($query);
-                    /*
-                     * Insert the relation between contact and contact group
-                     */
-                    while ($row = $res->fetchRow()) {
-                        $query = "INSERT INTO contactgroup_contact_relation
-    	            						(contactgroup_cg_id, contact_contact_id)
-    	            					VALUES (" . $row['cg_id'] . ", " . $contact_id . ")";
-                        $this->pearDB->query($query);
+
+                    // Insert the relation between contact and contactgroups
+                    $query = "INSERT INTO contactgroup_contact_relation (contactgroup_cg_id, contact_contact_id) " .
+                        "VALUES (:ldapCg, :contactId)";
+                    $stmt = $this->pearDB->prepare($query);
+                    while ($row = $res->fetch()) {
+                        $stmt->bindValue(':ldapCg', $row['cg_id'], PDO::PARAM_INT);
+                        $stmt->bindValue(':contactId', $this->contactInfos['contact_id'], PDO::PARAM_INT);
+                        $stmt->execute();
                     }
-                    return true;
+                    // Insert the relation between the LDAP's default contactgroup and the user
+                    // returns true if everything goes well
+                    return $this->ldap->addUserToLdapDefautCg(
+                        $this->arId,
+                        $this->contactInfos['contact_id']
+                    );
                 } catch (\PDOException $e) {
                     // Nothing
                 }