Version 0.8.0

3liz · Jul 25, 2024 · c7047ec · c7047ec
1 parent 00f1c2a
commit c7047ec
Show file tree

Hide file tree

Showing 6 changed files with 61 additions and 43 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,25 @@
 
 ## Unreleased
 
+
+## 0.8.0 - 2024-07-25
+
+### Changed
+
+* Compatibility for Lizmap Web Client 3.6 & 3.7 - Remove compatibility for Lizmap Web Client 3.5
+* Exclude some files from the Composer package
+
+### Added
+
+* User authentication - Allow the use of Basic authentication for /user/login endpoint
+* When using SAML authentication protocol, add synchronization of Roles and SI 
+  (feature taken from the old deprecated module gobs)
+
+### Fixed
+
+* Tools - Better errors catchment when executing SQL queries
+
+
 ## 0.7.0 - 2023-07-25
 
 ### Changed

diff --git a/gobsapi/classes/Project.class.php b/gobsapi/classes/Project.class.php
@@ -220,12 +220,12 @@ public function getProjectPropertiesFromDatabase()
         $cnx = jDb::getConnection($this->connectionProfile);
         $projectCode = $this->project_key;
         $groups = implode('@@', $this->userGroups);
-        $sql = "
+        $sql = '
             WITH
             proj AS (
                 SELECT id
                 FROM gobs.project
-                WHERE pt_code = ".$cnx->quote($projectCode)."
+                WHERE pt_code = '.$cnx->quote($projectCode)."
                 LIMIT 1
             ),
             global_view AS (
@@ -264,11 +264,12 @@ public function getProjectPropertiesFromDatabase()
             INNER JOIN merged_views AS mv
                 ON mv.fk_id_project = p.id
 
-            WHERE p.pt_code = ".$cnx->quote($projectCode)."
+            WHERE p.pt_code = ".$cnx->quote($projectCode).'
             LIMIT 1
-        ";
+        ';
 
         $resultset = null;
+
         try {
 
             $resultset = $cnx->prepare($sql);

diff --git a/gobsapi/classes/gobsapiListener.listener.php b/gobsapi/classes/gobsapiListener.listener.php
@@ -1,31 +1,30 @@
 <?php
 /**
- * @package   lizmap
- * @subpackage gobsapi
  * @author    3liz
  * @copyright 2020 3liz
- * @link      http://3liz.com
+ *
+ * @see      http://3liz.com
+ *
  * @license   All rights reserved
  */
-
-class gobsapiListenerListener  extends \jEventListener {
-
+class gobsapiListenerListener extends \jEventListener
+{
     /**
      * @param \jEvent $event
      */
-    function onAuthLogin($event) {
+    public function onAuthLogin($event)
+    {
         /** @var samlAuthDriver $driver */
         $driver = \jAuth::getDriver();
         if (get_class($driver) != 'samlAuthDriver') {
             return;
         }
 
         $attributes = $driver->getSAMLAttributes();
-        \jLog::dump($attributes, "onAuthLogin: SAML attributes");
-
+        \jLog::dump($attributes, 'onAuthLogin: SAML attributes');
 
         $allGroups = array();
-        foreach(jAcl2DbUserGroup::getGroupList() as $group) {
+        foreach (jAcl2DbUserGroup::getGroupList() as $group) {
             $allGroups[$group->id_aclgrp] = $group;
         }
 
@@ -53,33 +52,32 @@ function onAuthLogin($event) {
             $groupsOfUser = array_merge($groupsOfUser, $this->registerGroups($allGroups, $attributes['GOBS_SI'], 'GOBS_SI'));
         }
 
-        \jLog::dump(array_keys($groupsOfUser), "onAuthLogin: Groupes de l'utilisateur $login");
+        \jLog::dump(array_keys($groupsOfUser), "onAuthLogin: Groupes de l'utilisateur {$login}");
         $groupToRemove = array();
-        foreach(jAcl2DbUserGroup::getGroupList($login) as $group) {
+        foreach (jAcl2DbUserGroup::getGroupList($login) as $group) {
             if ($group->grouptype == 2) {
                 // private group, let's ignore
                 continue;
             }
             if (isset($groupsOfUser[$group->id_aclgrp])) {
                 // the user is already in the group
                 unset($groupsOfUser[$group->id_aclgrp]);
-            }
-            else {
+            } else {
                 // the user is in a group that is not listed in roles given by SAML
                 // let's remove him from it
                 $groupToRemove[] = $group->id_aclgrp;
             }
         }
 
         $hasChanges = false;
-        foreach($groupToRemove as $grpId) {
-            \jLog::log("onAuthLogin: Remove $login from $grpId");
+        foreach ($groupToRemove as $grpId) {
+            \jLog::log("onAuthLogin: Remove {$login} from {$grpId}");
             \jAcl2DbUserGroup::removeUserFromGroup($login, $grpId);
             $hasChanges = true;
         }
 
-        foreach($groupsOfUser as $grpId => $ok) {
-            \jLog::log("onAuthLogin: Add $login into $grpId");
+        foreach ($groupsOfUser as $grpId => $ok) {
+            \jLog::log("onAuthLogin: Add {$login} into {$grpId}");
             \jAcl2DbUserGroup::addUserToGroup($login, $grpId);
             $hasChanges = true;
         }
@@ -89,7 +87,8 @@ function onAuthLogin($event) {
         }
     }
 
-    protected function registerGroups(&$allGroups, $samlGroups, $rolesName) {
+    protected function registerGroups(&$allGroups, $samlGroups, $rolesName)
+    {
         $groupsOfUser = array();
         $adminGroup = array();
         if (isset(jApp::config()->gobsapi['adminSAMLGobsRoleName'])) {
@@ -99,21 +98,22 @@ protected function registerGroups(&$allGroups, $samlGroups, $rolesName) {
             }
         }
 
-        foreach($samlGroups as $roleAsJson) {
+        foreach ($samlGroups as $roleAsJson) {
             $role = @json_decode($roleAsJson, true);
             if (!$role || !isset($role['code']) || $role['code'] == '') {
                 \jLog::log('gobs login: bad role value into '.$rolesName.', not a json or code property missing: '.$roleAsJson, 'error');
+
                 continue;
             }
             $idGrp = $role['code'];
-            $name = isset($role['label']) ? $role['label']: $idGrp;
+            $name = isset($role['label']) ? $role['label'] : $idGrp;
             if ($name == '') {
                 $name = $idGrp;
             }
             if (!isset($allGroups[$idGrp])) {
                 \jAcl2DbUserGroup::createGroup($name, $idGrp);
                 if (in_array($idGrp, $adminGroup)) {
-                    foreach(jAcl2DbManager::$ACL_ADMIN_RIGHTS as $role)  {
+                    foreach (jAcl2DbManager::$ACL_ADMIN_RIGHTS as $role) {
                         \jAcl2DbManager::addRight($idGrp, $role);
                     }
                     \jAcl2DbManager::addRight($idGrp, 'acl.group.create');
@@ -137,7 +137,7 @@ protected function registerGroups(&$allGroups, $samlGroups, $rolesName) {
 
             $groupsOfUser[$idGrp] = true;
         }
+
         return $groupsOfUser;
     }
-
 }
diff --git a/gobsapi/install/configure.php b/gobsapi/install/configure.php
@@ -8,14 +8,14 @@
  * @license    GPL 3
  */
 
-use \jelix\Routing\UrlMapping\EntryPointUrlModifier;
-use \Jelix\Routing\UrlMapping\MapEntry\MapInclude;
+use jelix\Routing\UrlMapping\EntryPointUrlModifier;
+use Jelix\Routing\UrlMapping\MapEntry\MapInclude;
 
 /**
- * Configurator for Lizmap 3.6+/Jelix 1.8+
+ * Configurator for Lizmap 3.6+/Jelix 1.8+.
  */
-class gobsapiModuleConfigurator extends \Jelix\Installer\Module\Configurator {
-
+class gobsapiModuleConfigurator extends \Jelix\Installer\Module\Configurator
+{
     public function getDefaultParameters()
     {
         return array();
@@ -26,10 +26,9 @@ public function declareUrls(EntryPointUrlModifier $registerOnEntryPoint)
         $registerOnEntryPoint->havingName(
             'gobsapi',
             array(
-                new MapInclude('urls.xml')
+                new MapInclude('urls.xml'),
             )
-        )
-        ;
+        );
     }
 
     public function getEntryPointsToCreate()
@@ -40,12 +39,11 @@ public function getEntryPointsToCreate()
                 'gobsapi/config.ini.php',
                 'gobsapi.php',
                 'config/config.ini.php'
-            )
+            ),
         );
     }
 
-
-    function configure(\Jelix\Installer\Module\API\ConfigurationHelpers $helpers)
+    public function configure(Jelix\Installer\Module\API\ConfigurationHelpers $helpers)
     {
         // Copy configuration file for user defined options
         // TODO: This file should be editable by the admin user in LWC admin panel
@@ -57,13 +55,13 @@ function configure(\Jelix\Installer\Module\API\ConfigurationHelpers $helpers)
         // Adapt SAML configuration it is exists
         $authConfigfile = \jApp::varConfigPath('saml/saml.coord.ini.php');
         if (file_exists($authConfigfile)) {
-            $authConfig =  new \Jelix\IniFile\IniModifier($authConfigfile);
-            $authConfig->setValue('userform', "lizmap~account", 'saml');
+            $authConfig = new \Jelix\IniFile\IniModifier($authConfigfile);
+            $authConfig->setValue('userform', 'lizmap~account', 'saml');
             $authConfig->save();
         }
 
         $localConfigFile = \jApp::varConfigPath('localconfig.ini.php');
-        $localConfig =  new \Jelix\IniFile\IniModifier($localConfigFile);
+        $localConfig = new \Jelix\IniFile\IniModifier($localConfigFile);
         if (!isset(jApp::config()->gobsapi['adminSAMLGobsRoleName'])) {
             $localConfig->setValue('adminSAMLGobsRoleName', 'ROLE_GOBS_ADMIN', 'gobsapi', '');
             $localConfig->setValue('adminSAMLGobsRoleName', 'GOBS_ADMIN', 'gobsapi', '');

diff --git a/gobsapi/install/install.php b/gobsapi/install/install.php
@@ -7,7 +7,7 @@
  *
  * @license    GPL 3
  */
-class gobsapiModuleInstaller extends  \Jelix\Installer\Module\Installer
+class gobsapiModuleInstaller extends \Jelix\Installer\Module\Installer
 {
     public function install(Jelix\Installer\Module\API\InstallHelpers $helpers)
     {

diff --git a/gobsapi/module.xml b/gobsapi/module.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module xmlns="http://jelix.org/ns/module/1.0">
     <info id="gobsapi" name="gobsapi" createdate="2020-10-02">
-        <version date="2023-07-25">0.7.0</version>
+        <version date="2023-07-25">0.8.0</version>
         <label lang="en_US">gobsapi</label>
         <description lang="en_US" />
         <license URL="">Mozilla Public Licence (MPL)</license>