mirror of
https://github.com/SuiteCRM/SuiteCRM-Core.git
synced 2025-09-04 10:14:13 +08:00
57f26b8bd6
- Add AUTH_TYPE if missing - Add LDAP configs if missing - Add SAML configs if missing - Add LOGIN_THROTTLING_MAX_ATTEMPTS if missing
226 lines
7.2 KiB
PHP
226 lines
7.2 KiB
PHP
<?php
|
|
/**
|
|
* SuiteCRM is a customer relationship management program developed by SalesAgility Ltd.
|
|
* Copyright (C) 2022 SalesAgility Ltd.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it under
|
|
* the terms of the GNU Affero General Public License version 3 as published by the
|
|
* Free Software Foundation with the addition of the following permission added
|
|
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
|
|
* IN WHICH THE COPYRIGHT IS OWNED BY SALESAGILITY, SALESAGILITY DISCLAIMS THE
|
|
* WARRANTY OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
|
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
|
|
* details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
* In accordance with Section 7(b) of the GNU Affero General Public License
|
|
* version 3, these Appropriate Legal Notices must retain the display of the
|
|
* "Supercharged by SuiteCRM" logo. If the display of the logos is not reasonably
|
|
* feasible for technical reasons, the Appropriate Legal Notices must display
|
|
* the words "Supercharged by SuiteCRM".
|
|
*/
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Migrations;
|
|
|
|
use Doctrine\DBAL\Schema\Schema;
|
|
use Psr\Log\LoggerInterface;
|
|
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
|
|
use Symfony\Component\DependencyInjection\ContainerInterface;
|
|
|
|
final class Version20220912082608 extends BaseMigration implements ContainerAwareInterface
|
|
{
|
|
use EnvHandlingMigrationTrait;
|
|
|
|
/**
|
|
* @var ContainerInterface
|
|
*/
|
|
protected $container;
|
|
|
|
/**
|
|
* @var LoggerInterface
|
|
*/
|
|
protected $upgradeLogger;
|
|
|
|
public function getDescription(): string
|
|
{
|
|
return 'Add SAML and LDAP settings to .env';
|
|
}
|
|
|
|
public function isTransactional(): bool
|
|
{
|
|
return false;
|
|
}
|
|
|
|
public function up(Schema $schema): void
|
|
{
|
|
$envFile = $this->getProjectDir() . "/.env";
|
|
|
|
if (!file_exists($envFile)) {
|
|
return;
|
|
}
|
|
|
|
$envContents = file_get_contents($envFile);
|
|
|
|
$this->addAuthType($envContents, $envFile);
|
|
|
|
$this->addBaseLdapConfig($envContents, $envFile);
|
|
|
|
$this->addLdapAutoCreateConfig($envContents, $envFile);
|
|
|
|
$this->addSamlConfig($envContents, $envFile);
|
|
|
|
$this->addLoginThrottlingConfig($envContents, $envFile);
|
|
}
|
|
|
|
/**
|
|
* Check and add missing auth type
|
|
* @param $envContents
|
|
* @param string $envFile
|
|
*/
|
|
protected function addAuthType(&$envContents, string $envFile): void
|
|
{
|
|
$properties = [
|
|
'AUTH_TYPE' => 'native'
|
|
];
|
|
$wrapperStart = '###> AUTH_TYPE ###';
|
|
$wrapperEnd = '###< AUTH_TYPE ###';
|
|
|
|
$propertiesToAdd = $this->getContentToAdd($envContents, $properties, $wrapperStart, $wrapperEnd);
|
|
|
|
if (!empty($propertiesToAdd)) {
|
|
$envContents .= $propertiesToAdd;
|
|
$this->log('Added AUTH_TYPE to .env.');
|
|
file_put_contents($envFile, $envContents);
|
|
|
|
return;
|
|
}
|
|
|
|
$this->log('AUTH_TYPE already in .env, skipping.');
|
|
}
|
|
|
|
/**
|
|
* Check and add missing ldap configs
|
|
* @param $envContents
|
|
* @param string $envFile
|
|
*/
|
|
protected function addBaseLdapConfig(&$envContents, string $envFile): void
|
|
{
|
|
$properties = [
|
|
'LDAP_HOST' => "''",
|
|
'LDAP_PORT' => '389',
|
|
'LDAP_ENCRYPTION' => "'tls'",
|
|
'LDAP_PROTOCOL_VERSION' => '3',
|
|
'LDAP_REFERRALS' => 'false',
|
|
'LDAP_DN_STRING' => "''",
|
|
'LDAP_QUERY_STRING' => "''",
|
|
'LDAP_SEARCH_DN' => "''",
|
|
'LDAP_SEARCH_PASSWORD' => "''"
|
|
];
|
|
$wrapperStart = '###> LDAP CONFIG ###';
|
|
$wrapperEnd = '###< LDAP CONFIG ###';
|
|
|
|
$propertiesToAdd = $this->getContentToAdd($envContents, $properties, $wrapperStart, $wrapperEnd);
|
|
if (!empty($propertiesToAdd)) {
|
|
$envContents .= $propertiesToAdd;
|
|
file_put_contents($envFile, $envContents);
|
|
$this->log('Added LDAP CONFIG to .env.');
|
|
|
|
return;
|
|
}
|
|
|
|
$this->log('LDAP CONFIG already in .env, skipping.');
|
|
}
|
|
|
|
/**
|
|
* check and add missing ldap auto create configs
|
|
* @param $envContents
|
|
* @param string $envFile
|
|
*/
|
|
protected function addLdapAutoCreateConfig(&$envContents, string $envFile): void
|
|
{
|
|
$properties = [
|
|
'LDAP_AUTO_CREATE' => "disabled",
|
|
'LDAP_PROVIDER_BASE_DN' => "''",
|
|
'LDAP_PROVIDER_SEARCH_DN' => "''",
|
|
'LDAP_PROVIDER_SEARCH_PASSWORD' => "''",
|
|
'LDAP_PROVIDER_DEFAULT_ROLES' => "ROLE_USER",
|
|
'LDAP_PROVIDER_UID_KEY' => "''",
|
|
'LDAP_PROVIDER_FILTER' => "''"
|
|
];
|
|
$wrapperStart = '###> LDAP AUTO CREATE CONFIG ###';
|
|
$wrapperEnd = '###< LDAP AUTO CREATE CONFIG ##';
|
|
|
|
$propertiesToAdd = $this->getContentToAdd($envContents, $properties, $wrapperStart, $wrapperEnd);
|
|
if (!empty($propertiesToAdd)) {
|
|
$envContents .= $propertiesToAdd;
|
|
file_put_contents($envFile, $envContents);
|
|
$this->log('Added LDAP AUTO CREATE CONFIG to .env.');
|
|
|
|
return;
|
|
}
|
|
|
|
$this->log('LDAP AUTO CREATE CONFIG already in .env, skipping.');
|
|
}
|
|
|
|
/**
|
|
* Check and add missing saml config
|
|
* @param $envContents
|
|
* @param string $envFile
|
|
*/
|
|
protected function addSamlConfig(&$envContents, string $envFile): void
|
|
{
|
|
$properties = [
|
|
'SAML_USERNAME_ATTRIBUTE' => "uid",
|
|
'SAML_USE_ATTRIBUTE_FRIENDLY_NAME' => "true"
|
|
];
|
|
$wrapperStart = '###> SAML CONFIG ###';
|
|
$wrapperEnd = '###< SAML CONFIG ###';
|
|
|
|
$propertiesToAdd = $this->getContentToAdd($envContents, $properties, $wrapperStart, $wrapperEnd);
|
|
if (!empty($propertiesToAdd)) {
|
|
$envContents .= $propertiesToAdd;
|
|
file_put_contents($envFile, $envContents);
|
|
$this->log('Added SAML CONFIG to .env.');
|
|
|
|
return;
|
|
}
|
|
|
|
$this->log('SAML CONFIG already in .env, skipping.');
|
|
}
|
|
|
|
/**
|
|
* Check and add missing login throttling config
|
|
* @param $envContents
|
|
* @param string $envFile
|
|
*/
|
|
protected function addLoginThrottlingConfig(&$envContents, string $envFile): void
|
|
{
|
|
$properties = [
|
|
'LOGIN_THROTTLING_MAX_ATTEMPTS' => '5'
|
|
];
|
|
$wrapperStart = '###> login throttling ###';
|
|
$wrapperEnd = '###< login throttling ###';
|
|
|
|
$propertiesToAdd = $this->getContentToAdd($envContents, $properties, $wrapperStart, $wrapperEnd);
|
|
if (!empty($propertiesToAdd)) {
|
|
$envContents .= $propertiesToAdd;
|
|
file_put_contents($envFile, $envContents);
|
|
$this->log('Added LOGIN_THROTTLING_MAX_ATTEMPTS to .env.');
|
|
|
|
return;
|
|
}
|
|
|
|
$this->log('LOGIN_THROTTLING_MAX_ATTEMPTS already in .env, skipping.');
|
|
}
|
|
|
|
public function down(Schema $schema): void
|
|
{
|
|
}
|
|
}
|
