From 222c8ec5bb49aa3cd7327d707a957cde592401c6 Mon Sep 17 00:00:00 2001 From: Matheus Barbosa Silva <36537004+matheusbsilva137@users.noreply.github.com> Date: Mon, 22 May 2023 14:29:05 -0300 Subject: [PATCH] feat: [ENTERPRISE] Add setting to control user merge on LDAP Background Sync (#28814) --- .changeset/cold-meals-camp.md | 5 +++++ .../app/importer/server/classes/ImportDataConverter.ts | 6 ++++++ apps/meteor/ee/server/lib/ldap/Manager.ts | 4 +++- apps/meteor/ee/server/settings/ldap.ts | 10 ++++++++++ apps/meteor/packages/rocketchat-i18n/i18n/en.i18n.json | 2 ++ 5 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 .changeset/cold-meals-camp.md diff --git a/.changeset/cold-meals-camp.md b/.changeset/cold-meals-camp.md new file mode 100644 index 0000000000000..7cda86a6010b7 --- /dev/null +++ b/.changeset/cold-meals-camp.md @@ -0,0 +1,5 @@ +--- +"@rocket.chat/meteor": patch +--- + +feat: [ENTERPRISE] Add setting to control user merge on LDAP Background Sync diff --git a/apps/meteor/app/importer/server/classes/ImportDataConverter.ts b/apps/meteor/app/importer/server/classes/ImportDataConverter.ts index 28ca08b65a63a..b14595ab7d5f0 100644 --- a/apps/meteor/app/importer/server/classes/ImportDataConverter.ts +++ b/apps/meteor/app/importer/server/classes/ImportDataConverter.ts @@ -52,6 +52,7 @@ type IMessageReactions = Record; export type IConverterOptions = { flagEmailsAsVerified?: boolean; skipExistingUsers?: boolean; + skipNewUsers?: boolean; }; const guessNameFromUsername = (username: string): string => @@ -83,6 +84,7 @@ export class ImportDataConverter { this._options = options || { flagEmailsAsVerified: false, skipExistingUsers: false, + skipNewUsers: false, }; this._userCache = new Map(); this._userDisplayNameCache = new Map(); @@ -345,6 +347,10 @@ export class ImportDataConverter { await this.skipRecord(_id); continue; } + if (!existingUser && this._options.skipNewUsers) { + await this.skipRecord(_id); + continue; + } if (!data.username) { data.username = await generateUsernameSuggestion({ diff --git a/apps/meteor/ee/server/lib/ldap/Manager.ts b/apps/meteor/ee/server/lib/ldap/Manager.ts index df20410a223c2..dd107b5cf6dde 100644 --- a/apps/meteor/ee/server/lib/ldap/Manager.ts +++ b/apps/meteor/ee/server/lib/ldap/Manager.ts @@ -23,9 +23,11 @@ export class LDAPEEManager extends LDAPManager { const createNewUsers = settings.get('LDAP_Background_Sync_Import_New_Users') ?? true; const updateExistingUsers = settings.get('LDAP_Background_Sync_Keep_Existant_Users_Updated') ?? true; + const mergeExistingUsers = settings.get('LDAP_Background_Sync_Merge_Existent_Users') ?? false; const options = this.getConverterOptions(); options.skipExistingUsers = !updateExistingUsers; + options.skipNewUsers = !createNewUsers; const ldap = new LDAPConnection(); const converter = new LDAPDataConverter(true, options); @@ -33,7 +35,7 @@ export class LDAPEEManager extends LDAPManager { try { await ldap.connect(); - if (createNewUsers) { + if (createNewUsers || mergeExistingUsers) { await this.importNewUsers(ldap, converter); } else if (updateExistingUsers) { await this.updateExistingUsers(ldap, converter); diff --git a/apps/meteor/ee/server/settings/ldap.ts b/apps/meteor/ee/server/settings/ldap.ts index 24d3a34a5ba55..413499375b07c 100644 --- a/apps/meteor/ee/server/settings/ldap.ts +++ b/apps/meteor/ee/server/settings/ldap.ts @@ -68,6 +68,16 @@ export function addSettings(): Promise { invalidValue: true, }); + await this.add('LDAP_Background_Sync_Merge_Existent_Users', false, { + type: 'boolean', + enableQuery: [ + ...backgroundSyncQuery, + { _id: 'LDAP_Background_Sync_Keep_Existant_Users_Updated', value: true }, + { _id: 'LDAP_Merge_Existing_Users', value: true }, + ], + invalidValue: false, + }); + await this.add('LDAP_Background_Sync_Avatars', false, { type: 'boolean', enableQuery, diff --git a/apps/meteor/packages/rocketchat-i18n/i18n/en.i18n.json b/apps/meteor/packages/rocketchat-i18n/i18n/en.i18n.json index 115d8aafc6e19..3873e3448fc34 100644 --- a/apps/meteor/packages/rocketchat-i18n/i18n/en.i18n.json +++ b/apps/meteor/packages/rocketchat-i18n/i18n/en.i18n.json @@ -2870,6 +2870,8 @@ "LDAP_Background_Sync_Interval_Description": "The interval between synchronizations. Example `every 24 hours` or `on the first day of the week`, more examples at [Cron Text Parser](http://bunkat.github.io/later/parsers.html#text)", "LDAP_Background_Sync_Keep_Existant_Users_Updated": "Background Sync Update Existing Users", "LDAP_Background_Sync_Keep_Existant_Users_Updated_Description": "Will sync the avatar, fields, username, etc (based on your configuration) of all users already imported from LDAP on every **Sync Interval**", + "LDAP_Background_Sync_Merge_Existent_Users": "Background Sync Merge Existing Users", + "LDAP_Background_Sync_Merge_Existent_Users_Description": "Will merge all users (based on your filter criteria) that exist in LDAP and also exist in Rocket.Chat. To enable this, activate the 'Merge Existing Users' setting in the Data Sync tab.", "LDAP_BaseDN": "Base DN", "LDAP_BaseDN_Description": "The fully qualified Distinguished Name (DN) of an LDAP subtree you want to search for users and groups. You can add as many as you like; however, each group must be defined in the same domain base as the users that belong to it. Example: `ou=Users+ou=Projects,dc=Example,dc=com`. If you specify restricted user groups, only users that belong to those groups will be in scope. We recommend that you specify the top level of your LDAP directory tree as your domain base and use search filter to control access.", "LDAP_CA_Cert": "CA Cert",