From e0fd78936fe03fb2cd24efc10d3b2871c0456c12 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jacobo=20Aragunde=20P=C3=A9rez?= <jaragunde@igalia.com>
Date: Thu, 16 Mar 2023 12:25:56 +0100
Subject: [PATCH] [#173] Report warning message from LDAP backend to users.

When updating a login name in the LDAP backend there is a risk of side
effects. With this change, we are able to report the success message
from the backend through the UI instead of overwriting it with another
string, so we can warn users when doing that operation.
---
 model/dao/UserDAO/HybridUserDAO.php | 7 +++++--
 web/services/createUsersService.php | 9 ++++++---
 web/services/deleteUsersService.php | 8 ++++++--
 web/services/updateUsersService.php | 9 ++++++---
 web/viewUsers.php                   | 8 ++++++--
 5 files changed, 29 insertions(+), 12 deletions(-)

diff --git a/model/dao/UserDAO/HybridUserDAO.php b/model/dao/UserDAO/HybridUserDAO.php
index 417c87009..0bb9b4996 100644
--- a/model/dao/UserDAO/HybridUserDAO.php
+++ b/model/dao/UserDAO/HybridUserDAO.php
@@ -419,13 +419,16 @@ public function getJourneyHistory($userId) {
      *
      * This function updates the data of a User by its {@link UserVO}.
      * WARNING: this function allows to update to a name that does not exist in LDAP.
-     * Do we really want this behavior?
+     * A user with a name not matching the LDAP won't be able to log in, this should be a
+     * transitory situation while the name is not updated in both places.
      *
      * @param UserVO $userVO the {@link UserVO} with the data we want to update on database.
      * @return OperationResult the result {@link OperationResult} with information about operation status
      */
     public function update(UserVO $userVO) {
-        return parent::update($userVO);
+        $result = parent::update($userVO);
+        $result->setMessage("Warning: user names not matching LDAP won't be able to login.");
+        return $result;
     }
 
     /** User creator for LDAP/PostgreSQL Hybrid.
diff --git a/web/services/createUsersService.php b/web/services/createUsersService.php
index 33f261188..9e140bc22 100644
--- a/web/services/createUsersService.php
+++ b/web/services/createUsersService.php
@@ -160,11 +160,14 @@
 
         } while ($parser->read());
 
-
+        $successMessage = "";
         foreach((array)$createUsers as $createUser)
         {
             $result = UsersFacade::CreateUser($createUser);
-            if (!$result->getIsSuccessful()) {
+            if ($result->getIsSuccessful()) {
+                $successMessage .= $result->getMessage() . "\n";
+            }
+            else {
                 http_response_code($result->getResponseCode());
                 $string = "<return service='createUsers'><error id='" . $result->getErrorNumber() . "'>" .
                         $result->getMessage() . "</error></return>";
@@ -193,7 +196,7 @@
         if (!$string)
         {
 
-            $string = "<return service='createUsers'><ok>Operation Success!</ok><users>";
+            $string = "<return service='createUsers'><ok>" . $successMessage . "</ok><users>";
 
             foreach((array) $createUsers as $createUser)
             {
diff --git a/web/services/deleteUsersService.php b/web/services/deleteUsersService.php
index f4ae4994b..50bec9101 100644
--- a/web/services/deleteUsersService.php
+++ b/web/services/deleteUsersService.php
@@ -125,11 +125,15 @@
             // we can ignore this error
         }
 
+        $successMessage = "";
         if (count($deleteUsers) >= 1)
             foreach((array)$deleteUsers as $user)
             {
                 $result = UsersFacade::DeleteUser($user);
-                if (!$result->getIsSuccessful()) {
+                if ($result->getIsSuccessful()) {
+                    $successMessage .= $result->getMessage() . "\n";
+                }
+                else {
                     http_response_code($result->getResponseCode());
                     $string = "<return service='updateUsers'><error id='" . $result->getErrorNumber() . "'>" .
                             $result->getMessage() . "</error></return>";
@@ -140,7 +144,7 @@
 
 
         if (!$string)
-            $string = "<return service='deleteUsers'><ok>Operation Success!</ok></return>";
+            $string = "<return service='deleteUsers'><ok>" . $successMessage . "</ok></return>";
 
     } while (false);
 
diff --git a/web/services/updateUsersService.php b/web/services/updateUsersService.php
index 7dc297138..7319bd1e7 100644
--- a/web/services/updateUsersService.php
+++ b/web/services/updateUsersService.php
@@ -175,11 +175,14 @@
 
         } while ($parser->read());
 
-
+        $successMessage = "";
         foreach((array)$updateUsers as $updateUser)
         {
             $result = UsersFacade::UpdateUser($updateUser);
-            if (!$result->getIsSuccessful()) {
+            if ($result->getIsSuccessful()) {
+                $successMessage .= $result->getMessage() . "\n";
+            }
+            else {
                 http_response_code($result->getResponseCode());
                 $string = "<return service='updateUsers'><error id='" . $result->getErrorNumber() . "'>" .
                         $result->getMessage() . "</error></return>";
@@ -230,7 +233,7 @@
         if (!$string)
         {
 
-            $string = "<return service='updateUsers'><ok>Operation Success!</ok><users>";
+            $string = "<return service='updateUsers'><ok>" . $successMessage . "</ok><users>";
 
             foreach((array) $updateUsers as $updateUser)
             {
diff --git a/web/viewUsers.php b/web/viewUsers.php
index 9b1499123..fda152114 100644
--- a/web/viewUsers.php
+++ b/web/viewUsers.php
@@ -290,8 +290,12 @@ function areas(val){
             'load': function() {
                 userGrid.getTopToolbar().getComponent('userFilter').focus();
             },
-            'write': function() {
-                App.setAlert(true, "Users Changes Saved");
+            'write': function (proxy, type, action, eOpts, res) {
+                const successTags = eOpts.raw.getElementsByTagName("ok");
+                if (successTags.length > 0)
+                    App.setAlert(true, successTags[0].innerHTML);
+                else
+                    App.setAlert(true, "Users Changes Saved");
             },
             'exception': function(proxy, type, action, eOpts, res) {
                 let parser = new DOMParser();