Merge branch 'main' into patch-7

Author: simonLeary42

Diff for: .github/workflows/lint.yml

@@ -29,7 +29,7 @@ jobs:
       - name: Set up PHP
         uses: shivammathur/setup-php@v2
         with:
-          php-version: "7.4"
+          php-version: "8.3"
           coverage: none
           tools: phpcs
 

Diff for: CONTRIBUTING.md

@@ -8,7 +8,7 @@ When submitting pull requests, the pull request should be made to the version yo
 
 ## Conventions
 
-This code base is currently using PHP version 7.4. All files are required to be linted with PSR-12 standard. This repository will automatically check PRs for linting compliance.
+This code base is currently using PHP version 8.3. All files are required to be linted with PSR-12 standard. This repository will automatically check PRs for linting compliance.
 
 ## Development Environment
 
@@ -33,8 +33,6 @@ The test environment ships with a number of users that can be used for testing.
 
 The following users are available for testing:
 
-* `[email protected]` - admin user who is a member of pi_user1_domain_edu
-* `[email protected]` - admin user
 * `[email protected]` - user who is the owner of pi_user1_domain_edu
 * `[email protected]` - user who is the owner of pi_user2_domain_edu
 * `[email protected]` - user who is a member of pi_user1_domain_edu
@@ -51,4 +49,4 @@ The following users are available for testing:
 
 ### Changes to Dev Environment
 
-Should the default schema of the web portal change, the `ldap/bootstrap.ldif` and `sql/bootstrap.sql` must be updated for the LDAP server and the MySQL server, respectively.
+Should the default schema of the web portal change, the `ldap/bootstrap.ldif` and `sql/bootstrap.sql` must be updated for the LDAP server and the MySQL server, respectively.

Diff for: README.md

@@ -22,17 +22,17 @@ Unity Web Portal is a PHP application built in top of MariaDB and LDAP which act
     1. Composer (`apt install composer` on Ubuntu)
     1. PHP Extensions
         1. `php-ldap`
-        2. `php-curl`
-        3. `php-redis`
-        4. `php-cli`
-        5. `php-mysql`
-        6. `php-pdo`
-2. Composer packages
+        1. `php-curl`
+        1. `php-redis`
+        1. `php-cli`
+        1. `php-mysql`
+        1. `php-pdo`
+1. Composer packages
     1. `cd` to this repository
-    2. Install packages `composer update`
-3. Setup config file `config/config.ini` according to your site deployment
-4. Setup branding file `config/branding/config.ini` according to your site deployment
-5. Point your web server's document root to `webroot` in this repo
+    1. Install packages `sudo composer update --no-plugins --no-scripts`
+1. Deployment:
+    1. configure the files in `deployment/` according to their respective `README.md` files
+1. Point your web server's document root to `webroot` in this repo
 
 The scope of this project ends at being responsible for the LDAP user database. We recommend production deployments to set up scripts which detect changes in LDAP and then perform further actions. For example, a script can be used to create Slurm scheduler accounting roles based on the LDAP information created by this website.
 
@@ -46,7 +46,7 @@ The update process is similar to the installation process:
 
 1. Clone the release and follow installation instructions 1 and 2 from above.
 2. Copy the following folders from the old installation to the new one:
-    1. `config`
+    1. `deployment`
     2. `webroot/assets/footer_logos`
 
 We recommend a deployment where each version of the portal is its own clone, then just change a symlink to point to the new version. This way a rollback is much easier.

Diff for: defaults/config.ini.default

@@ -21,7 +21,7 @@ user_ou = "ou=users,dc=unityhpc,dc=test"  ; User organizational unit
 group_ou = "ou=groups,dc=unityhpc,dc=test"  ; Group organizational unit
 pigroup_ou = "ou=pi_groups,dc=unityhpc,dc=test"  ; PI Group organizational unit
 orggroup_ou = "ou=org_groups,dc=unityhpc,dc=test"  ; ORG group organizational unit
-admin_group = "cn=sudo,dc=unityhpc,dc=test"  ; admin dn (members of this group are admins on the web portal)
+admin_group = "cn=web_admins,dc=unityhpc,dc=test"  ; admin dn (members of this group are admins on the web portal)
 def_user_shell = "/bin/bash"  ; Default shell for new users
 
 [sql]

Diff for: resources/lib/UnityUser.php

@@ -555,7 +555,7 @@ public function getHomeDir($ignorecache = false)
     }
 
     /**
-     * Checks if the current account is an admin (in the sudo group)
+     * Checks if the current account is an admin (in the web_admins group)
      *
      * @return boolean true if admin, false if not
      */
@@ -572,7 +572,7 @@ public function isAdmin()
      */
     public function isPI()
     {
-        return $this->getPIGroup()->exists();
+        return @$this->getPIGroup()->exists();
     }
 
     public function getPIGroup()

Diff for: tools/docker-dev/build.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
-
+set -e
 cd "$(dirname "$0")"
 
 docker-compose down
 docker-compose build --no-cache
-docker image prune
+docker image prune

Diff for: tools/docker-dev/identity/Dockerfile

@@ -1,4 +1,4 @@
-FROM ubuntu:20.04
+FROM ubuntu:24.04
 
 # OpenLDAP Server
 ARG DEBIAN_FRONTEND=noninteractive
@@ -36,4 +36,4 @@ RUN echo "ServerName 127.0.0.1" >> /etc/apache2/apache2.conf
 EXPOSE 80
 EXPOSE 389
 
-CMD apache2ctl -D FOREGROUND & slapd -h "ldap:/// ldapi:///" -u openldap -g openldap -d 0
+CMD apache2ctl -D FOREGROUND & slapd -h "ldap:/// ldapi:///" -u openldap -g openldap -d 0

Diff for: tools/docker-dev/identity/bootstrap.ldif

@@ -11,9 +11,10 @@ objectclass: top
 objectclass: simpleSecurityObject
 objectclass: organizationalRole
 userPassword: {SSHA}d6WBSm5wjlNpMwil1KQY+Uo4o/vc6PnR
+description: for LDAP server administration purposes, not a valid login to web portal
 
-dn: cn=sudo,dc=unityhpc,dc=test
-cn: sudo
+dn: cn=web_admins,dc=unityhpc,dc=test
+cn: web_admins
 gidnumber: 500
 memberuid: user1_org1_test
 memberuid: user2_org1_test

Diff for: tools/docker-dev/run.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-
+set -e
 cd "$(dirname "$0")"
 
-docker-compose up
+docker-compose up

Diff for: tools/docker-dev/sql/Dockerfile

@@ -1,15 +1,16 @@
-FROM ubuntu:20.04
+FROM ubuntu:24.04
 
 ARG DEBIAN_FRONTEND=noninteractive
 RUN apt-get update && apt-get install -y \
     mariadb-server \
     mariadb-client \
     apache2 \
+    php8.3 \
     phpmyadmin
 RUN sed -i '/bind-address/c\bind-address = 0.0.0.0' /etc/mysql/mariadb.conf.d/50-server.cnf
 COPY bootstrap.sql /tmp/bootstrap.sql
 
-RUN service mysql start; \
+RUN service mariadb start; \
     mariadb -e "CREATE DATABASE unity"; \
     mariadb -e "CREATE USER 'unity'@'%' IDENTIFIED BY 'password'"; \
     mariadb -e "GRANT ALL PRIVILEGES ON unity.* TO 'unity'@'%'"; \
@@ -28,4 +29,4 @@ RUN echo "ServerName 127.0.0.1" >> /etc/apache2/apache2.conf
 EXPOSE 80
 EXPOSE 3306
 
-CMD apache2ctl -D FOREGROUND & mysqld
+CMD apache2ctl -D FOREGROUND & mysqld --user=root