fix(avs): fix #165 by updating userCompanyDepartmen and userCompanyPersonalNumer

- Die interne Firma Assoziation im User-Eintrag wird gelöscht, sobald der letzte erfolgreiche LDAP Sync älter ist als der eingestellte SYNCHRONISE_LDAP_EXPIRE (default = halbes Jahr). - Firmen-Assoziation wird ebenfalls gelöscht, falls vorhanden - Die Personalnummer bleibt erhalten, wenn das AVS diese noch liefert; ansonsten wird sie ebenfalls gelöscht. - UserLdapPrimaryKey wird ggf. von AVS aktualisiert
2024-06-12 17:48:17 +02:00 · 2024-06-12 17:48:17 +02:00 · 76e0710c7b
commit 76e0710c7b
parent a3beca87d1
3 changed files with 27 additions and 13 deletions
--- a/models/company.model
+++ b/models/company.model
@ -5,7 +5,7 @@
 -- Description of companies associated with users

 Company  
-  name            CompanyName             -- == (CI Text)
+  name            CompanyName             -- == (CI Text) -- NOTE: Fraport department name may carry additional information; use the Shorthand with respect to UserCompanyDepartment
  shorthand       CompanyShorthand        -- == (CI Text) and CompanyKey :: CompanyShorthand -> CompanyId   A change to AvsId as primary key is too much work and not strictly necessary due to Uniqueness
  avsId           Int     default=0       -- primary key from avs, use negative numbers for non-AVS companies 
  prefersPostal   Bool    default=false   -- new company users prefers letters by post instead of email
--- a/src/Handler/Utils/Avs.hs
+++ b/src/Handler/Utils/Avs.hs
@ -329,20 +329,40 @@ updateAvsUserByADC (AvsDataContact apid newAvsPersonInfo newAvsFirmInfo) = runMa
      let usrId = userAvsUser usravs
      usr <- MaybeT $ get usrId
      lift $ do -- maybeT no longer needed from here onwards
-        newAvsCardNo <- queryAvsFullCardNo apid               -- Nothing os ok here, does not throw
-        now <- liftIO getCurrentTime
-        mbLdapExpire <- getsYesod $ views appSettings appSynchroniseLdapUsersExpire
        let oldAvsPersonInfo = userAvsLastPersonInfo usravs   -- Nothing is ok here
            oldAvsFirmInfo   = userAvsLastFirmInfo   usravs   -- Nothing is ok here
            oldAvsCardNo     = userAvsLastCardNo     usravs & fmap Just
-            per_ups = mapMaybe (mkUpdate' usr newAvsPersonInfo oldAvsPersonInfo)
+        newAvsCardNo <- queryAvsFullCardNo apid               -- Nothing os ok here, does not throw
+        now <- liftIO getCurrentTime
+        mbLdapExpire <- getsYesod $ views appSettings appSynchroniseLdapUsersExpire
+        ldap_ups <- if  | Just ldapExpire   <- mbLdapExpire
+                        , maybe True (\lastLdapSync -> now > addUTCTime ldapExpire lastLdapSync) (userLastLdapSynchronisation usr)
+                        , Just udep <- userCompanyDepartment usr              
+                        , let aipn = newAvsPersonInfo ^? _avsInfoInternalPersonalNo . _Just . _avsInternalPersonalNo
+                              depKey = CompanyKey $ stripCI udep -- Shorthand is returned by LDAP
+                          -> do -- LDAP sync invalid/expired                          
+                            usrComp <- getBy $ UniqueUserCompany usrId depKey
+                            whenIsJust usrComp $ \Entity{entityKey=ucKey, entityVal=UserCompany{userCompanySupervisor=isSuper, userCompanySupervisorReroute=rroute}} -> do
+                              delete ucKey
+                              when isSuper $ reportAdminProblem $ AdminProblemSupervisorLeftCompany usrId depKey rroute
+                            return  [ UserCompanyDepartment     =. Nothing
+                                    , UserCompanyPersonalNumber =. aipn
+                                    , UserLdapPrimaryKey        =. aipn
+                                    ]
+                        | otherwise
+                          -> return $ mapMaybe (mkUpdate' usr newAvsPersonInfo oldAvsPersonInfo) $
+                              bcons (isJust $ newAvsPersonInfo ^? _avsInfoInternalPersonalNo . _Just . _avsInternalPersonalNo)
+                              ( CheckUpdate UserLdapPrimaryKey         $ _avsInfoInternalPersonalNo . _Just . _avsInternalPersonalNo . re _Just)
+                              [ CheckUpdate UserCompanyPersonalNumber  $ _avsInfoInternalPersonalNo . _Just . _avsInternalPersonalNo . re _Just
+                              ]
+        let per_ups = mapMaybe (mkUpdate' usr newAvsPersonInfo oldAvsPersonInfo)
                      [ CheckUpdate UserFirstName                _avsInfoFirstName
                      , CheckUpdate UserSurname                  _avsInfoLastName
                      , CheckUpdate UserDisplayName              _avsInfoDisplayName
                      , CheckUpdate UserBirthday                 _avsInfoDateOfBirth
                      , CheckUpdate UserMobile                   _avsInfoPersonMobilePhoneNo
                      , CheckUpdate UserMatrikelnummer         $ _avsInfoPersonNo . re _Just                                              -- Maybe im User, aber nicht im AvsInfo; also: `re _Just` work like `to Just`
-                      , CheckUpdate UserCompanyPersonalNumber  $ _avsInfoInternalPersonalNo . _Just . _avsInternalPersonalNo . re _Just   -- Maybe im User und im AvsInfo
+                      -- , CheckUpdate UserCompanyPersonalNumber  $ _avsInfoInternalPersonalNo . _Just . _avsInternalPersonalNo . re _Just   -- Maybe im User und im AvsInfo; needs special treatment, see ldap_ups above
                      ]
            apiEmail = _avsInfoPersonEMail  . to (fromMaybe mempty) . from _CI
            afiEmail = _avsFirmPrimaryEmail . to (fromMaybe mempty) . from _CI
@ -361,12 +381,6 @@ updateAvsUserByADC (AvsDataContact apid newAvsPersonInfo newAvsFirmInfo) = runMa
                        CheckUpdate UserPostAddress _avsFirmPostAddress                                                                   -- since company address should now be referenced with UserCompany instead
            pin_up  = mkUpdate' usr newAvsCardNo     oldAvsCardNo      $                                                                  -- Maybe update PDF pin to latest card
                        CheckUpdate UserPinPassword $ to $ fmap avsFullCardNo2pin -- _Just . to avsFullCardNo2pin . re _Just
-            ldap_ups = case (userLastLdapSynchronisation usr, mbLdapExpire) of
-                        (Just lastLdapSync, Just ldapExpire) | now > addUTCTime ldapExpire lastLdapSync 
-                                    ->  [ UserCompanyDepartment      =. Nothing 
-                                        , UserCompanyPersonalNumber  =. Nothing
-                                        ]
-                        _otherwise  -> []
            usr_up1 = eml_up `mcons` (frm_up `mcons` (pin_up `mcons` (ldap_ups <> per_ups)))
            avs_ups = ((UserAvsNoPerson =.) <$> readMay (avsInfoPersonNo newAvsPersonInfo)) `mcons`
                      [ UserAvsLastSynch      =. now
--- a/src/Handler/Utils/Company.hs
+++ b/src/Handler/Utils/Company.hs
@ -87,7 +87,7 @@ switchAvsUserCompany usrPostEmailUpds keepOldCompanySupervs uid newCompanyId = d
    let usrPostAddr :: Maybe StoredMarkup = userPostAddress usrRec
        avsPostAddr :: Maybe StoredMarkup = mbUsrAvs ^? _Just . _entityVal . _userAvsLastFirmInfo . _Just . _avsFirmPostAddress . _Just
        usrPostUp = toMaybe (usrPostEmailUpds && fromMaybe False (liftA2 isSimilarMarkup usrPostAddr avsPostAddr))
-                      (UserPostAddress =. Nothing)                                                   -- use company address indirectyl instead
+                      (UserPostAddress =. Nothing)                                                   -- use company address indirectly instead
        usrPrefPost = userPrefersPostal usrRec
        usrPrefPostUp = toMaybe (Just usrPrefPost == (mbOldComp ^? _Just . _companyPrefersPostal)) 
                      (UserPrefersPostal  =. companyPrefersPostal newCompany)