From 38d8bce275164684e824e4f9b7b2d50c6f07c728 Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <1697880+AngelFQC@users.noreply.github.com>
Date: Sat, 28 Dec 2024 13:54:49 -0500
Subject: [PATCH] Plugin: Azure: Add option to filter groups by display name -
 refs BT#21930

---
 plugin/azure_active_directory/lang/dutch.php              | 2 ++
 plugin/azure_active_directory/lang/english.php            | 2 ++
 plugin/azure_active_directory/lang/french.php             | 2 ++
 plugin/azure_active_directory/lang/spanish.php            | 2 ++
 .../azure_active_directory/src/AzureActiveDirectory.php   | 2 ++
 plugin/azure_active_directory/src/AzureCommand.php        | 8 ++++++++
 6 files changed, 18 insertions(+)

diff --git a/plugin/azure_active_directory/lang/dutch.php b/plugin/azure_active_directory/lang/dutch.php
index 48a8049ec37..22d229cd8d4 100644
--- a/plugin/azure_active_directory/lang/dutch.php
+++ b/plugin/azure_active_directory/lang/dutch.php
@@ -50,3 +50,5 @@
 $strings['script_users_delta_help'] = 'Get newly created, updated, or deleted users without having to perform a full read of the entire user collection. By default, is <code>No</code>.';
 $strings['script_usergroups_delta'] = 'Delta query for usergroups';
 $strings['script_usergroups_delta_help'] = 'Get newly created, updated, or deleted groups, including group membership changes, without having to perform a full read of the entire group collection. By default, is <code>No</code>.';
+$strings['group_filter_regex'] = 'Group filter RegEx';
+$strings['group_filter_regex_help'] = 'Regular expression to filter groups (only matches will be synchronized), e.g. <code>.*-FIL-.*</code> <code>.*-PAR-.*</code> <code>.*(FIL|PAR).*</code> <code>^(FIL|PAR).*</code>';
diff --git a/plugin/azure_active_directory/lang/english.php b/plugin/azure_active_directory/lang/english.php
index defb392d1e0..8cfd6096936 100644
--- a/plugin/azure_active_directory/lang/english.php
+++ b/plugin/azure_active_directory/lang/english.php
@@ -50,3 +50,5 @@
 $strings['script_users_delta_help'] = 'Get newly created, updated, or deleted users without having to perform a full read of the entire user collection. By default, is <code>No</code>.';
 $strings['script_usergroups_delta'] = 'Delta query for usergroups';
 $strings['script_usergroups_delta_help'] = 'Get newly created, updated, or deleted groups, including group membership changes, without having to perform a full read of the entire group collection. By default, is <code>No</code>.';
+$strings['group_filter_regex'] = 'Group filter RegEx';
+$strings['group_filter_regex_help'] = 'Regular expression to filter groups (only matches will be synchronized), e.g. <code>.*-FIL-.*</code> <code>.*-PAR-.*</code> <code>.*(FIL|PAR).*</code> <code>^(FIL|PAR).*</code>';
diff --git a/plugin/azure_active_directory/lang/french.php b/plugin/azure_active_directory/lang/french.php
index 3707e64de8b..d49ce8072bd 100644
--- a/plugin/azure_active_directory/lang/french.php
+++ b/plugin/azure_active_directory/lang/french.php
@@ -50,3 +50,5 @@
 $strings['script_users_delta_help'] = 'Get newly created, updated, or deleted users without having to perform a full read of the entire user collection. By default, is <code>No</code>.';
 $strings['script_usergroups_delta'] = 'Requête delta pour les groupes d\'utilisateurs';
 $strings['script_usergroups_delta_help'] = 'Get newly created, updated, or deleted groups, including group membership changes, without having to perform a full read of the entire group collection. By default, is <code>No</code>.';
+$strings['group_filter_regex'] = 'Group filter RegEx';
+$strings['group_filter_regex_help'] = 'Regular expression to filter groups (only matches will be synchronized), e.g. <code>.*-FIL-.*</code> <code>.*-PAR-.*</code> <code>.*(FIL|PAR).*</code> <code>^(FIL|PAR).*</code>';
diff --git a/plugin/azure_active_directory/lang/spanish.php b/plugin/azure_active_directory/lang/spanish.php
index 4885c5df063..f2b9f093f7c 100644
--- a/plugin/azure_active_directory/lang/spanish.php
+++ b/plugin/azure_active_directory/lang/spanish.php
@@ -50,3 +50,5 @@
 $strings['script_users_delta_help'] = 'Obtiene usuarios recién creados, actualizados o eliminados sin tener que realizar una lectura completa de toda la colección de usuarios. De forma predeterminada, es <code>No</code>.';
 $strings['script_usergroups_delta'] = 'Consulta delta para grupos de usuarios';
 $strings['script_usergroups_delta_help'] = 'Obtiene grupos recién creados, actualizados o eliminados, incluidos los cambios de membresía del grupo, sin tener que realizar una lectura completa de toda la colección de grupos. De forma predeterminada, es <code>No</code>';
+$strings['group_filter_regex'] = 'Group filter RegEx';
+$strings['group_filter_regex_help'] = 'Expresión regular para filtrar grupos (solo las coincidencias serán sincronizadas), p.ej. <code>.*-FIL-.*</code> <code>.*-PAR-.*</code> <code>.*(FIL|PAR).*</code> <code>^(FIL|PAR).*</code>';
diff --git a/plugin/azure_active_directory/src/AzureActiveDirectory.php b/plugin/azure_active_directory/src/AzureActiveDirectory.php
index 4b1e3cc63a5..b3e4b867232 100644
--- a/plugin/azure_active_directory/src/AzureActiveDirectory.php
+++ b/plugin/azure_active_directory/src/AzureActiveDirectory.php
@@ -33,6 +33,7 @@ class AzureActiveDirectory extends Plugin
     public const SETTING_DEACTIVATE_NONEXISTING_USERS = 'deactivate_nonexisting_users';
     public const SETTING_GET_USERS_DELTA = 'script_users_delta';
     public const SETTING_GET_USERGROUPS_DELTA = 'script_usergroups_delta';
+    public const SETTING_GROUP_FILTER = 'group_filter_regex';
 
     public const URL_TYPE_AUTHORIZE = 'login';
     public const URL_TYPE_LOGOUT = 'logout';
@@ -66,6 +67,7 @@ protected function __construct()
             self::SETTING_DEACTIVATE_NONEXISTING_USERS => 'boolean',
             self::SETTING_GET_USERS_DELTA => 'boolean',
             self::SETTING_GET_USERGROUPS_DELTA => 'boolean',
+            self::SETTING_GROUP_FILTER => 'text',
         ];
 
         parent::__construct('2.5', 'Angel Fernando Quiroz Campos, Yannick Warnier', $settings);
diff --git a/plugin/azure_active_directory/src/AzureCommand.php b/plugin/azure_active_directory/src/AzureCommand.php
index b07dd79a7fb..b70c85e2101 100644
--- a/plugin/azure_active_directory/src/AzureCommand.php
+++ b/plugin/azure_active_directory/src/AzureCommand.php
@@ -121,6 +121,8 @@ protected function getAzureUsers(): Generator
      */
     protected function getAzureGroups(): Generator
     {
+        $groupFilter = $this->plugin->get(AzureActiveDirectory::SETTING_GROUP_FILTER);
+
         $groupFields = [
             'id',
             'displayName',
@@ -161,6 +163,12 @@ protected function getAzureGroups(): Generator
             $azureGroupsInfo = $azureGroupsRequest['value'] ?? [];
 
             foreach ($azureGroupsInfo as $azureGroupInfo) {
+                if (!empty($groupFilter) &&
+                    !preg_match("/$groupFilter/", $azureGroupInfo['displayName'])
+                ) {
+                    continue;
+                }
+
                 yield $azureGroupInfo;
             }