feat(grouped wifi): route updates through user-defined SSID groups + verify

User-defined SSID groups (configured on the WiFi Networks page and stored in unifi.ssid_groups) now drive PPSK sibling propagation. The previous same-SSID-name detection missed cases where two grouped WLANs have *different* names — e.g. "VCS Guest" on 2.4 and "VCS Guest 5G" on 5GHz manually grouped by the operator. Falls back to same-name siblings when no group is configured. Match-by-name fix: embedded PPSKs on this controller don't carry a name field — the human "GUEST" label is the *network's* name, with the entry referenced via networkconf_id. updateEmbeddedPpsk and verifyEmbeddedPpsk now resolve name → networkconf_id first and match on that, with entry-name and current-passphrase as fallbacks for other controller variants. After every rotation we re-fetch each affected WLAN and verify the new passphrase is actually present on the named network. Failures ("mismatch" or "fetch_failed" on the primary, anything other than "not_found" on a sibling) surface in the cron run details as failed PPSKs so the operator sees what didn't propagate. v1.10.4. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-24 20:58:10 -04:00
parent bb74edf4c1
commit f533208b37
4 changed files with 135 additions and 22 deletions
--- a/src/Http/Controllers/WifiController.php
+++ b/src/Http/Controllers/WifiController.php
@@ -349,9 +349,9 @@ class WifiController extends Controller
                        $unifi->updateEmbeddedPpsk($record->wlan_id, $record->x_passphrase, $newPass, $record->name);
                        $data['unifi_id'] = 'emb_' . substr(hash('sha256', $record->wlan_id . ':' . $newPass), 0, 32);

-                        // Also update sibling WLANs (banded SSID — same name
-                        // on 2.4 and 5GHz are separate wlanconf rows).
-                        foreach ($unifi->getWlanSiblings($record->wlan_id) as $siblingWlanId) {
+                        // Also update grouped WLAN siblings (user-defined
+                        // SSID groups, falling back to same-name).
+                        foreach ($unifi->getGroupedWlans($record->wlan_id) as $siblingWlanId) {
                            $sibling = UnifiPpsk::where('wlan_id', $siblingWlanId)
                                ->where('name', $record->name)
                                ->where('state', 'active')