LDAPAccountManager/lam/lib/cache.inc

294 lines
9.1 KiB
PHP
Raw Normal View History

<?php
/*
$Id$
This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam)
2006-03-03 17:30:35 +00:00
Copyright (C) 2003 - 2006 Tilo Lutz
2007-02-17 13:02:45 +00:00
Copyright (C) 2007 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
2005-04-19 18:43:53 +00:00
*/
2005-04-19 18:43:53 +00:00
/**
* Provides a cache for LDAP attributes.
*
* @author Tilo Lutz
2007-02-17 13:02:45 +00:00
* @author Roland Gruber
2005-04-19 18:43:53 +00:00
* @package lib
*/
2005-04-19 18:43:53 +00:00
/** en/decryption functions */
include_once('ldap.inc');
/**
* This class contains all functions which are needed to manage the LDAP cache.
2005-08-17 19:44:40 +00:00
*
* @package lib
*/
class cache {
/** This variable contains the cache */
2007-10-15 17:20:51 +00:00
private $ldapcache;
/** This variable contains a list and their scope of attributes which should be cached */
2007-10-15 17:20:51 +00:00
private $attributes;
/** This is the last timestamp on which the LDAP cache has been refreshed */
2007-10-15 17:20:51 +00:00
private $time;
/**
* Constructor.
*
* @return cache cache object
*/
2007-12-28 16:08:56 +00:00
function __construct() {
$this->time = 0;
$this->attributes = array();
}
/**
* This function adds attributes to the cache.
*
* @param array $attributes syntax: is array( scope1 => array ( attributes ), scope2 => array ( attributes ), ...)
*/
function add_cache($attributes) {
2004-10-23 11:11:31 +00:00
if (!is_array($attributes)) trigger_error('Argument of add_cache must be : array ( scope => array(attribute1(string), attribute2(string), ..), scope => ... ).', E_USER_ERROR);
foreach ($attributes as $attribute) {
2004-10-23 11:11:31 +00:00
if (!is_array($attribute)) trigger_error('Argument of add_cache must be : array ( scope => array(attribute1(string), attribute2(string), ..), scope => ... ).', E_USER_ERROR);
foreach ($attribute as $singleattribute) {
2004-10-23 11:11:31 +00:00
if (!is_string($singleattribute)) trigger_error('Argument of add_cache must be : array ( scope => array(attribute1(string), attribute2(string), ..), scope => ... ).', E_USER_ERROR);
}
}
$scopes = array_keys($attributes);
foreach ($scopes as $scope) {
for ($i=0; $i<count($attributes[$scope]); $i++ ) {
if (!@in_array($attributes[$scope][$i] ,$this->attributes[$scope])) $this->attributes[$scope][] = $attributes[$scope][$i];
}
}
// Rebuild cache
$this->refresh_cache(true);
}
/**
* Queries the cache for a list of LDAP entries and their attributes.
*
* @param mixed $attributes One (string) or many (array) attribute names.
* @param string $objectClass The resulting entries need to contain this object class.
* @param mixed $scopelist the account type(s) as string or array, all scopes if NULL given
* @return array The found LDAP entries.
* <br>Format: array(dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... ) if $attributes is of type string
* <br>or array(dn1 => array(uid => array(myuid), uidNumber => array(1234)), ... ) if $attributes is an array
*
*/
function get_cache($attributes, $objectClass, $scopelist) {
2005-11-14 12:39:32 +00:00
$return = array();
$this->refresh_cache();
if (is_array($scopelist)) $scopes = $scopelist;
elseif (is_string($scopelist)) $scopes = array($scopelist);
else $scopes = getTypes();
// Add cache entry dynamic
if (!is_array($attributes)) $attributes = array($attributes);
2006-01-24 14:23:42 +00:00
$add = array();
foreach ($scopes as $scope) {
for ($i = 0; $i < sizeof($attributes); $i++) {
if (!@in_array($attributes[$i], $this->attributes[$scope])) $add[$scope][] = $attributes[$i];
}
}
if (count($add)!=0) $this->add_cache($add);
foreach ($scopes as $scope) {
if (isset($this->ldapcache[$scope])) {
$DNs = array_keys($this->ldapcache[$scope]);
foreach ($DNs as $dn) {
// skip entries which do not fit to search
if (!in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) continue;
for ($i = 0; $i < sizeof($attributes); $i++) {
if (isset($this->ldapcache[$scope][$dn][$attributes[$i]])) {
if (sizeof($attributes) > 1) {
$return[$dn][$attributes[$i]] = $this->ldapcache[$scope][$dn][$attributes[$i]];
}
else {
$return[$dn] = $this->ldapcache[$scope][$dn][$attributes[$i]];
}
}
}
}
}
}
return $return;
}
/**
* This function returns the DN if an LDAP entry with $attribute=$value is found.
*
* @param string $value is the searched value of the attribute $attribute
* @param string $attribute name of the LDAP attribute
* @param mixed $scopelist the account type(s) as string or array, all scopes if NULL given
*/
function in_cache($value, $attribute, $scopelist) {
$this->refresh_cache();
if (is_array($scopelist)) $scopes = $scopelist;
elseif (is_string($scopelist)) $scopes = array($scopelist);
else $scopes = getTypes();
// Add cache entry dynamic
2006-01-24 14:23:42 +00:00
$add = array();
foreach ($scopes as $scope) {
if (!@in_array($attribute ,$this->attributes[$scope])) $add[$scope][] = $attribute;
}
if (count($add)!=0) $this->add_cache($add);
foreach ($scopes as $scope) {
if (isset($this->ldapcache[$scope])) {
$DNs = array_keys($this->ldapcache[$scope]);
foreach ($DNs as $dn) {
if (is_array($this->ldapcache[$scope][$dn][$attribute])) {
if (in_array($value, $this->ldapcache[$scope][$dn][$attribute])) {
// Return value if value was found
return $dn;
}
}
}
}
}
// Return false if value wasn't found
return false;
}
/**
* This function refreshes the cache.
*
* @param boolean $rebuild forces a refresh if set to true
*/
function refresh_cache($rebuild=false) {
2004-09-18 18:44:47 +00:00
if ($this->time + $_SESSION['config']->get_cacheTimeoutSec() < time() || $rebuild) {
// unset old cache
unset ($this->ldapcache);
$scopes = array_keys($this->attributes);
foreach ($scopes as $scope) {
// Get suffix
$suffix = $_SESSION['config']->get_Suffix($scope);
// Get Data from ldap
$search = $this->attributes[$scope];
$search[] = 'objectClass';
2009-10-26 16:24:51 +00:00
$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($suffix), 'objectClass=*', $search, 0, 0, 0, LDAP_DEREF_ALWAYS);
2007-02-17 13:02:45 +00:00
if ($result) {
// Write search result in array
$entry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
while ($entry) {
$dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry));
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// unset double entries
for ($i=0; $i<count($attr); $i++) {
if (isset($attr[$i])) unset($attr[$i]);
}
// unset every count entry
unset ($attr['count']);
$attributes = array_keys($attr);
foreach ($attributes as $attribute) {
unset ($attr[$attribute]['count']);
}
// Write new cache entry
$addcache = $attr;
unset ($addcache['objectClass']);
if (count($addcache)!=0) $this->ldapcache[$scope][$dn] = $attr;
$entry = ldap_next_entry($_SESSION['ldap']->server(), $entry);
}
2007-02-17 13:02:45 +00:00
ldap_free_result($result);
}
}
$this->time = time();
}
}
2005-06-02 19:11:45 +00:00
/**
* This function will return the GID number to an existing group name (using the cache).
*
* @param string $groupname name of group
* @return string GID number
*/
function getgid($groupname) {
2005-06-02 19:11:45 +00:00
$dn_groups = $_SESSION['cache']->get_cache(array('gidNumber', 'cn'), 'posixGroup', 'group');
if (is_array($dn_groups)) {
$DNs = array_keys($dn_groups);
foreach ($DNs as $DN) {
if ($dn_groups[$DN]['cn'][0] == $groupname) {
return $dn_groups[$DN]['gidNumber'][0];
}
}
}
2008-01-08 17:49:50 +00:00
return null;
2005-06-02 19:11:45 +00:00
}
/**
* This function returns an array with all group names which were found in the LDAP directory.
*
* @return array group names
*/
function findgroups() {
$dn_groups = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group');
2004-09-07 17:58:58 +00:00
if (is_array($dn_groups)) {
$DNs = array_keys($dn_groups);
foreach ($DNs as $DN)
$return[] = $dn_groups[$DN][0];
2004-09-07 17:58:58 +00:00
return $return;
}
return array();
}
/**
* This function returns the group name to an existing gidNumber.
*
* @param string $gidNumber GID number
* @return group name
*/
function getgrnam($gidNumber) {
$dn_groups = $_SESSION['cache']->get_cache('gidNumber', 'posixGroup', 'group');
if (is_array($dn_groups)) {
$DNs = array_keys($dn_groups);
foreach ($DNs as $DN) {
if ($dn_groups[$DN][0]==$gidNumber)
$return = substr($DN, 3, strpos($DN, ',')-3);
}
return $return;
}
else return -1;
}
2005-04-19 18:43:53 +00:00
/**
* Encrypts LDAP cache before saving to session file.
*
* @return array list of variables to save
*/
function __sleep() {
$this->ldapcache = $_SESSION['ldap']->encrypt(serialize($this->ldapcache));
// define which attributes to save
return array("ldapcache", "attributes", "time");
}
/**
* Decrypts LDAP cache after loading from session file.
*/
function __wakeup() {
$this->ldapcache = unserialize($_SESSION['ldap']->decrypt($this->ldapcache));
}
2005-04-19 18:43:53 +00:00
}
?>