WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #17 from LDAPAccountManager/type_api_tmp 

Type api tmp
This commit is contained in:
gruberroland 2016-12-31 15:09:55 +01:00 committed by GitHub
parent 6b6cd4538f e93d59740c
commit 71ccfc7356
9 changed files with 123 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lam/docs/devel/upgrade.htm
View File

@ -18,6 +18,8 @@
@ -48,8 +50,17 @@ This is a list of API changes for all LAM releases.
<br>
<h2>5.5 -&gt; 5.6</h2>
Functions in lib/types.inc got namespace LAM/TYPES (e.g. getTypeAlias()).<br>
New API to access configured account types: LAM\TYPES\TypeManager.<br>
<ul>
<li>
Functions in lib/types.inc got namespace LAM/TYPES (e.g. getTypeAlias()).</li>
<li>
New API to access configured account types: LAM\TYPES\TypeManager.</li>
<li>class baseType: new function getSuffixFilter()</li>
<li>moved getSuffixList() from baseType to ConfiguredType<br>
</li>
</ul>
<h2>5.4 -&gt; 5.5</h2>Functions Ldap::encrypt/decrypt in ldap.inc moved to lamEncrypt/lamDecrypt in security.inc.<br>
<br>

48
lam/lib/baseType.inc
View File

@ -3,7 +3,7 @@
$Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2005 - 2014 Roland Gruber
Copyright (C) 2005 - 2016 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -130,50 +130,12 @@ class baseType {
}
/**
* Returns a list of LDAP suffixes for this type.
* Returns the LDAP filter to find the possible suffixes for this account type.
*
* @return array sorted list of possible suffixes for this type.
* @return string LDAP filter
*/
public function getSuffixList() {
if (isset($_SESSION["config"])) {
$suffix = $_SESSION["config"]->get_Suffix(get_class($this));
$connection = $_SESSION["ldap"]->server();
}
else {
$suffix = $_SESSION['selfServiceProfile']->LDAPSuffix;
$connection = $_SESSION['ldapHandle'];
}
$ret = array();
$filter = "(|(objectClass=organizationalunit)(objectClass=country)(objectClass=organization)(objectClass=krbRealmContainer)(objectClass=container))";
$sr = @ldap_search($connection, escapeDN($suffix),$filter , array('dn', 'objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$units = ldap_get_entries($connection, $sr);
cleanLDAPResult($units);
// extract Dns
$count = sizeof($units);
for ($i = 0; $i < $count; $i++) {
if (in_array('container', $units[$i]['objectclass'])) {
// Active Directory fix, hide system containers
if (preg_match('/.*cn=system,dc=.+/i', $units[$i]['dn']) || preg_match('/.*CN=program data,dc=.+/i', $units[$i]['dn'])) {
continue;
}
}
$ret[] = $units[$i]['dn'];
}
}
// add root suffix if needed
$found = false;
for ($i = 0; $i < sizeof($ret); $i++) { // search suffix case-intensitive
if (strtolower($suffix) == strtolower($ret[$i])) {
$found = true;
break;
}
}
if (!$found) {
$ret[] = $suffix;
}
usort($ret, 'compareDN');
return $ret;
public function getSuffixFilter() {
return "(|(objectClass=organizationalunit)(objectClass=country)(objectClass=organization)(objectClass=krbRealmContainer)(objectClass=container))";
}
/**

2
lam/lib/lists.inc
View File

@ -962,7 +962,7 @@ class lamList {
call_user_func_array('StatusMessage', $lastError);
}
// generate list of possible suffixes
$this->possibleSuffixes = $this->type->getBaseType()->getSuffixList();
$this->possibleSuffixes = $this->type->getSuffixList();
}
/**

5
lam/lib/modules.inc
View File

@ -812,7 +812,7 @@ class accountContainer {
*/
function get_type() {
return $this->type;
}
}
/**
* This function is called when the user clicks on any button on the account pages.
@ -2146,8 +2146,7 @@ class accountContainer {
if ($this->cachedOUs != null) {
return $this->cachedOUs;
}
$typeObj = $this->type->getBaseType();
$this->cachedOUs = $typeObj->getSuffixList();
$this->cachedOUs = $this->type->getSuffixList();
return $this->cachedOUs;
}

8
lam/lib/modules/inetOrgPerson.inc
View File

@ -2809,7 +2809,13 @@ class inetOrgPerson extends baseModule implements passwordService {
}
else {
$userObj = new user();
$ouList = $userObj->getSuffixList();
$filter = $userObj->getSuffixFilter();
$suffix = $_SESSION['selfServiceProfile']->LDAPSuffix;
$foundOus = searchLDAPPaged($_SESSION['ldapHandle'], $suffix, $filter, array('dn'), false, 0);
$ouList = array();
foreach ($foundOus as $foundOu) {
$ouList[] = $foundOu['dn'];
}
if (!empty($attributes['ou'][0]) && !in_array($attributes['ou'][0], $ouList)) {
$ouList[] = $attributes['ou'][0];
usort($ouList, 'compareDN');

63
lam/lib/modules/nisMailAliasUser.inc
View File

@ -36,7 +36,7 @@ class nisMailAliasUser extends baseModule {
/** alias cache */
private $cachedAliasList = null;
/** recipient entries to delete (list of arrays: dn => attributes) */
private $recipientsToDelete = array();
/** complete alias entries to delete */
@ -45,10 +45,10 @@ class nisMailAliasUser extends baseModule {
private $aliasesToAdd = array();
/** alias entries to extend with new recipients (list of arrays: dn => recipients) */
private $recipientsToAdd = array();
/**
* Returns true if this module can manage accounts of the current type, otherwise false.
*
*
* @return boolean true if module fits
*/
public function can_manage() {
@ -59,7 +59,7 @@ class nisMailAliasUser extends baseModule {
* Returns meta data that is interpreted by parent class
*
* @return array array with meta data
*
*
* @see baseModule::get_metaData()
*/
function get_metaData() {
@ -122,7 +122,7 @@ class nisMailAliasUser extends baseModule {
/**
* Returns the HTML meta data for the main account page.
*
*
* @return htmlElement HTML meta data
*/
function display_html_attributes() {
@ -247,10 +247,10 @@ class nisMailAliasUser extends baseModule {
}
return $errors;
}
/**
* Removes a recipient from the given DN.
*
*
* @param String $recipient recipient as user name or email
* @param String $dn alias DN
*/
@ -300,7 +300,7 @@ class nisMailAliasUser extends baseModule {
/**
* Removes an alias with the given DN.
*
*
* @param String $dn alias DN
*/
private function deleteAlias($dn) {
@ -324,10 +324,10 @@ class nisMailAliasUser extends baseModule {
unset($this->recipientsToDelete[$dn]);
}
}
/**
* Returns the HTML meta data for the add page.
*
*
* @return htmlElement HTML meta data
*/
function display_html_add() {
@ -357,9 +357,18 @@ class nisMailAliasUser extends baseModule {
$return->addElement(new htmlHiddenInput('recipient', $recipient), true);
// new mail alias
$return->addElement(new htmlSubTitle(_('Create new alias')), true);
$typeObj = new mailAlias();
$ous = $typeObj->getSuffixList();
$return->addElement(new htmlTableExtendedSelect('new_ou', $ous, array(), _('Suffix'), 'suffix'), true);
$typeManager = new \LAM\TYPES\TypeManager();
$mailAliasTypes = $typeManager->getConfiguredTypesForScope('mailAlias');
$ous = array();
foreach ($mailAliasTypes as $type) {
$ous = array_merge($ous, $type->getSuffixList());
}
$ous = array_unique($ous);
usort($ous, 'compareDN');
$suffixSelect = new htmlTableExtendedSelect('new_ou', $ous, array(), _('Suffix'), 'suffix');
$suffixSelect->setRightToLeftTextDirection(true);
$suffixSelect->setSortElements(false);
$return->addElement($suffixSelect, true);
$newAliasCn = empty($_POST['new_cn']) ? '' : $_POST['new_cn'];
$return->addElement(new htmlTableExtendedInputField(_('Alias name'), 'new_cn', $newAliasCn, 'newAlias'), true);
$return->addVerticalSpace('5px');
@ -367,9 +376,9 @@ class nisMailAliasUser extends baseModule {
$addButton->setIconClass('createButton');
$addButton->colspan = 5;
$return->addElement($addButton, true);
$return->addVerticalSpace('20px');
// add to existing alias
$return->addElement(new htmlSubTitle(_('Add to existing alias')), true);
$aliasesToAdd = array();
@ -388,7 +397,7 @@ class nisMailAliasUser extends baseModule {
$addButton->setIconClass('createButton');
$addButton->colspan = 5;
$return->addElement($addButton, true);
$return->addElement(new htmlEqualWidth(array('new_ou', 'new_cn', 'ex_cn')));
return $return;
}
@ -446,13 +455,13 @@ class nisMailAliasUser extends baseModule {
}
}
}
return $errors;
}
/**
* Allows the module to run commands after the LDAP entry is changed or created.
*
*
* Calling this method requires the existence of an enclosing {@link accountContainer}.
*
* @param boolean $newAccount new account
@ -545,7 +554,7 @@ class nisMailAliasUser extends baseModule {
/**
* Returns a list of configuration options.
*
*
* Calling this method does not require the existence of an enclosing {@link accountContainer}.<br>
* <br>
* The field names are used as keywords to load and save settings.
@ -554,7 +563,7 @@ class nisMailAliasUser extends baseModule {
* @param array $scopes account types (user, group, host)
* @param array $allScopes list of all active account modules and their scopes (module => array(scopes))
* @return mixed htmlElement or array of htmlElement
*
*
* @see baseModule::get_metaData()
* @see htmlElement
*/
@ -584,10 +593,10 @@ class nisMailAliasUser extends baseModule {
$this->cachedAliasList = searchLDAPByAttribute('cn', '*', 'nisMailAlias', array('dn', 'cn', 'rfc822MailMember'), array('mailAlias'));
return $this->cachedAliasList;
}
/**
* Returns the user name of this account.
*
*
* @return String user name
*/
private function getUserName() {
@ -605,10 +614,10 @@ class nisMailAliasUser extends baseModule {
}
return null;
}
/**
* Returns the email addresses of this account.
*
*
* @return String mail addresses
*/
private function getMailAddresses() {
@ -620,10 +629,10 @@ class nisMailAliasUser extends baseModule {
}
return null;
}
/**
* Returns if the mail alias type is active. Otherwise, aliases cannot be managed.
*
*
* @return boolean is active
*/
private function isMailAliasTypeActive() {

57
lam/lib/types.inc
View File

@ -271,6 +271,46 @@ class ConfiguredType {
return $this->baseType;
}
/**
* Returns a list of LDAP suffixes for this type.
*
* @return array sorted list of possible suffixes for this type.
*/
public function getSuffixList() {
$connection = $_SESSION["ldap"]->server();
$ret = array();
$filter = $this->getBaseType()->getSuffixFilter();
$sr = @ldap_search($connection, escapeDN($this->suffix), $filter, array('dn', 'objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$units = ldap_get_entries($connection, $sr);
cleanLDAPResult($units);
// extract Dns
$count = sizeof($units);
for ($i = 0; $i < $count; $i++) {
if (in_array('container', $units[$i]['objectclass'])) {
// Active Directory fix, hide system containers
if (preg_match('/.*cn=system,dc=.+/i', $units[$i]['dn']) || preg_match('/.*CN=program data,dc=.+/i', $units[$i]['dn'])) {
continue;
}
}
$ret[] = $units[$i]['dn'];
}
}
// add root suffix if needed
$found = false;
for ($i = 0; $i < sizeof($ret); $i++) { // search suffix case-intensitive
if (strtolower($this->suffix) == strtolower($ret[$i])) {
$found = true;
break;
}
}
if (!$found) {
$ret[] = $this->suffix;
}
usort($ret, 'compareDN');
return $ret;
}
}
/**
@ -389,6 +429,23 @@ class TypeManager {
return $configuredTypes;
}
/**
* Returns a list of configured types for this scope.
*
* @param string $scope scope (e.g. user)
* @return \LAM\TYPES\ConfiguredType[] list of ConfiguredType
*/
public function getConfiguredTypesForScope($scope) {
$allTypes = $this->getConfiguredTypes();
$scopedTypes = array();
foreach ($allTypes as $type) {
if ($type->getScope() == $scope) {
$scopedTypes[] = $type;
}
}
return $scopedTypes;
}
/**
* Builds a configured account type.
*

2
lam/lib/types/asteriskExt.inc
View File

@ -180,7 +180,7 @@ class lamAsteriskExtList extends lamList {
$entries = $this->normalizeLdapOutput($entries);
$this->entries = $entries;
// generate list of possible suffixes
$this->possibleSuffixes = $this->type->getBaseType()->getSuffixList();
$this->possibleSuffixes = $this->type->getSuffixList();
}
/**

3
lam/templates/profedit/profilepage.php
View File

@ -207,8 +207,7 @@ $dnContent->addElement(new htmlSpacer(null, '10px'), true);
$rootsuffix = $type->getSuffix();
// get subsuffixes
$suffixes = array('-' => '-');
$typeObj = $type->getBaseType();
$possibleSuffixes = $typeObj->getSuffixList();
$possibleSuffixes = $type->getSuffixList();
foreach ($possibleSuffixes as $suffix) {
$suffixes[getAbstractDN($suffix)] = $suffix;
}