WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #17 from LDAPAccountManager/type_api_tmp 

Type api tmp
This commit is contained in:
gruberroland 2016-12-31 15:09:55 +01:00 committed by GitHub
parent 6b6cd4538f e93d59740c
commit 71ccfc7356
9 changed files with 123 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lam/docs/devel/upgrade.htm
View File

@ -18,6 +18,8 @@
@ -48,8 +50,17 @@ This is a list of API changes for all LAM releases.
<br> <br>
<h2>5.5 -&gt; 5.6</h2> <h2>5.5 -&gt; 5.6</h2>
Functions in lib/types.inc got namespace LAM/TYPES (e.g. getTypeAlias()).<br> <ul>
New API to access configured account types: LAM\TYPES\TypeManager.<br> <li>
Functions in lib/types.inc got namespace LAM/TYPES (e.g. getTypeAlias()).</li>
<li>
New API to access configured account types: LAM\TYPES\TypeManager.</li>
<li>class baseType: new function getSuffixFilter()</li>
<li>moved getSuffixList() from baseType to ConfiguredType<br>
</li>
</ul>
<h2>5.4 -&gt; 5.5</h2>Functions Ldap::encrypt/decrypt in ldap.inc moved to lamEncrypt/lamDecrypt in security.inc.<br> <h2>5.4 -&gt; 5.5</h2>Functions Ldap::encrypt/decrypt in ldap.inc moved to lamEncrypt/lamDecrypt in security.inc.<br>
<br> <br>

48
lam/lib/baseType.inc
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2005 - 2014 Roland Gruber Copyright (C) 2005 - 2016 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -130,50 +130,12 @@ class baseType {
} }
/** /**
* Returns a list of LDAP suffixes for this type. * Returns the LDAP filter to find the possible suffixes for this account type.
* *
* @return array sorted list of possible suffixes for this type. * @return string LDAP filter
*/ */
public function getSuffixList() { public function getSuffixFilter() {
if (isset($_SESSION["config"])) { return "(|(objectClass=organizationalunit)(objectClass=country)(objectClass=organization)(objectClass=krbRealmContainer)(objectClass=container))";
$suffix = $_SESSION["config"]->get_Suffix(get_class($this));
$connection = $_SESSION["ldap"]->server();
}
else {
$suffix = $_SESSION['selfServiceProfile']->LDAPSuffix;
$connection = $_SESSION['ldapHandle'];
}
$ret = array();
$filter = "(|(objectClass=organizationalunit)(objectClass=country)(objectClass=organization)(objectClass=krbRealmContainer)(objectClass=container))";
$sr = @ldap_search($connection, escapeDN($suffix),$filter , array('dn', 'objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$units = ldap_get_entries($connection, $sr);
cleanLDAPResult($units);
// extract Dns
$count = sizeof($units);
for ($i = 0; $i < $count; $i++) {
if (in_array('container', $units[$i]['objectclass'])) {
// Active Directory fix, hide system containers
if (preg_match('/.*cn=system,dc=.+/i', $units[$i]['dn']) || preg_match('/.*CN=program data,dc=.+/i', $units[$i]['dn'])) {
continue;
}
}
$ret[] = $units[$i]['dn'];
}
}
// add root suffix if needed
$found = false;
for ($i = 0; $i < sizeof($ret); $i++) { // search suffix case-intensitive
if (strtolower($suffix) == strtolower($ret[$i])) {
$found = true;
break;
}
}
if (!$found) {
$ret[] = $suffix;
}
usort($ret, 'compareDN');
return $ret;
} }
/** /**

2
lam/lib/lists.inc
View File

@ -962,7 +962,7 @@ class lamList {
call_user_func_array('StatusMessage', $lastError); call_user_func_array('StatusMessage', $lastError);
} }
// generate list of possible suffixes // generate list of possible suffixes
$this->possibleSuffixes = $this->type->getBaseType()->getSuffixList(); $this->possibleSuffixes = $this->type->getSuffixList();
} }
/** /**

5
lam/lib/modules.inc
View File

@ -812,7 +812,7 @@ class accountContainer {
*/ */
function get_type() { function get_type() {
return $this->type; return $this->type;
} }
/** /**
* This function is called when the user clicks on any button on the account pages. * This function is called when the user clicks on any button on the account pages.
@ -2146,8 +2146,7 @@ class accountContainer {
if ($this->cachedOUs != null) { if ($this->cachedOUs != null) {
return $this->cachedOUs; return $this->cachedOUs;
} }
$typeObj = $this->type->getBaseType(); $this->cachedOUs = $this->type->getSuffixList();
$this->cachedOUs = $typeObj->getSuffixList();
return $this->cachedOUs; return $this->cachedOUs;
} }

8
lam/lib/modules/inetOrgPerson.inc
View File

@ -2809,7 +2809,13 @@ class inetOrgPerson extends baseModule implements passwordService {
} }
else { else {
$userObj = new user(); $userObj = new user();
$ouList = $userObj->getSuffixList(); $filter = $userObj->getSuffixFilter();
$suffix = $_SESSION['selfServiceProfile']->LDAPSuffix;
$foundOus = searchLDAPPaged($_SESSION['ldapHandle'], $suffix, $filter, array('dn'), false, 0);
$ouList = array();
foreach ($foundOus as $foundOu) {
$ouList[] = $foundOu['dn'];
}
if (!empty($attributes['ou'][0]) && !in_array($attributes['ou'][0], $ouList)) { if (!empty($attributes['ou'][0]) && !in_array($attributes['ou'][0], $ouList)) {
$ouList[] = $attributes['ou'][0]; $ouList[] = $attributes['ou'][0];
usort($ouList, 'compareDN'); usort($ouList, 'compareDN');

63
lam/lib/modules/nisMailAliasUser.inc
View File

@ -36,7 +36,7 @@ class nisMailAliasUser extends baseModule {
/** alias cache */ /** alias cache */
private $cachedAliasList = null; private $cachedAliasList = null;
/** recipient entries to delete (list of arrays: dn => attributes) */ /** recipient entries to delete (list of arrays: dn => attributes) */
private $recipientsToDelete = array(); private $recipientsToDelete = array();
/** complete alias entries to delete */ /** complete alias entries to delete */
@ -45,10 +45,10 @@ class nisMailAliasUser extends baseModule {
private $aliasesToAdd = array(); private $aliasesToAdd = array();
/** alias entries to extend with new recipients (list of arrays: dn => recipients) */ /** alias entries to extend with new recipients (list of arrays: dn => recipients) */
private $recipientsToAdd = array(); private $recipientsToAdd = array();
/** /**
* Returns true if this module can manage accounts of the current type, otherwise false. * Returns true if this module can manage accounts of the current type, otherwise false.
* *
* @return boolean true if module fits * @return boolean true if module fits
*/ */
public function can_manage() { public function can_manage() {
@ -59,7 +59,7 @@ class nisMailAliasUser extends baseModule {
* Returns meta data that is interpreted by parent class * Returns meta data that is interpreted by parent class
* *
* @return array array with meta data * @return array array with meta data
* *
* @see baseModule::get_metaData() * @see baseModule::get_metaData()
*/ */
function get_metaData() { function get_metaData() {
@ -122,7 +122,7 @@ class nisMailAliasUser extends baseModule {
/** /**
* Returns the HTML meta data for the main account page. * Returns the HTML meta data for the main account page.
* *
* @return htmlElement HTML meta data * @return htmlElement HTML meta data
*/ */
function display_html_attributes() { function display_html_attributes() {
@ -247,10 +247,10 @@ class nisMailAliasUser extends baseModule {
} }
return $errors; return $errors;
} }
/** /**
* Removes a recipient from the given DN. * Removes a recipient from the given DN.
* *
* @param String $recipient recipient as user name or email * @param String $recipient recipient as user name or email
* @param String $dn alias DN * @param String $dn alias DN
*/ */
@ -300,7 +300,7 @@ class nisMailAliasUser extends baseModule {
/** /**
* Removes an alias with the given DN. * Removes an alias with the given DN.
* *
* @param String $dn alias DN * @param String $dn alias DN
*/ */
private function deleteAlias($dn) { private function deleteAlias($dn) {
@ -324,10 +324,10 @@ class nisMailAliasUser extends baseModule {
unset($this->recipientsToDelete[$dn]); unset($this->recipientsToDelete[$dn]);
} }
} }
/** /**
* Returns the HTML meta data for the add page. * Returns the HTML meta data for the add page.
* *
* @return htmlElement HTML meta data * @return htmlElement HTML meta data
*/ */
function display_html_add() { function display_html_add() {
@ -357,9 +357,18 @@ class nisMailAliasUser extends baseModule {
$return->addElement(new htmlHiddenInput('recipient', $recipient), true); $return->addElement(new htmlHiddenInput('recipient', $recipient), true);
// new mail alias // new mail alias
$return->addElement(new htmlSubTitle(_('Create new alias')), true); $return->addElement(new htmlSubTitle(_('Create new alias')), true);
$typeObj = new mailAlias(); $typeManager = new \LAM\TYPES\TypeManager();
$ous = $typeObj->getSuffixList(); $mailAliasTypes = $typeManager->getConfiguredTypesForScope('mailAlias');
$return->addElement(new htmlTableExtendedSelect('new_ou', $ous, array(), _('Suffix'), 'suffix'), true); $ous = array();
foreach ($mailAliasTypes as $type) {
$ous = array_merge($ous, $type->getSuffixList());
}
$ous = array_unique($ous);
usort($ous, 'compareDN');
$suffixSelect = new htmlTableExtendedSelect('new_ou', $ous, array(), _('Suffix'), 'suffix');
$suffixSelect->setRightToLeftTextDirection(true);
$suffixSelect->setSortElements(false);
$return->addElement($suffixSelect, true);
$newAliasCn = empty($_POST['new_cn']) ? '' : $_POST['new_cn']; $newAliasCn = empty($_POST['new_cn']) ? '' : $_POST['new_cn'];
$return->addElement(new htmlTableExtendedInputField(_('Alias name'), 'new_cn', $newAliasCn, 'newAlias'), true); $return->addElement(new htmlTableExtendedInputField(_('Alias name'), 'new_cn', $newAliasCn, 'newAlias'), true);
$return->addVerticalSpace('5px'); $return->addVerticalSpace('5px');
@ -367,9 +376,9 @@ class nisMailAliasUser extends baseModule {
$addButton->setIconClass('createButton'); $addButton->setIconClass('createButton');
$addButton->colspan = 5; $addButton->colspan = 5;
$return->addElement($addButton, true); $return->addElement($addButton, true);
$return->addVerticalSpace('20px'); $return->addVerticalSpace('20px');
// add to existing alias // add to existing alias
$return->addElement(new htmlSubTitle(_('Add to existing alias')), true); $return->addElement(new htmlSubTitle(_('Add to existing alias')), true);
$aliasesToAdd = array(); $aliasesToAdd = array();
@ -388,7 +397,7 @@ class nisMailAliasUser extends baseModule {
$addButton->setIconClass('createButton'); $addButton->setIconClass('createButton');
$addButton->colspan = 5; $addButton->colspan = 5;
$return->addElement($addButton, true); $return->addElement($addButton, true);
$return->addElement(new htmlEqualWidth(array('new_ou', 'new_cn', 'ex_cn'))); $return->addElement(new htmlEqualWidth(array('new_ou', 'new_cn', 'ex_cn')));
return $return; return $return;
} }
@ -446,13 +455,13 @@ class nisMailAliasUser extends baseModule {
} }
} }
} }
return $errors; return $errors;
} }
/** /**
* Allows the module to run commands after the LDAP entry is changed or created. * Allows the module to run commands after the LDAP entry is changed or created.
* *
* Calling this method requires the existence of an enclosing {@link accountContainer}. * Calling this method requires the existence of an enclosing {@link accountContainer}.
* *
* @param boolean $newAccount new account * @param boolean $newAccount new account
@ -545,7 +554,7 @@ class nisMailAliasUser extends baseModule {
/** /**
* Returns a list of configuration options. * Returns a list of configuration options.
* *
* Calling this method does not require the existence of an enclosing {@link accountContainer}.<br> * Calling this method does not require the existence of an enclosing {@link accountContainer}.<br>
* <br> * <br>
* The field names are used as keywords to load and save settings. * The field names are used as keywords to load and save settings.
@ -554,7 +563,7 @@ class nisMailAliasUser extends baseModule {
* @param array $scopes account types (user, group, host) * @param array $scopes account types (user, group, host)
* @param array $allScopes list of all active account modules and their scopes (module => array(scopes)) * @param array $allScopes list of all active account modules and their scopes (module => array(scopes))
* @return mixed htmlElement or array of htmlElement * @return mixed htmlElement or array of htmlElement
* *
* @see baseModule::get_metaData() * @see baseModule::get_metaData()
* @see htmlElement * @see htmlElement
*/ */
@ -584,10 +593,10 @@ class nisMailAliasUser extends baseModule {
$this->cachedAliasList = searchLDAPByAttribute('cn', '*', 'nisMailAlias', array('dn', 'cn', 'rfc822MailMember'), array('mailAlias')); $this->cachedAliasList = searchLDAPByAttribute('cn', '*', 'nisMailAlias', array('dn', 'cn', 'rfc822MailMember'), array('mailAlias'));
return $this->cachedAliasList; return $this->cachedAliasList;
} }
/** /**
* Returns the user name of this account. * Returns the user name of this account.
* *
* @return String user name * @return String user name
*/ */
private function getUserName() { private function getUserName() {
@ -605,10 +614,10 @@ class nisMailAliasUser extends baseModule {
} }
return null; return null;
} }
/** /**
* Returns the email addresses of this account. * Returns the email addresses of this account.
* *
* @return String mail addresses * @return String mail addresses
*/ */
private function getMailAddresses() { private function getMailAddresses() {
@ -620,10 +629,10 @@ class nisMailAliasUser extends baseModule {
} }
return null; return null;
} }
/** /**
* Returns if the mail alias type is active. Otherwise, aliases cannot be managed. * Returns if the mail alias type is active. Otherwise, aliases cannot be managed.
* *
* @return boolean is active * @return boolean is active
*/ */
private function isMailAliasTypeActive() { private function isMailAliasTypeActive() {

57
lam/lib/types.inc
View File

@ -271,6 +271,46 @@ class ConfiguredType {
return $this->baseType; return $this->baseType;
} }
/**
* Returns a list of LDAP suffixes for this type.
*
* @return array sorted list of possible suffixes for this type.
*/
public function getSuffixList() {
$connection = $_SESSION["ldap"]->server();
$ret = array();
$filter = $this->getBaseType()->getSuffixFilter();
$sr = @ldap_search($connection, escapeDN($this->suffix), $filter, array('dn', 'objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$units = ldap_get_entries($connection, $sr);
cleanLDAPResult($units);
// extract Dns
$count = sizeof($units);
for ($i = 0; $i < $count; $i++) {
if (in_array('container', $units[$i]['objectclass'])) {
// Active Directory fix, hide system containers
if (preg_match('/.*cn=system,dc=.+/i', $units[$i]['dn']) || preg_match('/.*CN=program data,dc=.+/i', $units[$i]['dn'])) {
continue;
}
}
$ret[] = $units[$i]['dn'];
}
}
// add root suffix if needed
$found = false;
for ($i = 0; $i < sizeof($ret); $i++) { // search suffix case-intensitive
if (strtolower($this->suffix) == strtolower($ret[$i])) {
$found = true;
break;
}
}
if (!$found) {
$ret[] = $this->suffix;
}
usort($ret, 'compareDN');
return $ret;
}
} }
/** /**
@ -389,6 +429,23 @@ class TypeManager {
return $configuredTypes; return $configuredTypes;
} }
/**
* Returns a list of configured types for this scope.
*
* @param string $scope scope (e.g. user)
* @return \LAM\TYPES\ConfiguredType[] list of ConfiguredType
*/
public function getConfiguredTypesForScope($scope) {
$allTypes = $this->getConfiguredTypes();
$scopedTypes = array();
foreach ($allTypes as $type) {
if ($type->getScope() == $scope) {
$scopedTypes[] = $type;
}
}
return $scopedTypes;
}
/** /**
* Builds a configured account type. * Builds a configured account type.
* *

2
lam/lib/types/asteriskExt.inc
View File

@ -180,7 +180,7 @@ class lamAsteriskExtList extends lamList {
$entries = $this->normalizeLdapOutput($entries); $entries = $this->normalizeLdapOutput($entries);
$this->entries = $entries; $this->entries = $entries;
// generate list of possible suffixes // generate list of possible suffixes
$this->possibleSuffixes = $this->type->getBaseType()->getSuffixList(); $this->possibleSuffixes = $this->type->getSuffixList();
} }
/** /**

3
lam/templates/profedit/profilepage.php
View File

@ -207,8 +207,7 @@ $dnContent->addElement(new htmlSpacer(null, '10px'), true);
$rootsuffix = $type->getSuffix(); $rootsuffix = $type->getSuffix();
// get subsuffixes // get subsuffixes
$suffixes = array('-' => '-'); $suffixes = array('-' => '-');
$typeObj = $type->getBaseType(); $possibleSuffixes = $type->getSuffixList();
$possibleSuffixes = $typeObj->getSuffixList();
foreach ($possibleSuffixes as $suffix) { foreach ($possibleSuffixes as $suffix) {
$suffixes[getAbstractDN($suffix)] = $suffix; $suffixes[getAbstractDN($suffix)] = $suffix;
} }