use LDAP filters for user filters
This commit is contained in:
parent
53d0f6fdef
commit
88ba2cfdff
|
@ -145,7 +145,7 @@ $helpArray = array (
|
||||||
"242" => array ("Headline" => _("Password policy"),
|
"242" => array ("Headline" => _("Password policy"),
|
||||||
"Text" => _("Here you can specify minimum requirements for passwords. The character classes are: lowercase, uppercase, numeric and symbols.")),
|
"Text" => _("Here you can specify minimum requirements for passwords. The character classes are: lowercase, uppercase, numeric and symbols.")),
|
||||||
"250" => array ("Headline" => _("Filter"),
|
"250" => array ("Headline" => _("Filter"),
|
||||||
"Text" => _("Here you can input small filter expressions (e.g. 'value' or 'v*'). LAM will filter case-insensitive.")),
|
"Text" => _("Here you can input simple filter expressions (e.g. 'value' or 'v*'). The filter is case-sensitive.")),
|
||||||
// 300 - 399
|
// 300 - 399
|
||||||
// Roland Gruber
|
// Roland Gruber
|
||||||
// profile editor, file upload
|
// profile editor, file upload
|
||||||
|
|
|
@ -79,6 +79,9 @@ class lamList {
|
||||||
/** filter string to include in URL */
|
/** filter string to include in URL */
|
||||||
protected $filterText;
|
protected $filterText;
|
||||||
|
|
||||||
|
/** LDAP filter part which was entered by user via filter boxes */
|
||||||
|
protected $filterPart = '';
|
||||||
|
|
||||||
/** list of possible LDAP suffixes(organizational units) */
|
/** list of possible LDAP suffixes(organizational units) */
|
||||||
protected $possibleSuffixes;
|
protected $possibleSuffixes;
|
||||||
|
|
||||||
|
@ -149,30 +152,31 @@ class lamList {
|
||||||
// print HTML head
|
// print HTML head
|
||||||
$this->listPrintHeader();
|
$this->listPrintHeader();
|
||||||
// refresh data if needed
|
// refresh data if needed
|
||||||
if ($this->refresh) $this->listRefreshData();
|
if ($this->refresh) {
|
||||||
// filter entries
|
$this->listBuildFilter();
|
||||||
$filteredEntries = $this->listFilterAccounts();
|
$this->listRefreshData();
|
||||||
|
}
|
||||||
// sort rows by sort column
|
// sort rows by sort column
|
||||||
if ($filteredEntries) {
|
if (isset($this->entries)) {
|
||||||
$filteredEntries = $this->listSort($filteredEntries);
|
$this->entries = $this->listSort($this->entries);
|
||||||
}
|
}
|
||||||
// show form
|
// show form
|
||||||
echo ("<form action=\"list.php?type=" . $this->type . "&norefresh=true\" method=\"post\">\n");
|
echo ("<form action=\"list.php?type=" . $this->type . "&norefresh=true\" method=\"post\">\n");
|
||||||
// draw account list if accounts were found
|
// draw account list if accounts were found
|
||||||
if (sizeof($filteredEntries) > 0) {
|
if (sizeof($this->entries) > 0) {
|
||||||
// buttons
|
// buttons
|
||||||
$this->listPrintButtons(false);
|
$this->listPrintButtons(false);
|
||||||
echo ("<br>\n");
|
echo ("<br>\n");
|
||||||
// navigation bar
|
// navigation bar
|
||||||
$this->listDrawNavigationBar(sizeof($filteredEntries));
|
$this->listDrawNavigationBar(sizeof($this->entries));
|
||||||
echo ("<br>\n");
|
echo ("<br>\n");
|
||||||
// account table head
|
// account table head
|
||||||
$this->listPrintTableHeader();
|
$this->listPrintTableHeader();
|
||||||
// account table body
|
// account table body
|
||||||
$this->listPrintTableBody($filteredEntries);
|
$this->listPrintTableBody($this->entries);
|
||||||
echo ("<br>\n");
|
echo ("<br>\n");
|
||||||
// navigation bar
|
// navigation bar
|
||||||
$this->listDrawNavigationBar(sizeof($filteredEntries));
|
$this->listDrawNavigationBar(sizeof($this->entries));
|
||||||
echo ("<br>\n");
|
echo ("<br>\n");
|
||||||
// buttons
|
// buttons
|
||||||
$this->listPrintButtons(false);
|
$this->listPrintButtons(false);
|
||||||
|
@ -183,7 +187,7 @@ class lamList {
|
||||||
$this->listPrintButtons(true);
|
$this->listPrintButtons(true);
|
||||||
echo ("<hr style=\"background-color: #999999;\">\n");
|
echo ("<hr style=\"background-color: #999999;\">\n");
|
||||||
// navigation bar
|
// navigation bar
|
||||||
$this->listDrawNavigationBar(sizeof($filteredEntries));
|
$this->listDrawNavigationBar(sizeof($this->entries));
|
||||||
echo ("<br>\n");
|
echo ("<br>\n");
|
||||||
// account table head
|
// account table head
|
||||||
$this->listPrintTableHeader();
|
$this->listPrintTableHeader();
|
||||||
|
@ -194,12 +198,11 @@ class lamList {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Builds the regular expressions from the filter values.
|
* Builds the regular expressions from the filter values.
|
||||||
*
|
|
||||||
* @return array filter data array($attribute => array('regex' => $reg, 'original' => $orig))
|
|
||||||
* $reg is the regular expression to use, $orig the user's unmodified input string
|
|
||||||
*/
|
*/
|
||||||
protected function listBuildFilter() {
|
protected function listBuildFilter() {
|
||||||
$filter = array();
|
$filter = array();
|
||||||
|
$filterParam = "";
|
||||||
|
$LDAPFilterPart = "";
|
||||||
// build filter array
|
// build filter array
|
||||||
for ($i = 0; $i < sizeof($this->attrArray); $i++) {
|
for ($i = 0; $i < sizeof($this->attrArray); $i++) {
|
||||||
$foundFilter = null;
|
$foundFilter = null;
|
||||||
|
@ -210,68 +213,13 @@ class lamList {
|
||||||
$foundFilter = $_POST["filter" . strtolower($this->attrArray[$i])];
|
$foundFilter = $_POST["filter" . strtolower($this->attrArray[$i])];
|
||||||
}
|
}
|
||||||
if (isset($foundFilter) && preg_match('/^([\p{L}\p{N} _\\*\\$\\.-])+$/iu', $foundFilter)) { // \p{L} matches any Unicode letter
|
if (isset($foundFilter) && preg_match('/^([\p{L}\p{N} _\\*\\$\\.-])+$/iu', $foundFilter)) { // \p{L} matches any Unicode letter
|
||||||
$filter[$this->attrArray[$i]]['original'] = $foundFilter;
|
$filterParam .= "&filter" . $this->attrArray[$i] . '=' . $foundFilter;
|
||||||
$filter[$this->attrArray[$i]]['regex'] = $foundFilter;
|
$LDAPFilterPart .= '(' . $this->attrArray[$i] . '=' . $foundFilter . ')';
|
||||||
// replace special characters
|
|
||||||
$filter[$this->attrArray[$i]]['regex'] = str_replace('.', '\\.', $filter[$this->attrArray[$i]]['regex']);
|
|
||||||
$filter[$this->attrArray[$i]]['regex'] = str_replace("*", "(.)*", $filter[$this->attrArray[$i]]['regex']);
|
|
||||||
$filter[$this->attrArray[$i]]['regex'] = str_replace('$', '[$]', $filter[$this->attrArray[$i]]['regex']);
|
|
||||||
// add string begin and end
|
|
||||||
$filter[$this->attrArray[$i]]['regex'] = "^" . $filter[$this->attrArray[$i]]['regex'] . "$";
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// save filter string
|
$this->filterText = $filterParam;
|
||||||
$filterAttributes = array_keys($filter);
|
$this->filterPart = $LDAPFilterPart;
|
||||||
$searchFilter = array();
|
|
||||||
for ($i = 0; $i < sizeof($filterAttributes); $i++) {
|
|
||||||
$searchFilter[] = "filter" . $filterAttributes[$i] . "=" . $filter[$filterAttributes[$i]]['original'];
|
|
||||||
}
|
}
|
||||||
if (sizeof($searchFilter) > 0) {
|
|
||||||
$searchFilter = "&" . implode("&", $searchFilter);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$searchFilter = "";
|
|
||||||
}
|
|
||||||
$this->filterText = $searchFilter;
|
|
||||||
return $filter;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Removes all entries which do not fit to the filter.
|
|
||||||
*
|
|
||||||
* @return array filtered list of accounts
|
|
||||||
*/
|
|
||||||
protected function listFilterAccounts() {
|
|
||||||
$entries = array();
|
|
||||||
$filter = $this->listBuildFilter();
|
|
||||||
$attributes = array_keys($filter);
|
|
||||||
$attributeCount = sizeof($attributes);
|
|
||||||
$entryCount = sizeof($this->entries);
|
|
||||||
for ($r = 0; $r < $entryCount; $r++) {
|
|
||||||
$skip = false;
|
|
||||||
for ($a = 0; $a < $attributeCount; $a++) {
|
|
||||||
// check if filter fits
|
|
||||||
$found = false;
|
|
||||||
for ($i = 0; $i < sizeof($this->entries[$r][$attributes[$a]]); $i++) {
|
|
||||||
if (preg_match('/' . $filter[$attributes[$a]]['regex'] . '/i', $this->entries[$r][$attributes[$a]][$i])) {
|
|
||||||
$found = true;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (!$found) {
|
|
||||||
$skip = true;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (!$skip) {
|
|
||||||
$entries[] = &$this->entries[$r];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (sizeof($entries) == 0) StatusMessage("WARN", $this->labels['error_noneFound']);
|
|
||||||
return $entries;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sorts an account list by a given attribute
|
* Sorts an account list by a given attribute
|
||||||
|
@ -800,7 +748,9 @@ class lamList {
|
||||||
// check if LDAP data should be refreshed
|
// check if LDAP data should be refreshed
|
||||||
$this->refresh = true;
|
$this->refresh = true;
|
||||||
if (isset($_GET['norefresh'])) $this->refresh = false;
|
if (isset($_GET['norefresh'])) $this->refresh = false;
|
||||||
if (isset($_POST['refresh'])) $this->refresh = true;
|
if (isset($_POST['refresh']) || isset($_POST['apply_filter'])) {
|
||||||
|
$this->refresh = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -809,7 +759,7 @@ class lamList {
|
||||||
protected function listRefreshData() {
|
protected function listRefreshData() {
|
||||||
// configure search filter
|
// configure search filter
|
||||||
$module_filter = get_ldap_filter($this->type); // basic filter is provided by modules
|
$module_filter = get_ldap_filter($this->type); // basic filter is provided by modules
|
||||||
$filter = "(&" . $module_filter . ")";
|
$filter = "(&" . $module_filter . $this->filterPart . ")";
|
||||||
$attrs = $this->attrArray;
|
$attrs = $this->attrArray;
|
||||||
$entries = searchLDAP($this->suffix, $filter, $attrs);
|
$entries = searchLDAP($this->suffix, $filter, $attrs);
|
||||||
if (getLastLDAPErrorNumber() == 4) {
|
if (getLastLDAPErrorNumber() == 4) {
|
||||||
|
|
Loading…
Reference in New Issue