WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

optimized code

This commit is contained in:
katagia 2004-09-18 18:44:47 +00:00
parent 275c3d4d5f
commit 8e3e173dac
4 changed files with 149 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
lam/lib/baseModule.inc
View File

@ -87,6 +87,30 @@ class baseModule {
} }
/* This function loads all standard ldap attributes. It is used
* by the modules to reduce code
*/
function load_ldap_attributes($attr) {
// Load attributes which are displayed
// unset count entries
unset ($attr['count']);
$attributes = array_keys($attr);
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
// unset double entries
for ($i=0; $i<count($attr); $i++)
if (isset($attr[$i])) unset($attr[$i]);
foreach ($attributes as $attribute) {
if (isset($this->attributes[$attribute])) {
// decode as unicode
$this->attributes[$attribute] = $attr[$attribute];
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
}
}
}
}
/** /**
* Dummy function, meta data is provided by sub classes. * Dummy function, meta data is provided by sub classes.
* *

52
lam/lib/cache.inc
View File

@ -28,16 +28,12 @@ $Id$
*/ */
class cache { class cache {
function cache() { function cache() {
$this->config =& $_SESSION['config'];
$this->ldap =& $_SESSION['ldap'];
$this->time = 0; $this->time = 0;
$this->attributes = array(); $this->attributes = array();
} }
var $ldapcache; // This variable contains the cache var $ldapcache; // This variable contains the cache
var $attributes; // This variable contains a list and their scope of attributes which should be cached var $attributes; // This variable contains a list and their scope of attributes which should be cached
var $config; // This is a reference to the config class in session
var $ldap; // This is a reference to the ldap class in session
var $time; // This is the laste timestamp ldap cache has been refreshed var $time; // This is the laste timestamp ldap cache has been refreshed
/* This function adds attributes to cache /* This function adds attributes to cache
@ -83,9 +79,9 @@ class cache {
if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
// Create list of all allowed attributes // Create list of all allowed attributes
for ($i=0; $i<count($this->ldap->objectClasses); $i++ ) { for ($i=0; $i<count($_SESSION['ldap']->objectClasses); $i++ ) {
if (strpos($this->ldap->objectClasses[$i], 'MUST (')) { if (strpos($_SESSION['ldap']->objectClasses[$i], 'MUST (')) {
$string_withtail = substr($this->ldap->objectClasses[$i], strpos($this->ldap->objectClasses[$i], 'MUST (')+6); $string_withtail = substr($_SESSION['ldap']->objectClasses[$i], strpos($_SESSION['ldap']->objectClasses[$i], 'MUST (')+6);
// Now we have a string with all must-attributes // Now we have a string with all must-attributes
$string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = substr($string_withtail, 0, strpos($string_withtail, ')'));
$string = trim($string); $string = trim($string);
@ -93,8 +89,8 @@ class cache {
} }
// create array with may-attributes // create array with may-attributes
// Get startposition in string // Get startposition in string
if (strpos($this->ldap->objectClasses[$i], 'MAY (')) { if (strpos($_SESSION['ldap']->objectClasses[$i], 'MAY (')) {
$string_withtail = substr($this->ldap->objectClasses[$i], strpos($this->ldap->objectClasses[$i], 'MAY (')+5); $string_withtail = substr($_SESSION['ldap']->objectClasses[$i], strpos($_SESSION['ldap']->objectClasses[$i], 'MAY (')+5);
// Now we have a string with all must-attributes // Now we have a string with all must-attributes
$string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = substr($string_withtail, 0, strpos($string_withtail, ')'));
$string = trim($string); $string = trim($string);
@ -120,7 +116,7 @@ class cache {
foreach ($DNs as $dn) { foreach ($DNs as $dn) {
if (isset($this->ldapcache[$scope][$dn][$attribute]) && in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) { if (isset($this->ldapcache[$scope][$dn][$attribute]) && in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) {
// return string if only attribute exists only once // return string if only attribute exists only once
if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn][] = $this->ldapcache[$scope][$dn][$attribute][0]; if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn] = array($this->ldapcache[$scope][$dn][$attribute][0]);
else { else {
// else return array with all attributes // else return array with all attributes
$return[$dn] = $this->ldapcache[$scope][$dn][$attribute]; $return[$dn] = $this->ldapcache[$scope][$dn][$attribute];
@ -142,9 +138,9 @@ class cache {
$allowed_types = array ( 'user', 'group', 'host', 'domain', '*' ); $allowed_types = array ( 'user', 'group', 'host', 'domain', '*' );
if (!in_array($singlescope, $allowed_types)) trigger_error(sprintf(_('Invalid scope. Valid scopes are %s.'), implode(" ", $allowed_types)), E_USER_ERROR); if (!in_array($singlescope, $allowed_types)) trigger_error(sprintf(_('Invalid scope. Valid scopes are %s.'), implode(" ", $allowed_types)), E_USER_ERROR);
// Create list of all allowed attributes // Create list of all allowed attributes
for ($i=0; $i<count($this->ldap->objectClasses); $i++ ) { for ($i=0; $i<count($_SESSION['ldap']->objectClasses); $i++ ) {
if (strpos($this->ldap->objectClasses[$i], 'MUST (')) { if (strpos($_SESSION['ldap']->objectClasses[$i], 'MUST (')) {
$string_withtail = substr($this->ldap->objectClasses[$i], strpos($this->ldap->objectClasses[$i], 'MUST (')+6); $string_withtail = substr($_SESSION['ldap']->objectClasses[$i], strpos($_SESSION['ldap']->objectClasses[$i], 'MUST (')+6);
// Now we have a string with all must-attributes // Now we have a string with all must-attributes
$string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = substr($string_withtail, 0, strpos($string_withtail, ')'));
$string = trim($string); $string = trim($string);
@ -152,8 +148,8 @@ class cache {
} }
// create array with may-attributes // create array with may-attributes
// Get startposition in string // Get startposition in string
if (strpos($this->ldap->objectClasses[$i], 'MAY (')) { if (strpos($_SESSION['ldap']->objectClasses[$i], 'MAY (')) {
$string_withtail = substr($this->ldap->objectClasses[$i], strpos($this->ldap->objectClasses[$i], 'MAY (')+5); $string_withtail = substr($_SESSION['ldap']->objectClasses[$i], strpos($_SESSION['ldap']->objectClasses[$i], 'MAY (')+5);
// Now we have a string with all must-attributes // Now we have a string with all must-attributes
$string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = substr($string_withtail, 0, strpos($string_withtail, ')'));
$string = trim($string); $string = trim($string);
@ -194,25 +190,24 @@ class cache {
/* This functions refreshs the cache /* This functions refreshs the cache
*/ */
function refresh_cache($rebuild=false) { function refresh_cache($rebuild=false) {
if ($time + $this->config->get_cacheTimeoutSec() < time() || $rebuild) { if ($this->time + $_SESSION['config']->get_cacheTimeoutSec() < time() || $rebuild) {
// unset old cache // unset old cache
unset ($this->ldapcache); unset ($this->ldapcache);
$scopes = array_keys($this->attributes); $scopes = array_keys($this->attributes);
foreach ($scopes as $scope) { foreach ($scopes as $scope) {
// Get Scope // Get Scope
//$function = '$suffix = $this->config->get_'.ucfirst($scope).'Suffix();'; If ($scope != '*')
If ($scope != '*') //eval($function); $suffix = call_user_func(array(&$_SESSION['config'], 'get_'.ucfirst($scope).'Suffix'));
$suffix = call_user_func(array(&$this->config, 'get_'.ucfirst($scope).'Suffix'));
else $suffix = ''; else $suffix = '';
// Get Data from ldap // Get Data from ldap
$search = $this->attributes[$scope]; $search = $this->attributes[$scope];
$search[] = 'objectClass'; $search[] = 'objectClass';
$result = @ldap_search($this->ldap->server(), $suffix, 'objectClass=*', $search, 0); $result = @ldap_search($_SESSION['ldap']->server(), $suffix, 'objectClass=*', $search, 0);
// Write search result in array // Write search result in array
$entry = @ldap_first_entry($this->ldap->server(), $result); $entry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
while ($entry) { while ($entry) {
$dn = (ldap_get_dn($this->ldap->server(), $entry)); $dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry));
$attr = ldap_get_attributes($this->ldap->server(), $entry); $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// unset every count entry // unset every count entry
unset ($attr['count']); unset ($attr['count']);
$attributes = array_keys($attr); $attributes = array_keys($attr);
@ -225,7 +220,7 @@ class cache {
$addcache = $attr; $addcache = $attr;
unset ($addcache['objectClass']); unset ($addcache['objectClass']);
if (count($addcache)!=0) $this->ldapcache[$scope][$dn] = $attr; if (count($addcache)!=0) $this->ldapcache[$scope][$dn] = $attr;
$entry = ldap_next_entry($this->ldap->server(), $entry); $entry = ldap_next_entry($_SESSION['ldap']->server(), $entry);
} }
} }
$this->time = time(); $this->time = time();
@ -240,10 +235,9 @@ class cache {
$allowed_types = array ( 'user', 'group', 'host', '*' ); $allowed_types = array ( 'user', 'group', 'host', '*' );
for ($i=0; $i<count($allowed_types); $i++) { for ($i=0; $i<count($allowed_types); $i++) {
if ($allowed_types[$i]!='*') { if ($allowed_types[$i]!='*') {
$function = '$suffix = $$this->config->get_'.ucfirst($allowed_types[$i]).'Suffix();';
// *** fixme, where is get_DomainSuffix // *** fixme, where is get_DomainSuffix
If ($scope != '*') //eval($function); If ($scope != '*')
$suffix = call_user_func(array(&$this->config, 'get_'.ucfirst($allowed_types[$i]).'Suffix')); $suffix = call_user_func(array(&$_SESSION['config'], 'get_'.ucfirst($allowed_types[$i]).'Suffix'));
else $suffix = ''; else $suffix = '';
if (substr($suffix, $dn)) $singlescope = $allowed_types[$i]; if (substr($suffix, $dn)) $singlescope = $allowed_types[$i];
} }
@ -253,10 +247,8 @@ class cache {
// Everything seems to be OK, start processing data // Everything seems to be OK, start processing data
// Get Scope // Get Scope
foreach ($allowed_types as $scope) { foreach ($allowed_types as $scope) {
//$function = '$suffix = $this->config->get_'.ucfirst($scope).'Suffix();';
//eval($function);
if ($scope!='*') { if ($scope!='*') {
$suffix = call_user_func(array(&$this->config, 'get_'.ucfirst($scope).'Suffix')); $suffix = call_user_func(array(&$_SESSION['config'], 'get_'.ucfirst($scope).'Suffix'));
if (strpos($dn, $suffix)) $singlescope = $scope; if (strpos($dn, $suffix)) $singlescope = $scope;
} }
} }

39
lam/lib/modules/posixGroup.inc
View File

@ -220,26 +220,7 @@ class posixGroup extends baseModule {
* $attr is an array as it's retured from ldap_get_attributes * $attr is an array as it's retured from ldap_get_attributes
*/ */
function load_attributes($attr) { function load_attributes($attr) {
// Load attributes which are displayed $this->load_ldap_attributes($attr);
// unset count entries
unset ($attr['count']);
$attributes = array_keys($attr);
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
// unset double entries
for ($i=0; $i<count($attr); $i++)
if (isset($attr[$i])) unset($attr[$i]);
foreach ($attributes as $attribute) {
if (isset($this->attributes[$attribute])) {
// decode as unicode
$this->attributes[$attribute] = $attr[$attribute];
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
}
}
}
// Values are kept as copy so we can compare old attributes with new attributes
$this->attributes['objectClass'][0] = 'posixGroup';
return 0; return 0;
} }
@ -369,8 +350,6 @@ class posixGroup extends baseModule {
if ($this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0]) if ($this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0])
$errors['gidNumber'][] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.')); $errors['gidNumber'][] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'));
// Load attributes // Load attributes
$this->attributes['cn'][0] = $post['cn'];
$this->attributes['gidNumber'][0] = $post['gidNumber'];
$this->attributes['description'][0] = $post['description']; $this->attributes['description'][0] = $post['description'];
if ($post['userPassword_no']) $this->userPassword_no=true; if ($post['userPassword_no']) $this->userPassword_no=true;
else $this->userPassword_no=false; else $this->userPassword_no=false;
@ -385,9 +364,12 @@ class posixGroup extends baseModule {
unset ($post['userPassword2']); unset ($post['userPassword2']);
} }
else $this->userPassword($post['userPassword']); else $this->userPassword($post['userPassword']);
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors['userPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
} }
if ($post['genpass']) $this->userPassword(genpasswd()); if ($post['genpass']) $this->userPassword(genpasswd());
// Check if UID is valid. If none value was entered, the next useable value will be inserted if ($this->attributes['gidNumber'][0]!=$post['gidNumber']) {
// Check if GID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber // load min and may uidNumber
$minID = intval($this->moduleSettings['posixGroup_minGID'][0]); $minID = intval($this->moduleSettings['posixGroup_minGID'][0]);
$maxID = intval($this->moduleSettings['posixGroup_maxGID'][0]); $maxID = intval($this->moduleSettings['posixGroup_maxGID'][0]);
@ -397,6 +379,7 @@ class posixGroup extends baseModule {
foreach ($dn_gids as $gid) $gids[] = $gid[0]; foreach ($dn_gids as $gid) $gids[] = $gid[0];
sort ($gids, SORT_NUMERIC); sort ($gids, SORT_NUMERIC);
} }
$this->attributes['gidNumber'][0]=$post['gidNumber'];
if ($this->attributes['gidNumber'][0]=='') { if ($this->attributes['gidNumber'][0]=='') {
// No id-number given // No id-number given
if ($this->orig['gidNumber'][0]=='') { if ($this->orig['gidNumber'][0]=='') {
@ -442,9 +425,12 @@ class posixGroup extends baseModule {
} }
} }
} }
}
if ($this->attributes['cn'][0]!=$post['cn']) {
$this->attributes['cn'][0] = $post['cn'];
if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn'])) if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn']))
$errors['cn'][] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); $errors['cn'][] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
// Check if Username contains only valid characters // Check if Groupname contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['cn'][0])) if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['cn'][0]))
$errors['cn'][] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); $errors['cn'][] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
// Create automatic useraccount with number if original user already exists // Create automatic useraccount with number if original user already exists
@ -453,7 +439,7 @@ class posixGroup extends baseModule {
if ($_SESSION['cache']->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) { if ($_SESSION['cache']->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) {
$this->attributes['cn'][0] = $this->orig['cn'][0]; $this->attributes['cn'][0] = $this->orig['cn'][0];
} }
// Change uid to a new uid until a free uid is found // Change gid to a new gid until a free gid is found
else while ($_SESSION['cache']->in_cache($this->attributes['cn'][0], 'cn', '*')) { else while ($_SESSION['cache']->in_cache($this->attributes['cn'][0], 'cn', '*')) {
// get last character of username // get last character of username
$lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1); $lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1);
@ -488,8 +474,7 @@ class posixGroup extends baseModule {
if ($this->attributes['cn'][0] != $post['cn']) { if ($this->attributes['cn'][0] != $post['cn']) {
$errors['cn'][] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.')); $errors['cn'][] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.'));
} }
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword())) }
$errors['userPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
} }
// Return error-messages // Return error-messages
if (is_array($errors)) return $errors; if (is_array($errors)) return $errors;

28
lam/lib/modules/sambaGroupMapping.inc
View File

@ -114,13 +114,6 @@ class sambaGroupMapping extends baseModule {
} }
// Variables // Variables
// This variable contains all inetOrgPerson attributes
var $attributes;
/* If an account was loaded all attributes are kept in this array
* to compare it with new changed attributes
*/
var $orig;
// Array of well known rids // Array of well known rids
var $rids; var $rids;
@ -161,26 +154,7 @@ class sambaGroupMapping extends baseModule {
* $attr is an array as it's retured from ldap_get_attributes * $attr is an array as it's retured from ldap_get_attributes
*/ */
function load_attributes($attr) { function load_attributes($attr) {
// Load attributes which are displayed $this->load_ldap_attributes($attr);
// unset count entries
unset ($attr['count']);
$attributes = array_keys($attr);
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
// unset double entries
for ($i=0; $i<count($attr); $i++)
if (isset($attr[$i])) unset($attr[$i]);
foreach ($attributes as $attribute) {
if (isset($this->attributes[$attribute])) {
// decode as unicode
$this->attributes[$attribute] = $attr[$attribute];
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
}
}
}
// Values are kept as copy so we can compare old attributes with new attributes
$this->attributes['objectClass'][0] = 'sambaGroupMapping';
return 0; return 0;
} }