fix handling of multi-value attributes
This commit is contained in:
parent
0eba401a34
commit
a20ab43fc0
|
@ -1103,7 +1103,7 @@ class accountContainer {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add attributes to variable. Syntax is array( attribute = array ( objectClass1 => MUST|MAX, objectClass2 => MUST|MAY ), ... )
|
* Add attributes to variable. Syntax is array( attribute = array ( objectClass1 => MUST|MAX, objectClass2 => MUST|MAY ), ... )
|
||||||
* @todo document this function
|
* @todo remove this function when get_module_attributes() is changed
|
||||||
*/
|
*/
|
||||||
function add_attributes($objectClass) {
|
function add_attributes($objectClass) {
|
||||||
// loop through every existing objectlass and select current objectClass
|
// loop through every existing objectlass and select current objectClass
|
||||||
|
@ -1191,6 +1191,7 @@ class accountContainer {
|
||||||
* @param boolean $original If original is true references will be set to original attributes. This are the original attributes
|
* @param boolean $original If original is true references will be set to original attributes. This are the original attributes
|
||||||
* when an LDAP entry is loaded.
|
* when an LDAP entry is loaded.
|
||||||
* @return array list of attributes
|
* @return array list of attributes
|
||||||
|
* @todo Remove this function
|
||||||
*/
|
*/
|
||||||
function get_module_attributes($objectClass, $original=false) {
|
function get_module_attributes($objectClass, $original=false) {
|
||||||
// Add account type to object
|
// Add account type to object
|
||||||
|
@ -1329,15 +1330,18 @@ class accountContainer {
|
||||||
$notchanged = array();
|
$notchanged = array();
|
||||||
// Get list of all "easy" attributes
|
// Get list of all "easy" attributes
|
||||||
$attr_names = array_keys($attributes);
|
$attr_names = array_keys($attributes);
|
||||||
// Get attributes which should be added
|
// find changed attributes
|
||||||
for ($i=0; $i<count($attr_names); $i++) {
|
for ($i=0; $i<count($attr_names); $i++) {
|
||||||
|
// find deleted attributes
|
||||||
for ($j=0; $j<count($orig[$attr_names[$i]]); $j++) {
|
for ($j=0; $j<count($orig[$attr_names[$i]]); $j++) {
|
||||||
if (is_array($attributes[$attr_names[$i]])) {
|
if (is_array($attributes[$attr_names[$i]])) {
|
||||||
if (!in_array($orig[$attr_names[$i]][$j], $attributes[$attr_names[$i]]))
|
if (!in_array($orig[$attr_names[$i]][$j], $attributes[$attr_names[$i]])) {
|
||||||
if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] = $orig[$attr_names[$i]][$j];
|
if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] = $orig[$attr_names[$i]][$j];
|
||||||
}
|
}
|
||||||
|
}
|
||||||
else if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] = $orig[$attr_names[$i]][$j];
|
else if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] = $orig[$attr_names[$i]][$j];
|
||||||
}
|
}
|
||||||
|
// find new attributes
|
||||||
for ($j=0; $j<count($attributes[$attr_names[$i]]); $j++) {
|
for ($j=0; $j<count($attributes[$attr_names[$i]]); $j++) {
|
||||||
if (is_array($orig[$attr_names[$i]])) {
|
if (is_array($orig[$attr_names[$i]])) {
|
||||||
if (!in_array($attributes[$attr_names[$i]][$j], $orig[$attr_names[$i]]))
|
if (!in_array($attributes[$attr_names[$i]][$j], $orig[$attr_names[$i]]))
|
||||||
|
@ -1345,6 +1349,7 @@ class accountContainer {
|
||||||
}
|
}
|
||||||
else if ($attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = $attributes[$attr_names[$i]][$j];
|
else if ($attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = $attributes[$attr_names[$i]][$j];
|
||||||
}
|
}
|
||||||
|
// find unchanged attributes
|
||||||
for ($j=0; $j<count($attributes[$attr_names[$i]]); $j++) {
|
for ($j=0; $j<count($attributes[$attr_names[$i]]); $j++) {
|
||||||
if (is_array($orig[$attr_names[$i]]) && is_array($attributes[$attr_names[$i]])) {
|
if (is_array($orig[$attr_names[$i]]) && is_array($attributes[$attr_names[$i]])) {
|
||||||
if (($attributes[$attr_names[$i]][$j]==$orig[$attr_names[$i]][$j]) && $attributes[$attr_names[$i]][$j]!='')
|
if (($attributes[$attr_names[$i]][$j]==$orig[$attr_names[$i]][$j]) && $attributes[$attr_names[$i]][$j]!='')
|
||||||
|
@ -1353,26 +1358,22 @@ class accountContainer {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// create modify with add and remove
|
// create modify with add and remove
|
||||||
if (is_array($toadd)) {
|
|
||||||
$attributes2 = array_keys($toadd);
|
$attributes2 = array_keys($toadd);
|
||||||
for ($i=0; $i<count($attributes2); $i++) {
|
for ($i=0; $i<count($attributes2); $i++) {
|
||||||
if (isset($torem[$attributes2[$i]]))
|
if (isset($torem[$attributes2[$i]]))
|
||||||
/* found modify entry
|
if ((count($toadd[$attributes2[$i]]) > 0) && (count($torem[$attributes2[$i]]) > 0)) {
|
||||||
* Some ldap attributes must be set exactly one time.
|
// found attribute which should be modified
|
||||||
* Adding or removing such an attribute wont't work
|
|
||||||
* because it would conflict with an ldap schema.
|
|
||||||
* Therefore when an attribute has only one entry
|
|
||||||
* and is set in $toadd and $torem this will be merged
|
|
||||||
* to $tomodify
|
|
||||||
*/
|
|
||||||
if ((count($toadd[$attributes2[$i]]==0)) && (count($torem[$attributes2[$i]]==0))) {
|
|
||||||
// found attribute which should only modified
|
|
||||||
$tomodify[$attributes2[$i]] = $toadd[$attributes2[$i]];
|
$tomodify[$attributes2[$i]] = $toadd[$attributes2[$i]];
|
||||||
|
// merge unchanged values
|
||||||
|
if (isset($notchanged[$attributes2[$i]])) {
|
||||||
|
$tomodify[$attributes2[$i]] = array_merge($tomodify[$attributes2[$i]], $notchanged[$attributes2[$i]]);
|
||||||
|
unset($notchanged[$attributes2[$i]]);
|
||||||
|
}
|
||||||
|
// remove old add and remove commands
|
||||||
unset($toadd[$attributes2[$i]]);
|
unset($toadd[$attributes2[$i]]);
|
||||||
unset($torem[$attributes2[$i]]);
|
unset($torem[$attributes2[$i]]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
if (count($toadd)!=0) $return[$this->dn]['add'] = $toadd;
|
if (count($toadd)!=0) $return[$this->dn]['add'] = $toadd;
|
||||||
if (count($torem)!=0) $return[$this->dn]['remove'] = $torem;
|
if (count($torem)!=0) $return[$this->dn]['remove'] = $torem;
|
||||||
if (count($tomodify)!=0) $return[$this->dn]['modify'] = $tomodify;
|
if (count($tomodify)!=0) $return[$this->dn]['modify'] = $tomodify;
|
||||||
|
@ -1544,12 +1545,7 @@ class accountContainer {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* We have to some string checks now. Not every ldap attributes allow utf8
|
// Complete dn with RDN attribute
|
||||||
* strings. Therefore we do a syntax check here and change utf8 strings to ascci
|
|
||||||
* strings. Only "7bit" ascci is allowed
|
|
||||||
*/
|
|
||||||
// TODO how do we interact with the user and show him what has been changed
|
|
||||||
// Complete dn with uid or cn=
|
|
||||||
$search = $this->rdn;
|
$search = $this->rdn;
|
||||||
$added = false;
|
$added = false;
|
||||||
foreach ($attributes as $DN) {
|
foreach ($attributes as $DN) {
|
||||||
|
@ -1580,14 +1576,6 @@ class accountContainer {
|
||||||
}
|
}
|
||||||
// Set to true if an real error has happened
|
// Set to true if an real error has happened
|
||||||
$stopprocessing = false;
|
$stopprocessing = false;
|
||||||
// Add new DN
|
|
||||||
if (isset($attributes[$DNs[$i]]['errors'])) {
|
|
||||||
foreach ($attributes[$DNs[$i]]['errors'] as $singleerror) {
|
|
||||||
$errors[] = $singleerror;
|
|
||||||
if ($singleerror[0] == 'ERROR') $stopprocessing = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (!$stopprocessing) {
|
|
||||||
if (strtolower($this->dn) != strtolower($this->dn_orig)) {
|
if (strtolower($this->dn) != strtolower($this->dn_orig)) {
|
||||||
// move existing DN
|
// move existing DN
|
||||||
if ($this->dn_orig!='') {
|
if ($this->dn_orig!='') {
|
||||||
|
@ -1651,7 +1639,6 @@ class accountContainer {
|
||||||
}
|
}
|
||||||
unset($attributes[$this->dn]);
|
unset($attributes[$this->dn]);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
$DNs = array_keys($attributes);
|
$DNs = array_keys($attributes);
|
||||||
for ($i=0; $i<count($DNs); $i++) {
|
for ($i=0; $i<count($DNs); $i++) {
|
||||||
if (!$stopprocessing) {
|
if (!$stopprocessing) {
|
||||||
|
|
Loading…
Reference in New Issue