WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fixed issue when object class of groups is in lower case

This commit is contained in:
Roland Gruber 2019-03-05 17:59:33 +01:00
parent 39f0730434
commit cc90b307b0
1 changed files with 18 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
lam/lib/modules/posixAccount.inc
View File

@ -527,15 +527,22 @@ class posixAccount extends baseModule implements passwordService {
* @return boolean true, if settings are complete * @return boolean true, if settings are complete
*/ */
function module_complete() { function module_complete() {
$typeId = $this->getAccountContainer()->get_type()->getId();
if (!$this->skipObjectClass() && (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass']))) { if (!$this->skipObjectClass() && (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass']))) {
// no checks if object class is not set // no checks if object class is not set
return true; return true;
} }
if (!isset($this->attributes['uid'][0]) || ($this->attributes['uid'][0] == '')) return false; if (!isset($this->attributes['uid'][0]) || ($this->attributes['uid'][0] == '')) {
if (!isset($this->attributes['uidNumber'][0]) || ($this->attributes['uidNumber'][0] == '')) return false; return false;
if (!isset($this->attributes['gidNumber'][0]) || ($this->attributes['gidNumber'][0] == '')) return false; }
if (!isset($this->attributes['loginShell'][0]) || ($this->attributes['loginShell'][0] == '')) return false; if (!isset($this->attributes['uidNumber'][0]) || ($this->attributes['uidNumber'][0] == '')) {
return false;
}
if (!isset($this->attributes['gidNumber'][0]) || ($this->attributes['gidNumber'][0] == '')) {
return false;
}
if (!isset($this->attributes['loginShell'][0]) || ($this->attributes['loginShell'][0] == '')) {
return false;
}
return true; return true;
} }
@ -849,7 +856,7 @@ class posixAccount extends baseModule implements passwordService {
for ($i = 0; $i < sizeof($toAdd); $i++) { for ($i = 0; $i < sizeof($toAdd); $i++) {
if (isset($gons[$toAdd[$i]])) { if (isset($gons[$toAdd[$i]])) {
$attrName = 'member'; $attrName = 'member';
if (in_array('groupOfUniqueNames', $gons[$toAdd[$i]]['objectclass'])) { if (in_array_ignore_case('groupOfUniqueNames', $gons[$toAdd[$i]]['objectclass'])) {
$attrName = 'uniqueMember'; $attrName = 'uniqueMember';
} }
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($accountContainer->finalDN))); $success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($accountContainer->finalDN)));
@ -866,7 +873,7 @@ class posixAccount extends baseModule implements passwordService {
for ($i = 0; $i < sizeof($toRem); $i++) { for ($i = 0; $i < sizeof($toRem); $i++) {
if (isset($gons[$toRem[$i]])) { if (isset($gons[$toRem[$i]])) {
$attrName = 'member'; $attrName = 'member';
if (in_array('groupOfUniqueNames', $gons[$toRem[$i]]['objectclass'])) { if (in_array_ignore_case('groupOfUniqueNames', $gons[$toRem[$i]]['objectclass'])) {
$attrName = 'uniqueMember'; $attrName = 'uniqueMember';
} }
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($accountContainer->dn_orig))); $success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($accountContainer->dn_orig)));
@ -2811,7 +2818,7 @@ class posixAccount extends baseModule implements passwordService {
$gons = explode(",", $dataRow[$ids['posixAccount_gon']]); $gons = explode(",", $dataRow[$ids['posixAccount_gon']]);
$memberAttr = 'member'; $memberAttr = 'member';
for ($g = 0; $g < sizeof($gons); $g++) { for ($g = 0; $g < sizeof($gons); $g++) {
if (in_array('groupOfUniqueNames', $gonList[$gonMap[$gons[$g]]]['objectclass'])) { if (in_array_ignore_case('groupOfUniqueNames', $gonList[$gonMap[$gons[$g]]]['objectclass'])) {
$memberAttr = 'uniqueMember'; $memberAttr = 'uniqueMember';
} }
$temp['dn_gon'][$gonMap[$gons[$g]]][$memberAttr][] = $accounts[$i]['dn']; $temp['dn_gon'][$gonMap[$gons[$g]]][$memberAttr][] = $accounts[$i]['dn'];
@ -3494,13 +3501,12 @@ class posixAccount extends baseModule implements passwordService {
$typeManager = new TypeManager(); $typeManager = new TypeManager();
$types = $typeManager->getConfiguredTypesForScopes(array('gon', 'group')); $types = $typeManager->getConfiguredTypesForScopes(array('gon', 'group'));
foreach ($types as $type) { foreach ($types as $type) {
$filter = '(|(objectClass=groupOfNames)(objectClass=groupOfMembers)(objectClass=groupOfUniqueNames))';
$typeFilter = get_ldap_filter($type->getId()); $typeFilter = get_ldap_filter($type->getId());
$results = searchLDAP($type->getSuffix(), $typeFilter, array('cn', 'dn', 'objectClass')); $results = searchLDAP($type->getSuffix(), $typeFilter, array('cn', 'dn', 'objectClass'));
for ($i = 0; $i < sizeof($results); $i++) { for ($i = 0; $i < sizeof($results); $i++) {
if ((in_array('groupOfNames', $results[$i]['objectclass']) if ((in_array_ignore_case('groupOfNames', $results[$i]['objectclass'])
|| in_array('groupOfMembers', $results[$i]['objectclass']) || in_array_ignore_case('groupOfMembers', $results[$i]['objectclass'])
|| in_array('groupOfUniqueNames', $results[$i]['objectclass'])) || in_array_ignore_case('groupOfUniqueNames', $results[$i]['objectclass']))
&& isset($results[$i]['cn'][0])) { && isset($results[$i]['cn'][0])) {
$return[$results[$i]['dn']] = $results[$i]; $return[$results[$i]['dn']] = $results[$i];
} }