if (isset($wanted_attrs['employeeType']) || isset($wanted_attrs['departmentNumber'])) { $wanted_attrs['eduPersonPrimaryAffiliation'] = 'eduPersonPrimaryAffiliation'; } $allowExtendedInfo = 0; if (isset($showExtendedInfo) && GET_uid()) { if (isPersonMatchingFilter(GET_uid(), $LEVEL1_FILTER)) { if (isPersonMatchingFilter(GET_uid(), $LEVEL2_FILTER)) { $allowExtendedInfo = 2; } else { $allowExtendedInfo = 1; } } } if ($allowExtendedInfo >= 1) { $LDAP_CONNECT = $allowExtendedInfo == 2 ? $LDAP_CONNECT_LEVEL2 : $LDAP_CONNECT_LEVEL1; global_ldap_open('reOpen'); } // most attributes visibility are enforced using ACLs on LDAP bind // here are a few special cases if ($allowExtendedInfo < 1) { foreach (array('memberOf', 'memberOf-all') as $attr) { unset($wanted_attrs[$attr]); } } if ($allowInvalidAccounts) { $allowInvalidAccounts = $allowExtendedInfo >= 1; } $attrRestrictions = array('allowListeRouge' => $allowExtendedInfo > 0 || @$isTrustedIp || GET_uid() && isStaffOrFaculty(GET_uid()), 'allowMailForwardingAddress' => $allowExtendedInfo > 1, 'allowEmployeeType' => $allowExtendedInfo > 1); $users = searchPeople(people_filters($token, $restriction, $allowInvalidAccounts), $attrRestrictions, $wanted_attrs, $KEY_FIELD, $maxRows); if ($allowExtendedInfo) { foreach ($users as &$u) {
function getLdapInfo($base, $filter, $attributes_map, $sizelimit = 0, $timelimit = 0) { global $DEBUG; $before = microtime(true); $ds = global_ldap_open(); if ($DEBUG) { error_log("searching {$base} for {$filter}"); } $all_entries = $ds->search($base, $filter, array_keys($attributes_map), $sizelimit, $timelimit); if (!$all_entries) { return array(); } if ($DEBUG) { error_log("found " . $all_entries['count'] . " results"); } unset($all_entries["count"]); $r = array(); foreach ($all_entries as $entry) { $map = array(); foreach ($attributes_map as $ldap_attr => $attr) { $ldap_attr_ = strtolower($ldap_attr); if (isset($entry[$ldap_attr_])) { $vals = $entry[$ldap_attr_]; if ($attr == "MULTI") { // no remapping, but is multi-valued attr unset($vals["count"]); $map[$ldap_attr] = $vals; } else { $map[$attr] = $vals["0"]; } } } $r[] = $map; } //echo sprintf("// Elapsed %f\t%3d answers for $filter on $base\n", $before - microtime(true), count($r)); return $r; }