/**
* updates an existing group in sync backend
*
* @param Tinebase_Model_Group $_group
*
* @return Tinebase_Model_Group
*/
public function updateGroupInSyncBackend(Tinebase_Model_Group $_group)
{
if ($this->isDisabledBackend() || $this->isReadOnlyBackend()) {
return $_group;
}
$metaData = $this->_getMetaData($_group->getId());
$dn = $metaData['dn'];
$ldapData = array('cn' => $_group->name, 'description' => $_group->description, 'objectclass' => $metaData['objectclass']);
foreach ($this->_plugins as $plugin) {
$plugin->inspectUpdateGroup($_group, $ldapData);
}
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' $dn: ' . $dn);
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' $ldapData: ' . print_r($ldapData, true));
}
// rename?
$newDn = "cn={$ldapData['cn']},{$this->_options['groupsDn']}";
if ($newDn != $dn) {
$this->_ldap->rename($dn, $newDn);
}
// remove cn as samba forbids updating this
// 0x43 (Operation not allowed on RDN; 00002016: Modify of RDN 'CN' on CN=...,CN=Users,DC=example,DC=org
// not permitted, must use 'rename' operation instead
unset($ldapData['cn']);
$this->getLdap()->update($dn, $ldapData);
$group = $this->getGroupByIdFromSyncBackend($_group);
return $group;
}
/**
* updates an existing group in sync backend
*
* @param Tinebase_Model_Group $_group
*
* @return Tinebase_Model_Group
*/
public function updateGroupInSyncBackend(Tinebase_Model_Group $_group)
{
if ($this->isDisabledBackend() || $this->isReadOnlyBackend()) {
return $_group;
}
$metaData = $this->_getMetaData($_group->getId());
$dn = $metaData['dn'];
$ldapData = array('cn' => $_group->name, 'description' => $_group->description, 'objectclass' => $metaData['objectclass']);
foreach ($this->_plugins as $plugin) {
$plugin->inspectUpdateGroup($_group, $ldapData);
}
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' $dn: ' . $dn);
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' $ldapData: ' . print_r($ldapData, true));
}
$this->getLdap()->update($dn, $ldapData);
if (isset($metaData['cn']) && $metaData['cn'] != $ldapData['cn']) {
$newDn = "cn={$ldapData['cn']},{$this->_options['groupsDn']}";
$this->_ldap->rename($dn, $newDn);
}
$group = $this->getGroupByIdFromSyncBackend($_group);
return $group;
}
/**
* updates an existing user
*
* @todo check required objectclasses?
*
* @param Tinebase_Model_FullUser $_account
* @return Tinebase_Model_FullUser
*/
public function updateUserInSyncBackend(Tinebase_Model_FullUser $_account)
{
if ($this->_isReadOnlyBackend) {
return $_account;
}
$ldapEntry = $this->_getLdapEntry('accountId', $_account);
$ldapData = $this->_user2ldap($_account, $ldapEntry);
foreach ($this->_ldapPlugins as $plugin) {
$plugin->inspectUpdateUser($_account, $ldapData, $ldapEntry);
}
// no need to update this attribute, it's not allowed to change and even might not be update-able
unset($ldapData[$this->_userUUIDAttribute]);
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' DN: ' . $ldapEntry['dn']);
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' LDAP data: ' . print_r($ldapData, true));
}
$this->_ldap->update($ldapEntry['dn'], $ldapData);
$dn = Zend_Ldap_Dn::factory($ldapEntry['dn'], null);
$rdn = $dn->getRdn();
// do we need to rename the entry?
if (isset($ldapData[key($rdn)]) && $rdn[key($rdn)] != $ldapData[key($rdn)]) {
$groupsBackend = Tinebase_Group::factory(Tinebase_Group::LDAP);
// get the current group memberships
$memberships = $groupsBackend->getGroupMembershipsFromSyncBackend($_account);
// remove the user from current groups, because the dn/uid has changed
foreach ($memberships as $groupId) {
$groupsBackend->removeGroupMemberInSyncBackend($groupId, $_account);
}
$newDN = $this->_generateDn($_account);
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' rename ldap entry to: ' . $newDN);
}
$this->_ldap->rename($dn, $newDN);
// add the user to current groups again
foreach ($memberships as $groupId) {
$groupsBackend->addGroupMemberInSyncBackend($groupId, $_account);
}
}
// refetch user from ldap backend
$user = $this->getUserByPropertyFromSyncBackend('accountId', $_account, 'Tinebase_Model_FullUser');
return $user;
}
