private function setUserId(array $payload)
{
$username = $payload['attributes']['author'];
$user = $this->user->getByUsername($username);
$type = $this->tracSetting->getOption('remote_users_type');
if (empty($user)) {
if ($type === 'ldap') {
try {
$ldap = LdapClient::connect();
$ldapUser = LdapUser::getUser($ldap, sprintf(LDAP_USER_FILTER, $username));
if ($ldapUser === null) {
throw new \Exception('User not found in LDAP server');
}
if ($ldapUser->getUsername() === '') {
throw new \Exception('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME');
}
$values = array('username' => $ldapUser->getUsername(), 'name' => $ldapUser->getName(), 'email' => $ldapUser->getEmail(), 'role' => $ldapUser->getRole(), 'is_ldap_user' => 1);
$user = $this->user->create($values);
} catch (\Exception $e) {
$this->logger->error($e->getMessage());
}
} else {
$password = substr(hash('sha512', time()), 0, 10);
$values = array('name' => $username, 'username' => $username, 'password' => $password, 'confirmation' => $password, 'role' => Role::APP_USER);
$user = $this->user->create($values);
}
}
if (!empty($user)) {
$this->user_id = $user['id'];
}
}
/**
* Find a group from a search query
*
* @access public
* @param string $input
* @return LdapGroupProvider[]
*/
public function find($input)
{
try {
$ldap = LdapClient::connect();
return LdapGroup::getGroups($ldap, $this->getLdapGroupPattern($input));
} catch (LdapException $e) {
$this->logger->error($e->getMessage());
return array();
}
}
public function createLdapUser($username)
{
try {
$ldap = LdapClient::connect();
$user = LdapUser::getUser($ldap, sprintf(LDAP_USER_FILTER, $username));
if ($user === null) {
$this->logger->info('User not found in LDAP server');
return false;
}
if ($user->getUsername() === '') {
throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME');
}
$values = array('username' => $user->getUsername(), 'name' => $user->getName(), 'email' => $user->getEmail(), 'role' => $user->getRole(), 'is_ldap_user' => 1);
return $this->user->create($values);
} catch (LdapException $e) {
$this->logger->error($e->getMessage());
return false;
}
}
/**
* Authenticate the user
*
* @access public
* @return boolean
*/
public function authenticate()
{
try {
$client = LdapClient::connect($this->getLdapUsername(), $this->getLdapPassword());
$user = LdapUser::getUser($client, $this->username);
if ($user === null) {
$this->logger->info('User not found in LDAP server');
return false;
}
if ($user->getUsername() === '') {
throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME');
}
if ($client->authenticate($user->getDn(), $this->password)) {
$this->userInfo = $user;
return true;
}
} catch (LdapException $e) {
$this->logger->error($e->getMessage());
}
return false;
}
/**
* Create LDAP user in the database
*
* Only "anonymous" and "proxy" LDAP authentication are supported by this method
*
* User information will be fetched from the LDAP server
*
* @access public
* @param string $username
* @return bool|int
*/
public function createLdapUser($username)
{
if (LDAP_BIND_TYPE === 'user') {
$this->logger->error('LDAP authentication "user" is not supported by this API call');
return false;
}
try {
$ldap = LdapClient::connect();
$ldap->setLogger($this->logger);
$user = LdapUser::getUser($ldap, $username);
if ($user === null) {
$this->logger->info('User not found in LDAP server');
return false;
}
if ($user->getUsername() === '') {
throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME');
}
$values = array('username' => $user->getUsername(), 'name' => $user->getName(), 'email' => $user->getEmail(), 'role' => $user->getRole(), 'is_ldap_user' => 1);
return $this->user->create($values);
} catch (LdapException $e) {
$this->logger->error($e->getMessage());
return false;
}
}
