Exemple #1
0
 public function UpdateLocalPeople()
 {
     foreach ($this->arrPeople as $intKey => $arrResult) {
         // Get the Fields
         $intUserAccountControl = intval($arrResult['useraccountcontrol'][0]);
         $blnActive = !($intUserAccountControl & 2);
         $strUsername = strtolower($arrResult['samaccountname'][0]);
         $strFirstName = $arrResult['givenname'][0];
         $strMiddleInitial = array_key_exists('initials', $arrResult) ? $arrResult['initials'][0] : null;
         $strLastName = array_key_exists('sn', $arrResult) ? $arrResult['sn'][0] : null;
         $strEmail = strtolower(trim(array_key_exists('mail', $arrResult) ? strtolower($arrResult['mail'][0]) : null));
         $strPasswordLastSet = $arrResult['pwdlastset'][0];
         // Set/Update Login Record
         $objLogin = Login::LoadByUsername($strUsername);
         if (!$objLogin) {
             $objLogin = new Login();
             $objLogin->Username = $strUsername;
             if (array_key_exists($strUsername, self::$ChmsAdminArray)) {
                 $objLogin->RoleTypeId = RoleType::ChMSAdministrator;
             } else {
                 $objLogin->RoleTypeId = RoleType::StaffMember;
             }
             if (!$blnActive) {
                 $objLogin->LoginActiveFlag = false;
                 $objLogin->DomainActiveFlag = false;
             } else {
                 $objLogin->LoginActiveFlag = true;
             }
         }
         $objLogin->DomainActiveFlag = $blnActive;
         // Update the PWD Last Set and clear the cache (if applicable)
         if ($objLogin->PasswordLastSet != $strPasswordLastSet) {
             $objLogin->PasswordLastSet = $strPasswordLastSet;
             $objLogin->PasswordCache = null;
         }
         if ($strEmail && strpos($strEmail, '@alcf.net') !== false) {
             $objLoginToCheck = Login::LoadByEmail($strEmail);
             if ($objLoginToCheck && $objLoginToCheck->Id != $objLogin->Id) {
                 throw new Exception('Duplicate Email "' . $strEmail . '" Found while processing ldap user "' . $strUsername . '" -- duplicate is ' . $objLoginToCheck->Username);
             }
             $objLogin->Email = $strEmail;
         } else {
             $objLogin->LoginActiveFlag = false;
             $objLogin->Email = null;
         }
         $objLogin->FirstName = $strFirstName;
         $objLogin->MiddleInitial = $strMiddleInitial;
         $objLogin->LastName = $strLastName;
         // Shortcut
         if ($objLogin->Username == 'mho') {
             $objLogin->PermissionBitmap = 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256 | 512 | 1024;
         }
         $objLogin->Save();
         // Group Memberships
         $objLogin->UnassociateAllMinistries();
         if (array_key_exists('memberof', $arrResult)) {
             unset($arrResult['memberof']['count']);
             foreach ($arrResult['memberof'] as $strPath) {
                 $strArray = AlcfLdap::GetValuesFromPath($strPath);
                 $strCn = $strArray['CN'][0];
                 if (substr($strCn, 0, 3) == 'gg_') {
                     $strGroupToken = strtolower(substr($strCn, 3));
                     $objMinistry = Ministry::LoadByToken($strGroupToken);
                     if ($objMinistry) {
                         $objMinistry->AssociateLogin($objLogin);
                     }
                 }
             }
         }
     }
 }
Exemple #2
0
<?php

$objParameters = new QCliParameterProcessor('ldap', 'ALCF LDAP-to-ChMS Sync Script');
$objParameters->AddDefaultParameter('username', QCliParameterType::String, 'Domain\\Username of the LDAP user that is authorized to download credentials');
$objParameters->AddDefaultParameter('password', QCliParameterType::String, 'Password of the LDAP user that is authorized to download credentials');
$objParameters->Run();
$objLdap = new AlcfLdap(LDAP_PATH, $objParameters->GetDefaultValue('username'), $objParameters->GetDefaultValue('password'));
print "Pulling data from LDAP... ";
$objLdap->PullDataFromLdap();
print "Done.\r\n";
// Group Sync
print "Syncing Groups... ";
$objLdap->UpdateLocalGroups();
print "Done.\r\n";
// People Sync
print "Syncing People... ";
$objLdap->UpdateLocalPeople();
print "Done.\r\n";
// Disable "admin" account
$objLogin = Login::LoadByUsername('admin');
if ($objLogin) {
    $objLogin->LoginActiveFlag = false;
    $objLogin->Save();
}
// TODO: Delete Old Records (?)
// Disconnect
$objLdap->Unbind();
Exemple #3
0
 public function SetUp()
 {
     $this->objMinistry = Ministry::LoadByToken('ert');
     if (!$this->objMinistry) {
         $this->objMinistry = new Ministry();
         $this->objMinistry->Token = 'ert';
     }
     $this->objMinistry->Name = 'Test Ministry';
     $this->objMinistry->ActiveFlag = true;
     $this->objMinistry->Save();
     if ($objGroupRoleArray = $this->objMinistry->GetGroupRoleArray()) {
         $this->objGroupRole = $objGroupRoleArray[0];
     } else {
         $this->objGroupRole = new GroupRole();
         $this->objGroupRole->Ministry = $this->objMinistry;
         $this->objGroupRole->Name = 'ERT';
         $this->objGroupRole->GroupRoleTypeId = GroupRoleType::Participant;
         $this->objGroupRole->Save();
     }
     $this->objLoginLeader = Login::LoadByUsername('ert1');
     if (!$this->objLoginLeader) {
         $this->objLoginLeader = new Login();
         $this->objLoginLeader->Username = '******';
     } else {
         $this->objLoginLeader->UnassociateAllMinistries();
     }
     $this->objLoginLeader->RoleTypeId = RoleType::StaffMember;
     $this->objLoginLeader->Email = '*****@*****.**';
     $this->objLoginLeader->Save();
     $this->objLoginLeader->AssociateMinistry($this->objMinistry);
     $this->objLoginNonLeader = Login::LoadByUsername('ert2');
     if (!$this->objLoginNonLeader) {
         $this->objLoginNonLeader = new Login();
         $this->objLoginNonLeader->Username = '******';
     } else {
         $this->objLoginNonLeader->UnassociateAllMinistries();
     }
     $this->objLoginNonLeader->RoleTypeId = RoleType::StaffMember;
     $this->objLoginNonLeader->Email = '*****@*****.**';
     $this->objLoginNonLeader->Save();
     $this->objPersonArray = array();
     $this->objPersonArray['ert1'] = Person::CreatePerson('Test', 'E', 'User', true, '*****@*****.**', null, null);
     $this->objPersonArray['ert2'] = Person::CreatePerson('Test', 'E', 'User', true, '*****@*****.**', null, null);
     $this->objPersonArray['ert3'] = Person::CreatePerson('Test', 'E', 'User', true, '*****@*****.**', null, null);
     $objPerson = Person::CreatePerson('Test', 'E', 'User', true, null, null, null);
     $objEmail = new Email();
     $objEmail->Address = '*****@*****.**';
     $objEmail->Person = $objPerson;
     $objEmail->Save();
     $this->objPersonArray['ert4'] = $objPerson;
     $objPerson = Person::CreatePerson('Test', 'E', 'User', true, null, null, null);
     $objEmail = new Email();
     $objEmail->Address = '*****@*****.**';
     $objEmail->Person = $objPerson;
     $objEmail->Save();
     $objEmail = new Email();
     $objEmail->Address = '*****@*****.**';
     $objEmail->Person = $objPerson;
     $objEmail->Save();
     $this->objPersonArray['ert5'] = $objPerson;
     $this->objGroup1 = Group::LoadByToken('ert1');
     if (!$this->objGroup1) {
         $this->objGroup1 = new Group();
         $this->objGroup1->Token = 'ert1';
     }
     $this->objGroup1->GroupTypeId = GroupType::RegularGroup;
     $this->objGroup1->Ministry = $this->objMinistry;
     $this->objGroup1->EmailBroadcastTypeId = EmailBroadcastType::PrivateList;
     $this->objGroup1->Name = 'ERT Test Group 1';
     $this->objGroup1->Save();
     $this->objGroup2 = Group::LoadByToken('ert2');
     if (!$this->objGroup2) {
         $this->objGroup2 = new Group();
         $this->objGroup2->Token = 'ert2';
     }
     $this->objGroup2->GroupTypeId = GroupType::RegularGroup;
     $this->objGroup2->Ministry = $this->objMinistry;
     $this->objGroup2->EmailBroadcastTypeId = EmailBroadcastType::AnnouncementOnly;
     $this->objGroup2->Name = 'ERT Test Group 2';
     $this->objGroup2->Save();
     $this->objGroup1->DeleteAllGroupParticipations();
     $this->objGroup2->DeleteAllGroupParticipations();
     $objParticipation = new GroupParticipation();
     $objParticipation->Person = $this->objPersonArray['ert1'];
     $objParticipation->Group = $this->objGroup1;
     $objParticipation->GroupRole = $this->objGroupRole;
     $objParticipation->DateStart = new QDateTime('2005-01-01');
     $objParticipation->Save();
     $objParticipation = new GroupParticipation();
     $objParticipation->Person = $this->objPersonArray['ert1'];
     $objParticipation->Group = $this->objGroup2;
     $objParticipation->GroupRole = $this->objGroupRole;
     $objParticipation->DateStart = new QDateTime('2005-01-01');
     $objParticipation->Save();
 }
Exemple #4
0
		<strong>Person</strong> object, and it has defined <strong>LoadByUsername</strong> in the <strong>Login</strong> object.</p>

	<p>Note that the <strong>LastName</strong> load method returns an array while the <strong>Username</strong> load method
		returns just a single object.  The code generator has recognized the UNIQUE property on the column,
		and it generated code accordingly.</p>

	<p>You could also define indexes on multiple columns and the code generator will
		generate load methods based on those multi-column keys.</p>
</div>


<div id="demoZone">
	<h3>Using LoadByUsername to get a Single Login Object</h3>
<?php 
// Let's load a login object -- let's select the username 'jdoe'
$objLogin = Login::LoadByUsername('jdoe');
?>
	<p>Login ID: <?php 
_p($objLogin->Id);
?>
<br/>
		Login Username: <?php 
_p($objLogin->Username);
?>
<br/>
		Login Password: <?php 
_p($objLogin->Password);
?>
</p>

Exemple #5
0
<?php

require dirname(__FILE__) . '/../../includes/prepend.inc.php';
$strPayload = QApplication::PathInfo(0);
try {
    QCryptography::$Key = file_get_contents(__INCLUDES__ . '/../sso_key.txt');
    $objCrypto = new QCryptography();
    $strPayload = $objCrypto->Decrypt($strPayload);
} catch (Exception $objExc) {
    QApplication::Logout();
    QApplication::Redirect('/');
}
$strTokens = explode("_", $strPayload);
if (count($strTokens) != 2) {
    QApplication::Logout();
    QApplication::Redirect('/');
}
$strUsername = $strTokens[0];
$intTime = $strTokens[1];
if ($intTime < time() - 5 || $intTime > time() + 5) {
    QApplication::Logout();
    QApplication::Redirect('/');
}
$objLogin = Login::LoadByUsername($strUsername);
if (!$objLogin) {
    QApplication::Logout();
    QApplication::Redirect('/');
}
QApplication::Login($objLogin);
QApplication::Redirect('/');