Exemple #1
0
 /**
  * Calls any registered adapter events associated with an event group.
  *
  * @param   string  $dispatch  Dispatcher name OR null to dispatch to all.
  * @param   string  $event     The event name.
  * @param   array   $args      An array of arguments.
  *
  * @return  boolean  Result of all function calls.
  *
  * @since   2.1
  */
 public static function triggerEvent($dispatch, $event, $args = null)
 {
     if (is_null($dispatch)) {
         $results = array();
         // Loop through all dispatchers and trigger the event
         foreach (SHFactory::$dispatcher as $dispatcher) {
             array_push($results, $dispatcher->trigger($event, $args));
         }
     } else {
         // Single dispatcher trigger
         $results = SHFactory::getDispatcher($dispatch)->trigger($event, $args);
     }
     // We want to return the actual result (false, true or blank)
     if (in_array(false, $results, true)) {
         return false;
     } elseif (in_array(true, $results, true)) {
         return true;
     } else {
         return;
     }
 }
Exemple #2
0
	/**
	 * Method is called before user data is stored in the database.
	 *
	 * @param   array    $user   Holds the old user data.
	 * @param   boolean  $isNew  True if a new user is stored.
	 * @param   array    $new    Holds the new user data.
	 *
	 * @return  boolean  Cancels the save if False.
	 *
	 * @since   2.0
	 */
	public function onUserBeforeSave($user, $isNew, $new)
	{
		$isAdapterExisting 	= true;
		$isLdapExisting 	= false;

		// Get the correct username where new username must be used when user isNew
		$username = $isNew ? $new['username'] : $user['username'];

		try
		{
			// We want to check if this user is an existing user in an Adapter
			$adapter = SHFactory::getUserAdapter($username);
			$adapter->getId(false);
		}
		catch (Exception $e)
		{
			// We will assume this user doesnt exist in an Adapter
			$isAdapterExisting = false;
		}

		if ($isAdapterExisting)
		{
			// We need to check the adapter is LDAP or not
			$isLdapExisting = $adapter->getType('LDAP');
		}

		if ($isLdapExisting)
		{
			$this->isLdap = true;

			if (SHLdapHelper::triggerEvent('onUserBeforeSave', array($user, $isNew, $new)) !== false)
			{
				try
				{
					// Commit the changes to the Adapter if present
					SHLdapHelper::commitChanges($adapter, true, true);
					SHLog::add(JText::sprintf('LIB_SHLDAPEVENTBOUNCER_DEBUG_10986', $username), 10986, JLog::DEBUG, 'ldap');
				}
				catch (Excpetion $e)
				{
					SHLog::add($e, 10981, JLog::ERROR, 'ldap');
				}

				// For now lets NOT block the user from logging in even with a error
				return true;
			}

			return false;
		}
		elseif ($isNew)
		{
			// Ask all plugins if there is a plugin willing to deal with user creation for ldap
			if (count($results = SHFactory::getDispatcher('ldap')->trigger('askUserCreation')))
			{
				// First, we must create and save the user as some plugins may talk to LDAP directly and cannot be delayed
				$result = SHLdapHelper::triggerEvent('onUserCreation', array($new));

				// Allow Ldap events to be called
				if ($this->isLdap = $result)
				{
					JFactory::getSession()->set('created', $username, 'ldap');

					if (SHLdapHelper::triggerEvent('onUserBeforeSave', array($user, $isNew, $new)) !== false)
					{
						try
						{
							// Commit the changes to the Adapter if present
							$adapter = SHFactory::getUserAdapter($username);
							SHLdapHelper::commitChanges($adapter, true, true);
						}
						catch (Exception $e)
						{
							SHLog::add($e, 10981, JLog::ERROR, 'ldap');
						}

						// For now lets NOT block the user from logging in even with a error
						return true;
					}
				}

				// Something went wrong with the user creation
				return false;
			}
		}
	}
Exemple #3
0
	/**
	 * Loads the profile XML and passes it to the form to load the fields (excluding data).
	 *
	 * @param   JForm  $form  The form to be altered.
	 * @param   array  $data  The associated data for the form.
	 *
	 * @return  boolean
	 *
	 * @since   2.0
	 */
	public function onContentPrepareForm($form, $data)
	{
		// Check if the profile parameter is enabled
		if (!$this->use_profile)
		{
			return true;
		}

		if (!($form instanceof JForm))
		{
			$this->_subject->setError('JERROR_NOT_A_FORM');

			return false;
		}

		// Check we are manipulating a valid form
		if (!in_array($form->getName(), $this->permittedForms))
		{
			return true;
		}

		$showForm = true;
		$domain = null;

		// Check if this user should have a profile
		if ($userId = isset($data->id) ? $data->id : 0)
		{
			if (SHLdapHelper::isUserLdap($userId))
			{
				$domain = SHUserHelper::getDomainParam($data);
			}
			else
			{
				$showForm = false;
			}
		}
		elseif (!JFactory::getUser()->guest)
		{
			/*
			 * Sometimes the $data variable is not populated even when an edit is required.
			 * This means we have to check the form post data directly for the user ID.
			 * We do not worry about frontend registrations as we check for guest.
			 * If there is no form posted then this could be a backend registration.
			 */
			if ($inForm = JFactory::getApplication()->input->get('jform', false, 'array'))
			{
				$id = SHUtilArrayhelper::getValue($inForm, 'id', 0, 'int');

				if ($id === 0)
				{
					// Ask all plugins if there is a plugin willing to deal with user creation for ldap
					if (count($results = SHFactory::getDispatcher('ldap')->trigger('askUserCreation')))
					{
						// Due to being unaware of the domain for this new user, we are forced to use the default domain
						$domain = SHFactory::getConfig()->get('ldap.defaultconfig');
					}
					else
					{
						// LDAP creation not enabled
						$showForm = false;
					}
				}
				else
				{
					if (SHLdapHelper::isUserLdap($id))
					{
						// Existing ldap user
						$domain = SHUserHelper::getDomainParam($id);
					}
					else
					{
						// Existing non-ldap user
						$showForm = false;
					}
				}
			}
		}

		if ($showForm)
		{
			// We have to launch the getxmlfields to correctly include languages
			$this->getXMLFields($domain);

			// Get the File and Path for the Profile XML
			$file 		= $this->getXMLFileName($domain);
			$xmlPath 	= $this->profile_base . '/' . $file . '.xml';

			// Load in the profile XML file to the form
			if (($xml = JFactory::getXML($xmlPath, true)) && ($form->load($xml, false, false)))
			{
				// Successfully loaded in the XML
				return true;
			}
		}
	}
Exemple #4
0
if (!defined('SHLDAP_VERSION')) {
    // Define the JMapMyLDAP version
    define('SHLDAP_VERSION', SHFactory::getConfig()->get('ldap.version'));
}
// Load the global Ldap language file
JFactory::getLanguage()->load('shmanic_ldap', JPATH_ROOT);
// Push the reqcert setting if defined
if ($reqcert = (int) SHFactory::getConfig()->get('ldap.reqcert', 0)) {
    if ($reqcert === 1) {
        putenv('LDAPTLS_REQCERT=never');
    } elseif ($reqcert === 2) {
        putenv('LDAPTLS_REQCERT=allow');
    } elseif ($reqcert === 3) {
        putenv('LDAPTLS_REQCERT=try');
    } elseif ($reqcert === 4) {
        putenv('LDAPTLS_REQCERT=hard');
    }
}
// Setup and get the Ldap dispatcher
$dispatcher = SHFactory::getDispatcher('ldap');
// Start the LDAP event debugger only if global jdebug is switched on
if (defined('JDEBUG') && JDEBUG && class_exists('SHLdapEventDebug')) {
    new SHLdapEventDebug($dispatcher);
}
// Import the Ldap group and use the ldap dispatcher
JPluginHelper::importPlugin('ldap', null, true, $dispatcher);
// Employ the event bouncer to control the global Joomla event triggers
if (class_exists('SHLdapEventBouncer')) {
    $dispatcher = JDispatcher::getInstance();
    $instance = new SHLdapEventBouncer($dispatcher);
}
Exemple #5
0
	/**
	 * Return specified user attributes from LDAP.
	 *
	 * @param   string|array  $input    Optional string or array of attributes to return.
	 * @param   boolean       $null     Include null or non existent values.
	 * @param   boolean       $changes  Use the attribute changes (before change commit).
	 *
	 * @return  mixed  Ldap attribute results.
	 *
	 * @since   2.0
	 * @throws  SHLdapException
	 */
	public function getAttributes($input = null, $null = false, $changes = false)
	{
		if (is_null($this->_dn))
		{
			$this->getId(false);
		}
		elseif ($this->_dn instanceof Exception)
		{
			// Do not retry. Ldap configuration or user has problems.
			throw $this->_dn;
		}

		$needToFind = array();
		$inputFilled = array();

		if (!is_null($input))
		{
			// Have to make sure that unless its null then its in an array
			$input = is_string($input) ? array($input) : $input;

			$inputFilled = array_fill_keys($input, null);

			// This array is what we must find (i.e. not in the cached variable)
			$needToFind = (array_keys(array_diff_key($inputFilled, $this->_attributes)));

			/*
			 * Combines the current cached attributes with the input attributes with null values.
			 * This will stop the input values from being re-queried on another method call even
			 * if they don't exist.
			 */
			$this->_attributes = (array_merge($inputFilled, $this->_attributes));
		}

		/*
		 * We use the "plugin get attributes" method for efficiency purposes. On the
		 * first execution of this method, we attempt to gather Ldap user attributes
		 * that are required from this call in addition to what the Ldap plugins require.
		 *
		 * This means we should only have to call for the user attributes once from Ldap.
		 */
		if ($this->_usePlugins)
		{
			// Only run the sequence once
			$this->_usePlugins = false;

			/*
			 * -- Get the Ldap user attributes via plugins --
			 * This section will get an array of user detail attributes for the user
			 * using Ldap plugins to help with discovery of required Ldap attributes.
			 */
			$extras = SHFactory::getDispatcher('ldap')->trigger(
				'onLdapBeforeRead', array(&$this, array('dn' => $this->_dn, 'source' => __METHOD__))
			);

			// For each of the LDAP plug-ins returned, merge their extra attributes.
			foreach ($extras as $extra)
			{
				$needToFind = array_merge($needToFind, $extra);
			}

			// Add both of the uid and fullname to the set of attributes to get.
			$needToFind[] = $this->client->ldap_fullname;
			$needToFind[] = $this->client->ldap_uid;

			// Check for a fake email
			$fakeEmail = (strpos($this->client->ldap_email, (SHLdap::USERNAME_REPLACE)) !== false) ? true : false;

			// Add the email attribute only if not a fake email is supplied.
			if (!$fakeEmail)
			{
				$needToFind[] = $this->client->ldap_email;
			}

			// Re-order array to ensure an LDAP read is successful and no duplicates exist.
			$needToFind = array_values(array_unique($needToFind));

			// Swap the attribute names to array keys ready for the result
			$filled = array_fill_keys($needToFind, null);

			/*
			 * Combines the current cached attributes with the input attributes with null values.
			 * This will stop the input values from being re-queried on another method call even
			 * if they don't exist.
			 */
			$this->_attributes = (array_merge($filled, $this->_attributes));

			// Get Ldap user attributes
			$result	= $this->client->read($this->_dn, null, $needToFind);

			if ($result->countEntries())
			{
				// Merge the extra attributes to the cache ready for returning
				$this->_attributes = array_replace($this->_attributes, array_intersect_key($result->getEntry(0), $this->_attributes));
			}

			/*
			 * Save any attributes that weren't found in Ldap and then make it unique
			 * so theres no duplicates in the null attributes list.
			 */
			$unreturnedVals = array_diff($needToFind, array_keys($result->getEntry(0, array())));
			$this->_nullAttributes = array_merge(array_diff($unreturnedVals, $this->_nullAttributes), $this->_nullAttributes);

			if ($fakeEmail)
			{
				// Inject the fake email by replacing the username placeholder with the username from ldap
				$email = str_replace(SHLdap::USERNAME_REPLACE, $this->_attributes[$this->client->ldap_uid][0], $this->client->ldap_email);
				$this->_attributes[$this->client->ldap_email] = array($email);

				// As the last instruction from the fakeEmail condition added email to null, lets remove it
				if (($index = array_search($this->client->ldap_email, $this->_nullAttributes)) !== false)
				{
					unset ($this->_nullAttributes[$index]);
				}
			}

			if (SHLdapHelper::triggerEvent(
				'onLdapAfterRead', array(&$this, &$this->_attributes, array('dn' => $this->_dn, 'source' => __METHOD__))
			) === false)
			{
				// Cancelled login due to plug-in
				throw new RuntimeException(JText::_('LIB_SHUSERADAPTERSLDAP_ERR_10912'), 10912);
			}

			// Blank need to find as there isn't anything more need finding
			$needToFind = array();
		}

		// Check if extra attributes are required
		if (count($needToFind))
		{
			$result = $this->client->read($this->_dn, null, $needToFind);

			if ($result->countEntries())
			{
				// Merge the extra attributes to the cache ready for returning
				$this->_attributes = array_replace($this->_attributes, array_intersect_key($result->getEntry(0), $this->_attributes));
			}

			/*
			 * Save any attributes that weren't found in Ldap and then make it unique
			 * so theres no duplicates in the null attributes list.
			 */
			$unreturnedVals = array_diff($needToFind, array_keys($result->getEntry(0, array())));
			$this->_nullAttributes = array_merge(array_diff($unreturnedVals, $this->_nullAttributes), $this->_nullAttributes);
		}
		else
		{
			// If there are no attributes then get them all from LDAP
			if (!count($this->_attributes))
			{
				$this->_attributes = $this->client->read($this->_dn, null)->getEntry(0, array());
			}
		}

		$return = $this->_attributes;

		// Remove null values from the attributes if we dont want them
		if (!$null)
		{
			$return = array_diff_key($this->_attributes, array_flip($this->_nullAttributes));
			$inputFilled = array_diff_key($inputFilled, array_flip($this->_nullAttributes));
		}

		// Include staged changes to the attributes
		$return = $changes ? array_merge($return, $this->_changes) : $return;

		// Returns only the specified inputs unless all attributes are wanted
		return is_null($input) ? $return : array_replace($inputFilled, array_intersect_key($return, $inputFilled));
	}
Exemple #6
0
	/**
	 * Calls any registered Ldap events associated with an event group.
	 *
	 * @param   string  $event  The event name.
	 * @param   array   $args   An array of arguments.
	 *
	 * @return  boolean  Result of all function calls.
	 *
	 * @since   2.0
	 */
	public static function triggerEvent($event, $args = null)
	{
		$results = SHFactory::getDispatcher('ldap')->trigger($event, $args);

		// We want to return the actual result (false, true or blank)
		if (in_array(false, $results, true))
		{
			return false;
		}
		elseif (in_array(true, $results, true))
		{
			return true;
		}
		else
		{
			return;
		}
	}