public function testSimpleRecursiveIteration()
{
$node = $this->getLDAP()->getBaseNode();
$ri = new \RecursiveIteratorIterator($node, \RecursiveIteratorIterator::SELF_FIRST);
$i = 0;
foreach ($ri as $rdn => $n) {
$dn = $n->getDn()->toString(Ldap\Dn::ATTR_CASEFOLD_LOWER);
$rdn = Ldap\Dn::implodeRdn($n->getRdnArray(), Ldap\Dn::ATTR_CASEFOLD_LOWER);
if ($i == 0) {
$this->assertEquals(Ldap\Dn::fromString(TESTS_ZEND_LDAP_WRITEABLE_SUBTREE)->toString(Ldap\Dn::ATTR_CASEFOLD_LOWER), $dn);
} elseif ($i == 1) {
$this->assertEquals('ou=Node', $rdn);
$this->assertEquals($this->createDn('ou=Node,'), $dn);
} else {
if ($i < 4) {
$j = $i - 1;
$base = $this->createDn('ou=Node,');
} else {
$j = $i - 3;
$base = Ldap\Dn::fromString(TESTS_ZEND_LDAP_WRITEABLE_SUBTREE)->toString(Ldap\Dn::ATTR_CASEFOLD_LOWER);
}
$this->assertEquals('ou=Test' . $j, $rdn);
$this->assertEquals('ou=Test' . $j . ',' . $base, $dn);
}
$i++;
}
$this->assertEquals(9, $i);
}
public function getUserBaseDn($uid)
{
// Search the user in the directory
$result = $this->search(array('filter' => '(&(|(objectClass=person)(objectClass=mailRecipient))(mail=' . Filter::escapeValue($uid) . '))', 'attributes' => array('employeeNumber'), 'sizelimit' => 2));
if ($result->count() < 1) {
throw new Exception('not found');
} else {
if ($result->count() > 1) {
throw new Exception('somethind bad happened');
}
}
$entry = $result->getFirst();
$userDn = $entry['dn'];
$branchDn = Dn::factory($userDn)->getParentDn(1);
// Search the subtree the user is an administrator
$subtree = null;
for ($i = 1; $i <= 3; $i++) {
$result = $this->search(array('filter' => '(&(objectClass=groupOfNames)(member=' . Filter::escapeValue($userDn) . '))', 'basedn' => $subtree = $branchDn->getParentDn($i), 'attributes' => array('employeeNumber'), 'sizelimit' => 2));
if ($result->count() === 1) {
break;
} else {
$subtree = null;
}
}
if (is_null($subtree)) {
throw new UserFriendlyException(403, 'Access denied', 'You are not allowed to access this resource.');
}
return $subtree->toString();
}
protected function createDn($dn)
{
if (substr($dn, -1) !== ',') {
$dn .= ',';
}
$dn = $dn . TESTS_ZEND_LDAP_WRITEABLE_SUBTREE;
return Ldap\Dn::fromString($dn)->toString(Ldap\Dn::ATTR_CASEFOLD_LOWER);
}
public function testUnescapeValues()
{
$dnval = '\\20\\20\\16\\20t\\,e\\+s \\"t\\,\\\\v\\<a\\>l\\;u\\#e\\=!\\20\\20\\20\\20';
$expected = ' ' . chr(22) . ' t,e+s "t,\\v<a>l;u#e=! ';
$this->assertEquals($expected, Ldap\Dn::unescapeValue($dnval));
$this->assertEquals($expected, Ldap\Dn::unescapeValue(array($dnval)));
$this->assertEquals(array($expected, $expected, $expected), Ldap\Dn::unescapeValue(array($dnval, $dnval, $dnval)));
}
/**
* Sends all pending changes to the LDAP server
*
* @param \Zend\Ldap\Ldap $ldap
* @return \Zend\Ldap\Node Provides a fluid interface
* @throws \Zend\Ldap\Exception
*/
public function update(Ldap $ldap = null)
{
if ($ldap !== null) {
$this->attachLdap($ldap);
}
$ldap = $this->getLdap();
if (!($ldap instanceof Ldap)) {
throw new Exception(null, 'No LDAP connection available');
}
if ($this->willBeDeleted()) {
if ($ldap->exists($this->_dn)) {
$ldap->delete($this->_dn);
}
return $this;
}
if ($this->isNew()) {
$data = $this->getData();
$ldap->add($this->_getDn(), $data);
$this->_loadData($data, true);
return $this;
}
$changedData = $this->getChangedData();
if ($this->willBeMoved()) {
$recursive = $this->hasChildren();
$ldap->rename($this->_dn, $this->_newDn, $recursive, false);
foreach ($this->_newDn->getRdn() as $key => $value) {
if (array_key_exists($key, $changedData)) {
unset($changedData[$key]);
}
}
$this->_dn = $this->_newDn;
$this->_newDn = null;
}
if (count($changedData) > 0) {
$ldap->update($this->_getDn(), $changedData);
}
$this->_originalData = $this->_currentData;
return $this;
}
public function testIsChildOfParentDnLonger()
{
$dn1 = 'dc=example,dc=de';
$dn2 = 'cb=name1,cn=name2,dc=example,dc=org';
$this->assertFalse(Ldap\Dn::isChildOf($dn1, $dn2));
}
/**
* Returns the schema DN
*
* @return \Zend\Ldap\Dn
*/
public function getSchemaDn()
{
$schemaDn = $this->getSubschemaSubentry();
return Ldap\Dn::fromString($schemaDn);
}
public function testLoadFromLDAPWithDnObject()
{
$dn = Ldap\Dn::fromString($this->_createDn('ou=Test1,'));
$node = Node::fromLDAP($dn, $this->_getLDAP());
$this->assertInstanceOf('Zend\\Ldap\\Node', $node);
$this->assertTrue($node->isAttached());
}
public function testDnObjectCloning()
{
$node1 = $this->createTestNode();
$dn1 = Ldap\Dn::fromString('cn=name2,dc=example,dc=org');
$node1->setDn($dn1);
$dn1->prepend(array('cn' => 'name'));
$this->assertNotEquals($dn1->toString(), $node1->getDn()->toString());
$dn2 = Ldap\Dn::fromString('cn=name2,dc=example,dc=org');
$node2 = Ldap\Node::create($dn2);
$dn2->prepend(array('cn' => 'name'));
$this->assertNotEquals($dn2->toString(), $node2->getDn()->toString());
$dn3 = Ldap\Dn::fromString('cn=name2,dc=example,dc=org');
$node3 = Ldap\Node::fromArray(array('dn' => $dn3, 'ou' => 'Test'), false);
$dn3->prepend(array('cn' => 'name'));
$this->assertNotEquals($dn3->toString(), $node3->getDn()->toString());
}
public function testSaveWithDnObject()
{
$dn = Ldap\Dn::fromString($this->_createDn('ou=TestCreated,'));
$data = array('ou' => 'TestCreated', 'objectclass' => 'organizationalUnit');
try {
$this->_getLDAP()->save($dn, $data);
$this->assertTrue($this->_getLDAP()->exists($dn));
$data['l'] = 'mylocation1';
$this->_getLDAP()->save($dn, $data);
$this->assertTrue($this->_getLDAP()->exists($dn));
$entry = $this->_getLDAP()->getEntry($dn);
$this->_getLDAP()->delete($dn);
$this->assertEquals('mylocation1', $entry['l'][0]);
} catch (Ldap\Exception $e) {
if ($this->_getLDAP()->exists($dn)) {
$this->_getLDAP()->delete($dn);
}
$this->fail($e->getMessage());
}
}
public function testArrayAccessImplementation()
{
$dnString = 'cn=Baker\\, Alice,cn=Users,dc=example,dc=com';
$dn = Ldap\Dn::fromString($dnString);
$this->assertEquals(array('cn' => 'Baker, Alice'), $dn[0]);
$this->assertEquals(array('cn' => 'Users'), $dn[1]);
$this->assertEquals(array('dc' => 'example'), $dn[2]);
$this->assertEquals(array('dc' => 'com'), $dn[3]);
$this->assertTrue(isset($dn[0]));
$this->assertTrue(isset($dn[1]));
$this->assertTrue(isset($dn[2]));
$this->assertTrue(isset($dn[3]));
$this->assertFalse(isset($dn[-1]));
$this->assertFalse(isset($dn[4]));
$dn = Ldap\Dn::fromString($dnString);
unset($dn[0]);
$this->assertEquals('cn=Users,dc=example,dc=com', $dn->toString());
$dn = Ldap\Dn::fromString($dnString);
unset($dn[1]);
$this->assertEquals('cn=Baker\\, Alice,dc=example,dc=com', $dn->toString());
$dn = Ldap\Dn::fromString($dnString);
unset($dn[2]);
$this->assertEquals('cn=Baker\\, Alice,cn=Users,dc=com', $dn->toString());
$dn = Ldap\Dn::fromString($dnString);
unset($dn[3]);
$this->assertEquals('cn=Baker\\, Alice,cn=Users,dc=example', $dn->toString());
$dn = Ldap\Dn::fromString($dnString);
$dn[0] = array('uid' => 'abaker');
$this->assertEquals('uid=abaker,cn=Users,dc=example,dc=com', $dn->toString());
$dn = Ldap\Dn::fromString($dnString);
$dn[1] = array('ou' => 'Lab');
$this->assertEquals('cn=Baker\\, Alice,ou=Lab,dc=example,dc=com', $dn->toString());
$dn = Ldap\Dn::fromString($dnString);
$dn[2] = array('dc' => 'example', 'ou' => 'Test');
$this->assertEquals('cn=Baker\\, Alice,cn=Users,dc=example+ou=Test,dc=com', $dn->toString());
$dn = Ldap\Dn::fromString($dnString);
$dn[3] = array('dc' => 'de+fr');
$this->assertEquals('cn=Baker\\, Alice,cn=Users,dc=example,dc=de\\+fr', $dn->toString());
}
/**
* Checks if given $childDn is beneath $parentDn subtree.
*
* @param string|Dn $childDn
* @param string|Dn $parentDn
* @return bool
*/
public static function isChildOf($childDn, $parentDn)
{
try {
$keys = [];
$vals = [];
if ($childDn instanceof Dn) {
$cdn = $childDn->toArray(DN::ATTR_CASEFOLD_LOWER);
} else {
$cdn = static::explodeDn($childDn, $keys, $vals, DN::ATTR_CASEFOLD_LOWER);
}
if ($parentDn instanceof Dn) {
$pdn = $parentDn->toArray(DN::ATTR_CASEFOLD_LOWER);
} else {
$pdn = static::explodeDn($parentDn, $keys, $vals, DN::ATTR_CASEFOLD_LOWER);
}
} catch (Exception\LdapException $e) {
return false;
}
$startIndex = count($cdn) - count($pdn);
if ($startIndex < 0) {
return false;
}
for ($i = 0, $count = count($pdn); $i < $count; $i++) {
if ($cdn[$i + $startIndex] != $pdn[$i]) {
return false;
}
}
return true;
}
private function findUnit(Identity $identity)
{
if (null === $this->unit) {
$filter = Filter::equals('mail', $identity->mail);
$baseDn = Dn::factory($this->ldap->getBaseDn())->prepend(['ou' => 'people']);
$result = $this->ldap->search($filter, $baseDn, Ldap::SEARCH_SCOPE_ONE, ['l']);
if (1 !== $result->count()) {
return;
}
$result = $result->current();
$unitDn = $result['l'][0];
$this->unit = $this->ldap->getNode($unitDn);
}
return $this->unit;
}
/**
* @dataProvider rfc2253DnProvider
*/
public function testExplodeDnsProvidedByRFC2253($input, $expected)
{
$dnArray = Ldap\Dn::explodeDn($input);
$this->assertEquals($expected, $dnArray);
}
/**
* Sets the new DN for this node
*
* This is an offline method.
*
* @param Dn|string|array $newDn
* @throws Exception\LdapException
* @return Node Provides a fluid interface
*/
public function setDn($newDn)
{
if ($newDn instanceof Dn) {
$this->newDn = clone $newDn;
} else {
$this->newDn = Dn::factory($newDn);
}
$this->ensureRdnAttributeValues(true);
return $this;
}
/**
* Copies a LDAP entry from one DN to another DN.
*
* @param string|Dn $from
* @param string|Dn $to
* @param boolean $recursively
* @return Ldap Provides a fluid interface
* @throws Exception\LdapException
*/
public function copy($from, $to, $recursively = false)
{
$entry = $this->getEntry($from, array(), true);
if ($to instanceof Dn) {
$toDnParts = $to->toArray();
} else {
$toDnParts = Dn::explodeDn($to);
}
$this->add($to, $entry);
if ($recursively === true && $this->countChildren($from) > 0) {
$children = $this->getChildrenDns($from);
foreach ($children as $c) {
$cDnParts = Dn::explodeDn($c);
$newChildParts = array_merge(array(array_shift($cDnParts)), $toDnParts);
$newChild = Dn::implodeDn($newChildParts);
$this->copy($c, $newChild, true);
}
}
return $this;
}
public function testGetSingleEntryWithDnObject()
{
$dn = Ldap\Dn::fromString($this->_createDn('ou=Test1,'));
$entry = $this->_getLDAP()->getEntry($dn);
$this->assertEquals($dn->toString(), $entry["dn"]);
}
public function testEmptyStringDn()
{
$dnString = '';
$dn = Ldap\Dn::fromString($dnString);
$this->assertEquals($dnString, $dn->toString());
}
/**
* @expectedException Zend\Ldap\Exception
*/
public function testImplodeRdnInvalidThree()
{
$a = array('cn' => 'value', 'ou');
Ldap\Dn::implodeRdn($a);
}
/**
* Returns the schema DN
*
* @return \Zend\Ldap\Dn
*/
public function getSchemaDn()
{
$schemaDn = $this->getSchemaNamingContext();
return \Zend\Ldap\Dn::fromString($schemaDn);
}
public function testRecursiveCopyWithDnObjects()
{
$orgSubTreeDn = Ldap\Dn::fromString($this->_orgSubTreeDn);
$newSubTreeDn = Ldap\Dn::fromString($this->_newSubTreeDn);
$this->_getLDAP()->copy($orgSubTreeDn, $newSubTreeDn, true);
$this->assertTrue($this->_getLDAP()->exists($orgSubTreeDn));
$this->assertTrue($this->_getLDAP()->exists($newSubTreeDn));
$this->assertEquals(3, $this->_getLDAP()->countChildren($orgSubTreeDn));
$this->assertEquals(3, $this->_getLDAP()->countChildren('ou=Subtree1,' . $orgSubTreeDn->toString()));
$this->assertEquals(3, $this->_getLDAP()->countChildren($newSubTreeDn));
$this->assertEquals(3, $this->_getLDAP()->countChildren('ou=Subtree1,' . $newSubTreeDn->toString()));
}
