Esempio n. 1
0
if (isset($wanted_attrs['employeeType']) || isset($wanted_attrs['departmentNumber'])) {
    $wanted_attrs['eduPersonPrimaryAffiliation'] = 'eduPersonPrimaryAffiliation';
}
$allowExtendedInfo = 0;
if (isset($showExtendedInfo) && GET_uid()) {
    if (isPersonMatchingFilter(GET_uid(), $LEVEL1_FILTER)) {
        if (isPersonMatchingFilter(GET_uid(), $LEVEL2_FILTER)) {
            $allowExtendedInfo = 2;
        } else {
            $allowExtendedInfo = 1;
        }
    }
}
if ($allowExtendedInfo >= 1) {
    $LDAP_CONNECT = $allowExtendedInfo == 2 ? $LDAP_CONNECT_LEVEL2 : $LDAP_CONNECT_LEVEL1;
    global_ldap_open('reOpen');
}
// most attributes visibility are enforced using ACLs on LDAP bind
// here are a few special cases
if ($allowExtendedInfo < 1) {
    foreach (array('memberOf', 'memberOf-all') as $attr) {
        unset($wanted_attrs[$attr]);
    }
}
if ($allowInvalidAccounts) {
    $allowInvalidAccounts = $allowExtendedInfo >= 1;
}
$attrRestrictions = array('allowListeRouge' => $allowExtendedInfo > 0 || @$isTrustedIp || GET_uid() && isStaffOrFaculty(GET_uid()), 'allowMailForwardingAddress' => $allowExtendedInfo > 1, 'allowEmployeeType' => $allowExtendedInfo > 1);
$users = searchPeople(people_filters($token, $restriction, $allowInvalidAccounts), $attrRestrictions, $wanted_attrs, $KEY_FIELD, $maxRows);
if ($allowExtendedInfo) {
    foreach ($users as &$u) {
Esempio n. 2
0
function getLdapInfo($base, $filter, $attributes_map, $sizelimit = 0, $timelimit = 0)
{
    global $DEBUG;
    $before = microtime(true);
    $ds = global_ldap_open();
    if ($DEBUG) {
        error_log("searching {$base} for {$filter}");
    }
    $all_entries = $ds->search($base, $filter, array_keys($attributes_map), $sizelimit, $timelimit);
    if (!$all_entries) {
        return array();
    }
    if ($DEBUG) {
        error_log("found " . $all_entries['count'] . " results");
    }
    unset($all_entries["count"]);
    $r = array();
    foreach ($all_entries as $entry) {
        $map = array();
        foreach ($attributes_map as $ldap_attr => $attr) {
            $ldap_attr_ = strtolower($ldap_attr);
            if (isset($entry[$ldap_attr_])) {
                $vals = $entry[$ldap_attr_];
                if ($attr == "MULTI") {
                    // no remapping, but is multi-valued attr
                    unset($vals["count"]);
                    $map[$ldap_attr] = $vals;
                } else {
                    $map[$attr] = $vals["0"];
                }
            }
        }
        $r[] = $map;
    }
    //echo sprintf("// Elapsed %f\t%3d answers for $filter on $base\n", $before - microtime(true), count($r));
    return $r;
}