public function get_groups_including_user_from_list($groups_dn, $user_) { $groups_result = array(); # Be sure to use the simpliest method # AD recursive group search can cause some problems with the other method if (in_array('group_field', $this->preferences['group_match_user'])) { $filters = array(); $filter_rdn_rules = array(); foreach ($groups_dn as $group_dn) { $expl = explode_with_escape(',', $group_dn, 2); if (count($expl) != 2) { continue; } $rdn = $expl[0]; array_push($filter_rdn_rules, $rdn); } if (count($filter_rdn_rules) == 0) { return array(); } array_push($filters, LDAP::join_filters($filter_rdn_rules, '|')); if ($this->preferences['group_field_type'] == 'user_dn') { $item = $user_->getAttribute('dn'); } else { $item = $user_->getAttribute('login'); } array_push($filters, $this->preferences['group_field'] . '=' . $item); $filter = LDAP::join_filters($filters, '&'); $groups2 = $this->import_from_filter($filter); foreach ($groups2 as $group_id => $group) { if (!in_array($group_id, $groups_dn)) { continue; } $groups_result[$group->id] = $group; } } else { // user_field $groups = $this->imports($groups_dn); $field = $this->preferences['user_field']; $configLDAP = $this->get_usergroup_ldap_config(); // get userdb ldap config instead!!! $ldap = new LDAP($configLDAP); $sr = $ldap->searchDN($user_->getAttribute('dn'), array($field)); if ($sr === false) { return array(); } $infos = $ldap->get_entries($sr); if (!is_array($infos) || $infos === array()) { return array(); } $keys = array_keys($infos); $dn = $keys[0]; $info = $infos[$dn]; if (!array_key_exists($field, $info)) { return array(); } if (is_array($info[$field])) { if (isset($info[$field]['count'])) { unset($info[$field]['count']); } $memberof = $info[$field]; } else { $memberof = array($info[$field]); } foreach ($groups as $group) { if ($this->preferences['user_field_type'] == 'group_dn') { $item = $group->id; } else { $item = $group->name; } if (!in_array($item, $memberof)) { continue; } $groups_result[$group->id] = $group; } } return $groups_result; }
public function importFromDN($dn_) { Logger::debug('main', 'UserDB::ldap::fromDN(' . $dn_ . ')'); if (is_array($this->cache_userlist_dn) && isset($this->cache_userlist_dn[$dn_])) { if ($this->isOK($this->cache_userlist_dn[$dn_])) { return $this->cache_userlist_dn[$dn_]; } else { return NULL; } } $config = $this->config; $ldap = new LDAP($config); $sr = $ldap->searchDN($dn_, NULL); if ($sr === false) { Logger::error('main', 'UserDB_ldap::fromDN ldap failed (mostly timeout on server)'); return NULL; } $infos = $ldap->get_entries($sr); $keys = array_keys($infos); $dn = $keys[0]; $info = $infos[$dn]; $u = $this->generateUserFromRow($info); $u->setAttribute('dn', $dn); $u = $this->cleanupUser($u); $this->cache_userlist_dn[$dn_] = $u; if ($this->isOK($u)) { return $u; } else { return NULL; } }