/**
* Authenticates the user and retrieves a bunch of data about him/her from AD
* Returns whether the user was authenticated (boolean)
*
* @param unknown_type $username
* @param unknown_type $password
*/
function authenticateUser($username, $password)
{
// init the return value
$retVal = false;
// include the AD utils
include_once "phpAD.inc.php";
// include the app;lication constants
include_once "Constants.php";
// parse the config file
$config = parse_ini_file("Config.ini", 1);
// create and connect to the AD
$ad = new phpAD($config['Security']['ADServer'], $config['Security']['ADPort']);
// validate the user
$retVal = $ad->bind($username . $config['Security']['DomainSuffix'], $password);
// get the name of the product
$product = $config['Product']['Name'];
// if the user authenticated
if ($retVal) {
// get the user info
$userInfo = $ad->getUser($username);
// set the user info
$this->setUserName($username);
$this->setFirstName($userInfo['givenname'][0]);
$this->setLastName($userInfo['sn'][0]);
// if we got a telephone number from AD, set it
if (isset($userInfo['telephonenumber'][0])) {
$this->setPhoneNumber($userInfo['telephonenumber'][0]);
}
// if we got a department number from AD, set it
if (isset($userInfo['department'][0])) {
$this->setDepartment($userInfo['department'][0]);
}
// if we got a email address from AD, set it
if (isset($userInfo['mail'][0])) {
$this->setEmailAddress($userInfo['mail'][0]);
}
// reset role list
$this->Role = array();
// include the lookup object
include_once "Lookups.php";
// include the user LU object
include_once "UserLU.php";
// create a new object
$userlu = new UserLU();
// load the names
$userlu->getAllUserNames();
// get the user ID
$ID = $userlu->getItemIDByName($username);
// did we get a valid ID
if (!empty($ID)) {
$this->ID = $ID;
}
// get a lookup object
$roleLUs = new Lookups();
// get the items for the pull down
$roleLUs->getLookupByName("RoleLU");
//error_log(print_r($roleLUs, true));
// check if the user is a memeber of a role
if (isset($userInfo['memberof'])) {
// loop though the roles for this user
foreach ($userInfo['memberof'] as $item) {
// look for the product identifier in the role name
$pos = strpos($item, $product . " ");
// did we find it
if ($pos > 0) {
// find the position of the end of the product name
$productEnd = $pos + strlen($product);
// find the position of the next comma (AD returns a comma separated list of items, we only care about the first one)
$comma = strpos($item, ",");
// get the role name
$roleName = substr($item, $pos, $comma - $pos);
// init the role ID
$roleID = null;
// get the ID of the role by looking up the role name in the database
$roleID = $roleLUs->getItemIDByName($roleName);
//error_log(print_r($roleID, true));
// did we get a valid role ID
if (!empty($roleID) && isset($roleID)) {
// save the role ID
$this->Role[] = $roleID;
// if this guy is an administrator
if (strpos($roleName, "Administrator")) {
$this->setAdminUser(true);
}
}
}
}
}
//error_log(print_r($userInfo, true));
} else {
error_log("Error: Could not bind to the UNC AD for user: " . $username, 0);
}
// if there are no roles assigned to the user deny access
if (!isset($this->Role) || !isset($this->ID) || empty($this->Role)) {
$retVal = false;
}
// return to the caller
return $retVal;
}
/**
* Gets the name of a LU item by the ID
*
* @param string $luTbl
* @param int $ID
*/
function displayLUItemNameByID($luTbl, $ID)
{
// include the lookup object
include_once "Lookups.php";
// the name to return
$name = "";
// get a lookup object
$lus = new Lookups();
// get the items for the pull down
$retval = $lus->getLookupByName($luTbl);
// success? get the name
if ($retval == 0) {
$name = $lus->getItemNameByID($ID);
}
// return to the caller
return $name;
}
$lus = new Lookups();
$retval = $lus->GetAllLUItems();
// success?
if ($retval == 0) {
$arr = $lus->getLookupList();
foreach ($arr as $item) {
$luname = $item[0];
$obj = $item[1];
if ($luname == "InventoryStatusLU") {
echo "Name:" . $luname . ", ID:" . $obj->ID . "\n";
}
}
}
echo "\n Now by name \n";
$itemName = "InventoryStatusLU";
$retval = $lus->getLookupByName($itemName);
// success?
if ($retval == 0) {
$arr = $lus->getLookupList();
foreach ($arr as $item) {
echo "Name:" . $item->Name . ", ID:" . $item->ID . "\n";
}
}
echo "\n Now by name by ID \n";
$retval = $lus->getItemNameByID(1);
echo "ID: 1, name:" . $retval . "\n";
echo "\n Get the user names\n";
include_once "UserLU.php";
$userlu = new UserLU();
$retval = $userlu->getAllUserNames();
// success?
/**
* Gets all the email addresses for everyone in the system.
*
*/
function getAllEmailAddrs()
{
include_once "phpAD.inc.php";
// parse the config file
$config = parse_ini_file("Config.ini", 1);
// create and connect to the AD
$ad = new phpAD($config['Security']['ADServer'], $config['Security']['ADPort']);
// validate the user
$retVal = $ad->bind($config['Security']['ADServiceName'] . $config['Security']['DomainSuffix'], $config['Security']['ADServicePassword']);
// if the user authenticated
if ($retVal) {
// include the lookup object
include_once "Lookups.php";
// get a lookup object
$lus = new Lookups();
// get the items for the pull down
$lus->getLookupByName("RoleLU");
// get the list
$items = $lus->getLookupList();
// init the return value
$addrs = "";
// for each AD group
foreach ($items as $item) {
// get the items for the role
$name = "RENCI_" . $lus->getItemNameByID($item->getID());
// get the members of the group
$groupMembers = $ad->getGroupMembers($name);
// did we get any group members
if (!empty($groupMembers)) {
// for each member retrieved
foreach ($groupMembers as $groupMember) {
// get the email address
if (isset($groupMember['mail'][0])) {
$email = $groupMember['mail'][0];
} else {
$email = null;
}
// did we get an email address back
if (!empty($email)) {
// force mine to be something else
if ($email == "*****@*****.**") {
$email = "*****@*****.**";
}
// if we dont have this string already, save the email address
if (strpos($addrs, $email) === false) {
$addrs = $addrs . $email . ",";
}
}
}
}
}
}
$addrs = substr($addrs, 0, strlen($addrs) - 1);
// return to the caller
return $addrs;
}
// create a new object
$userlu = new UserLU();
// load the names
$userlu->getAllUserNames();
// get the user ID
$ID = $userlu->getItemIDByName($username);
// did we get a valid ID
if (!empty($ID)) {
$this->ID = $ID;
}
// save the email address
$this->setEmailAddress($userInfo['mail'][0]);
// get a lookup object
$lus = new Lookups();
// get the items for the pull down
$lus->getLookupByName("RoleLU");
// loop though the roles for this user
foreach ($userInfo['memberof'] as $item) {
// look for the NCGENES identifier
$pos = strpos($item, "RENCI_NCGENES ");
// did we find it
if ($pos > 0) {
// find the next comma
$comma = strpos($item, ",");
// get the role name
$roleName = substr($item, $pos, $comma - $pos);
// get the ID of the role
$ID = $lus->getItemIDByName($roleName);
// did we get a valid ID
if (!empty($ID)) {
$this->Role[] = $ID;
