/**
* Init plugin config from database settings depending on the plugin auth type.
*/
function init_plugin($authtype)
{
$this->pluginconfig = 'auth/' . $authtype;
$this->config = get_config($this->pluginconfig);
if (empty($this->config->ldapencoding)) {
$this->config->ldapencoding = 'utf-8';
}
if (empty($this->config->user_type)) {
$this->config->user_type = 'default';
}
$ldap_usertypes = ldap_supported_usertypes();
$this->config->user_type_name = $ldap_usertypes[$this->config->user_type];
unset($ldap_usertypes);
$default = ldap_getdefaults();
// Use defaults if values not given
foreach ($default as $key => $value) {
// watch out - 0, false are correct values too
if (!isset($this->config->{$key}) or $this->config->{$key} == '') {
$this->config->{$key} = $value[$this->config->user_type];
}
}
// Hack prefix to objectclass
if (empty($this->config->objectclass)) {
// Can't send empty filter
$this->config->objectclass = '(objectClass=*)';
} else {
if (stripos($this->config->objectclass, 'objectClass=') === 0) {
// Value is 'objectClass=some-string-here', so just add ()
// around the value (filter _must_ have them).
$this->config->objectclass = '(' . $this->config->objectclass . ')';
} else {
if (strpos($this->config->objectclass, '(') !== 0) {
// Value is 'some-string-not-starting-with-left-parentheses',
// which is assumed to be the objectClass matching value.
// So build a valid filter with it.
$this->config->objectclass = '(objectClass=' . $this->config->objectclass . ')';
} else {
// There is an additional possible value
// '(some-string-here)', that can be used to specify any
// valid filter string, to select subsets of users based
// on any criteria. For example, we could select the users
// whose objectClass is 'user' and have the
// 'enabledMoodleUser' attribute, with something like:
//
// (&(objectClass=user)(enabledMoodleUser=1))
//
// In this particular case we don't need to do anything,
// so leave $this->config->objectclass as is.
}
}
}
}
/**
* Constructor for the plugin. In addition to calling the parent
* constructor, we define and 'fix' some settings depending on the
* real settings the admin defined.
*/
public function __construct()
{
global $CFG;
require_once $CFG->libdir . '/ldaplib.php';
// Do our own stuff to fix the config (it's easier to do it
// here than using the admin settings infrastructure). We
// don't call $this->set_config() for any of the 'fixups'
// (except the objectclass, as it's critical) because the user
// didn't specify any values and relied on the default values
// defined for the user type she chose.
$this->load_config();
// Make sure we get sane defaults for critical values.
$this->config->ldapencoding = $this->get_config('ldapencoding', 'utf-8');
$this->config->user_type = $this->get_config('user_type', 'default');
$ldap_usertypes = ldap_supported_usertypes();
$this->config->user_type_name = $ldap_usertypes[$this->config->user_type];
unset($ldap_usertypes);
$default = ldap_getdefaults();
// The objectclass in the defaults is for a user.
// This will be required later, but enrol_ldap uses 'objectclass' for its group objectclass.
// Save the normalised user objectclass for later.
$this->userobjectclass = ldap_normalise_objectclass($default['objectclass'][$this->get_config('user_type')]);
// Remove the objectclass default, as the values specified there are for users, and we are dealing with groups here.
unset($default['objectclass']);
// Use defaults if values not given. Dont use this->get_config()
// here to be able to check for 0 and false values too.
foreach ($default as $key => $value) {
// Watch out - 0, false are correct values too, so we can't use $this->get_config()
if (!isset($this->config->{$key}) or $this->config->{$key} == '') {
$this->config->{$key} = $value[$this->config->user_type];
}
}
// Normalise the objectclass used for groups.
if (empty($this->config->objectclass)) {
// No objectclass set yet - set a default class.
$this->config->objectclass = ldap_normalise_objectclass(null, '*');
$this->set_config('objectclass', $this->config->objectclass);
} else {
$objectclass = ldap_normalise_objectclass($this->config->objectclass);
if ($objectclass !== $this->config->objectclass) {
// The objectclass was changed during normalisation.
// Save it in config, and update the local copy of config.
$this->set_config('objectclass', $objectclass);
$this->config->objectclass = $objectclass;
}
}
}
/**
* Search specified contexts for the specified userid and return the
* user dn like: cn=username,ou=suborg,o=org. It's actually a wrapper
* around ldap_find_userdn().
*
* @param string $userid the userid to search for (in external LDAP encoding, no magic quotes).
* @return mixed the user dn or false
*/
protected function ldap_find_userdn($userid)
{
global $CFG;
require_once $CFG->libdir . '/ldaplib.php';
$ldap_contexts = explode(';', $this->get_config('user_contexts'));
$ldap_defaults = ldap_getdefaults();
return ldap_find_userdn($this->ldapconnection, $userid, $ldap_contexts, '(objectClass=' . $ldap_defaults['objectclass'][$this->get_config('user_type')] . ')', $this->get_config('idnumber_attribute'), $this->get_config('user_search_sub'));
}
/**
* Constructor for the plugin. In addition to calling the parent
* constructor, we define and 'fix' some settings depending on the
* real settings the admin defined.
*/
public function __construct()
{
global $CFG;
require_once $CFG->libdir . '/ldaplib.php';
// Do our own stuff to fix the config (it's easier to do it
// here than using the admin settings infrastructure). We
// don't call $this->set_config() for any of the 'fixups'
// (except the objectclass, as it's critical) because the user
// didn't specify any values and relied on the default values
// defined for the user type she chose.
$this->load_config();
// Make sure we get sane defaults for critical values.
$this->config->ldapencoding = $this->get_config('ldapencoding', 'utf-8');
$this->config->user_type = $this->get_config('user_type', 'default');
$ldap_usertypes = ldap_supported_usertypes();
$this->config->user_type_name = $ldap_usertypes[$this->config->user_type];
unset($ldap_usertypes);
$default = ldap_getdefaults();
// The objectclass in the defaults is for a user.
// This will be required later, but enrol_ldap uses 'objectclass' for its group objectclass.
// Save the normalised user objectclass for later.
$this->userobjectclass = $default['objectclass'][$this->get_config('user_type')];
if (empty($this->userobjectclass)) {
// Can't send empty filter.
$this->userobjectclass = '(objectClass=*)';
} else {
if (stripos($this->userobjectclass, 'objectClass=') === 0) {
// Value is 'objectClass=some-string-here', so just add ()
// around the value (filter _must_ have them).
$this->userobjectclass = '(' . $this->userobjectclass . ')';
} else {
if (stripos($this->userobjectclass, '(') !== 0) {
// Value is 'some-string-not-starting-with-left-parentheses',
// which is assumed to be the objectClass matching value.
// So build a valid filter with it.
$this->userobjectclass = '(objectClass=' . $this->userobjectclass . ')';
}
}
}
// Remove the objectclass default, as the values specified there are for
// users, and we are dealing with groups here.
unset($default['objectclass']);
// Use defaults if values not given. Dont use this->get_config()
// here to be able to check for 0 and false values too.
foreach ($default as $key => $value) {
// Watch out - 0, false are correct values too, so we can't use $this->get_config()
if (!isset($this->config->{$key}) or $this->config->{$key} == '') {
$this->config->{$key} = $value[$this->config->user_type];
}
}
if (empty($this->config->objectclass)) {
// Can't send empty filter. Fix it for now and future occasions
$this->set_config('objectclass', '(objectClass=*)');
} else {
if (stripos($this->config->objectclass, 'objectClass=') === 0) {
// Value is 'objectClass=some-string-here', so just add ()
// around the value (filter _must_ have them).
// Fix it for now and future occasions
$this->set_config('objectclass', '(' . $this->config->objectclass . ')');
} else {
if (stripos($this->config->objectclass, '(') !== 0) {
// Value is 'some-string-not-starting-with-left-parentheses',
// which is assumed to be the objectClass matching value.
// So build a valid filter with it.
$this->set_config('objectclass', '(objectClass=' . $this->config->objectclass . ')');
} else {
// There is an additional possible value
// '(some-string-here)', that can be used to specify any
// valid filter string, to select subsets of users based
// on any criteria. For example, we could select the users
// whose objectClass is 'user' and have the
// 'enabledMoodleUser' attribute, with something like:
//
// (&(objectClass=user)(enabledMoodleUser=1))
//
// In this particular case we don't need to do anything,
// so leave $this->config->objectclass as is.
}
}
}
}
/**
* Init plugin config from database settings depending on the plugin auth type.
*/
function init_plugin($authtype)
{
$this->pluginconfig = 'auth/' . $authtype;
$this->config = get_config($this->pluginconfig);
if (empty($this->config->ldapencoding)) {
$this->config->ldapencoding = 'utf-8';
}
if (empty($this->config->user_type)) {
$this->config->user_type = 'default';
}
$ldap_usertypes = ldap_supported_usertypes();
$this->config->user_type_name = $ldap_usertypes[$this->config->user_type];
unset($ldap_usertypes);
$default = ldap_getdefaults();
// Use defaults if values not given
foreach ($default as $key => $value) {
// watch out - 0, false are correct values too
if (!isset($this->config->{$key}) or $this->config->{$key} == '') {
$this->config->{$key} = $value[$this->config->user_type];
}
}
// Hack prefix to objectclass
$this->config->objectclass = ldap_normalise_objectclass($this->config->objectclass);
}
