/**
* This method return GLPI status (same as status.php)
*
* @param $params array of option : ignored
* @param $protocol the communication protocol used
*
* @return an response ready to be encode
**/
static function methodStatus($params, $protocol)
{
global $DB;
if (isset($params['help'])) {
return array('help' => 'bool,optional');
}
$resp = array();
$ok_master = true;
$ok_slave = true;
$ok = true;
// Check slave server connection
if (DBConnection::isDBSlaveActive()) {
$DBslave = DBConnection::getDBSlaveConf();
if (is_array($DBslave->dbhost)) {
$hosts = $DBslave->dbhost;
} else {
$hosts = array($DBslave->dbhost);
}
foreach ($hosts as $num => $name) {
$diff = DBConnection::getReplicateDelay($num);
if ($diff > 1000000000) {
$resp['slavedb_' . $num] = "offline";
$ok_slave = false;
} else {
if ($diff) {
$resp['slavedb_' . $num] = $diff;
if ($diff > HOUR_TIMESTAMP) {
$ok_slave = false;
}
} else {
$resp['slavedb_' . $num] = "ok";
}
}
}
} else {
$resp['slavedb'] = "not configured";
}
// Check main server connection
if (DBConnection::establishDBConnection(false, true, false)) {
$resp['maindb'] = "ok";
} else {
$resp['slavedb'] = "offline";
$ok_master = false;
}
// Slave and master ok;
$ok = $ok_slave && $ok_master;
// Check session dir (usefull when NFS mounted))
if (is_dir(GLPI_SESSION_DIR) && is_writable(GLPI_SESSION_DIR)) {
$resp['sessiondir'] = "ok";
} else {
$resp['sessiondir'] = "not writable";
$ok = false;
}
// Reestablished DB connection
if (($ok_master || $ok_slave) && DBConnection::establishDBConnection(false, false, false)) {
// Check Auth connections
$auth = new Auth();
$auth->getAuthMethods();
$ldap_methods = $auth->authtypes["ldap"];
if (count($ldap_methods)) {
foreach ($ldap_methods as $method) {
if ($method['is_active']) {
if (AuthLdap::tryToConnectToServer($method, $method["rootdn"], Toolbox::decrypt($method["rootdn_passwd"], GLPIKEY))) {
$resp['LDAP_' . $method['name']] = "ok";
} else {
$resp['LDAP_' . $method['name']] = "offline";
$ok = false;
}
}
}
}
}
if ($ok) {
$resp['glpi'] = "ok";
} else {
$resp['glpi'] = "error";
}
return $resp;
}
/**
* Find a user in a LDAP and return is BaseDN
* Based on GRR auth system
*
* @param $ldap_method ldap_method array to use
* @param $login User Login
* @param $password User Password
*
* @return String : basedn of the user / false if not founded
**/
function connection_ldap($ldap_method, $login, $password)
{
// we prevent some delay...
if (empty($ldap_method['host'])) {
return false;
}
$this->ldap_connection = AuthLdap::tryToConnectToServer($ldap_method, $login, $password);
$this->user_deleted_ldap = false;
if ($this->ldap_connection) {
$params['method'] = AuthLDAP::IDENTIFIER_LOGIN;
$params['fields'][AuthLDAP::IDENTIFIER_LOGIN] = $ldap_method['login_field'];
$infos = AuthLdap::searchUserDn($this->ldap_connection, array('basedn' => $ldap_method['basedn'], 'login_field' => $ldap_method['login_field'], 'search_parameters' => $params, 'user_params' => array('method' => AuthLDAP::IDENTIFIER_LOGIN, 'value' => $login), 'condition' => $ldap_method['condition'], 'user_dn' => $this->user_dn));
$dn = $infos['dn'];
if (!empty($dn) && @ldap_bind($this->ldap_connection, $dn, $password)) {
//Hook to implement to restrict access by checking the ldap directory
if (Plugin::doHookFunction("restrict_ldap_auth", $dn)) {
return $dn;
}
$this->addToError(__('User not authorized to connect in GLPI'));
//Use is present by has no right to connect because of a plugin
return false;
} else {
// Incorrect login
$this->addToError(__('Incorrect username or password'));
//Use is not present anymore in the directory!
if ($dn == '') {
$this->user_deleted_ldap = true;
}
return false;
}
} else {
$this->addToError(__('Unable to connect to the LDAP directory'));
//Directory is not available
return false;
}
}
}
echo "\n";
}
} else {
echo "No OCS server\n";
}
}
// Check Auth connections
$auth = new Auth();
$auth->getAuthMethods();
$ldap_methods = $auth->authtypes["ldap"];
if (count($ldap_methods)) {
echo "Check LDAP servers:";
foreach ($ldap_methods as $method) {
echo " " . $method['name'];
if (AuthLdap::tryToConnectToServer($method, $method["rootdn"], decrypt($method["rootdn_passwd"], GLPIKEY))) {
echo "_OK";
} else {
echo "_PROBLEM";
$ok = false;
}
echo "\n";
}
} else {
echo "No LDAP server\n";
}
// TODO Check mail server : cannot open a mail connexion / only ping server ?
// TODO check CAS url / check url using socket ?
}
echo "\n";
if ($ok) {
