/** * Update the local cache of the remote user details * @param object $usr The user details we read from the remote. */ function UpdateUserFromExternal(&$usr) { global $c; auth_functions_deprecated('UpdateUserFromExternal', 'refactor to use the "Principal" class'); /** * When we're doing the create we will usually need to generate a user number */ if (!isset($usr->user_no) || intval($usr->user_no) == 0) { $qry = new AwlQuery("SELECT nextval('usr_user_no_seq');"); $qry->Exec('Login', __LINE__, __FILE__); $sequence_value = $qry->Fetch(true); // Fetch as an array $usr->user_no = $sequence_value[0]; } $qry = new AwlQuery('SELECT * FROM usr WHERE user_no = :user_no', array(':user_no' => $usr->user_no)); if ($qry->Exec('Login', __LINE__, __FILE__) && $qry->rows() == 1) { $type = "UPDATE"; if ($old = $qry->Fetch()) { $changes = false; foreach ($usr as $k => $v) { if ($old->{$k} != $v) { $changes = true; dbg_error_log("Login", "User '%s' field '%s' changed from '%s' to '%s'", $usr->username, $k, $old->{$k}, $v); break; } } if (!$changes) { dbg_error_log("Login", "No changes to user record for '%s' - leaving as-is.", $usr->username); if (isset($usr->active) && $usr->active == 'f') { return false; } return; // Normal case, if there are no changes } else { dbg_error_log("Login", "Changes to user record for '%s' - updating.", $usr->username); } } } else { $type = "INSERT"; } $params = array(); if ($type != 'INSERT') { $params[':user_no'] = $usr->user_no; } $qry = new AwlQuery(sql_from_object($usr, $type, 'usr', 'WHERE user_no= :user_no'), $params); $qry->Exec('Login', __LINE__, __FILE__); /** * We disallow login by inactive users _after_ we have updated the local copy */ if (isset($usr->active) && ($usr->active === 'f' || $usr->active === false)) { return false; } if ($type == 'INSERT') { $qry = new AwlQuery('INSERT INTO principal( type_id, user_no, displayname, default_privileges) SELECT 1, user_no, fullname, :privs::INT::BIT(24) FROM usr WHERE username=(text(:username))', array(':privs' => privilege_to_bits($c->default_privileges), ':username' => $usr->username)); $qry->Exec('Login', __LINE__, __FILE__); CreateHomeCalendar($usr->username); CreateDefaultRelationships($usr->username); } else { if ($usr->fullname != $old->{'fullname'}) { // Also update the displayname if the fullname has been updated. $qry->QDo('UPDATE principal SET displayname=:new_display WHERE user_no=:user_no', array(':new_display' => $usr->fullname, ':user_no' => $usr->user_no)); } } }
/** * Synchronise a cached user with one from LDAP * @param object $principal A Principal object to be updated (or created) */ function sync_user_from_LDAP(Principal &$principal, $mapping, $ldap_values) { global $c; dbg_error_log("LDAP", "Going to sync the user from LDAP"); $fields_to_set = array(); $updateable_fields = Principal::updateableFields(); foreach ($updateable_fields as $field) { if (isset($mapping[$field])) { $tab_part_fields = explode(',', $mapping[$field]); foreach ($tab_part_fields as $part_field) { if (isset($ldap_values[$part_field])) { if (isset($fields_to_set[$field])) { $fields_to_set[$field] .= ' ' . $ldap_values[$part_field]; } else { $fields_to_set[$field] = $ldap_values[$part_field]; } } } dbg_error_log("LDAP", "Setting usr->%s to %s from LDAP field %s", $field, $fields_to_set[$field], $mapping[$field]); } else { if (isset($c->authenticate_hook['config']['default_value']) && is_array($c->authenticate_hook['config']['default_value']) && isset($c->authenticate_hook['config']['default_value'][$field])) { $fields_to_set[$field] = $c->authenticate_hook['config']['default_value'][$field]; dbg_error_log("LDAP", "Setting usr->%s to %s from configured defaults", $field, $c->authenticate_hook['config']['default_value'][$field]); } } } if ($principal->Exists()) { $principal->Update($fields_to_set); } else { $principal->Create($fields_to_set); CreateHomeCollections($principal->username()); CreateDefaultRelationships($principal->username()); } }