public static function loadElements($type_, $group_)
{
Logger::debug('main', "Abstract_Liaison_activedirectory::loadElements ({$type_},{$group_})");
$userGroupDB = UserGroupDB::getInstance();
$userGroupDB_activedirectory = new UserGroupDB_activedirectory();
$use_child_group = false;
$userGroupDB_activedirectory_preferences = $userGroupDB_activedirectory->preferences;
if (array_key_exists('use_child_group', $userGroupDB_activedirectory_preferences)) {
if ($userGroupDB_activedirectory_preferences['use_child_group'] == 1 || $userGroupDB_activedirectory_preferences['use_child_group'] == '1') {
$use_child_group = true;
}
}
$group = $userGroupDB->import($group_);
if (!is_object($group)) {
Logger::error('main', "Abstract_Liaison_activedirectory::loadElements load group ({$group_}) failed");
return NULL;
}
if ($group->type != 'static') {
return NULL;
}
$elements = array();
$id_ = $group->id;
$userDBAD2 = new UserDB_activedirectory();
$userDBAD = UserDB::getInstance();
if (get_class($userDBAD) == get_class($userDBAD2)) {
$userDBAD = $userDBAD2;
// for cache
}
$config_ldap = $userDBAD->makeLDAPconfig();
if (isset($group->extras) && is_array($group->extras) && isset($group->extras['member'])) {
$buf = $group->extras;
} else {
$config_ldap['match'] = array('description' => 'description', 'name' => 'name', 'member' => 'member');
if (str_endswith(strtolower($id_), strtolower($config_ldap['suffix'])) === true) {
$id2 = substr($id_, 0, -1 * strlen($config_ldap['suffix']) - 1);
} else {
$id2 = $id_;
}
$expl = explode(',', $id2, 2);
if (count($expl) < 2) {
Logger::error('main', "Abstract_Liaison_activedirectory::loadElements({$type_},{$group_}) count(expl) != 2 (count=" . count($expl) . ")(id2=" . $id2 . ")");
return NULL;
}
$config_ldap['userbranch'] = $expl[1];
$buf = array();
$buf['id'] = $id_;
$ldap = new LDAP($config_ldap);
$sr = $ldap->search($expl[0], array_keys($config_ldap['match']));
if ($sr === false) {
Logger::error('main', "Abstract_Liaison_activedirectory::loadElements search failed for ({$id_})");
return NULL;
}
$infos = $ldap->get_entries($sr);
$keys = array_keys($infos);
$dn = $keys[0];
$info = $infos[$dn];
foreach ($config_ldap['match'] as $attribut => $match_ldap) {
if (isset($info[$match_ldap])) {
unset($info[$match_ldap]['count']);
$buf[$attribut] = $info[$match_ldap];
}
}
}
if (isset($buf['member']) && is_array($buf['member'])) {
foreach ($buf['member'] as $member) {
$u = $userDBAD->importFromDN($member);
if (is_object($u)) {
if ($u->hasAttribute('objectclass')) {
if (in_array('user', $u->getAttribute('objectclass'))) {
$l = new Liaison($u->getAttribute('login'), $group_);
$elements[$l->element] = $l;
} else {
if (in_array('group', $u->getAttribute('objectclass')) && $use_child_group == true) {
$ret1 = self::loadElements($type_, 'static_' . $member);
if (is_array($ret1)) {
foreach ($ret1 as $element1 => $liaison1) {
$elements[$element1] = $liaison1;
}
}
}
}
} else {
$l = new Liaison($u->getAttribute('login'), $group_);
$elements[$l->element] = $l;
}
}
}
}
return $elements;
}
public function import_from_filter($filter_)
{
$filter = LDAP::join_filters(array($this->preferences['filter'], $filter_), '&');
$configLDAP = $this->get_usergroup_ldap_config();
$ldap = new LDAP($configLDAP);
$sr = $ldap->search($filter, array_values($this->preferences['match']));
if ($sr === false) {
Logger::error('main', 'UserGroupDB::ldap::import_from_filter search failed');
return NULL;
}
$result = array();
$infos = $ldap->get_entries($sr);
if (!is_array($infos)) {
return $result;
}
foreach ($infos as $dn => $info) {
$g = $this->generateUsersGroupFromRow($info, $dn, $this->preferences['match']);
if (!is_object($g)) {
continue;
}
$result[$dn] = $g;
}
return $result;
}
/**
* functie om gemakkelijk de userinfo op te halen aan de hand van de username
*
* @param unknown_type $uid ugent username
* @return Array
*/
function getUserInfo($uid)
{
parent::connect();
parent::bind();
parent::search("uid=" . $uid);
return self::parseData(parent::get_entries());
}
public function getUsersContains($contains_, $attributes_ = array('login', 'displayname'), $limit_ = 0)
{
$users = array();
$ldap = new LDAP($this->config);
$contains = '*';
if ($contains_ != '') {
$contains .= $contains_ . '*';
}
$contains = preg_replace('/\\*\\*+/', '*', $contains);
// ldap does not handle multiple star characters
$filter = '(&' . $this->generateFilter() . '(|';
foreach ($attributes_ as $attribute) {
$filter .= '(' . $this->config['match'][$attribute] . '=' . $contains . ')';
}
$filter .= '))';
$sr = $ldap->search($filter, NULL, $limit_);
if ($sr === false) {
Logger::error('main', 'UserDB::ldap::getUsersContaint search failed');
return NULL;
}
$sizelimit_exceeded = $ldap->errno() === 4;
// LDAP_SIZELIMIT_EXCEEDED => 0x04
$infos = $ldap->get_entries($sr);
foreach ($infos as $dn => $info) {
$u = $this->generateUserFromRow($info);
$u->setAttribute('dn', $dn);
$u = $this->cleanupUser($u);
if ($this->isOK($u)) {
$users[] = $u;
} else {
if ($u->hasAttribute('login')) {
Logger::info('main', 'UserDB::ldap::getUsersContaint user \'' . $u->getAttribute('login') . '\' not ok');
} else {
Logger::info('main', 'UserDB::ldap::getUsersContaint user does not have login');
}
}
}
usort($users, "user_cmp");
return array($users, $sizelimit_exceeded);
}
public static function loadElements($type_, $group_)
{
Logger::debug('main', "Abstract_Liaison_ldap_memberof::loadElements ({$type_},{$group_})");
$prefs = Preferences::getInstance();
if (!$prefs) {
die_error('get Preferences failed', __FILE__, __LINE__);
}
$userGroupDB = UserGroupDB::getInstance();
$group = $userGroupDB->import($group_);
if (!is_object($group)) {
Logger::error('main', "Abstract_Liaison_ldap_memberof::loadElements load group ({$group_}) failed");
return NULL;
}
$userGroupDB_ldap_memberof = new UserGroupDB_ldap_memberof();
$use_child_group = false;
${$userGroupDB_ldap_memberof_preferences} = $userGroupDB_ldap_memberof->preferences;
if (array_key_exists('use_child_group', ${$userGroupDB_ldap_memberof_preferences})) {
if (${$userGroupDB_ldap_memberof_preferences}['use_child_group'] == 1 || ${$userGroupDB_ldap_memberof_preferences}['use_child_group'] == '1') {
$use_child_group = true;
}
}
$elements = array();
if (is_base64url($group->id)) {
$id_ = base64url_decode($group->id);
} else {
$id_ = $group->id;
}
$userDBldap = new UserDB_ldap();
$userDBldap2 = UserDB::getInstance();
if (get_class($userDBldap) == get_class($userDBldap2)) {
$userDBldap = $userDBldap2;
// for cache
}
$config_ldap = $prefs->get('UserDB', 'ldap');
$config_ldap['match'] = array('description' => 'description', 'name' => 'name', 'member' => 'member');
if (str_endswith(strtolower($id_), strtolower($config_ldap['suffix'])) === true) {
$id2 = substr($id_, 0, -1 * strlen($config_ldap['suffix']) - 1);
} else {
$id2 = $id_;
}
$expl = explode(',', $id2, 2);
$config_ldap['userbranch'] = $expl[1];
$buf = array();
$buf['id'] = $id_;
$ldap = new LDAP($config_ldap);
$sr = $ldap->search($expl[0], array_keys($config_ldap['match']));
if ($sr === false) {
Logger::error('main', "Abstract_Liaison_ldap_memberof::loadElements search failed for ({$id_})");
return NULL;
}
$infos = $ldap->get_entries($sr);
if ($infos === array()) {
return $elements;
}
$keys = array_keys($infos);
$dn = $keys[0];
$info = $infos[$dn];
foreach ($config_ldap['match'] as $attribut => $match_ldap) {
if (isset($info[$match_ldap])) {
unset($info[$match_ldap]['count']);
$buf[$attribut] = $info[$match_ldap];
}
}
if (isset($buf['member']) && is_array($buf['member'])) {
foreach ($buf['member'] as $member) {
$u = $userDBldap->importFromDN($member);
if (is_object($u) == false) {
Logger::error('main', "Abstract_Liaison_ldap_memberof::loadElements ({$type_},{$group_}) failed to import " . $member);
continue;
} else {
if ($u->hasAttribute('objectclass')) {
if (in_array('user', $u->getAttribute('objectclass'))) {
$l = new Liaison($u->getAttribute('login'), $group_);
$elements[$l->element] = $l;
} else {
if (in_array('group', $u->getAttribute('objectclass')) && $use_child_group == true) {
$ret1 = self::loadElements($type_, 'static_' . $member);
if (is_array($ret1)) {
foreach ($ret1 as $element1 => $liaison1) {
$elements[$element1] = $liaison1;
}
}
}
}
} else {
$l = new Liaison($u->getAttribute('login'), $group_);
$elements[$l->element] = $l;
}
}
}
}
return $elements;
}
public function getUsersContains($contains_, $attributes_ = array('login', 'displayname'), $limit_ = 0, $group_ = null)
{
$users = array();
$filters = array($this->generateFilter());
if ($contains_ != '') {
$contains = preg_replace('/\\*\\*+/', '*', '*' . $contains_ . '*');
// ldap does not handle multiple star characters
$filter_contain_rules = array();
$missing_attribute_nb = 0;
foreach ($attributes_ as $attribute) {
if (!array_key_exists($attribute, $this->config['match']) || strlen($this->config['match'][$attribute]) == 0) {
$missing_attribute_nb++;
continue;
}
array_push($filter_contain_rules, $this->config['match'][$attribute] . '=' . $contains);
}
if ($missing_attribute_nb == count($attributes_)) {
return array(array(), false);
}
array_push($filters, LDAP::join_filters($filter_contain_rules, '|'));
}
if (!is_null($group_)) {
$userGroupDB = UserGroupDB::getInstance('static');
$group_filter_res = $userGroupDB->get_filter_groups_member($group_);
if (array_key_exists('filter', $group_filter_res)) {
array_push($filters, $group_filter_res['filter']);
} else {
if (!array_key_exists('users', $group_filter_res) || !is_array($group_filter_res['users']) || count($group_filter_res['users']) == 0) {
return array(array(), false);
}
$filter_group_rules = array();
foreach ($group_filter_res['users'] as $login) {
array_push($filter_group_rules, '(' . $this->config['match']['login'] . '=' . $login . ')');
}
array_push($filters, LDAP::join_filters($filter_group_rules, '|'));
}
}
$filter = LDAP::join_filters($filters, '&');
$ldap = new LDAP($this->get_user_ldap_config());
$sr = $ldap->search($filter, array_values($this->config['match']), $limit_);
if ($sr === false) {
Logger::error('main', 'UserDB::ldap::getUsersContaint search failed');
return array(array(), false);
}
$sizelimit_exceeded = $ldap->errno() === 4;
// LDAP_SIZELIMIT_EXCEEDED => 0x04
$infos = $ldap->get_entries($sr);
foreach ($infos as $dn => $info) {
if (!is_null($group_) && array_key_exists('dns', $group_filter_res)) {
if (!in_array($dn, $group_filter_res['dns'])) {
continue;
}
}
$u = $this->generateUserFromRow($info);
$u->setAttribute('dn', $dn);
$u = $this->cleanupUser($u);
if ($this->isOK($u)) {
$users[] = $u;
} else {
if ($u->hasAttribute('login')) {
Logger::info('main', 'UserDB::ldap::getUsersContaint user \'' . $u->getAttribute('login') . '\' not ok');
} else {
Logger::info('main', 'UserDB::ldap::getUsersContaint user does not have login');
}
}
}
return array($users, $sizelimit_exceeded);
}
public function getGroupsContains($contains_, $attributes_ = array('name', 'description'), $limit_ = 0)
{
$groups = array();
$userDBAD = UserDB::getInstance();
if (method_exists($userDBAD, 'makeLDAPconfig') === false) {
Logger::error('main', 'UserGroupDB::ldap_memberof makeLDAPconfig is not avalaible');
return NULL;
}
$config_ldap = $userDBAD->makeLDAPconfig();
$config_ldap['match'] = array();
if (array_key_exists('match', $this->preferences)) {
$config_ldap['match'] = $this->preferences['match'];
}
$ldap = new LDAP($config_ldap);
$contains = '*';
if ($contains_ != '') {
$contains .= $contains_ . '*';
}
$filter = '(&(objectClass=group)(|';
foreach ($attributes_ as $attribute) {
$filter .= '(' . $config_ldap['match'][$attribute] . '=' . $contains . ')';
}
$filter .= '))';
$sr = $ldap->search($filter, NULL, $limit_);
if ($sr === false) {
Logger::error('main', 'UserDB::ldap::getUsersContaint search failed');
return NULL;
}
$sizelimit_exceeded = $ldap->errno() === 4;
// LDAP_SIZELIMIT_EXCEEDED => 0x04
$infos = $ldap->get_entries($sr);
foreach ($infos as $dn => $info) {
$buf = array();
foreach ($config_ldap['match'] as $attribut => $match_ldap) {
if (isset($info[$match_ldap][0])) {
$buf[$attribut] = $info[$match_ldap][0];
}
if (isset($info[$match_ldap]) && is_array($info[$match_ldap])) {
if (isset($info[$match_ldap]['count'])) {
unset($info[$match_ldap]['count']);
}
$extras[$attribut] = $info[$match_ldap];
} else {
$extras[$attribut] = array();
}
}
if (!isset($buf['description'])) {
$buf['description'] = '';
}
$ug = new UsersGroup($dn, $buf['name'], $buf['description'], true);
$ug->extras = $extras;
$groups[$dn] = $ug;
}
return array($groups, $sizelimit_exceeded);
}
public function getList_nocache()
{
Logger::debug('main', 'UserGroupDB::ldap_posix::getList_nocache');
$configLDAP = $this->makeLDAPconfig();
$ldap = new LDAP($configLDAP);
$sr = $ldap->search('cn=*', NULL);
$infos = $ldap->get_entries($sr);
$groups = array();
if (!is_array($infos)) {
return $groups;
}
foreach ($infos as $dn => $info) {
$g = $this->generateUsersGroupFromRow($info, $dn, $configLDAP['match']);
if (is_object($g)) {
$groups[$dn] = $g;
}
}
return $groups;
}
public function getList($sort_ = false)
{
Logger::debug('main', 'UserGroupDB::activedirectory::getList');
$userDBAD = UserDB::getInstance();
$config_ldap = $userDBAD->makeLDAPconfig();
$config_ldap['match'] = array();
if (array_key_exists('match', $this->preferences)) {
$config_ldap['match'] = $this->preferences['match'];
}
$ldap = new LDAP($config_ldap);
$sr = $ldap->search('(objectClass=group)', array_values($config_ldap['match']));
if ($sr === false) {
Logger::error('main', "UserGroupDB::activedirectory::getList search failed");
return NULL;
}
$infos = $ldap->get_entries($sr);
$groups = array();
foreach ($infos as $dn => $info) {
$buf = array();
foreach ($config_ldap['match'] as $attribut => $match_ldap) {
if (isset($info[$match_ldap][0])) {
$buf[$attribut] = $info[$match_ldap][0];
}
if (isset($info[$match_ldap]) && is_array($info[$match_ldap])) {
if (isset($info[$match_ldap]['count'])) {
unset($info[$match_ldap]['count']);
}
$extras[$attribut] = $info[$match_ldap];
} else {
$extras[$attribut] = array();
}
}
if (!isset($buf['description'])) {
$buf['description'] = '';
}
if (!isset($buf['name'])) {
$buf['name'] = $dn;
}
$ug = new UsersGroup($dn, $buf['name'], $buf['description'], true);
$ug->extras = $extras;
$groups[$dn] = $ug;
}
if ($sort_) {
usort($groups, "usergroup_cmp");
}
return $groups;
}
