/** * @return string */ public function admin() { Piwik::checkUserHasSuperUserAccess(); $view = new View('@LoginLdap/index'); ControllerAdmin::setBasicVariablesAdminView($view); if (!function_exists('ldap_connect')) { $notification = new Notification(Piwik::translate('LoginLdap_LdapFunctionsMissing')); $notification->context = Notification::CONTEXT_ERROR; $notification->type = Notification::TYPE_PERSISTENT; Notification\Manager::notify('LoginLdap_LdapFunctionsMissing', $notification); } $this->setBasicVariablesView($view); $serverNames = Config::getServerNameList() ?: array(); $view->servers = array(); if (empty($serverNames)) { try { $serverInfo = ServerInfo::makeFromOldConfig()->getProperties(); $serverInfo['name'] = 'server'; $view->servers[] = $serverInfo; } catch (Exception $ex) { // ignore } } else { foreach ($serverNames as $server) { $serverConfig = Config::getServerConfig($server); if (!empty($serverConfig)) { $serverConfig['name'] = $server; $view->servers[] = $serverConfig; } } } $view->ldapConfig = Config::getPluginOptionValuesWithDefaults(); $view->isLoginControllerActivated = PluginManager::getInstance()->isPluginActivated('Login'); $view->updatedFromPre30 = Option::get('LoginLdap_updatedFromPre3_0'); return $view->render(); }
public static function saveLdapServerConfigs($servers) { $serverNames = array(); foreach ($servers as $serverInfo) { ServerInfo::saveServerConfig($serverInfo, $forceSave = false); $serverNames[] = $serverInfo['name']; } PiwikConfig::getInstance()->LoginLdap['servers'] = $serverNames; PiwikConfig::getInstance()->forceSave(); }
/** * Returns a ServerInfo instance created using options in an INI config section. * The INI config section's name is determined by prefixing `'LoginLdap_'` to the * server name. * * The INI config section can have the following information: * * - **hostname** _(Required)_ The server's hostname. * - **base_dn** _(Required)_ The base DN to use with this server. * - **port** The port to use when connecting to the server. * - **admin_user** The name of an admin user that has read access to other users. * - **admin_pass** The password to use when binding with the admin user. * * @param string $name The name of the LDAP server in config. This value can be * used in the `[LoginLdap] servers[] = ` config option to * add an LDAP server to the list of servers LoginLdap will * connect to. * @return ServerInfo * @throws Exception if the LDAP server config cannot be found or is missing * required information. */ public static function makeConfigured($name) { $config = Config::getServerConfig($name); if (empty($config)) { throw new Exception("No configuration section [{$name}] found."); } if (empty($config['hostname'])) { throw new Exception("Required config option 'hostname' not found in [{$name}] section."); } if (empty($config['base_dn'])) { throw new Exception("Required config option 'base_dn' not found in [{$name}] section."); } $hostname = $config['hostname']; $baseDn = $config['base_dn']; $result = new ServerInfo($hostname, $baseDn); $port = $config['port']; if (!empty($port)) { $result->setServerPort((int) $port); } $adminUser = $config['admin_user']; if (!empty($adminUser)) { $result->setAdminUsername($adminUser); } $adminPass = $config['admin_pass']; if (!empty($adminPass)) { $result->setAdminPassword($adminPass); } Log::debug("ServerInfo::%s: configuring with hostname = %s, baseDn = %s, port = %s, adminUser = %s, adminPass = %s", __FUNCTION__, $hostname, $baseDn, $port, substr($adminUser, 3) . '...', '<len=' . strlen($adminPass) . '>'); return $result; }
/** * Public only for use in closure. */ public function bindAsAdmin(LdapClient $ldapClient, ServerInfo $server) { $adminUserName = $server->getAdminUsername(); // bind using the admin user which has at least read access to LDAP users if (!$ldapClient->bind($adminUserName, $server->getAdminPassword())) { throw new Exception("Could not bind as LDAP admin."); } }
/** * Returns a ServerInfo instance created using options in an INI config section. * The INI config section's name is determined by prefixing `'LoginLdap_'` to the * server name. * * The INI config section can have the following information: * * - **hostname** _(Required)_ The server's hostname. * - **base_dn** _(Required)_ The base DN to use with this server. * - **port** The port to use when connecting to the server. * - **admin_user** The name of an admin user that has read access to other users. * - **admin_pass** The password to use when binding with the admin user. * * @param string $name The name of the LDAP server in config. This value can be * used in the `[LoginLdap] servers[] = ` config option to * add an LDAP server to the list of servers LoginLdap will * connect to. * @return ServerInfo * @throws Exception if the LDAP server config cannot be found or is missing * required information. */ public static function makeConfigured($name) { $config = Config::getServerConfig($name); if (empty($config)) { throw new Exception("No configuration section [{$name}] found."); } if (empty($config['hostname'])) { throw new Exception("Required config option 'hostname' not found in [{$name}] section."); } if (empty($config['base_dn'])) { throw new Exception("Required config option 'base_dn' not found in [{$name}] section."); } $hostname = $config['hostname']; $baseDn = $config['base_dn']; $result = new ServerInfo($hostname, $baseDn); $port = $config['port']; if (!empty($port)) { $result->setServerPort((int) $port); } $adminUser = $config['admin_user']; if (!empty($adminUser)) { $result->setAdminUsername($adminUser); } $adminPass = $config['admin_pass']; if (!empty($adminPass)) { $result->setAdminPassword($adminPass); } return $result; }