public static function tearDownAfterClass()
{
if (!self::$ldapcfg) {
return;
}
$ldap = new Horde_Ldap(self::$ldapcfg['server']);
$ldap->delete('ou=Horde_Ldap_Test_search1,' . self::$ldapcfg['server']['basedn']);
$ldap->delete('ou=Horde_Ldap_Test_search2,' . self::$ldapcfg['server']['basedn']);
}
/**
* Removes a group.
*
* @param mixed $gid A group ID.
*
* @throws Horde_Group_Exception
*/
public function remove($gid)
{
if ($this->readOnly()) {
throw new Horde_Group_Exception('This group backend is read-only.');
}
try {
$this->_rebind(true);
$this->_ldap->delete($gid);
$this->_rebind(false);
} catch (Horde_Ldap_Exception $e) {
throw new Horde_Group_Exception($e);
}
}
/**
* Remove a set of authentication credentials.
*
* @param string $userId The userId to add.
* @param string $dn TODO
*
* @throws Horde_Auth_Exception
*/
public function removeUser($userId, $dn = null)
{
if (!empty($this->_params['ad'])) {
throw new Horde_Auth_Exception(__CLASS__ . ': Removing users is not supported for Active Directory');
}
if (is_null($dn)) {
/* Search for the user's full DN. */
try {
$dn = $this->_ldap->findUserDN($userId);
} catch (Horde_Exception_Ldap $e) {
throw new Horde_Auth_Exception($e);
}
}
try {
$this->_ldap->delete($dn);
} catch (Horde_Ldap_Exception $e) {
throw new Horde_Auth_Exception(sprintf(__CLASS__ . ': Unable to remove user "%s"', $userId));
}
}
/**
* Renames or moves an entry.
*
* This method will instantly carry out an update() after the
* move, so the entry is moved instantly.
*
* You can pass an optional Horde_Ldap object. In this case, a
* cross directory move will be performed which deletes the entry
* in the source (THIS) directory and adds it in the directory
* $target_ldap.
*
* A cross directory move will switch the entry's internal LDAP
* reference so updates to the entry will go to the new directory.
*
* If you want to do a cross directory move, you need to pass an
* Horde_Ldap_Entry object, otherwise the attributes will be
* empty.
*
* @param string|Horde_Ldap_Entry $entry An LDAP entry.
* @param string $newdn The new location.
* @param Horde_Ldap $target_ldap Target directory for cross
* server move.
*
* @throws Horde_Ldap_Exception
*/
public function move($entry, $newdn, $target_ldap = null)
{
if (is_string($entry)) {
if ($target_ldap && $target_ldap !== $this) {
throw new Horde_Ldap_Exception('Unable to perform cross directory move: operation requires a Horde_Ldap_Entry object');
}
$entry = $this->getEntry($entry);
}
if (!$entry instanceof Horde_Ldap_Entry) {
throw new Horde_Ldap_Exception('Parameter $entry is expected to be a Horde_Ldap_Entry object! (If DN was passed, conversion failed)');
}
if ($target_ldap && !$target_ldap instanceof Horde_Ldap) {
throw new Horde_Ldap_Exception('Parameter $target_ldap is expected to be a Horde_Ldap object!');
}
if (!$target_ldap || $target_ldap === $this) {
/* Local move. */
$entry->dn($newdn);
$entry->setLDAP($this);
$entry->update();
return;
}
/* Cross directory move. */
if ($target_ldap->exists($newdn)) {
throw new Horde_Ldap_Exception('Unable to perform cross directory move: entry does exist in target directory');
}
$entry->dn($newdn);
try {
$target_ldap->add($entry);
} catch (Exception $e) {
throw new Horde_Ldap_Exception('Unable to perform cross directory move: ' . $e->getMessage() . ' in target directory');
}
try {
$this->delete($entry->currentDN());
} catch (Exception $e) {
try {
$add_error_string = '';
/* Undo add. */
$target_ldap->delete($entry);
} catch (Exception $e) {
$add_error_string = ' Additionally, the deletion (undo add) of $entry in target directory failed.';
}
throw new Horde_Ldap_Exception('Unable to perform cross directory move: ' . $e->getMessage() . ' in source directory.' . $add_error_string);
}
$entry->setLDAP($target_ldap);
}
/**
* Basic deletion is tested in testAdd(), so here we just test if
* advanced deletion tasks work properly.
*/
public function testDelete()
{
$ldap = new Horde_Ldap(self::$ldapcfg['server']);
// Some parameter checks.
try {
$ldap->delete(1234);
$this->fail('Horde_Ldap_Exception expected.');
} catch (Horde_Ldap_Exception $e) {
}
try {
$ldap->delete($ldap);
$this->fail('Horde_Ldap_Exception expected.');
} catch (Horde_Ldap_Exception $e) {
}
// In order to test subtree deletion, we need some little tree
// which we need to establish first.
$base = self::$ldapcfg['server']['basedn'];
$testdn = 'ou=Horde_Ldap_Test_subdelete,' . $base;
$ou = Horde_Ldap_Entry::createFresh($testdn, array('objectClass' => array('top', 'organizationalUnit'), 'ou' => 'Horde_Ldap_Test_subdelete'));
$ou_1 = Horde_Ldap_Entry::createFresh('ou=test1,' . $testdn, array('objectClass' => array('top', 'organizationalUnit'), 'ou' => 'test1'));
$ou_1_l1 = Horde_Ldap_Entry::createFresh('l=subtest,ou=test1,' . $testdn, array('objectClass' => array('top', 'locality'), 'l' => 'test1'));
$ou_2 = Horde_Ldap_Entry::createFresh('ou=test2,' . $testdn, array('objectClass' => array('top', 'organizationalUnit'), 'ou' => 'test2'));
$ou_3 = Horde_Ldap_Entry::createFresh('ou=test3,' . $testdn, array('objectClass' => array('top', 'organizationalUnit'), 'ou' => 'test3'));
$ldap->add($ou);
$ldap->add($ou_1);
$ldap->add($ou_1_l1);
$ldap->add($ou_2);
$ldap->add($ou_3);
$this->assertTrue($ldap->exists($ou->dn()));
$this->assertTrue($ldap->exists($ou_1->dn()));
$this->assertTrue($ldap->exists($ou_1_l1->dn()));
$this->assertTrue($ldap->exists($ou_2->dn()));
$this->assertTrue($ldap->exists($ou_3->dn()));
// Tree established now. We can run some tests now :D
// Try to delete some non existent entry inside that subtree (fails).
try {
$ldap->delete('cn=not_existent,ou=test1,' . $testdn);
$this->fail('Horde_Ldap_Exception expected.');
} catch (Horde_Ldap_Exception $e) {
$this->assertEquals('LDAP_NO_SUCH_OBJECT', Horde_Ldap::errorName($e->getCode()));
}
// Try to delete main test ou without recursive set (fails too).
try {
$ldap->delete($testdn);
$this->fail('Horde_Ldap_Exception expected.');
} catch (Horde_Ldap_Exception $e) {
$this->assertEquals('LDAP_NOT_ALLOWED_ON_NONLEAF', Horde_Ldap::errorName($e->getCode()));
}
// Retry with subtree delete, this should work.
$ldap->delete($testdn, true);
// The DN is not allowed to exist anymore.
$this->assertFalse($ldap->exists($testdn));
}
