connect() public method

Open LDAP connexion to current serveur
public connect ( )
 public function getAvailableValues()
 {
     if (!empty($this->fields['values'])) {
         $ldap_values = json_decode($this->fields['values']);
         $ldap_dropdown = new RuleRightParameter();
         if (!$ldap_dropdown->getFromDB($ldap_values->ldap_attribute)) {
             return array();
         }
         $attribute = array($ldap_dropdown->fields['value']);
         $config_ldap = new AuthLDAP();
         if (!$config_ldap->getFromDB($ldap_values->ldap_auth)) {
             return array();
         }
         if (!function_exists('warning_handler')) {
             function warning_handler($errno, $errstr, $errfile, $errline, array $errcontext)
             {
                 if (0 === error_reporting()) {
                     return false;
                 }
                 throw new ErrorException($errstr, 0, $errno, $errfile, $errline);
             }
         }
         set_error_handler("warning_handler", E_WARNING);
         try {
             $tab_values = array();
             $ds = $config_ldap->connect();
             ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
             $cookie = '';
             do {
                 if (AuthLDAP::isLdapPageSizeAvailable($config_ldap)) {
                     ldap_control_paged_result($ds, $config_ldap->fields['pagesize'], true, $cookie);
                 }
                 $result = ldap_search($ds, $config_ldap->fields['basedn'], $ldap_values->ldap_filter, $attribute);
                 $entries = ldap_get_entries($ds, $result);
                 array_shift($entries);
                 foreach ($entries as $id => $attr) {
                     if (isset($attr[$attribute[0]]) && !in_array($attr[$attribute[0]][0], $tab_values)) {
                         $tab_values[$id] = $attr[$attribute[0]][0];
                     }
                 }
                 if (AuthLDAP::isLdapPageSizeAvailable($config_ldap)) {
                     ldap_control_paged_result_response($ds, $result, $cookie);
                 }
             } while ($cookie !== null && $cookie != '');
             if ($this->fields['show_empty']) {
                 $tab_values = array('' => '-----') + $tab_values;
             }
             asort($tab_values);
             return $tab_values;
         } catch (Exception $e) {
             return array();
         }
         restore_error_handler();
     } else {
         return array();
     }
 }
示例#2
0
 /**
  * Display information from LDAP server for user
  **/
 private function showLdapDebug()
 {
     if ($this->fields['authtype'] != Auth::LDAP) {
         return false;
     }
     echo "<div class='spaced'>";
     echo "<table class='tab_cadre_fixe'>";
     echo "<tr><th colspan='4'>" . __('LDAP directory') . "</th></tr>";
     echo "<tr class='tab_bg_2'><td>" . __('User DN') . "</td>";
     echo "<td>" . $this->fields['user_dn'] . "</td></tr>\n";
     if ($this->fields['user_dn']) {
         echo "<tr class='tab_bg_2'><td>" . __('User information') . "</td><td>";
         $config_ldap = new AuthLDAP();
         $ds = false;
         if ($config_ldap->getFromDB($this->fields['auths_id'])) {
             $ds = $config_ldap->connect();
         }
         if ($ds) {
             $info = AuthLdap::getUserByDn($ds, $this->fields['user_dn'], array('*', 'createTimeStamp', 'modifyTimestamp'));
             if (is_array($info)) {
                 Html::printCleanArray($info);
             } else {
                 _e('No item to display');
             }
         } else {
             _e('Connection failed');
         }
         echo "</td></tr>\n";
     }
     echo "</table></div>";
 }
示例#3
0
 /**
  * Validate form fields before add or update a question
  *
  * @param  Array $input Datas used to add the item
  *
  * @return Array        The modified $input array
  *
  * @param  [type] $input [description]
  * @return [type]        [description]
  */
 private function checkBeforeSave($input)
 {
     // Control fields values :
     // - name is required
     if (empty($input['name'])) {
         Session::addMessageAfterRedirect(__('The title is required', 'formcreator'), false, ERROR);
         return array();
     }
     // - field type is required
     if (empty($input['fieldtype'])) {
         Session::addMessageAfterRedirect(__('The field type is required', 'formcreator'), false, ERROR);
         return array();
     }
     // - section is required
     if (empty($input['plugin_formcreator_sections_id'])) {
         Session::addMessageAfterRedirect(__('The section is required', 'formcreator'), false, ERROR);
         return array();
     }
     // Values are required for GLPI dropdowns, dropdowns, multiple dropdowns, checkboxes, radios, LDAP
     $itemtypes = array('select', 'multiselect', 'checkboxes', 'radios', 'ldap');
     if (empty($input['values']) && in_array($input['fieldtype'], $itemtypes)) {
         Session::addMessageAfterRedirect(__('The field value is required:', 'formcreator') . ' ' . $input['name'], false, ERROR);
         return array();
     }
     // Fields are differents for dropdown lists, so we need to replace these values into the good ones
     if ($input['fieldtype'] == 'dropdown') {
         if (empty($input['dropdown_values'])) {
             Session::addMessageAfterRedirect(__('The field value is required:', 'formcreator') . ' ' . $input['name'], false, ERROR);
             return array();
         }
         $input['values'] = $input['dropdown_values'];
         $input['default_values'] = isset($input['dropdown_default_value']) ? $input['dropdown_default_value'] : '';
     }
     // Fields are differents for GLPI object lists, so we need to replace these values into the good ones
     if ($input['fieldtype'] == 'glpiselect') {
         if (empty($input['glpi_objects'])) {
             Session::addMessageAfterRedirect(__('The field value is required:', 'formcreator') . ' ' . $input['name'], false, ERROR);
             return array();
         }
         $input['values'] = $input['glpi_objects'];
         $input['default_values'] = isset($input['dropdown_default_value']) ? $input['dropdown_default_value'] : '';
     }
     // A description field should have a description
     if ($input['fieldtype'] == 'description' && empty($input['description'])) {
         Session::addMessageAfterRedirect(__('A description field should have a description:', 'formcreator') . ' ' . $input['name'], false, ERROR);
         return array();
     }
     // format values for numbers
     if ($input['fieldtype'] == 'integer' || $input['fieldtype'] == 'float') {
         $input['default_values'] = !empty($input['default_values']) ? (double) str_replace(',', '.', $input['default_values']) : null;
         $input['range_min'] = !empty($input['range_min']) ? (double) str_replace(',', '.', $input['range_min']) : null;
         $input['range_max'] = !empty($input['range_max']) ? (double) str_replace(',', '.', $input['range_max']) : null;
     }
     // LDAP fields validation
     if ($input['fieldtype'] == 'ldapselect') {
         // Fields are differents for dropdown lists, so we need to replace these values into the good ones
         if (!empty($input['ldap_auth'])) {
             $config_ldap = new AuthLDAP();
             $config_ldap->getFromDB($input['ldap_auth']);
             $ldap_dropdown = new RuleRightParameter();
             $ldap_dropdown->getFromDB($input['ldap_attribute']);
             $attribute = array($ldap_dropdown->fields['value']);
             // Set specific error handler too catch LDAP errors
             if (!function_exists('warning_handler')) {
                 function warning_handler($errno, $errstr, $errfile, $errline, array $errcontext)
                 {
                     if (0 === error_reporting()) {
                         return false;
                     }
                     throw new ErrorException($errstr, 0, $errno, $errfile, $errline);
                 }
             }
             set_error_handler("warning_handler", E_WARNING);
             try {
                 $ds = $config_ldap->connect();
                 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
                 ldap_control_paged_result($ds, 1);
                 $sn = ldap_search($ds, $config_ldap->fields['basedn'], $input['ldap_filter'], $attribute);
                 $entries = ldap_get_entries($ds, $sn);
             } catch (Exception $e) {
                 Session::addMessageAfterRedirect(__('Cannot recover LDAP informations!', 'formcreator'), false, ERROR);
             }
             restore_error_handler();
             $input['values'] = json_encode(array('ldap_auth' => $input['ldap_auth'], 'ldap_filter' => $input['ldap_filter'], 'ldap_attribute' => strtolower($input['ldap_attribute'])));
         }
     }
     // Add leading and trailing regex marker automaticaly
     if (!empty($input['regex'])) {
         if (substr($input['regex'], 0, 1) != '/') {
             if (substr($input['regex'], 0, 1) != '^') {
                 $input['regex'] = '/^' . $input['regex'];
             } else {
                 $input['regex'] = '/' . $input['regex'];
             }
         }
         if (substr($input['regex'], -1, 1) != '/') {
             if (substr($input['regex'], -1, 1) != '$') {
                 $input['regex'] = $input['regex'] . '$/';
             } else {
                 $input['regex'] = $input['regex'] . '/';
             }
         }
     }
     return $input;
 }
 /** Converts an array of parameters into a query string to be appended to a URL.
  *
  * @param   $group_dn  dn of the group to import
  * @param   $options array for
  *             - authldaps_id
  *             - entities_id where group must to be imported
  *             - is_recursive
  *
  * @return  nothing
  **/
 static function ldapImportGroup($group_dn, $options = array())
 {
     $config_ldap = new AuthLDAP();
     $res = $config_ldap->getFromDB($options['authldaps_id']);
     $ldap_users = array();
     $group_dn = $group_dn;
     // we prevent some delay...
     if (!$res) {
         return false;
     }
     //Connect to the directory
     $ds = $config_ldap->connect();
     if ($ds) {
         $group_infos = self::getGroupByDn($ds, stripslashes($group_dn));
         $group = new Group();
         if ($options['type'] == "groups") {
             $group->add(array("name" => addslashes($group_infos["cn"][0]), "ldap_group_dn" => addslashes($group_infos["dn"]), "entities_id" => $options['entities_id'], "is_recursive" => $options['is_recursive']));
         } else {
             $group->add(array("name" => addslashes($group_infos["cn"][0]), "ldap_field" => $config_ldap->fields["group_field"], "ldap_value" => addslashes($group_infos["dn"]), "entities_id" => $options['entities_id'], "is_recursive" => $options['is_recursive']));
         }
     }
 }
 public static function displayValue($value, $values)
 {
     if (!empty($values)) {
         $ldap_values = json_decode($values);
         $ldap_dropdown = new RuleRightParameter();
         $ldap_dropdown->getFromDB($ldap_values->ldap_attribute);
         $attribute = array($ldap_dropdown->fields['value']);
         $config_ldap = new AuthLDAP();
         $config_ldap->getFromDB($ldap_values->ldap_auth);
         $ds = $config_ldap->connect();
         $sn = ldap_search($ds, $config_ldap->fields['basedn'], $ldap_values->ldap_filter, $attribute);
         $entries = ldap_get_entries($ds, $sn);
         array_shift($entries);
         $tab_values = array();
         foreach ($entries as $id => $attr) {
             if (isset($attr[$attribute[0]]) && !in_array($attr[$attribute[0]][0], $tab_values)) {
                 $tab_values[$id] = $attr[$attribute[0]][0];
             }
         }
         sort($tab_values);
     }
     return $value != '' ? $tab_values[$value] : '';
 }
示例#6
0
function plugin_moreldap_item_add_or_update_user($user)
{
    //Ignore users without auths_id
    if (!isset($user->input["auths_id"])) {
        return;
    }
    // We update LDAP field only if LDAP directory is defined
    if (isset($user->input["locations_id"])) {
        return;
    }
    // default : store locations outside of any entity
    $entityID = -1;
    $pluginAuthLDAP = new PluginMoreldapAuthLDAP();
    $authsId = isset($user->input["auths_id"]) ? $user->input["auths_id"] : $user->fields["auths_id"];
    if ($authsId > 0 && $pluginAuthLDAP->getFromDBByQuery("WHERE `id`='{$authsId}'")) {
        // The target entity for the locations to be created
        $entityID = $pluginAuthLDAP->fields['entities_id'];
        // find from config all attributes to read from LDAP
        $fields = array();
        $locationHierarchy = explode('>', $pluginAuthLDAP->fields['location']);
        foreach ($locationHierarchy as $locationSubAttribute) {
            $locationSubAttribute = trim($locationSubAttribute);
            if (strlen($locationSubAttribute) > 0) {
                $fields[] = $locationSubAttribute;
            }
        }
        // LDAP query to read the needed attributes for the user
        $ldap_connection = 0;
        if (!isset($user->input["_ldap_conn"]) || !isset($user->fields["_ldap_conn"])) {
            $ldap = new AuthLDAP();
            $ldap->getFromDB($authsId);
            $ldap_connection = $ldap->connect();
        } else {
            $ldap_connection = isset($user->input["_ldap_conn"]) ? $user->input["_ldap_conn"] : $user->fields["_ldap_conn"];
        }
        $userdn = isset($user->input["user_dn"]) ? $user->input["user_dn"] : $user->fields["user_dn"];
        $userdn = str_replace('\\\\', '\\', $userdn);
        $sr = @ldap_read($ldap_connection, $userdn, "objectClass=*", $fields);
        if (!is_resource($sr) || ldap_errno($ldap_connection) > 0) {
            return;
        }
        $v = AuthLDAP::get_entries_clean($ldap_connection, $sr);
        //Find all locations needed to create the deepest one
        $locationPath = array();
        $incompleteLocation = false;
        foreach ($fields as $locationSubAttribute) {
            $locationSubAttribute = strtolower($locationSubAttribute);
            if (isset($v[0][$locationSubAttribute][0])) {
                $locationPath[] = $v[0][$locationSubAttribute][0];
            } else {
                // A LDAP attribute is not defined for the user. Cannot build the completename
                // Therefore we must giveup importing this location
                $incompleteLocation = true;
            }
        }
        // TODO : test if location import is enabled earlier in this function
        if ($pluginAuthLDAP->fields['location_enabled'] == 'Y') {
            if ($incompleteLocation == false) {
                $location = new Location();
                $locationAncestor = 0;
                $locationCompleteName = array();
                $allLocationsExist = true;
                // Assume we created or found all locations
                // while ($locatinItem = array_shift($locationPath) && $allLocationsExist) {
                foreach ($locationPath as $locationItem) {
                    if ($allLocationsExist) {
                        $locationCompleteName[] = $locationItem;
                        $locationItem = Toolbox::addslashes_deep(array('entities_id' => $entityID, 'name' => $locationItem, 'locations_id' => $locationAncestor, 'completename' => implode(' > ', $locationCompleteName), 'is_recursive' => $pluginAuthLDAP->fields['is_recursive'], 'comment' => __("Created by MoreLDAP", "moreldap")));
                        $locationAncestor = $location->findID($locationItem);
                        if ($locationAncestor == -1) {
                            // The location does not exists yet
                            $locationAncestor = $location->add($locationItem);
                        }
                        if ($locationAncestor == false) {
                            // If a location could not be imported and does not exist
                            // then give up importing children items
                            $allLocationsExist = false;
                        }
                    }
                }
                if ($allLocationsExist) {
                    // All locations exist to match the path described un LDAP
                    $locations_id = $locationAncestor;
                    $myuser = new User();
                    // new var to prevent user->input erasing (object are always passed by "reference")
                    $myuser->update(array('id' => $user->getID(), 'locations_id' => $locations_id));
                }
            }
        } else {
            // If the location retrieval is disabled, enablig this line will erase the location for the user.
            // $fields['locations_id'] = 0;
        }
    }
}
示例#7
0
 /**
  * Display information from LDAP server for user
  **/
 private function showLdapDebug()
 {
     global $LANG;
     if ($this->fields['authtype'] != Auth::LDAP) {
         return false;
     }
     echo "<div class='spaced'>";
     echo "<table class='tab_cadre_fixe'>";
     echo "<tr><th colspan='4'>" . $LANG['setup'][137] . ' - ' . $LANG['login'][2] . "</th></tr>";
     echo "<tr class='tab_bg_2'><td>" . $LANG['ldap'][26] . "&nbsp;:</td>";
     echo "<td>" . $this->fields['user_dn'] . "</td></tr>\n";
     if ($this->fields['user_dn']) {
         echo "<tr class='tab_bg_2'><td>" . $LANG['title'][13] . "&nbsp;:</td><td>";
         $config_ldap = new AuthLDAP();
         $ds = false;
         if ($config_ldap->getFromDB($this->fields['auths_id'])) {
             $ds = $config_ldap->connect();
         }
         if ($ds) {
             $info = AuthLdap::getUserByDn($ds, $this->fields['user_dn'], array('*', 'createTimeStamp', 'modifyTimestamp'));
             if (is_array($info)) {
                 printCleanArray($info);
             } else {
                 echo $LANG['stats'][2];
             }
         } else {
             echo $LANG['log'][41];
         }
         echo "</td></tr>\n";
     }
     echo "</table></div>";
 }