/** * Returns value of ldap user field mapped to bitrix field. * @param string $fieldName Name of user field in Bitrix system. * @param array $arLdapUser User params received from ldap. * @return mixed. */ function getLdapValueByBitrixFieldName($fieldName, $arLdapUser) { global $USER_FIELD_MANAGER; if (!isset($this->arFields["FIELD_MAP"][$fieldName])) { return false; } $attr = $this->arFields["FIELD_MAP"][$fieldName]; $arRes = $USER_FIELD_MANAGER->GetUserFields("USER", 0, LANGUAGE_ID); $result = false; if (is_array($arRes[$fieldName])) { if ($arRes[$fieldName]["MULTIPLE"] == "Y") { if (is_array($arLdapUser[strtolower($attr)])) { $result = array_values($arLdapUser[strtolower($attr)]); } else { $result = array($arLdapUser[strtolower($attr)]); } } else { if (!empty($arLdapUser[strtolower($attr)])) { $result = $arLdapUser[strtolower($attr)]; } else { if (!empty($arRes[$fieldName]['SETTINGS']['DEFAULT_VALUE'])) { if (is_array($arRes[$fieldName]['SETTINGS']['DEFAULT_VALUE'])) { if (!empty($arRes[$fieldName]['SETTINGS']['DEFAULT_VALUE']['VALUE'])) { $result = $arRes[$fieldName]['SETTINGS']['DEFAULT_VALUE']['VALUE']; } } else { $result = $arRes[$fieldName]['SETTINGS']['DEFAULT_VALUE']; } } } } } elseif (preg_match("/(.*)&([0-9]+)/", $attr, $arMatch)) { if (intval($arLdapUser[strtolower($arMatch[1])]) & intval($arMatch[2])) { $result = "N"; } else { $result = "Y"; } } elseif ($fieldName == "PERSONAL_PHOTO") { if ($arLdapUser[strtolower($attr)] == "") { return false; } $fExt = CLdapUtil::GetImgTypeBySignature($arLdapUser[strtolower($attr)][0]); if (!$fExt) { return false; } $tmpDir = CTempFile::GetDirectoryName(); CheckDirPath($tmpDir); $fname = "ad_" . rand() . "." . $fExt; if (!file_put_contents($tmpDir . $fname, $arLdapUser[strtolower($attr)][0])) { return false; } $result = array("name" => $fname, "type" => CFile::GetContentType($tmpDir . $fname), "tmp_name" => $tmpDir . $fname); } else { $result = $arLdapUser[strtolower($attr)]; } if (is_null($result)) { $result = false; } return $result; }
function GetUserFields($arLdapUser, &$departmentCache = FALSE) { global $APPLICATION; $arFields = array('DN' => $arLdapUser['dn'], 'LOGIN' => $arLdapUser[strtolower($this->arFields['~USER_ID_ATTR'])], 'EXTERNAL_AUTH_ID' => 'LDAP#' . $this->arFields['ID'], 'LDAP_GROUPS' => $arLdapUser[strtolower($this->arFields['~USER_GROUP_ATTR'])]); // list of user field definitions $arRes = $GLOBALS["USER_FIELD_MANAGER"]->GetUserFields("USER", 0, LANGUAGE_ID); // for each field, do the conversion foreach ($this->arFields["FIELD_MAP"] as $userField => $attr) { if (is_array($arRes[$userField])) { //"USER_TYPE_ID" if ($arRes[$userField]["MULTIPLE"] == "Y") { if (is_array($arLdapUser[strtolower($attr)])) { $arFields[$userField] = array_values($arLdapUser[strtolower($attr)]); } else { $arFields[$userField] = array($arLdapUser[strtolower($attr)]); } } else { if (!empty($arLdapUser[strtolower($attr)])) { $arFields[$userField] = $arLdapUser[strtolower($attr)]; } else { if (!empty($arRes[$userField]['SETTINGS']['DEFAULT_VALUE'])) { if (is_array($arRes[$userField]['SETTINGS']['DEFAULT_VALUE'])) { if (!empty($arRes[$userField]['SETTINGS']['DEFAULT_VALUE']['VALUE'])) { $arFields[$userField] = $arRes[$userField]['SETTINGS']['DEFAULT_VALUE']['VALUE']; } } else { $arFields[$userField] = $arRes[$userField]['SETTINGS']['DEFAULT_VALUE']; } } } } } elseif (preg_match("/(.*)&([0-9]+)/", $attr, $arMatch)) { if (intval($arLdapUser[strtolower($arMatch[1])]) & intval($arMatch[2])) { $arFields[$userField] = "N"; } else { $arFields[$userField] = "Y"; } } elseif ($userField == "PERSONAL_PHOTO") { $arFields["PERSONAL_PHOTO"] = ""; if ($arLdapUser[strtolower($attr)] == "") { continue; } $fExt = CLdapUtil::GetImgTypeBySignature($arLdapUser[strtolower($attr)][0]); if (!$fExt) { continue; } $tmpDir = CTempFile::GetDirectoryName(); CheckDirPath($tmpDir); $fname = "ad_" . rand() . "." . $fExt; if (!file_put_contents($tmpDir . $fname, $arLdapUser[strtolower($attr)][0])) { continue; } $arFields["PERSONAL_PHOTO"] = array("name" => $fname, "type" => CFile::GetContentType($tmpDir . $fname), "tmp_name" => $tmpDir . $fname); } else { $arFields[$userField] = $arLdapUser[strtolower($attr)]; } if (is_null($arFields[$userField])) { $arFields[$userField] = false; } } $APPLICATION->ResetException(); $db_events = GetModuleEvents("ldap", "OnLdapUserFields"); while ($arEvent = $db_events->Fetch()) { $arParams = array(array(&$arFields, $arLdapUser)); if (ExecuteModuleEventEx($arEvent, $arParams) === false) { if (!($err = $APPLICATION->GetException())) { $APPLICATION->ThrowException("Unknown error"); } return false; } $arFields = $arParams[0][0]; } // set a department field, if needed if (empty($arFields['UF_DEPARTMENT']) && isModuleInstalled('intranet') && $this->arFields['IMPORT_STRUCT'] && $this->arFields['IMPORT_STRUCT'] == 'Y') { //$arLdapUser[$this->arFields['USER_DN_ATTR']] $username = $arLdapUser[$this->arFields['USER_ID_ATTR']]; if ($arDepartment = $this->GetDepartmentIdForADUser($arLdapUser[$this->arFields['USER_DEPARTMENT_ATTR']], $arLdapUser[$this->arFields['USER_MANAGER_ATTR']], $username, $departmentCache)) { // fill in cache. it is done outside the function because it has many exit points if ($departmentCache) { $departmentCache[$username] = $arDepartment; } // this is not final assignment // $arFields['UF_DEPARTMENT'] sould contain array of department ids // but somehow we have to return an information whether this user is a department head // so we'll save this data here temporarily $arFields['UF_DEPARTMENT'] = $arDepartment; } else { $arFields['UF_DEPARTMENT'] = array(); } // at this point $arFields['UF_DEPARTMENT'] should be set to some value, even an empty array is ok } if (!is_array($arFields['LDAP_GROUPS'])) { $arFields['LDAP_GROUPS'] = !empty($arFields['LDAP_GROUPS']) ? array($arFields['LDAP_GROUPS']) : array(); } $primarygroupid_name_attr = 'primarygroupid'; $primarygrouptoken_name_attr = 'primarygrouptoken'; if ($this->arFields['USER_GROUP_ACCESSORY'] == 'Y') { $primarygroupid_name_attr = strtolower($this->arFields['GROUP_ID_ATTR']); $primarygrouptoken_name_attr = strtolower($this->arFields['USER_GROUP_ATTR']); $userIdAttr = strtolower($this->arFields['USER_ID_ATTR']); $groupMemberAttr = strtolower($this->arFields['GROUP_MEMBERS_ATTR']); } $arAllGroups = $this->GetGroupListArray(); if (!is_array($arAllGroups) || count($arAllGroups) <= 0) { return $arFields; } $arGroup = reset($arAllGroups); do { if (in_array($arGroup['ID'], $arFields['LDAP_GROUPS'])) { continue; } if (is_set($arLdapUser, $primarygroupid_name_attr) && $arGroup[$primarygrouptoken_name_attr] == $arLdapUser[$primarygroupid_name_attr] || $this->arFields['USER_GROUP_ACCESSORY'] == 'Y' && is_set($arGroup, $groupMemberAttr) && (is_array($arGroup[$groupMemberAttr]) && in_array($arLdapUser[$userIdAttr], $arGroup[$groupMemberAttr]) || $arLdapUser[$userIdAttr] == $arGroup[$groupMemberAttr])) { $arFields['LDAP_GROUPS'][] = $arGroup['ID']; if ($this->arFields['USER_GROUP_ACCESSORY'] == 'N') { break; } } } while ($arGroup = next($arAllGroups)); return $arFields; }