function plugin_moreldap_item_add_or_update_user($user) { //Ignore users without auths_id if (!isset($user->input["auths_id"])) { return; } // We update LDAP field only if LDAP directory is defined if (isset($user->input["locations_id"])) { return; } // default : store locations outside of any entity $entityID = -1; $pluginAuthLDAP = new PluginMoreldapAuthLDAP(); $authsId = isset($user->input["auths_id"]) ? $user->input["auths_id"] : $user->fields["auths_id"]; if ($authsId > 0 && $pluginAuthLDAP->getFromDBByQuery("WHERE `id`='{$authsId}'")) { // The target entity for the locations to be created $entityID = $pluginAuthLDAP->fields['entities_id']; // find from config all attributes to read from LDAP $fields = array(); $locationHierarchy = explode('>', $pluginAuthLDAP->fields['location']); foreach ($locationHierarchy as $locationSubAttribute) { $locationSubAttribute = trim($locationSubAttribute); if (strlen($locationSubAttribute) > 0) { $fields[] = $locationSubAttribute; } } // LDAP query to read the needed attributes for the user $ldap_connection = 0; if (!isset($user->input["_ldap_conn"]) || !isset($user->fields["_ldap_conn"])) { $ldap = new AuthLDAP(); $ldap->getFromDB($authsId); $ldap_connection = $ldap->connect(); } else { $ldap_connection = isset($user->input["_ldap_conn"]) ? $user->input["_ldap_conn"] : $user->fields["_ldap_conn"]; } $userdn = isset($user->input["user_dn"]) ? $user->input["user_dn"] : $user->fields["user_dn"]; $userdn = str_replace('\\\\', '\\', $userdn); $sr = @ldap_read($ldap_connection, $userdn, "objectClass=*", $fields); if (!is_resource($sr) || ldap_errno($ldap_connection) > 0) { return; } $v = AuthLDAP::get_entries_clean($ldap_connection, $sr); //Find all locations needed to create the deepest one $locationPath = array(); $incompleteLocation = false; foreach ($fields as $locationSubAttribute) { $locationSubAttribute = strtolower($locationSubAttribute); if (isset($v[0][$locationSubAttribute][0])) { $locationPath[] = $v[0][$locationSubAttribute][0]; } else { // A LDAP attribute is not defined for the user. Cannot build the completename // Therefore we must giveup importing this location $incompleteLocation = true; } } // TODO : test if location import is enabled earlier in this function if ($pluginAuthLDAP->fields['location_enabled'] == 'Y') { if ($incompleteLocation == false) { $location = new Location(); $locationAncestor = 0; $locationCompleteName = array(); $allLocationsExist = true; // Assume we created or found all locations // while ($locatinItem = array_shift($locationPath) && $allLocationsExist) { foreach ($locationPath as $locationItem) { if ($allLocationsExist) { $locationCompleteName[] = $locationItem; $locationItem = Toolbox::addslashes_deep(array('entities_id' => $entityID, 'name' => $locationItem, 'locations_id' => $locationAncestor, 'completename' => implode(' > ', $locationCompleteName), 'is_recursive' => $pluginAuthLDAP->fields['is_recursive'], 'comment' => __("Created by MoreLDAP", "moreldap"))); $locationAncestor = $location->findID($locationItem); if ($locationAncestor == -1) { // The location does not exists yet $locationAncestor = $location->add($locationItem); } if ($locationAncestor == false) { // If a location could not be imported and does not exist // then give up importing children items $allLocationsExist = false; } } } if ($allLocationsExist) { // All locations exist to match the path described un LDAP $locations_id = $locationAncestor; $myuser = new User(); // new var to prevent user->input erasing (object are always passed by "reference") $myuser->update(array('id' => $user->getID(), 'locations_id' => $locations_id)); } } } else { // If the location retrieval is disabled, enablig this line will erase the location for the user. // $fields['locations_id'] = 0; } } }
/** * Hook to add more data from ldap * * @param $datas array * * @return un tableau **/ function plugin_retrieve_more_data_from_ldap_moreldap(array $fields) { $pluginAuthLDAP = new PluginMoreldapAuthLDAP(); $authLDAP = new AuthLDAP(); $user = new User(); $user->getFromDBbyDn($fields['user_dn']); // default : store locations outside of any entity $entityID = -1; if ($pluginAuthLDAP->getFromDBByQuery("WHERE `id`='" . $user->fields["auths_id"] . "'")) { $entityID = $pluginAuthLDAP->fields['entities_id']; if (isset($fields[$pluginAuthLDAP->fields['location']])) { // Explode multiple attributes for location hierarchy $locationHierarchy = explode('>', $pluginAuthLDAP->fields['location']); $locationPath = array(); $incompleteLocation = false; foreach ($locationHierarchy as $locationSubAttribute) { $locationSubAttribute = trim($locationSubAttribute); if (isset($fields['_ldap_result'][0][strtolower($locationSubAttribute)][0])) { $locationPath[] = $fields['_ldap_result'][0][strtolower($locationSubAttribute)][0]; } else { $incompleteLocation = true; } } if ($incompleteLocation == false) { if ($pluginAuthLDAP->fields['location_enabled'] == 'Y') { $location = new Location(); $locationAncestor = 0; $locationCompleteName = array(); foreach ($locationPath as $locationItem) { $locationCompleteName[] = $locationItem; $locationItem = Toolbox::addslashes_deep(array('entities_id' => $entityID, 'name' => $locationItem, 'locations_id' => $locationAncestor, 'completename' => implode(' > ', $locationCompleteName), 'is_recursive' => $pluginAuthLDAP->fields['is_recursive'])); $locationAncestor = $location->findID($locationItem); if ($locationAncestor == -1) { //The location does not exists yet $locationAncestor = $location->add($locationItem); } if ($locationAncestor == false) { // If a location could not be imported, then give up importing children items break; } } if ($locationAncestor != false) { $fields['locations_id'] = $locationAncestor; } } else { //If the location retrieval is disabled, enablig this line will erase the location for the user. //$fields['locations_id'] = 0; } } } } return $fields; }