Core  3.2
PHP API documentation
 All Data Structures Namespaces Files Functions Variables Pages
Class.DocLDAP.php
Go to the documentation of this file.
1 <?php
2 /*
3  * @author Anakeen
4  * @package FDL
5 */
6 /**
7  * LDAP methods
8  *
9  * @author Anakeen
10  * @version $Id: Class.DocLDAP.php,v 1.9 2008/03/10 10:45:52 eric Exp $
11  * @package FDL
12  */
13 /**
14  */
15 
16 include_once ("Class.DbObj.php");
17 
18 class DocLDAP extends DbObj
19 {
20  // LDAP parameters
21  var $serveur;
22  var $port;
23  var $racine;
24  var $rootdn;
25  var $rootpw;
26  public $useldap = false;
27  public $infoldap = array();
28  public $cindex = false;
29  public $ldapmap;
30  public $ldapdn;
31  /**
32  * init society organization of the tree
33  * @return bool true if organization has been created or its already created
34  */
35  function OrgInit()
36  {
37  if (!$this->useldap) false;
38  // ------------------------------
39  // include LDAP organisation first
40  $orgldap["objectClass"] = "organization";
41  if (preg_match("/.*o=(.*),.*/", $this->racine, $reg)) $orgldap["o"] = $reg[1]; // get organisation from LDAP_ROOT
42  else $orgldap["o"] = "unknown";
43 
44  $dn = $this->racine;
45  $ds = ldap_connect($this->serveur, $this->port);
46 
47  if ($ds) {
48  ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
49  if (@ldap_bind($ds, $this->rootdn, $this->rootpw)) {
50 
51  if (@ldap_search($ds, "dc=users," . $dn, "", array())) return true;
52  else {
53  if (!@ldap_search($ds, "dc=users," . $dn, "", array())) {
54  ldap_add($ds, $dn, $orgldap);
55  }
56  $err = $this->createLDAPDc($ds, "users");
57  if ($err == "") $err = $this->createLDAPDc($ds, "people");
58  if ($err) AddWarningMsg($err);
59  return true;
60  }
61  }
62  }
63 
64  return false;
65  }
66  /**
67  * Indicate if ::refreshLdapCard must be activate or not
68  * use for families which doesn't want to be inserted in LDAP
69  */
70  function UseLdap()
71  {
72  return true;
73  }
74  /**
75  * initialialize LDAP coordonates
76  */
77  function SetLdapParam()
78  {
79  /*
80  * @var Action $action
81  */
82  global $action;
83  $this->serveur = $action->GetParam("LDAP_SERVEUR");
84  $this->port = $action->GetParam("LDAP_PORT");
85  $this->racine = $action->GetParam("LDAP_ROOT");
86  $this->rootdn = $action->GetParam("LDAP_ROOTDN");
87  $this->rootpw = $action->GetParam("LDAP_ROOTPW");
88  $this->useldap = ($action->GetParam("LDAP_ENABLED", "no") == "yes");
89 
90  $this->action = $action;
91  }
92  /**
93  * get DNs created in LDAP database from this document
94  * @return array of Dns indexed by card index which comes from definition of mapping
95  */
96  function getDNs()
97  {
98  if ($this->ldapdn == "") return array();
99  return Doc::rawValueToArray($this->ldapdn);
100  }
101  /**
102  * set new DNs created in LDAP database from this document
103  * suppress old DNs card from LDAP if exists
104  * @param resource $ds LDAP connection ressouce
105  * @param array $tdn array of DN new DN
106  * @return string
107  */
108  function setDNs($ds, $tdn)
109  {
110  $err = "";
111  $toldn = $this->getDNs();
112  foreach ($toldn as $k => $dn) {
113  if (!in_array($dn, $tdn)) {
114  if (!@ldap_delete($ds, $dn)) {
115  $err.= sprintf("cannot delete LDAP entry [%s]", $dn);
116  }
117  }
118  }
119  $this->ldapdn = $this->_array2val($tdn);
120  $this->modify(true, array(
121  "ldapdn"
122  ) , true);
123  return $err;
124  }
125  /**
126  * test if the document can be set in LDAP
127  * to be defined in child families
128  */
129  function canUpdateLdapCard()
130  {
131  return false;
132  }
133  /**
134  * update or delete LDAP card
135  */
136  function RefreshLdapCard()
137  {
138  if (!$this->UseLdap()) return false;
139  $this->SetLdapParam();
140  if (!$this->useldap) return false;
141 
142  if ($this->canUpdateLdapCard()) {
143  $tinfoldap = $this->ConvertToLdap();
144  $err = $this->ModifyLdapCard($tinfoldap);
145  } else {
146  $err = $this->DeleteLdapCard();
147  }
148  return $err;
149  }
150  /**
151  * delete LDAP cards of document
152  * @return string error message
153  */
154  function DeleteLdapCard()
155  {
156  $err = '';
157  if (!$this->UseLdap()) return '';
158  if (!$this->useldap) return '';
159 
160  if (($this->serveur != "") && ($this->id > 0)) {
161  $ds = ldap_connect($this->serveur, $this->port);
162 
163  if ($ds) {
164 
165  ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
166  if (@ldap_bind($ds, $this->rootdn, $this->rootpw)) {
167  $err = $this->setDNs($ds, array());
168  }
169 
170  ldap_close($ds);
171  }
172  }
173  return $err;
174  }
175  /**
176  * get DN of document
177  */
178  function getLDAPDN($rdn, $path = "")
179  {
180  if (!$rdn) return false;
181  $vdn = $this->infoldap[$this->cindex][$rdn];
182  if (!$vdn) return false;
183  if ($path == "") $dn = "$rdn=" . $vdn . "," . $this->racine;
184  else $dn = "$rdn=" . $vdn . ",$path," . $this->racine;
185  return $dn;
186  }
187  /**
188  * get Attribute mapping FREEDOM -> LDAP
189  * @return array
190  */
191  function getMapAttributes()
192  {
193  include_once ("FDL/Class.DocAttrLDAP.php");
194  $fids = $this->GetFromDoc();
195  if (!$fids) return array();
196  include_once ("Class.QueryDb.php");
197  $q = new QueryDb($this->dbaccess, "DocAttrLDAP");
198 
199  $q->AddQuery(getSqlCond($fids, "famid"));
200  $q->order_by = "famid,index";
201  $l = $q->Query(0, 0, "TABLE");
202  $this->ldapmap = array();
203  if ($l && is_array($l)) {
204  foreach ($l as $v) {
205  $this->ldapmap[$v["ldapname"] . $v["index"]] = $v;
206  }
207  }
208  return $this->ldapmap;
209  }
210  /**
211  * return array(card) of array of ldap values LDAP card from user document
212  */
213  function ConvertToLdap()
214  {
215 
216  $this->infoldap = array();
217 
218  $tmap = $this->getMapAttributes();
219 
220  foreach ($tmap as $ki => $v) {
221  $k = $v["ldapname"];
222  $map = $v["ldapmap"];
223  $index = $v["index"];
224  if ($map) {
225  if (substr($map, 0, 2) == "::") {
226  // call method
227  $this->cindex = $index; // current index
228  $value = $this->ApplyMethod($map);
229  if ($value) {
230  $this->infoldap[$index][$k] = $value;
231  if ((!isset($this->infoldap[$index]["objectClass"])) || (!in_array($v["ldapclass"], $this->infoldap[$index]["objectClass"]))) $this->infoldap[$index]["objectClass"][] = $v["ldapclass"];
232  }
233  } else {
234  switch ($map) {
235  case "I":
236  $this->infoldap[$index][$k] = $this->initid;
237  break;
238 
239  case "T":
240  $this->infoldap[$index][$k] = $this->title;
241  break;
242 
243  default:
244  $oa = $this->getAttribute($map);
245  $value = $this->getValue($map);
246 
247  if ($value) {
248  if ((!isset($this->infoldap[$index]["objectClass"])) || (!in_array($v["ldapclass"], $this->infoldap[$index]["objectClass"]))) $this->infoldap[$index]["objectClass"][] = $v["ldapclass"];
249 
250  switch ($oa->type) {
251  case "image":
252  if (preg_match(PREGEXPFILE, $value, $reg)) {
253  $vf = newFreeVaultFile($this->dbaccess);
254  $info = null;
255  if ($vf->Retrieve($reg[2], $info) == "") {
256  $fd = fopen($info->path, "r");
257  if ($fd) {
258  $contents = @fread($fd, filesize($info->path));
259  $this->infoldap[$index][$k] = ($contents);
260  fclose($fd);
261  }
262  }
263  }
264  break;
265 
266  case "password":
267  $this->infoldap[$index][$k] = "{CRYPT}" . ($value);
268  break;
269 
270  default:
271  $this->infoldap[$index][$k] = $value;
272  }
273  }
274  }
275  }
276  }
277  }
278 
279  return $this->infoldap;
280  }
281  /**
282  * get ldap value
283  * @param string $idattr ldap attribute name
284  * @return string the value
285  */
286  function getLDAPValue($idattr, $index = "")
287  {
288  if (!isset($this->infoldap)) {
289  $this->SetLdapParam();
290  $this->ConvertToLdap();
291  }
292  if ($index == "") $tldap = current($this->infoldap);
293  elseif (!isset($this->infoldap[$index])) return null;
294  else $tldap = $this->infoldap[$index];
295 
296  return isset($tldap[$idattr]) ? $tldap[$idattr] : null;
297  }
298  /**
299  * modify in LDAP database information
300  */
301  function ModifyLdapCard($tinfoldap)
302  {
303  if (!$this->UseLdap()) return false;
304  if (!$this->useldap) return false;
305  $retour = "";
306  if ($this->serveur != "") {
307  if ($this->OrgInit()) {
308  // ------------------------------
309  // update LDAP values
310  if (!isset($ds)) {
311  $ds = ldap_connect($this->serveur, $this->port);
312  }
313 
314  if ($ds) {
315  ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
316 
317  if (@ldap_bind($ds, $this->rootdn, $this->rootpw)) {
318  $tnewdn = array();
319  foreach ($tinfoldap as $k => $infoldap) {
320  $tdn = $infoldap["dn"];
321  unset($infoldap["dn"]);
322  if (!is_array($tdn)) $tdn = array(
323  $tdn
324  );
325  foreach ($tdn as $dn) {
326  if (!$dn) continue;
327  $sr = @ldap_read($ds, $dn, "objectClass=*");
328 
329  if ($sr) {
330  $attrs = ldap_get_attributes($ds, ldap_first_entry($ds, $sr));
331  // need to reset all values in case of deleted values
332  $delldap = array();
333  for ($i = 0; $i < $attrs["count"]; $i++) {
334  if (!isset($infoldap[$attrs[$i]])) $delldap[$attrs[$i]] = array();
335  }
336  if (count($delldap) > 0) {
337  ldap_mod_del($ds, $dn, $delldap);
338  }
339  ldap_mod_replace($ds, $dn, $infoldap);
340  $tnewdn[] = $dn;
341  } else {
342  if (!@ldap_add($ds, $dn, $infoldap)) {
343  $retour.= sprintf(_("errldapadd:%s\n%s\n%d\n") , $dn, ldap_error($ds) , ldap_errno($ds));
344  } else {
345  // add OK
346  $tnewdn[] = $dn;
347  }
348  }
349  }
350  }
351  $this->setDNs($ds, $tnewdn); // suppress old DN if needed
352 
353  }
354  ldap_close($ds);
355  } else {
356  $retour = _("errldapconnect");
357  }
358  } else {
359  $retour = _("errldaporginit");
360  }
361  }
362  return $retour;
363  }
364  /**
365  * created an LDAP DC object in root directory
366  */
367  function createLDAPDc($ds, $n)
368  {
369 
370  if ($ds) {
371  if (!@ldap_add($ds, "dc=$n," . $this->racine, array(
372  "objectClass" => array(
373  "dcObject",
374  "organizationalUnit"
375  ) ,
376  "dc" => "$n",
377  "ou" => "$n"
378  ))) return ldap_error($ds);
379  }
380  return '';
381  }
382 }
383 ?>
$action
global $action
Definition: accountRefreshGroup.php:16
DocLDAP\ModifyLdapCard
ModifyLdapCard($tinfoldap)
Definition: Class.DocLDAP.php:301
newFreeVaultFile
newFreeVaultFile($dbaccess)
Definition: Lib.Util.php:17
DocLDAP\createLDAPDc
createLDAPDc($ds, $n)
Definition: Class.DocLDAP.php:367
Doc\rawValueToArray
static rawValueToArray($v)
Definition: Class.Doc.php:6228
PREGEXPFILE
const PREGEXPFILE
Definition: Class.Doc.php:54
DocLDAP\getLDAPValue
getLDAPValue($idattr, $index="")
Definition: Class.DocLDAP.php:286
DbObj\modify
modify($nopost=false, $sfields="", $nopre=false)
Definition: Class.DbObj.php:449
DocLDAP\setDNs
setDNs($ds, $tdn)
Definition: Class.DocLDAP.php:108
$path
$path
Definition: dav.php:39
$q
$q
Definition: FullFileIndex.php:38
racine
$s racine
Definition: dav.php:74
$title
$title
Definition: DynacaseConsistency/info.php:2
DocLDAP\canUpdateLdapCard
canUpdateLdapCard()
Definition: Class.DocLDAP.php:129
$vf
$vf
Definition: geticon.php:28
DocLDAP\getLDAPDN
getLDAPDN($rdn, $path="")
Definition: Class.DocLDAP.php:178
$info
$info
Definition: geticon.php:30
$err
if($file) if($subject==""&&$file) if($subject=="") $err
Definition: fdl_sendmail.php:78
$value
$value
Definition: change_action.php:32
DocLDAP\getMapAttributes
getMapAttributes()
Definition: Class.DocLDAP.php:191
← centre documentaire © anakeen