From 5183a1ec7a19cd553fd9fa728a911df3310174b9 Mon Sep 17 00:00:00 2001 From: Abbes Bahfir Date: Wed, 11 Sep 2019 22:45:02 +0100 Subject: [PATCH 1/6] New : Use of posixAccount and posixGroup objectclass for users and groups in LDAP --- htdocs/admin/ldap_groups.php | 8 +++++++ htdocs/admin/ldap_users.php | 33 +++++++++++++++++++++++++++ htdocs/langs/en_US/admin.lang | 7 ++++++ htdocs/langs/fr_FR/admin.lang | 7 ++++++ htdocs/user/class/user.class.php | 18 +++++++++++++-- htdocs/user/class/usergroup.class.php | 5 +++- 6 files changed, 75 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/ldap_groups.php b/htdocs/admin/ldap_groups.php index 450fec88ad0..6dcc26a23e0 100644 --- a/htdocs/admin/ldap_groups.php +++ b/htdocs/admin/ldap_groups.php @@ -58,6 +58,7 @@ if ($action == 'setvalue' && $user->admin) //if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_NAME',$_POST["fieldname"],'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_DESCRIPTION', GETPOST("fielddescription"), 'chaine', 0, '', $conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_GROUPMEMBERS', GETPOST("fieldgroupmembers"), 'chaine', 0, '', $conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_FIELD_GROUPID', GETPOST("fieldgroupid"), 'chaine', 0, '', $conf->entity)) $error++; // This one must be after the others $valkey=''; @@ -170,6 +171,13 @@ print ''.$langs->trans("LDAPFieldGroupMembersExample").''; print 'global->LDAP_KEY_GROUPS && $conf->global->LDAP_KEY_GROUPS==$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS)?' checked':'').">"; print ''; +// Group id +print ''.$langs->trans("LDAPFieldGroupid").''; +print ''; +print ''.$langs->trans("LDAPFieldGroupidExample").''; +print ' '; +print ''; + print ''; print info_admin($langs->trans("LDAPDescValues")); diff --git a/htdocs/admin/ldap_users.php b/htdocs/admin/ldap_users.php index 4148d81f438..394451c9472 100644 --- a/htdocs/admin/ldap_users.php +++ b/htdocs/admin/ldap_users.php @@ -5,6 +5,7 @@ * Copyright (C) 2005 Regis Houssin * Copyright (C) 2006-2011 Laurent Destailleur * Copyright (C) 2011-2016 Juanjo Menent + * Copyright (C) 2019 Abbes Bahfir * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -73,6 +74,10 @@ if ($action == 'setvalue' && $user->admin) if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION', GETPOST("fielddescription"), 'chaine', 0, '', $conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_FIELD_SID', GETPOST("fieldsid"), 'chaine', 0, '', $conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_FIELD_TITLE', GETPOST("fieldtitle"), 'chaine', 0, '', $conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_FIELD_GROUPID', GETPOST("fieldgroupid"), 'chaine', 0, '', $conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_FIELD_USERID', GETPOST("fielduserid"), 'chaine', 0, '', $conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_FIELD_HOMEDIRECTORY', GETPOST("fieldhomedirectory"), 'chaine', 0, '', $conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_FIELD_HOMEDIRECTORYPREFIX', GETPOST("fieldhomedirectoryprefix"), 'chaine', 0, '', $conf->entity)) $error++; // This one must be after the others $valkey=''; @@ -301,6 +306,34 @@ print ''.$langs->trans("LDAPFieldSidExample").''; print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS==$conf->global->LDAP_FIELD_SID)?' checked':'').">"; print ''; +// Group id +print ''.$langs->trans("LDAPFieldGroupid").''; +print ''; +print ''.$langs->trans("LDAPFieldGroupidExample").''; +print ' '; +print ''; + +// Userid +print ''.$langs->trans("LDAPFieldUserid").''; +print ''; +print ''.$langs->trans("LDAPFieldUseridExample").''; +print ' '; +print ''; + +// Home Directory +print ''.$langs->trans("LDAPFieldHomedirectory").''; +print ''; +print ''.$langs->trans("LDAPFieldHomedirectoryExample").''; +print ' '; +print ''; + +// Home Directory Prefix +print ''.$langs->trans("LDAPFieldHomedirectoryprefix").''; +print ''; +print ''; +print ' '; +print ''; + print ''; print info_admin($langs->trans("LDAPDescValues")); diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index a8f7f9643ce..3eb9f24112d 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -1458,6 +1458,13 @@ LDAPFieldSidExample=Example: objectsid LDAPFieldEndLastSubscription=Date of subscription end LDAPFieldTitle=Job position LDAPFieldTitleExample=Example: title +LDAPFieldGroupid=Group id +LDAPFieldGroupidExample=Exemple : gidnumber +LDAPFieldUserid=User id +LDAPFieldUseridExample=Exemple : uidnumber +LDAPFieldHomedirectory=Home directory prefix +LDAPFieldHomedirectoryExample=Exemple : homedirectory +LDAPFieldHomedirectoryprefix=Home directory prefix LDAPSetupNotComplete=LDAP setup not complete (go on others tabs) LDAPNoUserOrPasswordProvidedAccessIsReadOnly=No administrator or password provided. LDAP access will be anonymous and in read only mode. LDAPDescContact=This page allows you to define LDAP attributes name in LDAP tree for each data found on Dolibarr contacts. diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index 20cdc9175d6..ff684f01cb9 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -1458,6 +1458,13 @@ LDAPFieldSidExample=Exemple : objectsid LDAPFieldEndLastSubscription=Date de fin de validité adhésion LDAPFieldTitle=Poste/fonction LDAPFieldTitleExample=Exemple: title +LDAPFieldGroupid=Groupe id +LDAPFieldGroupidExample=Exemple : gidnumber +LDAPFieldUserid=User id +LDAPFieldUseridExample=Exemple : uidnumber +LDAPFieldHomedirectory=Répertoire d'accueil +LDAPFieldHomedirectoryExample=Exemple : homedirectory +LDAPFieldHomedirectoryprefix=Préfixe du répertoire d'accueil LDAPSetupNotComplete=Configuration LDAP incomplète (à compléter sur les autres onglets) LDAPNoUserOrPasswordProvidedAccessIsReadOnly=Administrateur ou mot de passe non renseigné. Les accès LDAP seront donc anonymes et en lecture seule. LDAPDescContact=Cette page permet de définir le nom des attributs de l'arbre LDAP pour chaque information des contacts Dolibarr. diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 4d78aa1b892..aa4aec74251 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -13,6 +13,7 @@ * Copyright (C) 2018 charlene Benke * Copyright (C) 2018 Nicolas ZABOURI * Copyright (C) 2019 Frédéric France + * Copyright (C) 2019 Abbes Bahfir * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -35,6 +36,7 @@ */ require_once DOL_DOCUMENT_ROOT .'/core/class/commonobject.class.php'; +require_once DOL_DOCUMENT_ROOT .'/user/class/usergroup.class.php'; /** * Class to manage Dolibarr users @@ -2655,8 +2657,20 @@ class User extends CommonObject if ($this->phone_mobile) $info["phpgwCellTelephoneNumber"] = $this->phone_mobile; } - return $info; - } + $info[$conf->global->LDAP_FIELD_USERID] = $this->id; + $info[$conf->global->LDAP_FIELD_GROUPID] = '1'; + $usergroup = new UserGroup($this->db); + $groupslist = $usergroup->listGroupsForUser($this->id); + if(!empty($groupslist)){ + foreach ($groupslist as $groupforuser) { + $info[$conf->global->LDAP_FIELD_GROUPID] = $groupforuser->id;//Select first group in list + break; + } + } + $info[$conf->global->LDAP_FIELD_HOMEDIRECTORY]="{$conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX}/$this->firstname"; + + return $info; + } /** diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index d51d82c8d13..c0cd4d9227f 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -6,6 +6,7 @@ * Copyright (C) 2014 Juanjo Menent * Copyright (C) 2014 Alexis Algoud * Copyright (C) 2018 Nicolas ZABOURI + * Copyright (C) 2019 Abbes Bahfir * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -978,7 +979,9 @@ class UserGroup extends CommonObject $valueofldapfield[] = $muser->_load_ldap_dn($info2); } $info[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] = (!empty($valueofldapfield)?$valueofldapfield:''); - } + + } + $info[$conf->global->LDAP_FIELD_GROUPID]=$this->id; return $info; } From e5878c105a001d1215a31c121b10caee5452da02 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Wed, 11 Sep 2019 21:48:17 +0000 Subject: [PATCH 2/6] Fixing style errors. --- htdocs/user/class/usergroup.class.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index c0cd4d9227f..4e8cdf5824b 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -979,7 +979,6 @@ class UserGroup extends CommonObject $valueofldapfield[] = $muser->_load_ldap_dn($info2); } $info[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] = (!empty($valueofldapfield)?$valueofldapfield:''); - } $info[$conf->global->LDAP_FIELD_GROUPID]=$this->id; return $info; From 195ac8e8f6d70b60495cc6c2b99d4af2465dfab0 Mon Sep 17 00:00:00 2001 From: Abbes Bahfir Date: Thu, 12 Sep 2019 11:18:22 +0100 Subject: [PATCH 3/6] fix : Tests for attributes exsitence in Use of posixAccount and posixGroup objectclass for users and groups in LDAP --- htdocs/user/class/user.class.php | 20 +++++++++++--------- htdocs/user/class/usergroup.class.php | 4 +++- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index aa4aec74251..ae1d9afa062 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2657,17 +2657,19 @@ class User extends CommonObject if ($this->phone_mobile) $info["phpgwCellTelephoneNumber"] = $this->phone_mobile; } - $info[$conf->global->LDAP_FIELD_USERID] = $this->id; - $info[$conf->global->LDAP_FIELD_GROUPID] = '1'; - $usergroup = new UserGroup($this->db); - $groupslist = $usergroup->listGroupsForUser($this->id); - if(!empty($groupslist)){ - foreach ($groupslist as $groupforuser) { - $info[$conf->global->LDAP_FIELD_GROUPID] = $groupforuser->id;//Select first group in list - break; + if (!empty($conf->global->LDAP_FIELD_USERID))$info[$conf->global->LDAP_FIELD_USERID] = $this->id; + if(!empty($info[$conf->global->LDAP_FIELD_GROUPID])){ + $usergroup = new UserGroup($this->db); + $groupslist = $usergroup->listGroupsForUser($this->id); + $info[$conf->global->LDAP_FIELD_GROUPID] = '1'; + if(!empty($groupslist)){ + foreach ($groupslist as $groupforuser) { + $info[$conf->global->LDAP_FIELD_GROUPID] = $groupforuser->id;//Select first group in list + break; + } } } - $info[$conf->global->LDAP_FIELD_HOMEDIRECTORY]="{$conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX}/$this->firstname"; + if (!empty($this->firstname) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORY) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX)) $info[$conf->global->LDAP_FIELD_HOMEDIRECTORY]="{$conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX}/$this->firstname"; return $info; } diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index c0cd4d9227f..f2194b1d8b7 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -981,7 +981,9 @@ class UserGroup extends CommonObject $info[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] = (!empty($valueofldapfield)?$valueofldapfield:''); } - $info[$conf->global->LDAP_FIELD_GROUPID]=$this->id; + if(!empty($info[$conf->global->LDAP_FIELD_GROUPID])){ + $info[$conf->global->LDAP_FIELD_GROUPID]=$this->id; + } return $info; } From 7965804a34edf52bc8673a1b1975e1fc9d794f43 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 14 Sep 2019 16:35:00 +0200 Subject: [PATCH 4/6] Update ldap_groups.php --- htdocs/admin/ldap_groups.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/ldap_groups.php b/htdocs/admin/ldap_groups.php index 6dcc26a23e0..6412d2f6a59 100644 --- a/htdocs/admin/ldap_groups.php +++ b/htdocs/admin/ldap_groups.php @@ -58,7 +58,7 @@ if ($action == 'setvalue' && $user->admin) //if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_NAME',$_POST["fieldname"],'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_DESCRIPTION', GETPOST("fielddescription"), 'chaine', 0, '', $conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_GROUPMEMBERS', GETPOST("fieldgroupmembers"), 'chaine', 0, '', $conf->entity)) $error++; - if (! dolibarr_set_const($db, 'LDAP_FIELD_GROUPID', GETPOST("fieldgroupid"), 'chaine', 0, '', $conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_GROUPID', GETPOST("fieldgroupid"), 'chaine', 0, '', $conf->entity)) $error++; // This one must be after the others $valkey=''; From 9934f73574d32d8b51825a2407c674112f6e13a6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 14 Sep 2019 16:36:04 +0200 Subject: [PATCH 5/6] Update ldap_groups.php --- htdocs/admin/ldap_groups.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/ldap_groups.php b/htdocs/admin/ldap_groups.php index 6412d2f6a59..8ae918ce180 100644 --- a/htdocs/admin/ldap_groups.php +++ b/htdocs/admin/ldap_groups.php @@ -173,7 +173,7 @@ print ''; // Group id print ''.$langs->trans("LDAPFieldGroupid").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldGroupidExample").''; print ' '; print ''; From d380ef1812535ea1adc2fdc571bf61a8d1d10e54 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 14 Sep 2019 16:37:07 +0200 Subject: [PATCH 6/6] Update usergroup.class.php --- htdocs/user/class/usergroup.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index 03c514f79f3..a89126b122f 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -980,8 +980,8 @@ class UserGroup extends CommonObject } $info[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] = (!empty($valueofldapfield)?$valueofldapfield:''); } - if(!empty($info[$conf->global->LDAP_FIELD_GROUPID])){ - $info[$conf->global->LDAP_FIELD_GROUPID]=$this->id; + if(!empty($info[$conf->global->LDAP_GROUP_FIELD_GROUPID])){ + $info[$conf->global->LDAP_GROUP_FIELD_GROUPID]=$this->id; } return $info; }