lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Uniformisation du code de gestion des synchro LDAP

Browse Source
This commit is contained in:
Laurent Destailleur 2006-11-21 22:51:05 +00:00
parent 22fbf7097d
commit a7e0d0aded
24 changed files with 818 additions and 968 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

197
htdocs/adherents/adherent.class.php
View File

@ -333,8 +333,8 @@ class Adherent
$sql = "INSERT INTO ".MAIN_DB_PREFIX."adherent (datec)";
$sql .= " VALUES (now())";
dolibarr_syslog("Adherent.class::create sql=".$sql);
$result = $this->db->query($sql);
if ($result)
{
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."adherent");
@ -346,6 +346,17 @@ class Adherent
$result=$interface->run_triggers('MEMBER_CREATE',$this,$user,$langs,$conf);
// Fin appel triggers
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE)
{
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->add($dn,$info,$user);
}
return 1;
}
else
@ -365,7 +376,7 @@ class Adherent
{
global $conf,$langs,$user;
dolibarr_syslog("Adherent.class.php::update $disable_trigger");
dolibarr_syslog("Adherent.class::update $disable_trigger");
// Verification parametres
if ($conf->global->ADHERENT_MAIL_REQUIRED && ! ValidEMail($this->email))
@ -388,14 +399,15 @@ class Adherent
$sql .= ",email='" .$this->email."'";
$sql .= ",login='" .$this->login."'";
$sql .= ",pass='" .$this->pass."'";
$sql .= ",naiss=" .$this->naiss?"'".$this->naiss."'":"null";
$sql .= ",photo=" .$this->photo?"'".$this->photo."'":"null";
$sql .= ",naiss=" .($this->naiss?"'".$this->naiss."'":"null");
$sql .= ",photo=" .($this->photo?"'".$this->photo."'":"null");
$sql .= ",public='" .$this->public."'";
$sql .= ",statut=" .$this->statut;
$sql .= ",fk_adherent_type=".$this->typeid;
$sql .= ",morphy='".$this->morphy."'";
$sql .= " WHERE rowid = ".$this->id;
dolibarr_syslog("Adherent::update sql=$sql");
$result = $this->db->query($sql);
if (! $result)
{
@ -439,6 +451,19 @@ class Adherent
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('MEMBER_MODIFY',$this,$user,$langs,$conf);
// Fin appel triggers
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE)
{
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->update($dn,$info,$user);
}
}
$this->db->commit();
@ -447,48 +472,64 @@ class Adherent
}
/**
\brief fonction qui supprime l'adhérent et les données associées
\param rowid
*/
/**
\brief Fonction qui supprime l'adhérent et les données associées
\param rowid
*/
function delete($rowid)
{
global $conf, $langs;
$result = 0;
function delete($rowid)
{
$result = 0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent WHERE rowid = $rowid";
if ( $this->db->query( $sql) )
{
if ( $this->db->affected_rows() )
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."cotisation WHERE fk_adherent = $rowid";
if ( $this->db->query( $sql) )
{
if ( $this->db->affected_rows() )
{
$result = 1;
}
}
$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent_options WHERE adhid = $rowid";
if ( $this->db->query( $sql) )
{
if ( $this->db->affected_rows() )
{
$result = 1;
}
}
}
}
else
{
dolibarr_print_error($this->db);
}
return $result;
}
$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent_options WHERE adhid = ".$rowid;
if ( $this->db->query( $sql) )
{
if ( $this->db->affected_rows() )
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."cotisation WHERE fk_adherent = ".$rowid;
if ( $this->db->query( $sql) )
{
if ( $this->db->affected_rows() )
{
$result = 1;
}
}
$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent WHERE rowid = ".$rowid;
dolibarr_syslog("Adherent.class::delete");
if ( $this->db->query( $sql) )
{
if ( $this->db->affected_rows() )
{
$result = 1;
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE)
{
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->delete($dn,$info,$user);
}
}
}
}
}
else
{
dolibarr_print_error($this->db);
}
return $result;
}
/**
\brief Fonction qui récupére l'adhérent en donnant son login
@ -666,7 +707,7 @@ class Adherent
{
global $conf,$langs,$user;
dolibarr_syslog("Adherent.class.php::cotisation $date, $montant, $accountid, $operation, $label, $num_chq");
dolibarr_syslog("Adherent.class::cotisation $date, $montant, $accountid, $operation, $label, $num_chq");
$this->db->begin();
$sql = "INSERT INTO ".MAIN_DB_PREFIX."cotisation (fk_adherent, datec, dateadh, cotisation)";
@ -1628,5 +1669,69 @@ class Adherent
$this->type='Type adherent'; // Libellé type adherent
$this->need_subscription=0;
}
/*
* \brief Retourne chaine DN complete dans l'annuaire LDAP pour l'objet
* \param info Info string loaded by _load_ldap_info
* \param mode 0=Return DN without key inside (ou=xxx,dc=aaa,dc=bbb)
1=Return full DN (uid=qqq,ou=xxx,dc=aaa,dc=bbb)
2=Return key only (uid=qqq)
* \return string DN
*/
function _load_ldap_dn($info,$mode=0)
{
global $conf;
$dn='';
if ($mode==0) $dn=$conf->global->LDAP_KEY_MEMBERS."=".$info[$conf->global->LDAP_KEY_MEMBERS].",".$conf->global->LDAP_MEMBER_DN;
if ($mode==1) $dn=$conf->global->LDAP_MEMBER_DN;
if ($mode==2) $dn=$conf->global->LDAP_KEY_MEMBERS."=".$info[$conf->global->LDAP_KEY_MEMBERS];
return $dn;
}
/*
* \brief Retourne chaine dn dans l'annuaire LDAP
* \return array Tableau info des attributs
*/
function _load_ldap_info()
{
global $conf,$langs;
$info=array();
if ($conf->global->LDAP_SERVER_TYPE == 'activedirectory')
{
$info["objectclass"]=array("top",
"person",
"organizationalPerson",
"user");
}
else
{
$info["objectclass"]=array("top",
"person",
"organizationalPerson",
"inetOrgPerson");
}
// Champs
if ($this->fullname && $conf->global->LDAP_FIELD_FULLNAME) $info[$conf->global->LDAP_FIELD_FULLNAME] = $this->fullname;
if ($this->nom && $conf->global->LDAP_FIELD_NAME) $info[$conf->global->LDAP_FIELD_NAME] = $this->nom;
if ($this->prenom && $conf->global->LDAP_FIELD_FIRSTNAME) $info[$conf->global->LDAP_FIELD_FIRSTNAME] = $this->prenom;
if ($this->login && $conf->global->LDAP_FIELD_LOGIN) $info[$conf->global->LDAP_FIELD_LOGIN] = $this->login;
if ($this->poste) $info["title"] = $this->poste;
if ($this->address && $conf->global->LDAP_FIELD_ADDRESS) $info[$conf->global->LDAP_FIELD_ADDRESS] = $this->address;
if ($this->cp && $conf->global->LDAP_FIELD_ZIP) $info[$conf->global->LDAP_FIELD_ZIP] = $this->cp;
if ($this->ville && $conf->global->LDAP_FIELD_TOWN) $info[$conf->global->LDAP_FIELD_TOWN] = $this->ville;
if ($this->phone_pro && $conf->global->LDAP_FIELD_PHONE) $info[$conf->global->LDAP_FIELD_PHONE] = $this->phone_pro;
if ($this->phone_perso) $info["homePhone"] = $this->phone_perso;
if ($this->phone_mobile && $conf->global->LDAP_FIELD_MOBILE) $info[$conf->global->LDAP_FIELD_MOBILE] = $this->phone_mobile;
if ($this->fax && $conf->global->LDAP_FIELD_FAX) $info[$conf->global->LDAP_FIELD_FAX] = $this->fax;
if ($this->note && $conf->global->LDAP_FIELD_DESCRIPTION) $info[$conf->global->LDAP_FIELD_DESCRIPTION] = $this->note;
if ($this->email && $conf->global->LDAP_FIELD_MAIL) $info[$conf->global->LDAP_FIELD_MAIL] = $this->email;
return $info;
}
}
?>

2
htdocs/adherents/fiche.php
View File

@ -574,7 +574,7 @@ if ($action == 'create')
print '<tr><td>'.$langs->trans("Password").'*</td><td><input type="password" name="member_pass" size="40" value="'.$adh->password.'"></td></tr>';
// Type
print '<tr><td">'.$langs->trans("MemberType").'*</td><td">';
print '<tr><td>'.$langs->trans("MemberType").'*</td><td>';
$listetype=$adht->liste_array();
if (sizeof($listetype)) {
$htmls->select_array("type", $listetype, $typeid);

54
htdocs/adherents/ldap.php
View File

@ -141,51 +141,26 @@ print '</tr>';
// Lecture LDAP
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
$result=$ldap->connect_bind();
if ($result > 0)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
$info=$adh->_load_ldap_info();
$dn=$adh->_load_ldap_dn($info,1);
$search = "(".$adh->_load_ldap_dn($info,2).")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
dolibarr_syslog("ldap.php: authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
if (! $bind) // Si pas de login ou si connexion avec login en echec, on tente en anonyme
{
dolibarr_syslog("ldap.php: bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info["cn"] = trim($adh->prenom." ".$adh->nom);
$info["uid"] = trim($adh->login);
$dn = $conf->global->LDAP_MEMBER_DN;
// $dn = "cn=".$info["cn"].",".$dn;
// $dn = "uid=".$info["uid"].",".$dn
$search = "(cn=".$info["cn"].")";
//$search = "(uid=".$info["uid"].")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
dolibarr_print_error('',$ldap->error);
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$ldap->close();
}
else
@ -193,6 +168,7 @@ else
dolibarr_print_error('',$ldap->error);
}
print '</table>';

79
htdocs/admin/ldap.php
View File

@ -59,7 +59,7 @@ if ($_GET["action"] == 'setvalue' && $user->admin)
if (! dolibarr_set_const($db, 'LDAP_SERVER_USE_TLS',$_POST["usetls"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_CONTACT_ACTIVE',$_POST["activecontact"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_SYNCHRO_ACTIVE',$_POST["activesynchro"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBERS_ACTIVE',$_POST["activemembers"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_MEMBER_ACTIVE',$_POST["activemembers"])) $error++;
if ($error)
{
@ -143,7 +143,7 @@ if ($conf->adherent->enabled)
$arraylist=array();
$arraylist['0']=$langs->trans("No");
$arraylist['1']=$langs->trans("DolibarrToLDAP");
$html->select_array('activemembers',$arraylist,$conf->global->LDAP_MEMBERS_ACTIVE);
$html->select_array('activemembers',$arraylist,$conf->global->LDAP_MEMBER_ACTIVE);
print '</td><td>'.$langs->trans("LDAPDnMemberActiveExample").'</td></tr>';
}
@ -259,44 +259,36 @@ if (function_exists("ldap_connect"))
{
$ldap = new Ldap(); // Les parametres sont passés et récupérés via $conf
$result = $ldap->connect(); // Avec OpenLDAP 2.x.x, $reslt sera toujours vrai car connection a lieu dans premeiere fonction ldap_*
$result = $ldap->connect_bind();
if ($result)
{
// Test ldap_bind
$bind = $ldap->bind();
if ($bind)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPTCPConnectOK",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT).'</font><br>';
// Test ldap connect and bind
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPTCPConnectOK",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT).'</font>';
print '<br>';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
if ($result == 2)
{
$authbind = $ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
if ($authbind)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPBindOK",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT,$conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS).'</font><br>';
}
else
{
print img_picto('','error').' ';
print '<font class="error">'.$langs->trans("LDAPBindKO",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT,$conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS).' : ';
print $ldap->ldapErrorCode." - ".$ldap->ldapErrorText;
print "</font><br>";
}
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPBindOK",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT,$conf->global->LDAP_ADMIN_DN,eregi_replace('.','*',$conf->global->LDAP_ADMIN_PASS)).'</font>';
print '<br>';
}
else
{
print img_picto('','warning').' ';
print '<font class="warning">'.$langs->trans("LDAPNoUserOrPasswordProvidedAccessIsReadOnly").'</font><br>';
print img_picto('','error').' ';
print '<font class="error">'.$langs->trans("LDAPBindKO",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT,$conf->global->LDAP_ADMIN_DN,eregi_replace('.','*',$conf->global->LDAP_ADMIN_PASS)).'</font>';
print '<br>';
print $langs->trans("Error").' '.$ldap->error;
print '<br>';
}
}
else
{
print img_picto('','error').' ';
print $langs->trans("LDAPTCPConnectKO",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT).' : ';
print $ldap->ldapErrorCode." - ".$ldap->ldapErrorText;
print "<br>";
print img_picto('','warning').' ';
print '<font class="warning">'.$langs->trans("LDAPNoUserOrPasswordProvidedAccessIsReadOnly").'</font>';
print '<br>';
}
@ -304,38 +296,25 @@ if (function_exists("ldap_connect"))
if (($ldap->getVersion() == 3))
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSetupForVersion3").'</font><br>';
print '<font class="ok">'.$langs->trans("LDAPSetupForVersion3").'</font>';
print '<br>';
}
else
{
print img_picto('','info').' ';
print $langs->trans("LDAPSetupForVersion2").'<br>';
print '<font class="ok">'.$langs->trans("LDAPSetupForVersion2").'</font>';
print '<br>';
}
// Test ldap_unbind
$unbind = $ldap->unbind();
if ($unbind)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPUnbindSuccessfull").'</font><br>';
}
else
{
print img_picto('','error').' ';
print $langs->trans("LDAPUnbindFailed");
print "<br>";
print $ldap->ldapErrorCode." - ".$ldap->ldapErrorText;
}
}
else
{
print img_picto('','error').' ';
print $langs->trans("LDAPTCPConnectKO",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT).'<br>';
print "<br>";
print $ldap->ldapErrorCode." - ".$ldap->ldapErrorText;
print "<br>";
print '<font class="error">'.$langs->trans("LDAPTCPConnectKO",$conf->global->LDAP_SERVER_HOST,$conf->global->LDAP_SERVER_PORT).'</font>';
print '<br>';
print $langs->trans("Error").' '.$ldap->error;
print '<br>';
}
}

35
htdocs/admin/ldap_contacts.php
View File

@ -223,25 +223,40 @@ if (function_exists("ldap_connect"))
if ($_GET["action"] == 'test')
{
// Creation contact
// Creation objet
$contact=new Contact($db);
$contact->initAsSpecimen();
// Test synchro
//$result1=$contact->delete_ldap($user);
$result2=$contact->update_ldap($user);
$result3=$contact->delete_ldap($user);
if ($result2 > 0)
$ldap=new Ldap();
$result=$ldap->connect_bind();
if ($result > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
$info=$contact->_load_ldap_info();
$dn=$contact->_load_ldap_dn($info);
$result2=$ldap->update($dn,$info,$user);
$result3=$ldap->delete($dn);
if ($result2 > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
}
else
{
print img_picto('','error').' ';
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}
}
else
{
print img_picto('','error').' ';
print '<font class="warning">'.$langs->trans("LDAPSynchroKO");
print ': '.$contact->error;
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}

35
htdocs/admin/ldap_groups.php
View File

@ -170,25 +170,40 @@ if (function_exists("ldap_connect"))
if ($_GET["action"] == 'testgroup')
{
// Creation contact
// Creation objet
$fgroup=new UserGroup($db);
$fgroup->initAsSpecimen();
// Test synchro
//$result1=$fgroup->delete_ldap($user);
$result2=$fgroup->update_ldap($user);
$result3=$fgroup->delete_ldap($user);
if ($result2 > 0)
$ldap=new Ldap();
$result=$ldap->connect_bind();
if ($result > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
$info=$fgroup->_load_ldap_info();
$dn=$fgroup->_load_ldap_dn($info);
$result2=$ldap->update($dn,$info,$user);
$result3=$ldap->delete($dn);
if ($result2 > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
}
else
{
print img_picto('','error').' ';
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}
}
else
{
print img_picto('','error').' ';
print '<font class="warning">'.$langs->trans("LDAPSynchroKO");
print ': '.$fgroup->error;
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}
}

65
htdocs/admin/ldap_members.php
View File

@ -216,7 +216,7 @@ print info_admin($langs->trans("LDAPDescValues"));
*/
if (function_exists("ldap_connect"))
{
if ($conf->global->LDAP_SERVER_HOST && $conf->global->LDAP_MEMBERS_ACTIVE)
if ($conf->global->LDAP_SERVER_HOST && $conf->global->LDAP_MEMBER_ACTIVE)
{
print '<br>';
print '<a class="tabAction" href="'.$_SERVER["PHP_SELF"].'?action=testmember">'.$langs->trans("LDAPTestSynchroMember").'</a>';
@ -226,59 +226,48 @@ if (function_exists("ldap_connect"))
if ($_GET["action"] == 'testmember')
{
// Creation adherent
// Creation objet
$adherent=new Adherent($db);
$adherent->initAsSpecimen();
// Test synchro
//$result1=$fuser->delete_ldap($user);
$result2=$adherent->update_ldap($user);
$result3=$adherent->delete_ldap($user);
if ($result2 > 0)
$ldap=new Ldap();
$result=$ldap->connect_bind();
if ($result > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
$info=$adherent->_load_ldap_info();
$dn=$adherent->_load_ldap_dn($info);
$result2=$ldap->update($dn,$info,$user);
$result3=$ldap->delete($dn);
if ($result2 > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
}
else
{
print img_picto('','error').' ';
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}
}
else
{
print img_picto('','error').' ';
print '<font class="warning">'.$langs->trans("LDAPSynchroKO");
print ': '.$adherent->error;
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}
}
if ($_GET["action"] == 'testtype')
{
// Creation type adherent
$typeadherent=new AdherentType($db);
$typeadherent->initAsSpecimen();
// Test synchro
//$result1=$fgroup->delete_ldap($user);
$result2=$typeadherent->update_ldap($user);
$result3=$typeadherent->delete_ldap($user);
if ($result2 > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
}
else
{
print img_picto('','error').' ';
print '<font class="warning">'.$langs->trans("LDAPSynchroKO");
print ': '.$typeadherent->error;
print '</font><br>';
}
}
}
$db->close();
llxFooter('$Date$ - $Revision$');
?>

46
htdocs/admin/ldap_users.php
View File

@ -59,8 +59,9 @@ if ($_GET["action"] == 'setvalue' && $user->admin)
if (! dolibarr_set_const($db, 'LDAP_FIELD_FIRSTNAME',$_POST["fieldfirstname"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',$_POST["fieldmail"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',$_POST["fieldphone"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',$_POST["fieldmobile"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',$_POST["fieldfax"])) $error++;
if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',$_POST["fielddescription"])) $error++;
if ($error)
{
@ -200,6 +201,14 @@ print '</td><td>'.$langs->trans("LDAPFieldFaxExample").'</td>';
print '<td align="right"><input type="radio" name="key" value="'.$conf->global->LDAP_FIELD_FAX.'"'.($conf->global->LDAP_KEY_USERS==$conf->global->LDAP_FIELD_FAX?' checked="true"':'')."></td>";
print '</tr>';
// Description
$var=!$var;
print '<tr '.$bc[$var].'><td>'.$langs->trans("LDAPFieldDescription").'</td><td>';
print '<input size="25" type="text" name="fielddescription" value="'.$conf->global->LDAP_FIELD_DESCRIPTION.'">';
print '</td><td>'.$langs->trans("LDAPFieldDescriptionExample").'</td>';
print '<td align="right"><input type="radio" name="key" value="'.$conf->global->LDAP_FIELD_DESCRIPTION.'"'.($conf->global->LDAP_KEY_GROUPS==$conf->global->LDAP_FIELD_DESCRIPTION?' checked="true"':'')."></td>";
print '</tr>';
$var=!$var;
print '<tr '.$bc[$var].'><td colspan="4" align="center"><input type="submit" class="button" value="'.$langs->trans("Modify").'"></td></tr>';
print '</table>';
@ -224,25 +233,40 @@ if (function_exists("ldap_connect"))
if ($_GET["action"] == 'testuser')
{
// Creation contact
// Creation objet
$fuser=new User($db);
$fuser->initAsSpecimen();
// Test synchro
//$result1=$fuser->delete_ldap($user);
$result2=$fuser->update_ldap($user);
$result3=$fuser->delete_ldap($user);
if ($result2 > 0)
$ldap=new Ldap();
$result=$ldap->connect_bind();
if ($result > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
$info=$fuser->_load_ldap_info();
$dn=$fuser->_load_ldap_dn($info);
$result2=$ldap->update($dn,$info,$user);
$result3=$ldap->delete($dn);
if ($result2 > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
}
else
{
print img_picto('','error').' ';
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}
}
else
{
print img_picto('','error').' ';
print '<font class="warning">'.$langs->trans("LDAPSynchroKO");
print ': '.$fuser->error;
print '<font class="error">'.$langs->trans("LDAPSynchroKO");
print ': '.$ldap->error;
print '</font><br>';
}

286
htdocs/contact.class.php
View File

@ -84,6 +84,8 @@ class Contact
*/
function create($user)
{
global $conf, $langs;
// Nettoyage parametres
$this->name=trim($this->name);
if (! $this->socid) $this->socid = 0;
@ -116,7 +118,13 @@ class Contact
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_CONTACT_ACTIVE)
{
$this->create_ldap($user);
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->add($dn,$info,$user);
}
return $this->id;
@ -138,11 +146,15 @@ class Contact
*/
function update($id, $user=0, $call_trigger=1)
{
global $conf, $langs;
$this->id = $id;
// Nettoyage parametres
$this->name=trim($this->name);
$this->firstname=trim($this->firstname);
$this->fullname=trim($this->firstname.' '.$this->name);
$this->email=trim($this->email);
$this->phone_pro=trim($this->phone_pro);
@ -190,11 +202,18 @@ class Contact
$result=$interface->run_triggers('CONTACT_UPDATE',$this,$user,$langs,$conf);
// Fin appel triggers
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_CONTACT_ACTIVE)
{
$this->update_ldap($user);
}
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->update($dn,$info,$user);
}
}
@ -202,55 +221,30 @@ class Contact
}
/**
* \brief Mise à jour de l'arbre LDAP
* \param user Utilisateur qui efface
* \return int <0 si ko, >0 si ok
/*
* \brief Retourne chaine DN complete dans l'annuaire LDAP pour l'objet
* \param info Info string loaded by _load_ldap_info
* \param mode 0=Return DN without key inside (ou=xxx,dc=aaa,dc=bbb)
1=Return full DN (uid=qqq,ou=xxx,dc=aaa,dc=bbb)
2=Return key only (uid=qqq)
* \return string DN
*/
function delete_ldap($user)
function _load_ldap_dn($info,$mode=0)
{
global $conf, $langs;
//if (! $conf->ldap->enabled || ! $conf->global->LDAP_CONTACT_ACTIVE) return 0;
dolibarr_syslog("Contact.class::delete_ldap this->id=".$this->id,LOG_DEBUG);
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
dolibarr_syslog("Contact.class::delete_ldap authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
else
{
dolibarr_syslog("Contact.class::delete_ldap bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info=$this->_load_ldap_info($info);
$dn = $conf->global->LDAP_KEY_CONTACTS."=".$info[$conf->global->LDAP_KEY_CONTACTS].",".$conf->global->LDAP_CONTACT_DN;
$result=$ldap->delete($dn);
return $result;
}
}
else
{
$this->error="Failed to connect to LDAP server !";
dolibarr_syslog("Contact.class::update_ldap Connexion failed",LOG_DEBUG);
return -1;
}
global $conf;
$dn='';
if ($mode==0) $dn=$conf->global->LDAP_KEY_CONTACTS."=".$info[$conf->global->LDAP_KEY_CONTACTS].",".$conf->global->LDAP_CONTACT_DN;
if ($mode==1) $dn=$conf->global->LDAP_CONTACT_DN;
if ($mode==2) $dn=$conf->global->LDAP_KEY_CONTACTS."=".$info[$conf->global->LDAP_KEY_CONTACTS];
return $dn;
}
function _load_ldap_info($info)
/*
* \brief Retourne chaine dn dand l'annuaire LDAP
* \return array Tableau info des attributs
*/
function _load_ldap_info()
{
global $conf,$langs;
@ -270,9 +264,10 @@ class Contact
}
// Champs
if ($this->fullname && $conf->global->LDAP_FIELD_FULLNAME) $info[$conf->global->LDAP_FIELD_FULLNAME] = $this->fullname;
if ($this->fullname && $conf->global->LDAP_FIELD_FULLNAME) $info[$conf->global->LDAP_FIELD_FULLNAME] = $this->fullname;
if ($this->name && $conf->global->LDAP_FIELD_NAME) $info[$conf->global->LDAP_FIELD_NAME] = $this->name;
if ($this->firstname && $conf->global->LDAP_FIELD_FIRSTNAME) $info[$conf->global->LDAP_FIELD_FIRSTNAME] = $this->firstname;
if ($this->poste) $info["title"] = $this->poste;
if ($this->socid > 0)
{
@ -291,7 +286,7 @@ class Contact
if ($this->phone_perso) $info["homePhone"] = $this->phone_perso;
if ($this->phone_mobile && $conf->global->LDAP_FIELD_MOBILE) $info[$conf->global->LDAP_FIELD_MOBILE] = $this->phone_mobile;
if ($this->fax && $conf->global->LDAP_FIELD_FAX) $info[$conf->global->LDAP_FIELD_FAX] = $this->fax;
if ($this->note) $info["description"] = $this->note;
if ($this->note && $conf->global->LDAP_FIELD_DESCRIPTION) $info[$conf->global->LDAP_FIELD_DESCRIPTION] = $this->note;
if ($this->email && $conf->global->LDAP_FIELD_MAIL) $info[$conf->global->LDAP_FIELD_MAIL] = $this->email;
if ($conf->global->LDAP_SERVER_TYPE == 'egroupware')
@ -322,146 +317,57 @@ class Contact
return $info;
}
/**
* \brief Creation dans l'arbre LDAP
* \param user Utilisateur qui effectue la creation
* \return int <0 si ko, >0 si ok
*/
function create_ldap($user)
{
dolibarr_syslog("Contact.class::create_ldap this->id=".$this->id,LOG_DEBUG);
return $this->update_ldap($user);
}
/**
* \brief Mise à jour dans l'arbre LDAP
* \param user Utilisateur qui effectue la mise à jour
* \return int <0 si ko, >0 si ok
/*
* \brief Mise à jour des alertes
* \param id id du contact
* \param user Utilisateur qui demande l'alerte
*/
function update_ldap($user)
function update_perso($id, $user=0)
{
global $conf, $langs;
//if (! $conf->ldap->enabled || ! $conf->global->LDAP_CONTACT_ACTIVE) return 0;
$info = array();
dolibarr_syslog("Contact.class::update_ldap this->id=".$this->id,LOG_DEBUG);
// Mis a jour contact
$sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET idp=$id ";
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
if ($this->birthday>0)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
if (eregi('\-',$this->birthday))
{
dolibarr_syslog("Contact.class::update_ldap authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
// Si date = chaine
$sql .= ", birthday='".$this->birthday."'";
}
else
{
dolibarr_syslog("Contact.class::update_ldap bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info=$this->_load_ldap_info($info);
// Definitition du DN
$dn = $conf->global->LDAP_KEY_CONTACTS."=".$info[$conf->global->LDAP_KEY_CONTACTS].",".$conf->global->LDAP_CONTACT_DN;
$olddn = $dn;
if (($this->old_firstname || $this->old_name) && $conf->global->LDAP_KEY_CONTACTS=="cn")
$olddn=$conf->global->LDAP_KEY_CONTACTS."=".trim($this->old_firstname." ".$this->old_name).",".$conf->global->LDAP_CONTACT_DN;
// On supprime et on insère
dolibarr_syslog("User.class::update_ldap dn=".$dn." olddn=".$olddn);
$result = $ldap->delete($olddn);
$result = $ldap->add($dn, $info);
if ($result <= 0)
{
$this->error = ldap_errno($ldap->connection)." ".ldap_error($ldap->connection)." ".$ldap->error;
dolibarr_syslog("Contact.class::update_ldap ".$this->error);
//print_r($info);
return -1;
}
else
{
dolibarr_syslog("Contact.class::update_ldap rowid=".$this->id." added in LDAP");
}
$ldap->unbind();
return 1;
}
else
{
$this->error = "Error ".ldap_errno($ldap->connection)." ".ldap_error($ldap->connection);
dolibarr_syslog("Contact.class::update_ldap bind failed",LOG_DEBUG);
return -1;
// Si date = timestamp
$sql .= ", birthday=".$this->db->idate($this->birthday);
}
}
$sql .= " WHERE idp=$id";
$result = $this->db->query($sql);
if (!$result)
{
$this->error='Echec sql='.$sql;
}
// Mis a jour alerte birthday
if ($this->birthday_alert)
{
$sql = "INSERT into ".MAIN_DB_PREFIX."user_alert(type,fk_contact,fk_user) ";
$sql.= "values (1,".$id.",".$user->id.")";
}
else
{
$this->error="Failed to connect to LDAP server !";
dolibarr_syslog("Contact.class::update_ldap Connexion failed",LOG_DEBUG);
return -1;
$sql = "DELETE from ".MAIN_DB_PREFIX."user_alert ";
$sql.= "where type=1 AND fk_contact=".$id." AND fk_user=".$user->id;
}
$result = $this->db->query($sql);
if (!$result)
{
$this->error='Echec sql='.$sql;
}
return $result;
}
/*
* \brief Mise à jour des alertes
* \param id id du contact
* \param user Utilisateur qui demande l'alerte
*/
function update_perso($id, $user=0)
{
// Mis a jour contact
$sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET idp=$id ";
if ($this->birthday>0)
{
if (eregi('\-',$this->birthday))
{
// Si date = chaine
$sql .= ", birthday='".$this->birthday."'";
}
else
{
// Si date = timestamp
$sql .= ", birthday=".$this->db->idate($this->birthday);
}
}
$sql .= " WHERE idp=$id";
$result = $this->db->query($sql);
if (!$result)
{
$this->error='Echec sql='.$sql;
}
// Mis a jour alerte birthday
if ($this->birthday_alert)
{
$sql = "INSERT into ".MAIN_DB_PREFIX."user_alert(type,fk_contact,fk_user) ";
$sql.= "values (1,".$id.",".$user->id.")";
}
else
{
$sql = "DELETE from ".MAIN_DB_PREFIX."user_alert ";
$sql.= "where type=1 AND fk_contact=".$id." AND fk_user=".$user->id;
}
$result = $this->db->query($sql);
if (!$result)
{
$this->error='Echec sql='.$sql;
}
return $result;
}
/*
@ -496,7 +402,8 @@ class Contact
$this->firstname = $obj->firstname;
$this->nom = $obj->name;
$this->prenom = $obj->firstname;
$this->fullname = trim($this->firstname . ' ' . $this->name);
$this->address = $obj->address;
$this->cp = $obj->cp;
$this->ville = $obj->ville;
@ -508,8 +415,6 @@ class Contact
$this->socid = $obj->fk_soc;
$this->poste = $obj->poste;
$this->fullname = trim($this->firstname . ' ' . $this->name);
$this->phone_pro = trim($obj->phone);
$this->fax = trim($obj->fax);
$this->phone_perso = trim($obj->phone_perso);
@ -674,20 +579,17 @@ class Contact
// Fin appel triggers
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_CONTACT_ACTIVE)
{
// On modifie contact avec anciens noms
$savname=$this->name;
$savfirstname=$this->firstname;
$this->name=$this->old_name;
$this->firstname=$this->old_firstname;
$this->delete_ldap($user);
$this->name=$savname;
$this->firstname=$savfirstname;
if ($conf->ldap->enabled && $conf->global->LDAP_CONTACT_ACTIVE)
{
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->delete($dn,$info,$user);
}
return 1;
}

19
htdocs/contact/fiche.php
View File

@ -133,18 +133,19 @@ if ($user->rights->societe->contact->creer)
if ($user->rights->societe->contact->supprimer)
{
if ($_POST["action"] == 'confirm_delete' AND $_POST["confirm"] == 'yes')
{
$contact = new Contact($db);
if ($_POST["action"] == 'confirm_delete' AND $_POST["confirm"] == 'yes')
{
$contact = new Contact($db);
$contact->fetch($_GET["id"]);
$contact->old_name = $_POST["old_name"];
$contact->old_firstname = $_POST["old_firstname"];
$contact->old_name = $_POST["old_name"];
$contact->old_firstname = $_POST["old_firstname"];
$result = $contact->delete($_GET["id"]);
$result = $contact->delete($_GET["id"]);
Header("Location: index.php");
exit;
}
Header("Location: index.php");
exit;
}
}
if ($user->rights->societe->contact->creer)

53
htdocs/contact/ldap.php
View File

@ -153,50 +153,26 @@ print '</tr>';
// Lecture LDAP
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
$result=$ldap->connect_bind();
if ($result > 0)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
$info=$contact->_load_ldap_info();
$dn=$contact->_load_ldap_dn($info,1);
$search = "(".$contact->_load_ldap_dn($info,2).")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
dolibarr_syslog("ldap.php: authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
if (! $bind) // Si pas de login ou si connexion avec login en echec, on tente en anonyme
{
dolibarr_syslog("ldap.php: bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info["cn"] = trim($contact->firstname." ".$contact->name);
$dn = $conf->global->LDAP_CONTACT_DN;
// $dn = "cn=".$info["cn"].",".$dn;
// $dn = "uid=".$info["uid"].",".$dn
$search = "(cn=".$info["cn"].")";
//$search = "(uid=".$info["uid"].")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
dolibarr_print_error('',$ldap->error);
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$ldap->close();
}
else
@ -204,6 +180,7 @@ else
dolibarr_print_error('',$ldap->error);
}
print '</table>';

4
htdocs/langs/en_US/admin.lang
View File

@ -546,8 +546,8 @@ LDAPSynchroOK=Synchronization test successful
LDAPSynchroKO=Failed synchronization test
LDAPTCPConnectOK=TCP connect to LDAP server successful (Server=%s, Port=%s)
LDAPTCPConnectKO=TCP connect to LDAP server failed (Server=%s, Port=%s)
LDAPBindOK=Connect/Authentificate to LDAP server sucessfull (Server=%s, Port=%s, Admin=%s)
LDAPBindKO=Connect/Authentificate to LDAP server failed (Server=%s, Port=%s, Admin=%s)
LDAPBindOK=Connect/Authentificate to LDAP server sucessfull (Server=%s, Port=%s, Admin=%s, Password=%s)
LDAPBindKO=Connect/Authentificate to LDAP server failed (Server=%s, Port=%s, Admin=%s, Password=%s)
LDAPUnbindSuccessfull=Disconnect successfull
LDAPUnbindFailed=Disconnect failed
LDAPConnectToDNSuccessfull=Connection au DN (%s) réussie

4
htdocs/langs/fr_FR/admin.lang
View File

@ -546,8 +546,8 @@ LDAPSynchroOK=Test de synchronisation r
LDAPSynchroKO=Echec du test de synchronisation
LDAPTCPConnectOK=Connexion TCP au serveur LDAP réussie (Serveur=%s, Port=%s)
LDAPTCPConnectKO=Connexion TCP au serveur LDAP échouée (Serveur=%s, Port=%s)
LDAPBindOK=Connection/Authentification au serveur LDAP réussie (Serveur=%s, Port=%s, Admin=%s)
LDAPBindKO=Connection/Authentification au serveur LDAP échouée (Serveur=%s, Port=%s, Admin=%s)
LDAPBindOK=Connection/Authentification au serveur LDAP réussie (Serveur=%s, Port=%s, Admin=%s, Password=%s)
LDAPBindKO=Connection/Authentification au serveur LDAP échouée (Serveur=%s, Port=%s, Admin=%s, Password=%s)
LDAPUnbindSuccessfull=Déconnection réussie
LDAPUnbindFailed=Déconnection échouée
LDAPConnectToDNSuccessfull=Connection au DN (%s) réussie

390
htdocs/lib/ldap.class.php
View File

@ -78,8 +78,8 @@ class Ldap
* Message texte de l'erreur
*/
var $ldapErrorText;
//Fetch user
var $name;
var $firstname;
@ -88,10 +88,10 @@ class Ldap
var $fax;
var $mail;
var $mobile;
var $uacf;
var $pwdlastset;
// 1.2 Private properties ----------------------------------------------------
/**
@ -123,7 +123,7 @@ class Ldap
$this->people = $conf->global->LDAP_USER_DN;
$this->groups = $conf->global->LDAP_GROUP_DN;
$this->filter = $conf->global->LDAP_FILTER_CONNECTION;
//Users
$this->attr_login = $conf->global->LDAP_FIELD_LOGIN; //unix
$this->attr_sambalogin = $conf->global->LDAP_FIELD_LOGIN_SAMBA; //samba, activedirectory
@ -136,7 +136,7 @@ class Ldap
}
// 2.1 Connection handling methods -------------------------------------------
/**
@ -145,86 +145,124 @@ class Ldap
* anonymously, it creates an error code of -1. Returns true if connected,
* false if failed. Takes an array of possible servers - if one doesn't work,
* it tries the next and so on.
* \deprecated Utiliser connect_bind a la place
*/
function connect() {
foreach ($this->server as $key => $host) {
if (ereg('^ldap',$host)) {
$this->connection = ldap_connect($host);
} else {
$this->connection = ldap_connect($host,$this->serverPort);
}
if ( $this->connection) {
$this->setVersion();
if ($this->serverType == "activedirectory") {
$this->setReferrals();
return true;
} else {
// Connected, now try binding anonymously
$this->result=@ldap_bind( $this->connection);
}
return true;
}
}
$this->ldapErrorCode = -1;
$this->ldapErrorText = "Unable to connect to any server";
return false;
}
/**
* 2.1.1 : Connects to the server. Just creates a connection which is used
* in all later access to the LDAP server. If it can't connect and bind
* anonymously, it creates an error code of -1. Returns true if connected,
* false if failed. Takes an array of possible servers - if one doesn't work,
* it tries the next and so on.
*/
function connect_bind($errorifauthfails=0)
{
foreach ($this->server as $key => $host)
{
if (ereg('^ldap',$host)) {
$this->connection = ldap_connect($host);
} else {
$this->connection = ldap_connect($host,$this->serverPort);
}
if ($this->connection) {
$this->setVersion();
if ($this->serverType == "activedirectory") {
$this->setReferrals();
return true;
} else {
// Connected, now try binding anonymously
$this->result=@ldap_bind( $this->connection);
if ($result)
function connect()
{
foreach ($this->server as $key => $host)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
if (ereg('^ldap',$host))
{
dolibarr_syslog("UserGroup.class::update_ldap authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
$this->connection = ldap_connect($host);
}
else
{
dolibarr_syslog("UserGroup.class::update_ldap bind",LOG_DEBUG);
$bind=$ldap->bind();
$this->connection = ldap_connect($host,$this->serverPort);
}
if ($this->connection)
{
$this->setVersion();
if ($this->serverType == "activedirectory")
{
$this->setReferrals();
return true;
}
else
{
// Connected, now try binding anonymously
$this->result=@ldap_bind( $this->connection);
}
return true;
}
}
$this->ldapErrorCode = -1;
$this->ldapErrorText = "Unable to connect to any server";
return false;
}
/**
* \brief Connect and bind
* \return <0 si KO, 1 si bind anonymous, 2 si bind auth
* \remarks this->connection and $this->bind are defined
*/
function connect_bind()
{
global $conf,$langs;
$connected=0;
$this->bind=0;
foreach ($this->server as $key => $host)
{
if ($connected) break;
if (ereg('^ldap',$host))
{
$this->connection = ldap_connect($host);
}
else
{
$this->connection = ldap_connect($host,$this->serverPort);
}
if ($this->connection)
{
$this->setVersion();
if ($this->serverType == "activedirectory")
{
$this->setReferrals();
$connected=2;
}
else
{
// Try in auth mode
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
dolibarr_syslog("Ldap.class::connect_bind try authBind on ".$host." user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$result=$this->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
if ($result)
{
$this->bind=$this->result;
$connected=2;
break;
}
else
{
$this->error=ldap_errno($this->connection).' '.ldap_error($this->connection);
}
}
return true;
}
}
// Try in anonymous
if (! $this->bind)
{
dolibarr_syslog("Ldap.class::connect_bind try bind on ".$host,LOG_DEBUG);
$result=$this->bind();
if ($result)
{
$this->bind=$this->result;
$connected=1;
break;
}
else
{
$this->error=ldap_errno($this->connection).' '.ldap_error($this->connection);
}
}
}
}
if (! $connected) $this->close();
}
$return=($connected ? $connected : -1);
dolibarr_syslog("Ldap.class::connect_bind return=".$return,LOG_DEBUG);
return $return;
}
$this->ldapErrorCode = -1;
$this->ldapErrorText = "Unable to connect to any server";
return false;
}
/**
* 2.1.2 : Simply closes the connection set up earlier.
* Returns true if OK, false if there was an error.
@ -234,7 +272,9 @@ class Ldap
if ($this->connection && ! @ldap_close($this->connection))
{
return false;
} else {
}
else
{
return true;
}
}
@ -243,40 +283,29 @@ class Ldap
* 2.1.3 : Anonymously binds to the connection. After this is done,
* queries and searches can be done - but read-only.
*/
function bind() {
if ( !$this->result=@ldap_bind( $this->connection)) {
function bind()
{
if (! $this->result=@ldap_bind($this->connection))
{
$this->ldapErrorCode = ldap_errno( $this->connection);
$this->ldapErrorText = ldap_error( $this->connection);
$this->error=$this->ldapErrorCode." ".$this->ldapErrorText;
return false;
} else {
}
else
{
return true;
}
}
/**
* \brief Unbind du serveur ldap.
* \param ds
* \return bool
*/
function unbind() {
if (!$this->result=@ldap_unbind($this->connection)) {
$this->ldapErrorCode = ldap_errno( $this->connection);
$this->ldapErrorText = ldap_error( $this->connection);
return false;
} else {
return true;
}
}
/**
* 2.1.4 : Binds as an authenticated user, which usually allows for write
* access. The FULL dn must be passed. For a directory manager, this is
* "cn=Directory Manager" under iPlanet. For a user, it will be something
* like "uid=jbloggs,ou=People,dc=foo,dc=com".
*/
function authBind( $bindDn,$pass) {
*/
function authBind( $bindDn,$pass)
{
if ( !$this->result = @ldap_bind( $this->connection,$bindDn,$pass)) {
$this->ldapErrorCode = ldap_errno( $this->connection);
$this->ldapErrorText = ldap_error( $this->connection);
@ -286,39 +315,104 @@ class Ldap
return true;
}
}
/**
* \brief Unbind du serveur ldap.
* \param ds
* \return bool
*/
function unbind()
{
if (!$this->result=@ldap_unbind($this->connection))
{
return false;
} else {
return true;
}
}
/**
* \brief verification de la version du serveur ldap.
* \param ds
* \return version
*/
function getVersion() {
function getVersion()
{
$version = 0;
$version = @ldap_get_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, $version);
return $version;
}
/**
* \brief changement de la version du serveur ldap.
* \return version
*/
function setVersion() {
global $conf;
$ldapsetversion = ldap_set_option($this->connection, $conf->global->LDAP_OPT_PROTOCOL_VERSION, $this->ldapProtocolVersion);
// LDAP_OPT_PROTOCOL_VERSION est une constante qui vaut 17
$ldapsetversion = ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, $this->ldapProtocolVersion);
return $ldapsetversion;
}
/**
* \brief changement du referrals.
* \return referrals
*/
function setReferrals() {
global $conf;
$ldapreferrals = ldap_set_option($this->connection, $conf->global->LDAP_OPT_REFERRALS, 0);
// LDAP_OPT_REFERRALS est une constante qui vaut ?
$ldapreferrals = ldap_set_option($this->connection, LDAP_OPT_REFERRALS, 0);
return $ldapreferrals;
}
/**
* \brief Mise à jour dans l'arbre LDAP
* \param dn DN
* \param info Tableau info
* \param user Objet user qui fait l'opération
* \return int <0 si ko, >0 si ok
* \remarks Ldap object connect and bind must have been done
*/
function update($dn,$info,$user,$olddn='')
{
global $conf, $langs;
if (! $this->connection)
{
$this->error=$langs->trans("NotConnected");
return -2;
}
if (! $this->bind)
{
$this->error=$langs->trans("NotConnected");
return -3;
}
//if (! $conf->ldap->enabled || ! $conf->global->LDAP_SYNCHRO_ACTIVE) return 0;
if (! $olddn) $olddn = $dn;
// On supprime et on insère
dolibarr_syslog("Ldap.class::update dn=".$dn." olddn=".$olddn);
$result = $this->delete($olddn);
$result = $this->add($dn, $info, $user);
if ($result <= 0)
{
$this->error = ldap_errno($this->connection)." ".ldap_error($this->connection)." ".$this->error;
dolibarr_syslog("Ldap.class::update ".$this->error,LOG_ERROR);
//print_r($info);
return -1;
}
else
{
dolibarr_syslog("Ldap.class::update done successfully");
return 1;
}
}
// 2.2 Password methods ------------------------------------------------------
@ -327,7 +421,8 @@ class Ldap
* server as a user - specified in the DN. There are several reasons why
* this login could fail - these are listed below.
*/
function checkPass( $uname,$pass) {
function checkPass($uname,$pass)
{
/* Construct the full DN, eg:-
** "uid=username, ou=People, dc=orgname,dc=com"
*/
@ -362,7 +457,8 @@ class Ldap
* a new ACL must be defined giving users the ability to modify their
* password attribute (userPassword). Otherwise this will fail.
*/
function changePass( $uname,$oldPass,$newPass) {
function changePass($uname,$oldPass,$newPass)
{
// builds the appropriate dn, based on whether $this->people and/or $this->group is set
if ($this->serverType == "activedirectory") {
$checkDn = "$uname@$this->domain";
@ -399,8 +495,8 @@ class Ldap
* LDAP server - by default, it will only send back the "basic"
* attributes.
*/
function checkPassAge ( $uname) {
function checkPassAge ( $uname)
{
$results[0] = "passwordexpirationtime";
// builds the appropriate dn, based on whether $this->people and/or $this->group is set
$checkDn = $this->setDn(true);
@ -412,7 +508,7 @@ class Ldap
return false;
} else {
/* Now work out how many days remaining....
** Yes, it's very verbose code but I left it like this so it can easily
** Yes, it's very verbose code but I left it like this so it can easily
** be modified for your needs.
*/
$date = $info[0]["passwordexpirationtime"][0];
@ -437,7 +533,8 @@ class Ldap
* true, and returns false if the user isn't in the group, or any other
* error occurs (eg:- no such user, no group by that name etc.)
*/
function checkGroup ( $uname,$group) {
function checkGroup ( $uname,$group)
{
// builds the appropriate dn, based on whether $this->people and/or $this->group is set
$checkDn = $this->setDn(false);
@ -489,9 +586,10 @@ class Ldap
* \brief Add a LDAP entry
* \param dn DN entry key
* \param info Attributes array
* \param user Objet utilisateru qui crée
* \return boolean <0 si KO, >0 si OK
*/
function add($dn, $info)
function add($dn, $info, $user)
{
global $conf;
@ -504,7 +602,7 @@ class Ldap
if (! is_array($val)) $info[$key]=utf8_encode($val);
}
}
dolibarr_syslog("ldap.class::add dn=".$dn." info=".join(',',$info));
//print_r($info);
@ -522,13 +620,13 @@ class Ldap
function delete($dn)
{
global $conf;
// Encode en UTF8
if ($conf->global->LDAP_SERVER_TYPE != 'activedirectory')
{
$dn=utf8_encode($dn);
}
dolibarr_syslog("ldap.class::delete Delete LDAP entry dn=".$dn);
$result=@ldap_delete($this->connection, $dn);
@ -570,7 +668,7 @@ class Ldap
$this->ldapErrorText = ldap_error( $this->connection);
return false; // No matching attributes
}
// Return an array containing the attributes.
return $values;
}
@ -585,9 +683,9 @@ class Ldap
function getUsers($search, $attributeArray)
{
$userslist=array();
// Perform the search and get the entry handles
// if the directory is AD, then bind first with the search user first
if ($this->serverType == "activedirectory") {
$this->authBind($this->searchUser, $this->searchPassword);
@ -596,21 +694,21 @@ class Ldap
$filter = '('.$this->filter.'('.$this->getUserIdentifier().'='.$search.'))';
//print "zzz".$filter;
$this->result = @ldap_search( $this->connection, $this->people, $filter);
if (!$this->result)
{
$this->ldapErrorCode = ldap_errno( $this->connection);
$this->ldapErrorText = ldap_error( $this->connection);
}
$info = @ldap_get_entries( $this->connection, $this->result);
for( $i = 0; $i < $info["count"]; $i++)
{
// Get the username, and create an array indexed by it...
// Modify these as you see fit.
$uname = $info[$i][$this->getUserIdentifier()][0];
// add to the array for each attribute in my list
for ( $j = 0; $j < count( $attributeArray); $j++)
{
@ -634,7 +732,7 @@ class Ldap
asort($userslist);
return $userslist;
}
/**
* Récupère le SID de l'utilisateur
* ldapuser. le login de l'utilisateur
@ -643,16 +741,16 @@ class Ldap
{
$criteria = $this->getUserIdentifier()."=$ldapUser";
$justthese = array("objectsid");
$ldapSearchResult = ldap_search($this->connection, $this->people, $criteria, $justthese);
$entry = ldap_first_entry($this->connection, $ldapSearchResult);
$ldapBinary = ldap_get_values_len ($this->connection, $entry, "objectsid");
$SIDText = $this->binSIDtoText($ldapBinary[0]);
return $SIDText;
return $ldapBinary;
}
/**
* Converts a little-endian hex-number to one, that 'hexdec' can convert
*/
@ -662,7 +760,7 @@ class Ldap
}
return $result;
}
/**
* Returns the textual SID
*/
@ -678,7 +776,7 @@ class Ldap
}
return $result;
}
/**
* \brief Fonction de recherche avec filtre
* \param checkDn DN de recherche
@ -692,17 +790,17 @@ class Ldap
{
$checkDn=utf8_decode($checkDn);
}
dolibarr_syslog("ldap.class::search checkDn=".$checkDn." filter=".$filer);
dolibarr_syslog("ldap.class::search checkDn=".$checkDn." filter=".$filter);
// if the directory is AD, then bind first with the search user first
if ($this->serverType == "activedirectory") {
$this->authBind($this->searchUser, $this->searchPassword);
}
$this->result = @ldap_search($this->connection, $checkDn, $filter);
$result = @ldap_get_entries($this->connection, $this->result);
if (!$result)
@ -725,7 +823,7 @@ class Ldap
function fetch( $user) {
// Perform the search and get the entry handles
// if the directory is AD, then bind first with the search user first
if ($this->serverType == "activedirectory") {
$this->authBind($this->searchUser, $this->searchPassword);
@ -735,7 +833,7 @@ class Ldap
$filter = '('.$this->filter.'('.$userIdentifier.'='.$user.'))';
$this->result = @ldap_search( $this->connection, $this->people, $filter);
$result = @ldap_get_entries( $this->connection, $this->result);
if (!$result)
@ -752,22 +850,22 @@ class Ldap
$this->fax = utf8_decode($result[0][$this->attr_fax][0]);
$this->mail = utf8_decode($result[0][$this->attr_mail][0]);
$this->mobile = utf8_decode($result[0][$this->attr_mobile][0]);
$this->uacf = $this->parseUACF(utf8_decode($result[0]["useraccountcontrol"][0]));
$this->pwdlastset = utf8_decode($result[0]["pwdlastset"][0]);
ldap_free_result($this->result);
}
}
// 2.6 helper methods
/**
* Sets and returns the appropriate dn, based on whether there
* are values in $this->people and $this->groups.
*
* @param boolean specifies whether to build a groups dn or a people dn
* @param boolean specifies whether to build a groups dn or a people dn
* @return string if true ou=$this->people,$this->dn, else ou=$this->groups,$this->dn
*/
function setDn($peopleOrGroups) {
@ -787,7 +885,7 @@ class Ldap
}
return $checkDn;
}
/**
* Returns the correct user identifier to use, based on the ldap server type
*/
@ -798,7 +896,7 @@ class Ldap
return $this->attr_login;
}
}
/**
* \brief permet d'enlever les accents d'une chaine.
* \param str
@ -815,7 +913,7 @@ class Ldap
$stu = ereg_replace("ä","a",$stu);
return $stu;
}
/**
* \brief UserAccountControl Flgs to more human understandable form...
*
@ -852,11 +950,11 @@ class Ldap
$retval[$val] = $flag;
}
}
//Return human friendly flags
return($retval);
}
/**
* \brief SamAccountType value to text
*
@ -869,7 +967,7 @@ class Ldap
268435457 => "DISTRIBUTION_GROUP",
536870912 => "SECURITY_LOCAL_GROUP",
536870913 => "DISTRIBUTION_LOCAL_GROUP");
$retval = "";
while (list($sat, $val) = each($stypes)) {
if ($samtype == $sat) {
@ -878,10 +976,10 @@ class Ldap
}
}
if (empty($retval)) $retval = "UNKNOWN_TYPE_" . $samtype;
return($retval);
}
/**
* \Parse GroupType value to text
*
@ -905,6 +1003,6 @@ class Ldap
return($retval);
}
} // End of class
?>

2
htdocs/lib/ldap.lib.php
View File

@ -67,7 +67,7 @@ function ldap_prepare_head()
$h++;
}
if ($conf->global->LDAP_MEMBERS_ACTIVE)
if ($conf->global->LDAP_MEMBER_ACTIVE)
{
$head[$h][0] = DOL_URL_ROOT."/admin/ldap_members.php";
$head[$h][1] = $langs->trans("LDAPMembersSynchro");

2
htdocs/lib/member.lib.php
View File

@ -40,7 +40,7 @@ function member_prepare_head($member)
$head[$h][2] = 'general';
$h++;
if ($conf->ldap->enabled && $conf->global->LDAP_MEMBERS_ACTIVE)
if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE)
{
$langs->load("ldap");

1
htdocs/main.inc.php
View File

@ -175,7 +175,6 @@ if (! session_id() && ! isset($_SESSION["dol_user"]) && ! isset($_SESSION["dol_
'userattr' => $conf->global->LDAP_FIELD_LOGIN_SAMBA,
'userfilter' => $conf->global->$conf->global->LDAP_FILTER_CONNECTION
//'userattr' => 'samAccountName',
//'userfilter' => '(objectClass=user)',
);

186
htdocs/user.class.php
View File

@ -588,10 +588,16 @@ class User
// Fin appel triggers
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$this->delete_ldap($user);
}
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->delete($dn,$info,$user);
}
$this->db->commit();
return 1;
@ -667,7 +673,13 @@ class User
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$this->create_ldap($user);
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->add($dn,$info,$user);
}
if (! $error)
@ -870,7 +882,13 @@ class User
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$this->update_ldap($user);
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->update($dn,$info,$user);
}
}
@ -1237,147 +1255,35 @@ class User
}
/**
* \brief Creation dans l'arbre LDAP
* \param user Utilisateur qui effectue la creation
* \return int <0 si ko, >0 si ok
/*
* \brief Retourne chaine DN complete dans l'annuaire LDAP pour l'objet
* \param info Info string loaded by _load_ldap_info
* \param mode 0=Return DN without key inside (ou=xxx,dc=aaa,dc=bbb)
1=Return full DN (uid=qqq,ou=xxx,dc=aaa,dc=bbb)
2=Return key only (uid=qqq)
* \return string DN
*/
function create_ldap($user)
function _load_ldap_dn($info,$mode=0)
{
dolibarr_syslog("User.class::create_ldap this->id=".$this->id,LOG_DEBUG);
return $this->update_ldap($user);
global $conf;
$dn='';
if ($mode==0) $dn=$conf->global->LDAP_KEY_USERS."=".$info[$conf->global->LDAP_KEY_USERS].",".$conf->global->LDAP_USER_DN;
if ($mode==1) $dn=$conf->global->LDAP_USER_DN;
if ($mode==2) $dn=$conf->global->LDAP_KEY_USERS."=".$info[$conf->global->LDAP_KEY_USERS];
return $dn;
}
/**
* \brief Mise à jour dans l'arbre LDAP
* \param user Utilisateur qui effectue la mise à jour
* \return int <0 si ko, >0 si ok
/*
* \brief Retourne chaine dn dand l'annuaire LDAP
* \return array Tableau info des attributs
*/
function update_ldap($user)
{
global $conf, $langs;
//if (! $conf->ldap->enabled || ! $conf->global->LDAP_SYNCHRO_ACTIVE) return 0;
$info = array();
dolibarr_syslog("User.class::update_ldap this->id=".$this->id,LOG_DEBUG);
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
dolibarr_syslog("User.class::update_ldap authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
else
{
dolibarr_syslog("User.class::update_ldap bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info=$this->_load_ldap_info($info);
// Definitition du DN
$dn = $conf->global->LDAP_KEY_USERS."=".$info[$conf->global->LDAP_KEY_USERS].",".$conf->global->LDAP_USER_DN;
$olddn = $dn;
if (($this->old_firstname || $this->old_name) && $conf->global->LDAP_KEY_USERS=="cn")
$olddn=$conf->global->LDAP_KEY_USERS."=".trim($this->old_firstname." ".$this->old_name).",".$conf->global->LDAP_USER_DN;
// On supprime et on insère
dolibarr_syslog("User.class::update_ldap dn=".$dn." olddn=".$olddn);
$result = $ldap->delete($olddn);
$result = $ldap->add($dn, $info);
if ($result <= 0)
{
$this->error = ldap_errno($ldap->connection)." ".ldap_error($ldap->connection)." ".$ldap->error;
dolibarr_syslog("User.class::update_ldap ".$this->error,LOG_ERROR);
//print_r($info);
return -1;
}
else
{
dolibarr_syslog("User.class::update_ldap rowid=".$this->id." added in LDAP");
}
$ldap->unbind();
return 1;
}
else
{
$this->error = "Error ".ldap_errno($ldap->connection)." ".ldap_error($ldap->connection);
dolibarr_syslog("User.class::update_ldap bind failed",LOG_DEBUG);
return -1;
}
}
else
{
$this->error="Failed to connect to LDAP server !";
dolibarr_syslog("User.class::update_ldap Connexion failed",LOG_DEBUG);
return -1;
}
}
/**
* \brief Mise à jour de l'arbre LDAP
* \param user Utilisateur qui efface
* \return int <0 si ko, >0 si ok
*/
function delete_ldap($user)
{
global $conf, $langs;
//if (! $conf->ldap->enabled || ! $conf->global->LDAP_SYNCHRO_ACTIVE) return 0;
dolibarr_syslog("User.class::delete_ldap this->id=".$this->id,LOG_DEBUG);
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
dolibarr_syslog("User.class::delete_ldap authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
else
{
dolibarr_syslog("User.class::delete_ldap bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info=$this->_load_ldap_info($info);
$dn = $conf->global->LDAP_KEY_USERS."=".$info[$conf->global->LDAP_KEY_USERS].",".$conf->global->LDAP_USER_DN;
$result=$ldap->delete($dn);
return $result;
}
}
else
{
$this->error="Failed to connect to LDAP server !";
dolibarr_syslog("User.class::update_ldap Connexion failed",LOG_DEBUG);
return -1;
}
}
function _load_ldap_info($info)
function _load_ldap_info()
{
global $conf,$langs;
$info=array();
if ($conf->global->LDAP_SERVER_TYPE == 'activedirectory')
{
$info["objectclass"]=array("top",
@ -1416,7 +1322,7 @@ class User
if ($this->phone_perso) $info["homePhone"] = $this->phone_perso;
if ($this->phone_mobile && $conf->global->LDAP_FIELD_MOBILE) $info[$conf->global->LDAP_FIELD_MOBILE] = $this->phone_mobile;
if ($this->fax && $conf->global->LDAP_FIELD_FAX) $info[$conf->global->LDAP_FIELD_FAX] = $this->fax;
if ($this->note) $info["description"] = $this->note;
if ($this->note && $conf->global->LDAP_FIELD_DESCRIPTION) $info[$conf->global->LDAP_FIELD_DESCRIPTION] = $this->note;
if ($this->email && $conf->global->LDAP_FIELD_MAIL) $info[$conf->global->LDAP_FIELD_MAIL] = $this->email;
if ($conf->global->LDAP_SERVER_TYPE == 'egroupware')
@ -1446,7 +1352,7 @@ class User
return $info;
}
/**
* \brief Initialise le user avec valeurs fictives aléatoire

20
htdocs/user/fiche.php
View File

@ -375,15 +375,18 @@ if (($action == 'create') || ($action == 'adduserldap'))
* Affiche formulaire d'ajout d'un compte depuis LDAP
* si on est en synchro LDAP vers Dolibarr
*/
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr')
{
$fullname = $conf->global->LDAP_FIELD_FULLNAME;
$name = $conf->global->LDAP_FIELD_NAME;
$firstname = $conf->global->LDAP_FIELD_FIRSTNAME;
$login = $conf->global->LDAP_FIELD_LOGIN_SAMBA;
$mail = $conf->global->LDAP_FIELD_MAIL;
$phone = $conf->global->LDAP_FIELD_PHONE;
$fax = $conf->global->LDAP_FIELD_FAX;
$mobile = $conf->global->LDAP_FIELD_MOBILE;
$login = $conf->global->LDAP_FIELD_LOGIN_SAMBA;
$SID = "objectsid";
$ldap = new Ldap();
@ -403,7 +406,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
}
if ($bind)
{
$justthese = array($name, $firstname, $login);
$justthese = array($fullname, $name, $firstname, $login);
$ldapusers = $ldap->getUsers('*', $justthese);
//print "eee".$justthese." r ".$ldapusers;
@ -411,8 +414,11 @@ if (($action == 'create') || ($action == 'adduserldap'))
foreach ($ldapusers as $key => $ldapuser)
{
if($ldapuser[$name] != "")
$liste[$ldapuser[$login]] = utf8_decode($ldapuser[$name])." ".utf8_decode($ldapuser[$firstname]);
if ($ldapuser[$login])
{
if ($ldapuser[$name] != "") $liste[$ldapuser[$login]] = trim($ldapuser[$name]." ".$ldapuser[$firstname]);
else if ($ldapuser[$fullname] != "") $liste[$ldapuser[$login]] = $ldapuser[$fullname];
}
}
print '<form name="add_user_ldap" action="'.$_SERVER["PHP_SELF"].'" method="post">';
@ -663,12 +669,12 @@ else
// Connexion ldap
if ($conf->ldap->enabled && $fuser->ldap_sid)
{
$ldap = new Ldap();
if ($ldap->connect())
$result=$ldap->connect_bind();
if ($result > 0)
{
$entries = $ldap->fetch($fuser->login);
if (!$entries)
if (! $entries)
{
$message .= $ldap->ldapErrorCode." - ".$ldap->ldapErrorText;
}

52
htdocs/user/group/ldap.php
View File

@ -117,50 +117,26 @@ print '</tr>';
// Lecture LDAP
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
$result=$ldap->connect_bind();
if ($result > 0)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
$info=$fgroup->_load_ldap_info();
$dn=$fgroup->_load_ldap_dn($info,1);
$search = "(".$fgroup->_load_ldap_dn($info,2).")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
dolibarr_syslog("ldap.php: authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
if (! $bind) // Si pas de login ou si connexion avec login en echec, on tente en anonyme
{
dolibarr_syslog("ldap.php: bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info["cn"] = trim($fgroup->nom);
$dn = $conf->global->LDAP_GROUP_DN;
// $dn = "cn=".$info["cn"].",".$dn;
// $dn = "uid=".$info["uid"].",".$dn
$search = "(cn=".$info["cn"].")";
//$search = "(uid=".$info["uid"].")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
dolibarr_print_error('',$ldap->error);
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$ldap->close();
}
else

52
htdocs/user/ldap.php
View File

@ -132,50 +132,26 @@ print '</tr>';
// Lecture LDAP
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
$result=$ldap->connect_bind();
if ($result > 0)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
$info=$fuser->_load_ldap_info();
$dn=$fuser->_load_ldap_dn($info,1);
$search = "(".$fuser->_load_ldap_dn($info,2).")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
dolibarr_syslog("ldap.php: authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
if (! $bind) // Si pas de login ou si connexion avec login en echec, on tente en anonyme
{
dolibarr_syslog("ldap.php: bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info["cn"] = trim($fuser->prenom." ".$fuser->nom);
$dn = $conf->global->LDAP_USER_DN;
// $dn = "cn=".$info["cn"].",".$dn;
// $dn = "uid=".$info["uid"].",".$dn
$search = "(cn=".$info["cn"].")";
//$search = "(uid=".$info["uid"].")";
$result=$ldap->search($dn,$search);
// Affichage arbre
if (sizeof($result))
{
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$html=new Form($db);
$html->show_ldap_content($result,0,0,true);
}
else
{
dolibarr_print_error('',$ldap->error);
print '<tr><td colspan="2">'.$langs->trans("LDAPRecordNotFound").'</td></tr>';
}
$ldap->unbind();
$ldap->close();
}
else

198
htdocs/usergroup.class.php
View File

@ -370,11 +370,16 @@ class UserGroup
// Fin appel triggers
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$this->delete_ldap($user);
}
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->delete($dn,$info,$user);
}
$this->db->commit();
return 1;
@ -414,10 +419,16 @@ class UserGroup
// Fin appel triggers
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$this->create_ldap($user);
}
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->add($dn,$info,$user);
}
return $this->id;
}
@ -462,7 +473,13 @@ class UserGroup
// \todo Mettre en trigger
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE)
{
$this->update_ldap($user);
$ldap=new Ldap();
$ldap->connect_bind();
$info=$this->_load_ldap_info();
$dn=$this->_load_ldap_dn($info);
$ldap->update($dn,$info,$user);
}
}
@ -475,147 +492,36 @@ class UserGroup
dolibarr_print_error($this->db);
return -2;
}
}
/**
* \brief Creation dans l'arbre LDAP
* \param user Utilisateur qui effectue la creation
* \return int <0 si ko, >0 si ok
*/
function create_ldap($user)
{
dolibarr_syslog("UserGroup.class::create_ldap this->id=".$this->id,LOG_DEBUG);
return $this->update_ldap($user);
}
/**
* \brief Mise à jour dans l'arbre LDAP
* \param user Utilisateur qui effectue la mise à jour
* \return int <0 si ko, >0 si ok
*/
function update_ldap($user)
{
global $conf, $langs;
//if (! $conf->ldap->enabled || ! $conf->global->LDAP_SYNCHRO_ACTIVE) return 0;
$info = array();
dolibarr_syslog("UserGroup.class::update_ldap this->id=".$this->id,LOG_DEBUG);
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
dolibarr_syslog("UserGroup.class::update_ldap authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
else
{
dolibarr_syslog("UserGroup.class::update_ldap bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info=$this->_load_ldap_info($info);
// Definitition du DN
$dn = $conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS].",".$conf->global->LDAP_GROUP_DN;
$olddn = $dn;
// On supprime et on insère
dolibarr_syslog("User.class::update_ldap dn=".$dn." olddn=".$olddn);
$result = $ldap->delete($olddn);
$result = $ldap->add($dn, $info);
if ($result <= 0)
{
$this->error = ldap_errno($ldap->connection)." ".ldap_error($ldap->connection)." ".$ldap->error;
dolibarr_syslog("UserGroup.class::update_ldap ".$this->error,LOG_ERROR);
//print_r($info);
return -1;
}
else
{
dolibarr_syslog("UserGroup.class::update_ldap rowid=".$this->id." added in LDAP");
}
$ldap->unbind();
return 1;
}
else
{
$this->error = "Error ".ldap_errno($ldap->connection)." ".ldap_error($ldap->connection);
dolibarr_syslog("UserGroup.class::update_ldap bind failed",LOG_DEBUG);
return -1;
}
}
else
{
$this->error="Failed to connect to LDAP server !";
dolibarr_syslog("UserGroup.class::update_ldap Connexion failed",LOG_DEBUG);
return -1;
}
}
/**
* \brief Mise à jour de l'arbre LDAP
* \param user Utilisateur qui efface
* \return int <0 si ko, >0 si ok
*/
function delete_ldap($user)
{
global $conf, $langs;
//if (! $conf->ldap->enabled || ! $conf->global->LDAP_SYNCHRO_ACTIVE) return 0;
dolibarr_syslog("UserGroup.class::delete_ldap this->id=".$this->id,LOG_DEBUG);
$ldap=new Ldap();
$result=$ldap->connect();
if ($result)
{
$bind='';
if ($conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
dolibarr_syslog("UserGroup.class::delete_ldap authBind user=".$conf->global->LDAP_ADMIN_DN,LOG_DEBUG);
$bind=$ldap->authBind($conf->global->LDAP_ADMIN_DN,$conf->global->LDAP_ADMIN_PASS);
}
else
{
dolibarr_syslog("UserGroup.class::delete_ldap bind",LOG_DEBUG);
$bind=$ldap->bind();
}
if ($bind)
{
$info=$this->_load_ldap_info($info);
$dn = $conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS].",".$conf->global->LDAP_GROUP_DN;
$result=$ldap->delete($dn);
return $result;
}
}
else
{
$this->error="Failed to connect to LDAP server !";
dolibarr_syslog("UserGroup.class::update_ldap Connexion failed",LOG_DEBUG);
return -1;
}
}
function _load_ldap_info($info)
/*
* \brief Retourne chaine DN complete dans l'annuaire LDAP pour l'objet
* \param info Info string loaded by _load_ldap_info
* \param mode 0=Return DN without key inside (ou=xxx,dc=aaa,dc=bbb)
1=Return full DN (uid=qqq,ou=xxx,dc=aaa,dc=bbb)
2=Return key only (uid=qqq)
* \return string DN
*/
function _load_ldap_dn($info,$mode=0)
{
global $conf;
$dn='';
if ($mode==0) $dn=$conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS].",".$conf->global->LDAP_USER_DN;
if ($mode==1) $dn=$conf->global->LDAP_GROUP_DN;
if ($mode==2) $dn=$conf->global->LDAP_KEY_GROUPS."=".$info[$conf->global->LDAP_KEY_GROUPS];
return $dn;
}
/*
* \brief Retourne chaine dn dand l'annuaire LDAP
* \return array Tableau info des attributs
*/
function _load_ldap_info()
{
global $conf,$langs;
$info=array();
if ($conf->global->LDAP_SERVER_TYPE == 'activedirectory')
{

2
scripts/user/sync_group_dolibarr2ldap.php
View File

@ -47,7 +47,7 @@ $version='$Revision$';
$path=eregi_replace($script_file,'',$_SERVER["PHP_SELF"]);
require_once($path."../../htdocs/master.inc.php");
require_once(DOL_DOCUMENT_ROOT."/lib/authldap.lib.php");
require_once(DOL_DOCUMENT_ROOT."/lib/ldap.class.php");
require_once(DOL_DOCUMENT_ROOT."/usergroup.class.php");
$error=0;

2
scripts/user/sync_user_dolibarr2ldap.php
View File

@ -47,7 +47,7 @@ $version='$Revision$';
$path=eregi_replace($script_file,'',$_SERVER["PHP_SELF"]);
require_once($path."../../htdocs/master.inc.php");
require_once(DOL_DOCUMENT_ROOT."/lib/authldap.lib.php");
require_once(DOL_DOCUMENT_ROOT."/lib/ldap.class.php");
require_once(DOL_DOCUMENT_ROOT."/user.class.php");
$error=0;