1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
bc175c27
|
Assos Assos
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
*/
|
6 |
|
|
|
7 |
85ad3d82
|
Assos Assos
|
define('LDAP_SERVER_LDAP_QUERY_CHUNK', 50);
|
8 |
|
|
define('LDAP_SERVERS_MAXFILTER_ORS', 30);
|
9 |
|
|
define('LDAP_SERVER_LDAP_QUERY_RECURSION_LIMIT', 10);
|
10 |
|
|
|
11 |
|
|
define('LDAP_SCOPE_BASE', 1);
|
12 |
|
|
define('LDAP_SCOPE_ONELEVEL', 2);
|
13 |
|
|
define('LDAP_SCOPE_SUBTREE', 3);
|
14 |
|
|
|
15 |
|
|
define('LDAP_TEST_QUERY_CONTEXT', 999);
|
16 |
|
|
|
17 |
|
|
define('LDAP_SERVERS_PROJECT_TAG', 'ldap');
|
18 |
|
|
define('LDAP_SERVERS_MENU_BASE_PATH', 'admin/config/people/ldap');
|
19 |
|
|
define('LDAP_SERVERS_INDEX_BASE_PATH', 'admin/config/people/ldap/servers');
|
20 |
32700c57
|
Assos Assos
|
// For argument offsets.
|
21 |
|
|
define('LDAP_SERVERS_MENU_BASE_PATH_PARTS', 4);
|
22 |
85ad3d82
|
Assos Assos
|
define('LDAP_SERVERS_DRUPAL_HELP_URL', 'http://drupal.org/node/997082');
|
23 |
|
|
|
24 |
|
|
define('LDAP_SERVERS_TOKEN_PRE', '[');
|
25 |
|
|
define('LDAP_SERVERS_TOKEN_POST', ']');
|
26 |
|
|
define('LDAP_SERVERS_TOKEN_DEL', ':');
|
27 |
|
|
define('LDAP_SERVERS_TOKEN_MODIFIER_DEL', ';');
|
28 |
|
|
|
29 |
|
|
define('LDAP_SERVERS_ENC_TYPE_CLEARTEXT', 10);
|
30 |
32700c57
|
Assos Assos
|
define('LDAP_SERVERS_ENC_TYPE_OPENSSL', 20);
|
31 |
|
|
define('LDAP_SERVERS_CYPHER_MODE', 'aes-256-cbc');
|
32 |
85ad3d82
|
Assos Assos
|
|
33 |
|
|
define('LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT', 1);
|
34 |
|
|
define('LDAP_SERVERS_BIND_METHOD_USER', 2);
|
35 |
|
|
define('LDAP_SERVERS_BIND_METHOD_ANON', 3);
|
36 |
|
|
define('LDAP_SERVERS_BIND_METHOD_ANON_USER', 4);
|
37 |
|
|
define('LDAP_SERVERS_BIND_METHOD_DEFAULT', 1);
|
38 |
|
|
|
39 |
|
|
define('LDAP_SERVERS_DERIVE_GROUP_FROM_DN', 1);
|
40 |
|
|
define('LDAP_SERVERS_DERIVE_GROUP_FROM_ATTRIBUTE', 2);
|
41 |
|
|
define('LDAP_SERVERS_DERIVE_GROUP_FROM_ENTRY', 4);
|
42 |
|
|
|
43 |
32700c57
|
Assos Assos
|
// ... value is being displayed in UI.
|
44 |
|
|
define('LDAP_SERVER_MASSAGE_DISPLAY', 1);
|
45 |
|
|
// ... value is about to be used to generate token (e.g. [...] to be replaced.
|
46 |
|
|
define('LDAP_SERVER_MASSAGE_TOKEN_REPLACE', 2);
|
47 |
|
|
|
48 |
|
|
// ...value is about to be used in ldap query.
|
49 |
|
|
define('LDAP_SERVER_MASSAGE_QUERY_LDAP', 5);
|
50 |
|
|
// ...value is about to be in an sql query.
|
51 |
|
|
define('LDAP_SERVER_MASSAGE_QUERY_DB', 6);
|
52 |
|
|
// ...value is about to be found in array values.
|
53 |
|
|
define('LDAP_SERVER_MASSAGE_QUERY_ARRAY', 7);
|
54 |
|
|
// ...value is about to be found in object property values.
|
55 |
|
|
define('LDAP_SERVER_MASSAGE_QUERY_PROPERTY', 8);
|
56 |
|
|
|
57 |
|
|
// ...value is about to be stored in ldap entry.
|
58 |
|
|
define('LDAP_SERVER_MASSAGE_STORE_LDAP', 13);
|
59 |
|
|
// ...value is about to be stored in db.
|
60 |
|
|
define('LDAP_SERVER_MASSAGE_STORE_DB', 14);
|
61 |
|
|
// ...value is about to be stored in array.
|
62 |
|
|
define('LDAP_SERVER_MASSAGE_STORE_ARRAY', 15);
|
63 |
|
|
// ...value is about to be stored in object property.
|
64 |
|
|
define('LDAP_SERVER_MASSAGE_STORE_PROPERTY', 16);
|
65 |
85ad3d82
|
Assos Assos
|
|
66 |
|
|
define('LDAP_SERVER_GROUPS_RECURSE_DEPTH', 20);
|
67 |
|
|
|
68 |
|
|
define('LDAP_FAIL', -1);
|
69 |
|
|
|
70 |
|
|
define('LDAP_SUCCESS', 0x00);
|
71 |
|
|
define('LDAP_OPERATIONS_ERROR', 0x01);
|
72 |
|
|
define('LDAP_PROTOCOL_ERROR', 0x02);
|
73 |
|
|
define('LDAP_TIMELIMIT_EXCEEDED', 0x03);
|
74 |
|
|
define('LDAP_SIZELIMIT_EXCEEDED', 0x04);
|
75 |
|
|
define('LDAP_COMPARE_FALSE', 0x05);
|
76 |
|
|
define('LDAP_COMPARE_TRUE', 0x06);
|
77 |
|
|
define('LDAP_AUTH_METHOD_NOT_SUPPORTED', 0x07);
|
78 |
|
|
define('LDAP_STRONG_AUTH_REQUIRED', 0x08);
|
79 |
32700c57
|
Assos Assos
|
|
80 |
|
|
// Not used in LDAPv3.
|
81 |
85ad3d82
|
Assos Assos
|
define('LDAP_PARTIAL_RESULTS', 0x09);
|
82 |
|
|
|
83 |
32700c57
|
Assos Assos
|
// Next 5 new in LDAPv3.
|
84 |
85ad3d82
|
Assos Assos
|
define('LDAP_REFERRAL', 0x0a);
|
85 |
|
|
define('LDAP_ADMINLIMIT_EXCEEDED', 0x0b);
|
86 |
|
|
define('LDAP_UNAVAILABLE_CRITICAL_EXTENSION', 0x0c);
|
87 |
|
|
define('LDAP_CONFIDENTIALITY_REQUIRED', 0x0d);
|
88 |
|
|
define('LDAP_SASL_BIND_INPROGRESS', 0x0e);
|
89 |
|
|
|
90 |
|
|
define('LDAP_NO_SUCH_ATTRIBUTE', 0x10);
|
91 |
|
|
define('LDAP_UNDEFINED_TYPE', 0x11);
|
92 |
|
|
define('LDAP_INAPPROPRIATE_MATCHING', 0x12);
|
93 |
|
|
define('LDAP_CONSTRAINT_VIOLATION', 0x13);
|
94 |
|
|
define('LDAP_TYPE_OR_VALUE_EXISTS', 0x14);
|
95 |
|
|
define('LDAP_INVALID_SYNTAX', 0x15);
|
96 |
|
|
|
97 |
|
|
define('LDAP_NO_SUCH_OBJECT', 0x20);
|
98 |
|
|
define('LDAP_ALIAS_PROBLEM', 0x21);
|
99 |
|
|
define('LDAP_INVALID_DN_SYNTAX', 0x22);
|
100 |
|
|
|
101 |
|
|
define('LDAP_IS_LEAF', 0x23);
|
102 |
|
|
define('LDAP_ALIAS_DEREF_PROBLEM', 0x24);
|
103 |
32700c57
|
Assos Assos
|
if (!defined('LDAP_DEREF_NEVER')) {
|
104 |
5136ce55
|
Assos Assos
|
define('LDAP_DEREF_NEVER', 0x25);
|
105 |
32700c57
|
Assos Assos
|
}
|
106 |
85ad3d82
|
Assos Assos
|
|
107 |
|
|
define('LDAP_INAPPROPRIATE_AUTH', 0x30);
|
108 |
|
|
define('LDAP_INVALID_CREDENTIALS', 0x31);
|
109 |
|
|
define('LDAP_INSUFFICIENT_ACCESS', 0x32);
|
110 |
|
|
define('LDAP_BUSY', 0x33);
|
111 |
|
|
define('LDAP_UNAVAILABLE', 0x34);
|
112 |
|
|
define('LDAP_UNWILLING_TO_PERFORM', 0x35);
|
113 |
|
|
define('LDAP_LOOP_DETECT', 0x36);
|
114 |
|
|
|
115 |
|
|
define('LDAP_SORT_CONTROL_MISSING', 0x3C);
|
116 |
|
|
define('LDAP_INDEX_RANGE_ERROR', 0x3D);
|
117 |
|
|
|
118 |
|
|
define('LDAP_NAMING_VIOLATION', 0x40);
|
119 |
|
|
define('LDAP_OBJECT_CLASS_VIOLATION', 0x41);
|
120 |
|
|
define('LDAP_NOT_ALLOWED_ON_NONLEAF', 0x42);
|
121 |
|
|
define('LDAP_NOT_ALLOWED_ON_RDN', 0x43);
|
122 |
|
|
define('LDAP_ALREADY_EXISTS', 0x44);
|
123 |
|
|
define('LDAP_NO_OBJECT_CLASS_MODS', 0x45);
|
124 |
|
|
define('LDAP_RESULTS_TOO_LARGE', 0x46);
|
125 |
32700c57
|
Assos Assos
|
|
126 |
|
|
// Next two for LDAPv3.
|
127 |
85ad3d82
|
Assos Assos
|
define('LDAP_AFFECTS_MULTIPLE_DSAS', 0x47);
|
128 |
|
|
define('LDAP_OTHER', 0x50);
|
129 |
|
|
|
130 |
32700c57
|
Assos Assos
|
// Used by someAPIs.
|
131 |
85ad3d82
|
Assos Assos
|
define('LDAP_SERVER_DOWN', 0x51);
|
132 |
|
|
define('LDAP_LOCAL_ERROR', 0x52);
|
133 |
|
|
define('LDAP_ENCODING_ERROR', 0x53);
|
134 |
|
|
define('LDAP_DECODING_ERROR', 0x54);
|
135 |
|
|
define('LDAP_TIMEOUT', 0x55);
|
136 |
|
|
define('LDAP_AUTH_UNKNOWN', 0x56);
|
137 |
|
|
define('LDAP_FILTER_ERROR', 0x57);
|
138 |
|
|
define('LDAP_USER_CANCELLED', 0x58);
|
139 |
|
|
define('LDAP_PARAM_ERROR', 0x59);
|
140 |
|
|
define('LDAP_NO_MEMORY', 0x5a);
|
141 |
|
|
|
142 |
32700c57
|
Assos Assos
|
// PreliminaryLDAPv3 codes.
|
143 |
85ad3d82
|
Assos Assos
|
define('LDAP_CONNECT_ERROR', 0x5b);
|
144 |
|
|
define('LDAP_NOT_SUPPORTED', 0x5c);
|
145 |
|
|
define('LDAP_CONTROL_NOT_FOUND', 0x5d);
|
146 |
|
|
define('LDAP_NO_RESULTS_RETURNED', 0x5e);
|
147 |
|
|
define('LDAP_MORE_RESULTS_TO_RETURN', 0x5f);
|
148 |
|
|
define('LDAP_CLIENT_LOOP', 0x60);
|
149 |
|
|
define('LDAP_REFERRAL_LIMIT_EXCEEDED', 0x61);
|
150 |
|
|
|
151 |
bc175c27
|
Assos Assos
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
|
152 |
|
|
module_load_include('inc', 'ldap_servers', 'ldap_servers.tokens');
|
153 |
85ad3d82
|
Assos Assos
|
|
154 |
|
|
/**
|
155 |
|
|
* Implements hook_init().
|
156 |
|
|
*/
|
157 |
|
|
function ldap_servers_init() {
|
158 |
bc175c27
|
Assos Assos
|
if (strpos(current_path(), 'admin/config/people/ldap') === 0) {
|
159 |
|
|
drupal_add_css(drupal_get_path('module', 'ldap_servers') . '/ldap_servers.admin.css', 'module');
|
160 |
|
|
}
|
161 |
85ad3d82
|
Assos Assos
|
}
|
162 |
|
|
|
163 |
|
|
/**
|
164 |
32700c57
|
Assos Assos
|
* Advertise the current ldap api version.
|
165 |
85ad3d82
|
Assos Assos
|
*/
|
166 |
|
|
function ldap_api_version() {
|
167 |
|
|
return '2.0';
|
168 |
|
|
}
|
169 |
|
|
|
170 |
32700c57
|
Assos Assos
|
/**
|
171 |
|
|
*
|
172 |
|
|
*/
|
173 |
85ad3d82
|
Assos Assos
|
function ldap_servers_menu() {
|
174 |
|
|
$menu_offset = 4;
|
175 |
|
|
|
176 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap'] = [
|
177 |
85ad3d82
|
Assos Assos
|
'title' => 'LDAP Configuration',
|
178 |
|
|
'description' => 'LDAP authentication, authorization, provisioning, etc.',
|
179 |
|
|
'page callback' => 'drupal_get_form',
|
180 |
32700c57
|
Assos Assos
|
'page arguments' => ['ldap_servers_settings'],
|
181 |
|
|
'access arguments' => ['administer site configuration'],
|
182 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.settings.inc',
|
183 |
32700c57
|
Assos Assos
|
];
|
184 |
85ad3d82
|
Assos Assos
|
|
185 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/settings'] = [
|
186 |
85ad3d82
|
Assos Assos
|
'title' => '1. Settings',
|
187 |
|
|
'weight' => -2,
|
188 |
|
|
'type' => MENU_DEFAULT_LOCAL_TASK,
|
189 |
32700c57
|
Assos Assos
|
];
|
190 |
85ad3d82
|
Assos Assos
|
|
191 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers'] = [
|
192 |
85ad3d82
|
Assos Assos
|
'title' => '2. Servers',
|
193 |
|
|
'page callback' => 'ldap_servers_edit_index',
|
194 |
|
|
'weight' => -1,
|
195 |
|
|
'type' => MENU_LOCAL_TASK,
|
196 |
32700c57
|
Assos Assos
|
'access arguments' => ['administer site configuration'],
|
197 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.admin.inc',
|
198 |
32700c57
|
Assos Assos
|
];
|
199 |
85ad3d82
|
Assos Assos
|
|
200 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers/list'] = [
|
201 |
85ad3d82
|
Assos Assos
|
'title' => 'List',
|
202 |
|
|
'type' => MENU_DEFAULT_LOCAL_TASK,
|
203 |
32700c57
|
Assos Assos
|
];
|
204 |
85ad3d82
|
Assos Assos
|
|
205 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers/add'] = [
|
206 |
85ad3d82
|
Assos Assos
|
'title' => 'Add LDAP Server Configuration',
|
207 |
|
|
'page callback' => 'drupal_get_form',
|
208 |
32700c57
|
Assos Assos
|
'page arguments' => ['ldap_servers_admin_form', 'add'],
|
209 |
85ad3d82
|
Assos Assos
|
'type' => MENU_LOCAL_TASK + MENU_CONTEXT_INLINE,
|
210 |
|
|
'weight' => 3,
|
211 |
32700c57
|
Assos Assos
|
'access arguments' => ['administer site configuration'],
|
212 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.admin.inc',
|
213 |
32700c57
|
Assos Assos
|
];
|
214 |
85ad3d82
|
Assos Assos
|
|
215 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers/edit/%'] = [
|
216 |
85ad3d82
|
Assos Assos
|
'title' => 'Edit LDAP Server Configuration',
|
217 |
|
|
'page callback' => 'drupal_get_form',
|
218 |
32700c57
|
Assos Assos
|
'page arguments' => ['ldap_servers_admin_form', 'edit', $menu_offset + 2],
|
219 |
|
|
'access arguments' => ['administer site configuration'],
|
220 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.admin.inc',
|
221 |
32700c57
|
Assos Assos
|
];
|
222 |
85ad3d82
|
Assos Assos
|
|
223 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers/test/%'] = [
|
224 |
85ad3d82
|
Assos Assos
|
'title' => 'Test LDAP Server Configuration',
|
225 |
|
|
'page callback' => 'drupal_get_form',
|
226 |
32700c57
|
Assos Assos
|
'page arguments' => ['ldap_servers_test_form', $menu_offset + 1, $menu_offset + 2],
|
227 |
|
|
'access arguments' => ['administer site configuration'],
|
228 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.test_form.inc',
|
229 |
32700c57
|
Assos Assos
|
];
|
230 |
85ad3d82
|
Assos Assos
|
|
231 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers/delete/%'] = [
|
232 |
85ad3d82
|
Assos Assos
|
'title' => 'Delete LDAP Server',
|
233 |
|
|
'page callback' => 'drupal_get_form',
|
234 |
32700c57
|
Assos Assos
|
'page arguments' => ['ldap_servers_admin_delete', $menu_offset + 1, $menu_offset + 2],
|
235 |
|
|
'access arguments' => ['administer site configuration'],
|
236 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.admin.inc',
|
237 |
32700c57
|
Assos Assos
|
];
|
238 |
85ad3d82
|
Assos Assos
|
|
239 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers/enable/%'] = [
|
240 |
85ad3d82
|
Assos Assos
|
'title' => 'Enable LDAP Server',
|
241 |
|
|
'page callback' => 'drupal_get_form',
|
242 |
32700c57
|
Assos Assos
|
'page arguments' => ['ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2],
|
243 |
|
|
'access arguments' => ['administer site configuration'],
|
244 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.admin.inc',
|
245 |
32700c57
|
Assos Assos
|
];
|
246 |
85ad3d82
|
Assos Assos
|
|
247 |
32700c57
|
Assos Assos
|
$items['admin/config/people/ldap/servers/disable/%'] = [
|
248 |
85ad3d82
|
Assos Assos
|
'title' => 'Enable LDAP Server',
|
249 |
|
|
'page callback' => 'drupal_get_form',
|
250 |
32700c57
|
Assos Assos
|
'page arguments' => ['ldap_servers_admin_enable_disable', $menu_offset + 1, $menu_offset + 2],
|
251 |
|
|
'access arguments' => ['administer site configuration'],
|
252 |
85ad3d82
|
Assos Assos
|
'file' => 'ldap_servers.admin.inc',
|
253 |
32700c57
|
Assos Assos
|
];
|
254 |
85ad3d82
|
Assos Assos
|
|
255 |
|
|
return $items;
|
256 |
|
|
}
|
257 |
|
|
|
258 |
|
|
/**
|
259 |
|
|
* Implements hook_theme().
|
260 |
|
|
*/
|
261 |
|
|
function ldap_servers_theme() {
|
262 |
32700c57
|
Assos Assos
|
return [
|
263 |
|
|
'ldap_servers_list' => [
|
264 |
|
|
'variables' => ['ldap_servers' => NULL, 'actions' => TRUE, 'type' => 'table'],
|
265 |
85ad3d82
|
Assos Assos
|
'render element' => 'element',
|
266 |
32700c57
|
Assos Assos
|
'file' => 'ldap_servers.theme.inc',
|
267 |
|
|
],
|
268 |
|
|
'ldap_servers_server' => [
|
269 |
|
|
'variables' => ['ldap_server' => NULL, 'actions' => FALSE, 'type' => 'detail'],
|
270 |
85ad3d82
|
Assos Assos
|
'render element' => 'element',
|
271 |
32700c57
|
Assos Assos
|
'file' => 'ldap_servers.theme.inc',
|
272 |
|
|
],
|
273 |
|
|
'ldap_server_token_table' => [
|
274 |
|
|
'variables' => ['tokens' => []],
|
275 |
85ad3d82
|
Assos Assos
|
'render element' => 'element',
|
276 |
32700c57
|
Assos Assos
|
'file' => 'ldap_servers.theme.inc',
|
277 |
|
|
],
|
278 |
|
|
'ldap_server_ldap_entry_table' => [
|
279 |
|
|
'variables' => ['entry' => []],
|
280 |
85ad3d82
|
Assos Assos
|
'render element' => 'element',
|
281 |
32700c57
|
Assos Assos
|
'file' => 'ldap_servers.theme.inc',
|
282 |
|
|
],
|
283 |
|
|
];
|
284 |
85ad3d82
|
Assos Assos
|
}
|
285 |
|
|
|
286 |
32700c57
|
Assos Assos
|
/**
|
287 |
|
|
* Implements hook_cron().
|
288 |
|
|
*/
|
289 |
|
|
function ldap_servers_cron() {
|
290 |
|
|
// If any modules implement hook_ldap_servers_user_cron().
|
291 |
|
|
// user entity query to find most recent 100 entries that have not been processed
|
292 |
|
|
// query for these and pass to modules implementing hook_ldap_server_maintenance()
|
293 |
|
|
// update user field to have current date as date most recently checked.
|
294 |
|
|
}
|
295 |
85ad3d82
|
Assos Assos
|
|
296 |
32700c57
|
Assos Assos
|
/**
|
297 |
|
|
* Get mixed case match from case insensitive search.
|
298 |
|
|
*
|
299 |
|
|
* @param string mixed case $key
|
300 |
|
|
* @param array mixed case $array
|
301 |
|
|
*
|
302 |
|
|
* @return string matching key in mixed case or FALSE
|
303 |
|
|
*/
|
304 |
|
|
function ldap_server_find_key($key, $array) {
|
305 |
|
|
$keys = array_combine(array_change_key_case($array), $array);
|
306 |
|
|
if (isset($keys[drupal_strtolower($key)])) {
|
307 |
|
|
return $keys[drupal_strtolower($key)];
|
308 |
85ad3d82
|
Assos Assos
|
}
|
309 |
32700c57
|
Assos Assos
|
else {
|
310 |
|
|
return FALSE;
|
311 |
85ad3d82
|
Assos Assos
|
}
|
312 |
32700c57
|
Assos Assos
|
}
|
313 |
85ad3d82
|
Assos Assos
|
|
314 |
32700c57
|
Assos Assos
|
/**
|
315 |
|
|
* Implements hook_ldap_attributes_needed_alter().
|
316 |
|
|
*/
|
317 |
|
|
function ldap_servers_ldap_attributes_needed_alter(&$attributes, $params) {
|
318 |
85ad3d82
|
Assos Assos
|
|
319 |
32700c57
|
Assos Assos
|
// Force this data type.
|
320 |
|
|
$attributes['dn'] = ldap_servers_set_attribute_map(@$attributes['dn'], 'ldap_dn');
|
321 |
85ad3d82
|
Assos Assos
|
|
322 |
32700c57
|
Assos Assos
|
// Puid attributes are server specific.
|
323 |
|
|
if ($params['sid'] && $params['sid']) {
|
324 |
|
|
if (is_scalar($params['sid'])) {
|
325 |
|
|
$ldap_server = ldap_servers_get_servers($params['sid'], 'enabled', TRUE);
|
326 |
|
|
}
|
327 |
|
|
else {
|
328 |
|
|
$ldap_server = $params['sid'];
|
329 |
|
|
}
|
330 |
|
|
// mail, unique_persistent_attr, user_attr, mail_template, and user_dn_expression are needed for all functionality.
|
331 |
|
|
if (!isset($attributes[$ldap_server->mail_attr])) {
|
332 |
|
|
$attributes[$ldap_server->mail_attr] = ldap_servers_set_attribute_map();
|
333 |
|
|
}
|
334 |
|
|
if ($ldap_server->picture_attr && !isset($attributes[$ldap_server->picture_attr])) {
|
335 |
|
|
$attributes[$ldap_server->picture_attr] = ldap_servers_set_attribute_map();
|
336 |
|
|
}
|
337 |
|
|
if ($ldap_server->unique_persistent_attr && !isset($attributes[$ldap_server->unique_persistent_attr])) {
|
338 |
|
|
$attributes[$ldap_server->unique_persistent_attr] = ldap_servers_set_attribute_map();
|
339 |
|
|
}
|
340 |
|
|
if ($ldap_server->groupUserMembershipsAttr && !isset($attributes[$ldap_server->groupUserMembershipsAttr])) {
|
341 |
|
|
$attributes[$ldap_server->groupUserMembershipsAttr] = ldap_servers_set_attribute_map();
|
342 |
|
|
}
|
343 |
|
|
if ($ldap_server->user_dn_expression) {
|
344 |
|
|
ldap_servers_token_extract_attributes($attributes, $ldap_server->user_dn_expression, TRUE);
|
345 |
|
|
}
|
346 |
|
|
if ($ldap_server->mail_template) {
|
347 |
|
|
ldap_servers_token_extract_attributes($attributes, $ldap_server->mail_template);
|
348 |
|
|
}
|
349 |
|
|
if (!isset($attributes[$ldap_server->user_attr])) {
|
350 |
|
|
$attributes[$ldap_server->user_attr] = ldap_servers_set_attribute_map();
|
351 |
85ad3d82
|
Assos Assos
|
}
|
352 |
|
|
}
|
353 |
32700c57
|
Assos Assos
|
}
|
354 |
85ad3d82
|
Assos Assos
|
|
355 |
|
|
/**
|
356 |
|
|
* Implements hook_ldap_user_attrs_list_alter().
|
357 |
|
|
*/
|
358 |
|
|
function ldap_servers_ldap_user_attrs_list_alter(&$available_user_attrs, &$params) {
|
359 |
|
|
|
360 |
|
|
if (isset($params['ldap_server']) && $params['ldap_server']) {
|
361 |
|
|
$ldap_server = $params['ldap_server'];
|
362 |
|
|
}
|
363 |
|
|
else {
|
364 |
32700c57
|
Assos Assos
|
// Without a server id, ldap_servers module has nothing to offer.
|
365 |
|
|
return;
|
366 |
85ad3d82
|
Assos Assos
|
}
|
367 |
32700c57
|
Assos Assos
|
$ldap_user_conf = $params['ldap_user_conf'];
|
368 |
85ad3d82
|
Assos Assos
|
$direction = $params['direction'];
|
369 |
|
|
|
370 |
32700c57
|
Assos Assos
|
$tokens = [
|
371 |
85ad3d82
|
Assos Assos
|
'!edit_link' => l($ldap_server->editPath, $ldap_server->editPath),
|
372 |
|
|
'!sid' => $ldap_server->sid,
|
373 |
32700c57
|
Assos Assos
|
];
|
374 |
85ad3d82
|
Assos Assos
|
|
375 |
|
|
$server_edit_path = 'admin/config/people/ldap/servers/edit/' . $ldap_server->sid;
|
376 |
|
|
|
377 |
|
|
if ($direction == LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER) {
|
378 |
|
|
|
379 |
|
|
/** these 4 user fields indentify where in ldap and which ldap server they are associated with.
|
380 |
32700c57
|
Assos Assos
|
* they are required for a Drupal account to be "ldap associated" regardless of if any other
|
381 |
|
|
* fields/properties are provisioned or synched
|
382 |
85ad3d82
|
Assos Assos
|
*/
|
383 |
|
|
|
384 |
|
|
if ($ldap_server->unique_persistent_attr) {
|
385 |
32700c57
|
Assos Assos
|
foreach ([
|
386 |
85ad3d82
|
Assos Assos
|
'field.ldap_user_puid_sid',
|
387 |
|
|
'field.ldap_user_puid',
|
388 |
|
|
'field.ldap_user_puid_property',
|
389 |
32700c57
|
Assos Assos
|
] as $i => $property_id) {
|
390 |
85ad3d82
|
Assos Assos
|
$property_token = '[' . $property_id . ']';
|
391 |
|
|
if (!isset($available_user_attrs[$property_token]) || !is_array($available_user_attrs[$property_token])) {
|
392 |
32700c57
|
Assos Assos
|
$available_user_attrs[$property_token] = [];
|
393 |
85ad3d82
|
Assos Assos
|
}
|
394 |
|
|
}
|
395 |
|
|
|
396 |
32700c57
|
Assos Assos
|
$available_user_attrs['[field.ldap_user_puid_sid]'] = [
|
397 |
85ad3d82
|
Assos Assos
|
'name' => t('Field: sid providing PUID'),
|
398 |
|
|
'configurable_to_drupal' => 0,
|
399 |
|
|
'configurable_to_ldap' => 1,
|
400 |
|
|
'source' => t('!sid', $tokens),
|
401 |
|
|
'notes' => 'not configurable',
|
402 |
|
|
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
403 |
|
|
'enabled' => TRUE,
|
404 |
32700c57
|
Assos Assos
|
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
|
405 |
85ad3d82
|
Assos Assos
|
'config_module' => 'ldap_servers',
|
406 |
|
|
'prov_module' => 'ldap_user',
|
407 |
32700c57
|
Assos Assos
|
] + $available_user_attrs['[field.ldap_user_puid_sid]'];
|
408 |
85ad3d82
|
Assos Assos
|
|
409 |
32700c57
|
Assos Assos
|
$available_user_attrs['[field.ldap_user_puid]'] = [
|
410 |
85ad3d82
|
Assos Assos
|
'name' => t('Field: PUID', $tokens),
|
411 |
|
|
'configurable_to_drupal' => 0,
|
412 |
|
|
'configurable_to_ldap' => 1,
|
413 |
|
|
'source' => '[' . $ldap_server->unique_persistent_attr . ']',
|
414 |
|
|
'notes' => 'configure at ' . $server_edit_path,
|
415 |
|
|
'convert' => $ldap_server->unique_persistent_attr_binary,
|
416 |
|
|
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
417 |
|
|
'enabled' => TRUE,
|
418 |
32700c57
|
Assos Assos
|
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
|
419 |
85ad3d82
|
Assos Assos
|
'config_module' => 'ldap_servers',
|
420 |
|
|
'prov_module' => 'ldap_user',
|
421 |
32700c57
|
Assos Assos
|
] + $available_user_attrs['[field.ldap_user_puid]'];
|
422 |
85ad3d82
|
Assos Assos
|
|
423 |
|
|
$available_user_attrs['[field.ldap_user_puid_property]'] =
|
424 |
32700c57
|
Assos Assos
|
[
|
425 |
85ad3d82
|
Assos Assos
|
'name' => t('Field: PUID Attribute', $tokens),
|
426 |
|
|
'configurable_to_drupal' => 0,
|
427 |
|
|
'configurable_to_ldap' => 1,
|
428 |
bc175c27
|
Assos Assos
|
'source' => $ldap_server->unique_persistent_attr ,
|
429 |
85ad3d82
|
Assos Assos
|
'notes' => 'configure at ' . $server_edit_path,
|
430 |
|
|
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
431 |
|
|
'enabled' => TRUE,
|
432 |
32700c57
|
Assos Assos
|
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER],
|
433 |
85ad3d82
|
Assos Assos
|
'config_module' => 'ldap_servers',
|
434 |
|
|
'prov_module' => 'ldap_user',
|
435 |
32700c57
|
Assos Assos
|
] + $available_user_attrs['[field.ldap_user_puid_property]'];
|
436 |
85ad3d82
|
Assos Assos
|
}
|
437 |
|
|
|
438 |
|
|
$token = '[field.ldap_user_current_dn]';
|
439 |
|
|
if (!isset($available_user_attrs[$token]) || !is_array($available_user_attrs[$token])) {
|
440 |
32700c57
|
Assos Assos
|
$available_user_attrs[$token] = [];
|
441 |
85ad3d82
|
Assos Assos
|
}
|
442 |
|
|
$available_user_attrs[$token] =
|
443 |
32700c57
|
Assos Assos
|
[
|
444 |
85ad3d82
|
Assos Assos
|
'name' => t('Field: Most Recent DN', $tokens),
|
445 |
|
|
'configurable_to_drupal' => 0,
|
446 |
|
|
'configurable_to_ldap' => 0,
|
447 |
|
|
'source' => '[dn]',
|
448 |
|
|
'notes' => 'not configurable',
|
449 |
|
|
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
450 |
|
|
'enabled' => TRUE,
|
451 |
32700c57
|
Assos Assos
|
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
452 |
85ad3d82
|
Assos Assos
|
'config_module' => 'ldap_servers',
|
453 |
|
|
'prov_module' => 'ldap_user',
|
454 |
32700c57
|
Assos Assos
|
] + $available_user_attrs[$token];
|
455 |
85ad3d82
|
Assos Assos
|
|
456 |
|
|
if ($ldap_user_conf->provisionsDrupalAccountsFromLdap) {
|
457 |
|
|
if (!isset($available_user_attrs['[property.name]']) || !is_array($available_user_attrs['[property.name]'])) {
|
458 |
32700c57
|
Assos Assos
|
$available_user_attrs['[property.name]'] = [];
|
459 |
85ad3d82
|
Assos Assos
|
}
|
460 |
32700c57
|
Assos Assos
|
$available_user_attrs['[property.name]'] = [
|
461 |
85ad3d82
|
Assos Assos
|
'name' => 'Property: Username',
|
462 |
|
|
'source' => '[' . $ldap_server->user_attr . ']',
|
463 |
|
|
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
464 |
|
|
'enabled' => TRUE,
|
465 |
32700c57
|
Assos Assos
|
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
466 |
85ad3d82
|
Assos Assos
|
'config_module' => 'ldap_servers',
|
467 |
|
|
'prov_module' => 'ldap_user',
|
468 |
32700c57
|
Assos Assos
|
] + $available_user_attrs['[property.name]'];
|
469 |
85ad3d82
|
Assos Assos
|
|
470 |
|
|
if (!isset($available_user_attrs['[property.mail]']) || !is_array($available_user_attrs['[property.mail]'])) {
|
471 |
32700c57
|
Assos Assos
|
$available_user_attrs['[property.mail]'] = [];
|
472 |
85ad3d82
|
Assos Assos
|
}
|
473 |
32700c57
|
Assos Assos
|
$available_user_attrs['[property.mail]'] = [
|
474 |
85ad3d82
|
Assos Assos
|
'name' => 'Property: Email',
|
475 |
|
|
'source' => ($ldap_server->mail_template) ? $ldap_server->mail_template : '[' . $ldap_server->mail_attr . ']',
|
476 |
|
|
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
477 |
|
|
'enabled' => TRUE,
|
478 |
32700c57
|
Assos Assos
|
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
479 |
85ad3d82
|
Assos Assos
|
'config_module' => 'ldap_servers',
|
480 |
|
|
'prov_module' => 'ldap_user',
|
481 |
32700c57
|
Assos Assos
|
] + $available_user_attrs['[property.mail]'];
|
482 |
85ad3d82
|
Assos Assos
|
|
483 |
|
|
if ($ldap_server->picture_attr) {
|
484 |
|
|
if (!isset($available_user_attrs['[property.picture]']) || !is_array($available_user_attrs['[property.picture]'])) {
|
485 |
32700c57
|
Assos Assos
|
$available_user_attrs['[property.picture]'] = [];
|
486 |
85ad3d82
|
Assos Assos
|
}
|
487 |
32700c57
|
Assos Assos
|
$available_user_attrs['[property.picture]'] = [
|
488 |
|
|
'name' => 'Property: Picture',
|
489 |
|
|
'source' => '[' . $ldap_server->picture_attr . ']',
|
490 |
|
|
'direction' => LDAP_USER_PROV_DIRECTION_TO_DRUPAL_USER,
|
491 |
|
|
'enabled' => TRUE,
|
492 |
|
|
'prov_events' => [LDAP_USER_EVENT_CREATE_DRUPAL_USER, LDAP_USER_EVENT_SYNCH_TO_DRUPAL_USER],
|
493 |
|
|
'config_module' => 'ldap_servers',
|
494 |
|
|
'prov_module' => 'ldap_user',
|
495 |
|
|
] + $available_user_attrs['[property.picture]'];
|
496 |
85ad3d82
|
Assos Assos
|
}
|
497 |
|
|
}
|
498 |
|
|
}
|
499 |
|
|
}
|
500 |
|
|
|
501 |
|
|
/**
|
502 |
32700c57
|
Assos Assos
|
* Flush server static cache.
|
503 |
85ad3d82
|
Assos Assos
|
*/
|
504 |
|
|
function ldap_servers_flush_server_cache() {
|
505 |
32700c57
|
Assos Assos
|
// Flush server cache.
|
506 |
|
|
$discard = ldap_servers_get_servers(NULL, 'all', FALSE, TRUE);
|
507 |
85ad3d82
|
Assos Assos
|
}
|
508 |
|
|
|
509 |
|
|
/**
|
510 |
32700c57
|
Assos Assos
|
* Function to replace module_load_include such that when
|
511 |
85ad3d82
|
Assos Assos
|
* something is not included, drupal will exit instead
|
512 |
|
|
* of attempting something half baked.
|
513 |
|
|
*/
|
514 |
|
|
function ldap_servers_module_load_include($type, $module, $name = NULL) {
|
515 |
|
|
$result = module_load_include($type, $module, $name);
|
516 |
|
|
if ($result === FALSE) {
|
517 |
|
|
print "Failed to load file $name.$type in module $module";
|
518 |
|
|
drupal_exit();
|
519 |
|
|
}
|
520 |
|
|
}
|
521 |
|
|
|
522 |
|
|
/**
|
523 |
32700c57
|
Assos Assos
|
* Return ldap server conf objects.
|
524 |
85ad3d82
|
Assos Assos
|
*
|
525 |
32700c57
|
Assos Assos
|
* @param string $sid
|
526 |
|
|
* @param string $type
|
527 |
|
|
* All', 'enabled'.
|
528 |
|
|
* @param bool $flatten
|
529 |
|
|
* signifies if array or single object returned. Only works if sid is specified.
|
530 |
|
|
* @param bool $reset
|
531 |
|
|
* do not use cached or static result.
|
532 |
85ad3d82
|
Assos Assos
|
*
|
533 |
32700c57
|
Assos Assos
|
* @return array
|
534 |
|
|
* Of server conf object keyed on sid
|
535 |
|
|
* - single server conf object (if flatten == TRUE)
|
536 |
85ad3d82
|
Assos Assos
|
*/
|
537 |
|
|
function ldap_servers_get_servers($sid = NULL, $type = NULL, $flatten = FALSE, $reset = FALSE) {
|
538 |
|
|
if (variable_get('ldap_simpletest', FALSE)) {
|
539 |
|
|
return _ldap_servers_get_simpletest_servers($sid, $type, $flatten, $reset);
|
540 |
|
|
}
|
541 |
|
|
else {
|
542 |
|
|
return _ldap_servers_get_servers($sid, $type, $flatten, $reset);
|
543 |
|
|
}
|
544 |
|
|
}
|
545 |
|
|
|
546 |
|
|
/**
|
547 |
32700c57
|
Assos Assos
|
* See ldap_servers_get_servers()
|
548 |
85ad3d82
|
Assos Assos
|
*/
|
549 |
|
|
function _ldap_servers_get_servers($sid, $type, $flatten, $reset) {
|
550 |
|
|
ldap_servers_module_load_include('php', 'ldap_servers', 'LdapServerAdmin.class');
|
551 |
|
|
static $servers;
|
552 |
|
|
$type = ($type) ? $type : 'all';
|
553 |
|
|
if ($reset) {
|
554 |
32700c57
|
Assos Assos
|
$servers = [];
|
555 |
85ad3d82
|
Assos Assos
|
}
|
556 |
|
|
if (!isset($servers['all'])) {
|
557 |
|
|
$servers['all'] = LdapServerAdmin::getLdapServerObjects('all', NULL, 'LdapServer', $reset);
|
558 |
|
|
}
|
559 |
|
|
|
560 |
|
|
if (!isset($servers['enabled'])) {
|
561 |
32700c57
|
Assos Assos
|
$servers['enabled'] = [];
|
562 |
85ad3d82
|
Assos Assos
|
foreach ($servers['all'] as $_sid => $ldap_server) {
|
563 |
|
|
if ($ldap_server->status == 1) {
|
564 |
|
|
$servers['enabled'][$_sid] = $ldap_server;
|
565 |
|
|
}
|
566 |
|
|
}
|
567 |
|
|
}
|
568 |
|
|
|
569 |
|
|
if ($sid) {
|
570 |
|
|
if (!isset($servers[$type][$sid])) {
|
571 |
|
|
return FALSE;
|
572 |
|
|
}
|
573 |
32700c57
|
Assos Assos
|
return ($flatten) ? $servers[$type][$sid] : [$sid => $servers[$type][$sid]];
|
574 |
85ad3d82
|
Assos Assos
|
}
|
575 |
|
|
|
576 |
|
|
if (isset($servers[$type])) {
|
577 |
|
|
return $servers[$type];
|
578 |
|
|
}
|
579 |
|
|
}
|
580 |
|
|
|
581 |
|
|
/**
|
582 |
32700c57
|
Assos Assos
|
* See ldap_servers_get_servers()
|
583 |
85ad3d82
|
Assos Assos
|
*/
|
584 |
|
|
function _ldap_servers_get_simpletest_servers($sid, $type = NULL, $flatten, $reset = TRUE) {
|
585 |
|
|
|
586 |
|
|
if (!$type) {
|
587 |
|
|
$type = 'all';
|
588 |
|
|
}
|
589 |
|
|
|
590 |
32700c57
|
Assos Assos
|
$servers = [];
|
591 |
|
|
|
592 |
|
|
// Two flavors of mock servers exist. ultimately v2 will be used in all simpletests.
|
593 |
85ad3d82
|
Assos Assos
|
if (variable_get('ldap_simpletest', 0) == 2) {
|
594 |
|
|
ldap_servers_module_load_include('php', 'ldap_test', 'LdapServerTest.class');
|
595 |
|
|
$servers['all'] = LdapServerTest::getLdapServerObjects(NULL, 'all', FALSE);
|
596 |
|
|
foreach ($servers['all'] as $_sid => $ldap_server) {
|
597 |
|
|
if ($ldap_server->status == 1) {
|
598 |
|
|
$servers['enabled'][$_sid] = $ldap_server;
|
599 |
|
|
}
|
600 |
|
|
}
|
601 |
|
|
}
|
602 |
|
|
|
603 |
|
|
if ($sid) {
|
604 |
|
|
if (!isset($servers[$type][$sid])) {
|
605 |
|
|
return FALSE;
|
606 |
|
|
}
|
607 |
32700c57
|
Assos Assos
|
return ($flatten) ? $servers[$type][$sid] : [$sid => $servers[$type][$sid]];
|
608 |
85ad3d82
|
Assos Assos
|
}
|
609 |
|
|
|
610 |
|
|
if (isset($servers[$type])) {
|
611 |
|
|
return $servers[$type];
|
612 |
|
|
}
|
613 |
|
|
}
|
614 |
32700c57
|
Assos Assos
|
|
615 |
|
|
/**
|
616 |
|
|
*
|
617 |
|
|
*/
|
618 |
85ad3d82
|
Assos Assos
|
function ldap_servers_debug($variable) {
|
619 |
|
|
if (variable_get('ldap_simpletest', FALSE) && function_exists('dpm')) {
|
620 |
|
|
dpm($variable);
|
621 |
|
|
}
|
622 |
|
|
else {
|
623 |
|
|
debug($variable);
|
624 |
|
|
}
|
625 |
|
|
}
|
626 |
32700c57
|
Assos Assos
|
|
627 |
|
|
/**
|
628 |
|
|
*
|
629 |
|
|
*/
|
630 |
85ad3d82
|
Assos Assos
|
function ldap_servers_cache_clear() {
|
631 |
|
|
$discard = ldap_servers_get_servers(NULL, 'all', FALSE, TRUE);
|
632 |
|
|
if (module_exists('ctools')) {
|
633 |
|
|
ctools_export_load_object_reset('ldap_servers');
|
634 |
|
|
}
|
635 |
|
|
}
|
636 |
|
|
|
637 |
|
|
/**
|
638 |
32700c57
|
Assos Assos
|
* Function to convert microsoft style guids to strings.
|
639 |
85ad3d82
|
Assos Assos
|
*/
|
640 |
|
|
function ldap_servers_msguid($value) {
|
641 |
|
|
|
642 |
|
|
$hex_string = bin2hex($value);
|
643 |
|
|
// (MS?) GUID are displayed with first three GUID parts as "big endian"
|
644 |
|
|
// Doing this so String value matches what other LDAP tool displays for AD.
|
645 |
32700c57
|
Assos Assos
|
$value = strtoupper(substr($hex_string, 6, 2) . substr($hex_string, 4, 2) .
|
646 |
|
|
substr($hex_string, 2, 2) . substr($hex_string, 0, 2) . '-' .
|
647 |
|
|
substr($hex_string, 10, 2) . substr($hex_string, 8, 2) . '-' .
|
648 |
|
|
substr($hex_string, 14, 2) . substr($hex_string, 12, 2) . '-' .
|
649 |
|
|
substr($hex_string, 16, 4) . '-' . substr($hex_string, 20, 12));
|
650 |
85ad3d82
|
Assos Assos
|
|
651 |
|
|
return $value;
|
652 |
|
|
}
|
653 |
|
|
|
654 |
32700c57
|
Assos Assos
|
/**
|
655 |
|
|
* Create a "binary safe" string for use in LDAP filters.
|
656 |
|
|
*
|
657 |
85ad3d82
|
Assos Assos
|
* @param $value
|
658 |
32700c57
|
Assos Assos
|
*
|
659 |
85ad3d82
|
Assos Assos
|
* @return string
|
660 |
|
|
*/
|
661 |
|
|
function ldap_servers_binary_filter($value) {
|
662 |
|
|
$match = '';
|
663 |
|
|
if (preg_match('/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/i', $value)) {
|
664 |
|
|
// Reconstruct proper "memory" order from (MS?) GUID string.
|
665 |
|
|
$hex_string = str_replace('-', '', $value);
|
666 |
|
|
$value = substr($hex_string, 6, 2) . substr($hex_string, 4, 2) .
|
667 |
|
|
substr($hex_string, 2, 2) . substr($hex_string, 0, 2) .
|
668 |
|
|
substr($hex_string, 10, 2) . substr($hex_string, 8, 2) .
|
669 |
|
|
substr($hex_string, 14, 2) . substr($hex_string, 12, 2) .
|
670 |
|
|
substr($hex_string, 16, 4) . substr($hex_string, 20, 12);
|
671 |
|
|
}
|
672 |
|
|
|
673 |
32700c57
|
Assos Assos
|
for ($i = 0; $i < strlen($value); $i = $i + 2) {
|
674 |
85ad3d82
|
Assos Assos
|
$match .= '\\' . substr($value, $i, 2);
|
675 |
|
|
}
|
676 |
|
|
|
677 |
|
|
return $match;
|
678 |
|
|
}
|
679 |
|
|
|
680 |
|
|
/**
|
681 |
32700c57
|
Assos Assos
|
* General binary conversion function for guids
|
682 |
85ad3d82
|
Assos Assos
|
* tries to determine which approach based on length
|
683 |
32700c57
|
Assos Assos
|
* of string.
|
684 |
85ad3d82
|
Assos Assos
|
*/
|
685 |
|
|
function ldap_servers_binary($value) {
|
686 |
|
|
if (strlen($value) == 16) {
|
687 |
|
|
$value = ldap_servers_msguid($value);
|
688 |
|
|
}
|
689 |
|
|
else {
|
690 |
|
|
$value = bin2hex($value);
|
691 |
|
|
}
|
692 |
|
|
return $value;
|
693 |
|
|
}
|
694 |
|
|
|
695 |
|
|
/**
|
696 |
32700c57
|
Assos Assos
|
* @todo needs caching element. several modules could potentially call this in
|
697 |
|
|
* the same page request.
|
698 |
85ad3d82
|
Assos Assos
|
*
|
699 |
32700c57
|
Assos Assos
|
* @param object $drupal_user
|
700 |
|
|
* is drupal $user object.
|
701 |
|
|
* @param string $sid
|
702 |
|
|
* is a server id.
|
703 |
|
|
* @param mixed $ldap_context
|
704 |
|
|
*
|
705 |
|
|
* @return bool
|
706 |
85ad3d82
|
Assos Assos
|
*/
|
707 |
|
|
function ldap_servers_get_user_ldap_data($drupal_user, $sid = NULL, $ldap_context = NULL) {
|
708 |
|
|
if (is_object($drupal_user) && property_exists($drupal_user, 'uid') &&
|
709 |
|
|
function_exists('ldap_user_get_authname') && ($authname = ldap_user_get_authname($drupal_user))) {
|
710 |
|
|
$drupal_username = $authname;
|
711 |
|
|
}
|
712 |
|
|
else {
|
713 |
|
|
$drupal_username = (is_object($drupal_user)) ? $drupal_user->name : $drupal_user;
|
714 |
|
|
}
|
715 |
32700c57
|
Assos Assos
|
// Sometimes we have username instead of a drupal user object
|
716 |
|
|
// For example, when using LDAP user test form (admin/config/people/ldap/user/test)
|
717 |
|
|
// But we can still load the user by using $drupal_username if $drupal_user is not an object.
|
718 |
|
|
if (!(is_object($drupal_user))) {
|
719 |
dd54aff9
|
Assos Assos
|
$user_object = user_load_by_name($drupal_username);
|
720 |
|
|
if (is_object($user_object) && property_exists($user_object, 'uid')) {
|
721 |
|
|
$drupal_user = $user_object;
|
722 |
|
|
}
|
723 |
|
|
}
|
724 |
32700c57
|
Assos Assos
|
// If no explicit $sid, find most appropriate one.
|
725 |
85ad3d82
|
Assos Assos
|
if (module_exists('ldap_user') && (!$sid || $sid == LDAP_USER_AUTH_SERVER_SID)) {
|
726 |
|
|
if (property_exists($drupal_user, 'ldap_user_puid_sid') &&
|
727 |
7547bb19
|
Assos Assos
|
!empty($drupal_user->ldap_user_puid_sid[LANGUAGE_NONE][0]['value'])
|
728 |
85ad3d82
|
Assos Assos
|
) {
|
729 |
7547bb19
|
Assos Assos
|
$sid = $drupal_user->ldap_user_puid_sid[LANGUAGE_NONE][0]['value'];
|
730 |
85ad3d82
|
Assos Assos
|
}
|
731 |
|
|
else {
|
732 |
|
|
$ldap_user_conf = ldap_user_conf();
|
733 |
|
|
ldap_user_reset_provision_server($ldap_user_conf, $drupal_user);
|
734 |
|
|
$sid = $ldap_user_conf->drupalAcctProvisionServer;
|
735 |
|
|
}
|
736 |
|
|
}
|
737 |
|
|
elseif (!$sid) {
|
738 |
|
|
$ldap_servers = ldap_servers_get_servers(NULL, 'enabled');
|
739 |
|
|
if (count($ldap_servers) == 1) {
|
740 |
|
|
$sids = array_keys($ldap_servers);
|
741 |
|
|
$sid = $sids[0];
|
742 |
|
|
}
|
743 |
|
|
}
|
744 |
|
|
|
745 |
|
|
$ldap_server = ($sid) ? ldap_servers_get_servers($sid, 'enabled', TRUE) : FALSE;
|
746 |
|
|
|
747 |
|
|
if ($ldap_server === FALSE) {
|
748 |
32700c57
|
Assos Assos
|
watchdog('ldap_servers', 'Failed to load server object %sid in _ldap_servers_get_user_ldap_data', ['%sid' => $sid], WATCHDOG_ERROR);
|
749 |
85ad3d82
|
Assos Assos
|
return FALSE;
|
750 |
|
|
}
|
751 |
|
|
|
752 |
|
|
$ldap_user = $ldap_server->userUserNameToExistingLdapEntry($drupal_username, $ldap_context);
|
753 |
|
|
|
754 |
|
|
if ($ldap_user) {
|
755 |
|
|
$ldap_user['sid'] = $sid;
|
756 |
|
|
}
|
757 |
|
|
else {
|
758 |
|
|
$ldap_user = FALSE;
|
759 |
|
|
}
|
760 |
|
|
|
761 |
|
|
return $ldap_user;
|
762 |
|
|
}
|
763 |
|
|
|
764 |
|
|
/**
|
765 |
32700c57
|
Assos Assos
|
* @param array|null $attribute
|
766 |
|
|
* @param string $conversion
|
767 |
|
|
* as type of conversion to do @see ldap_servers_convert_attribute(). e.g. base64_encode, bin2hex, msguid, md5.
|
768 |
|
|
* @param array $values
|
769 |
|
|
* in form array(<ordinal> => <value> | NULL) where NULL indicates value is needed for provisioning or other operations.
|
770 |
85ad3d82
|
Assos Assos
|
*
|
771 |
|
|
* @return array $attribute_map with converted values. If nothing passed in create empty array in proper structure.
|
772 |
|
|
* array('values' => array(
|
773 |
|
|
* 0 => 'john',
|
774 |
|
|
* 1 => 'johnny'
|
775 |
|
|
* )
|
776 |
|
|
* );
|
777 |
32700c57
|
Assos Assos
|
* ))
|
778 |
85ad3d82
|
Assos Assos
|
*/
|
779 |
|
|
function ldap_servers_set_attribute_map($attribute = NULL, $conversion = NULL, $values = NULL) {
|
780 |
|
|
|
781 |
32700c57
|
Assos Assos
|
$attribute = (is_array($attribute)) ? $attribute : [];
|
782 |
85ad3d82
|
Assos Assos
|
$attribute['conversion'] = $conversion;
|
783 |
|
|
if (!$values && (!isset($attribute['values']) || !is_array($attribute['values']))) {
|
784 |
32700c57
|
Assos Assos
|
$attribute['values'] = [0 => NULL];
|
785 |
85ad3d82
|
Assos Assos
|
}
|
786 |
32700c57
|
Assos Assos
|
// Merge into array overwriting ordinals.
|
787 |
|
|
elseif (is_array($values)) {
|
788 |
85ad3d82
|
Assos Assos
|
foreach ($values as $ordinal => $value) {
|
789 |
|
|
if ($conversion) {
|
790 |
|
|
$value = ldap_servers_convert_attribute($value, $conversion);
|
791 |
|
|
}
|
792 |
32700c57
|
Assos Assos
|
$attribute['values'][(int) $ordinal] = $value;
|
793 |
85ad3d82
|
Assos Assos
|
}
|
794 |
|
|
}
|
795 |
|
|
return $attribute;
|
796 |
|
|
}
|
797 |
|
|
|
798 |
|
|
/**
|
799 |
32700c57
|
Assos Assos
|
* @param string $value
|
800 |
|
|
* as value to be converted.
|
801 |
|
|
* @param string $conversion
|
802 |
|
|
* such as base64_encode, bin2hex, msguid, md5.
|
803 |
85ad3d82
|
Assos Assos
|
* @return converted $value
|
804 |
|
|
*/
|
805 |
|
|
function ldap_servers_convert_attribute($value, $conversion = NULL) {
|
806 |
|
|
|
807 |
32700c57
|
Assos Assos
|
if ($conversion) {
|
808 |
85ad3d82
|
Assos Assos
|
|
809 |
32700c57
|
Assos Assos
|
switch ($conversion) {
|
810 |
|
|
case 'base64_encode':
|
811 |
|
|
$value = base64_encode($value);
|
812 |
|
|
break;
|
813 |
85ad3d82
|
Assos Assos
|
|
814 |
32700c57
|
Assos Assos
|
case 'bin2hex':
|
815 |
|
|
$value = bin2hex($value);
|
816 |
|
|
break;
|
817 |
85ad3d82
|
Assos Assos
|
|
818 |
32700c57
|
Assos Assos
|
case 'msguid':
|
819 |
|
|
$value = ldap_servers_msguid($value);
|
820 |
|
|
break;
|
821 |
85ad3d82
|
Assos Assos
|
|
822 |
32700c57
|
Assos Assos
|
case 'binary':
|
823 |
|
|
$value = ldap_servers_binary($value);
|
824 |
|
|
break;
|
825 |
85ad3d82
|
Assos Assos
|
|
826 |
32700c57
|
Assos Assos
|
case 'md5':
|
827 |
|
|
$value = '{md5}' . base64_encode(pack('H*', md5($value)));
|
828 |
|
|
break;
|
829 |
|
|
}
|
830 |
85ad3d82
|
Assos Assos
|
|
831 |
32700c57
|
Assos Assos
|
}
|
832 |
85ad3d82
|
Assos Assos
|
|
833 |
|
|
return $value;
|
834 |
|
|
}
|
835 |
|
|
|
836 |
32700c57
|
Assos Assos
|
/**
|
837 |
|
|
*
|
838 |
|
|
*/
|
839 |
85ad3d82
|
Assos Assos
|
function ldap_servers_ldap_extension_summary($op = 'data') {
|
840 |
|
|
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.status');
|
841 |
|
|
return _ldap_servers_ldap_extension_summary($op);
|
842 |
|
|
}
|
843 |
|
|
|
844 |
32700c57
|
Assos Assos
|
/**
|
845 |
|
|
*
|
846 |
|
|
*/
|
847 |
85ad3d82
|
Assos Assos
|
function ldap_servers_ldap_extension_loaded() {
|
848 |
|
|
return extension_loaded('ldap');
|
849 |
|
|
}
|
850 |
|
|
|
851 |
32700c57
|
Assos Assos
|
/**
|
852 |
|
|
*
|
853 |
|
|
*/
|
854 |
85ad3d82
|
Assos Assos
|
function ldap_servers_encrypt($text, $encryption = NULL) {
|
855 |
|
|
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption');
|
856 |
|
|
return _ldap_servers_encrypt($text, $encryption);
|
857 |
|
|
}
|
858 |
|
|
|
859 |
32700c57
|
Assos Assos
|
/**
|
860 |
|
|
*
|
861 |
|
|
*/
|
862 |
|
|
function ldap_servers_encrypt_types() {
|
863 |
85ad3d82
|
Assos Assos
|
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption');
|
864 |
32700c57
|
Assos Assos
|
return _ldap_servers_encrypt_types();
|
865 |
85ad3d82
|
Assos Assos
|
}
|
866 |
|
|
|
867 |
32700c57
|
Assos Assos
|
/**
|
868 |
|
|
*
|
869 |
|
|
*/
|
870 |
85ad3d82
|
Assos Assos
|
function ldap_servers_decrypt($encrypted, $encryption = NULL) {
|
871 |
|
|
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.encryption');
|
872 |
|
|
return _ldap_servers_decrypt($encrypted, $encryption);
|
873 |
|
|
}
|
874 |
|
|
|
875 |
32700c57
|
Assos Assos
|
/**
|
876 |
|
|
*
|
877 |
|
|
*/
|
878 |
85ad3d82
|
Assos Assos
|
function ldap_servers_php_supports_pagination() {
|
879 |
32700c57
|
Assos Assos
|
return (boolean) (function_exists('ldap_control_paged_result_response') && function_exists('ldap_control_paged_result'));
|
880 |
85ad3d82
|
Assos Assos
|
}
|
881 |
|
|
|
882 |
32700c57
|
Assos Assos
|
/**
|
883 |
|
|
*
|
884 |
|
|
*/
|
885 |
85ad3d82
|
Assos Assos
|
function ldap_servers_help($path, $arg) {
|
886 |
|
|
|
887 |
|
|
$servers_help = '<p>' . t('LDAP Servers store "LDAP server configurations" so other modules can connect to them and leverage their data.') . ' ';
|
888 |
|
|
$servers_help .= t('LDAP Authentication and LDAP Authorization are two such modules. Generally, only one LDAP Server configuration is needed.') . ' ' . '</p>';
|
889 |
|
|
$servers_help .= '<p>' . t('When multiple LDAP server configurations are needed, each is not necessarily a separate physical LDAP server; they may have different binding users or some other configuration difference.') . ' </p>';
|
890 |
|
|
|
891 |
|
|
switch ($path) {
|
892 |
|
|
case 'admin/config/people/ldap/servers':
|
893 |
|
|
return $servers_help;
|
894 |
|
|
|
895 |
32700c57
|
Assos Assos
|
case 'admin/help#ldap_servers':
|
896 |
85ad3d82
|
Assos Assos
|
$servers_help .= '<h3>' . t('Configuration - Settings') . '</h3>';
|
897 |
|
|
$servers_help .= '<dl>';
|
898 |
|
|
$servers_help .= '<dt>' . t('ENCRYPTION') . '</dt>';
|
899 |
|
|
$servers_help .= '<dd>' . t('With encryption enabled, passwords will be stored in encrypted form. This is two way encryption because the actual password needs to used to bind to LDAP. So it offers minimal defense if someone gets in the filespace. It mainly helps avoid the accidental discovery of a clear text password.') . '</dd>';
|
900 |
|
|
$servers_help .= '<dt>' . t('LOG DETAILED LDAP ACTIONS') . '</dt>';
|
901 |
|
|
$servers_help .= '<dd>' . t('Enables LDAP logging to the Drupal Watchdog system') . '</dd>';
|
902 |
|
|
$servers_help .= '</dl>';
|
903 |
|
|
$servers_help .= '<h3>' . t('Configuration - Servers (List)') . '</h3>';
|
904 |
|
|
$servers_help .= '<dl>';
|
905 |
|
|
$servers_help .= '<dt>' . t('Configuration Table') . '</dt>';
|
906 |
|
|
$servers_help .= '<dd>' . t('Provides a list of currently stored LDAP server configuratins.') . '</dd>';
|
907 |
|
|
$servers_help .= '<h3>' . t('Configuration - Servers (Add LDAP Server Configuration)') . '</h3>';
|
908 |
|
|
$servers_help .= '<dl>';
|
909 |
|
|
$servers_help .= '<dt>' . t('CONNECTION SETTINGS') . '</dt>';
|
910 |
|
|
$servers_help .= '<dd>' . t('Machine name -') . ' </dd>';
|
911 |
|
|
$servers_help .= '<dd>' . t('Name -') . ' </dd>';
|
912 |
|
|
$servers_help .= '<dd>' . t('Enabled -') . ' </dd>';
|
913 |
|
|
$servers_help .= '<dd>' . t('LDAP Server Type') . ' </dd>';
|
914 |
|
|
$servers_help .= '<dd>' . t('LDAP Server -') . ' </dd>';
|
915 |
|
|
$servers_help .= '<dd>' . t('LDAP port -') . ' </dd>';
|
916 |
|
|
$servers_help .= '<dd>' . t('Use Start-TLS -') . ' </dd>';
|
917 |
|
|
$servers_help .= '<dd>' . t('Follow LDAP Referrals -') . ' </dd>';
|
918 |
|
|
$servers_help .= '</dl>';
|
919 |
|
|
$servers_help .= '<dl>';
|
920 |
|
|
$servers_help .= '<dt>' . t('BINDING METHOD') . '</dt>';
|
921 |
|
|
$servers_help .= '<dd>' . t('Binding Method for searches -') . ' </dd>';
|
922 |
|
|
$servers_help .= '<dd>' . t('Service Account -') . ' </dd>';
|
923 |
|
|
$servers_help .= '<dd>' . t('DN for non-anonymous search -') . ' </dd>';
|
924 |
|
|
$servers_help .= '<dd>' . t('Password for non-anonymous search -') . ' </dd>';
|
925 |
|
|
$servers_help .= '<dd>' . t('Clear existing password from database -') . ' </dd>';
|
926 |
|
|
$servers_help .= '</dl>';
|
927 |
|
|
$servers_help .= '<dl>';
|
928 |
|
|
$servers_help .= '<dt>' . t('LDAP USER TO DRUPAL USER RELATIONSHIP') . '</dt>';
|
929 |
|
|
$servers_help .= '<dd>' . t('Base DNs for LDAP Users, Groups, and Other Entries -') . ' </dd>';
|
930 |
|
|
$servers_help .= '<dd>' . t('AuthName Attribute -') . ' </dd>';
|
931 |
|
|
$servers_help .= '<dd>' . t('AccountName Attribute -') . ' </dd>';
|
932 |
|
|
$servers_help .= '<dd>' . t('Email Attribute -') . ' </dd>';
|
933 |
|
|
$servers_help .= '<dd>' . t('Email Template -') . ' </dd>';
|
934 |
|
|
$servers_help .= '<dd>' . t('Persistant and Unique User ID Attribute -') . ' </dd>';
|
935 |
|
|
$servers_help .= '<dd>' . t('Does PUID hold a binary value? -') . ' </dd>';
|
936 |
|
|
$servers_help .= '<dd>' . t('Expression for User DN -') . ' </dd>';
|
937 |
|
|
$servers_help .= '<dd>' . t('PHP to Transform Drupal Login Username to LDAP UserName Attribute -') . ' </dd>';
|
938 |
|
|
$servers_help .= '<dd>' . t('Testing Drupal Username -') . ' </dd>';
|
939 |
|
|
$servers_help .= '<dd>' . t('DN of Testing Username -') . ' </dd>';
|
940 |
|
|
$servers_help .= '</dl>';
|
941 |
|
|
return $servers_help;
|
942 |
|
|
|
943 |
|
|
case 'admin/config/people/ldap/servers/add':
|
944 |
|
|
$output = '<p>' . t('Setup an LDAP server configuration to be used by other modules such as LDAP Authentication, LDAP Authorization, etc.') . '</p>';
|
945 |
|
|
$output .= '<p>' . t('More than one LDAP server configuration can exist for a physical LDAP server. Multiple configurations for the same physical ldap server are useful in cases such as: (1) different base dn\'s for authentication and authorization and (2) service accounts with different privileges for different purposes.') . '</p>';
|
946 |
|
|
return $output;
|
947 |
|
|
}
|
948 |
|
|
}
|
949 |
|
|
|
950 |
|
|
/**
|
951 |
|
|
* @return list of ldap configuration classes and names
|
952 |
|
|
*/
|
953 |
|
|
function ldap_servers_ldap_servers_types() {
|
954 |
|
|
|
955 |
|
|
$path = drupal_get_path('module', 'ldap_servers') . '/ldap_types';
|
956 |
|
|
|
957 |
32700c57
|
Assos Assos
|
$types['default'] = [
|
958 |
85ad3d82
|
Assos Assos
|
'class' => t('LdapTypeDefault'),
|
959 |
|
|
'directory_path' => $path,
|
960 |
|
|
'name' => 'Default LDAP',
|
961 |
32700c57
|
Assos Assos
|
];
|
962 |
85ad3d82
|
Assos Assos
|
|
963 |
32700c57
|
Assos Assos
|
$types['ad'] = [
|
964 |
85ad3d82
|
Assos Assos
|
'class' => t('LdapTypeActiveDirectory'),
|
965 |
|
|
'directory_path' => $path,
|
966 |
|
|
'name' => 'Active Directory',
|
967 |
32700c57
|
Assos Assos
|
];
|
968 |
85ad3d82
|
Assos Assos
|
|
969 |
32700c57
|
Assos Assos
|
$types['novell_edir'] = [
|
970 |
85ad3d82
|
Assos Assos
|
'class' => t('LdapTypeNovell'),
|
971 |
|
|
'directory_path' => $path,
|
972 |
|
|
'name' => 'Novell',
|
973 |
32700c57
|
Assos Assos
|
];
|
974 |
85ad3d82
|
Assos Assos
|
|
975 |
32700c57
|
Assos Assos
|
$types['openldap'] = [
|
976 |
85ad3d82
|
Assos Assos
|
'class' => t('LdapTypeOpenLdap'),
|
977 |
|
|
'directory_path' => $path,
|
978 |
|
|
'name' => 'Open LDAP',
|
979 |
32700c57
|
Assos Assos
|
];
|
980 |
85ad3d82
|
Assos Assos
|
|
981 |
32700c57
|
Assos Assos
|
$types['opendir'] = [
|
982 |
85ad3d82
|
Assos Assos
|
'class' => t('LdapTypeOpenDirectory'),
|
983 |
|
|
'directory_path' => $path,
|
984 |
|
|
'name' => 'Apple Open Directory',
|
985 |
32700c57
|
Assos Assos
|
];
|
986 |
85ad3d82
|
Assos Assos
|
|
987 |
|
|
drupal_alter('ldap_servers_ldap_types', $types);
|
988 |
|
|
return $types;
|
989 |
|
|
|
990 |
|
|
}
|
991 |
|
|
|
992 |
|
|
/**
|
993 |
32700c57
|
Assos Assos
|
* @param string $ldap_conf
|
994 |
|
|
* or array ldap type id or conf array.
|
995 |
|
|
*
|
996 |
|
|
* @return mixed
|
997 |
|
|
* options for ldap type pulldown
|
998 |
85ad3d82
|
Assos Assos
|
*/
|
999 |
|
|
function ldap_servers_get_ldap_type_object($ldap_conf) {
|
1000 |
|
|
|
1001 |
|
|
if (!is_array($ldap_conf)) {
|
1002 |
|
|
$ldap_confs = ldap_servers_ldap_servers_types();
|
1003 |
|
|
$ldap_conf = $ldap_confs[$ldap_conf];
|
1004 |
|
|
}
|
1005 |
|
|
|
1006 |
32700c57
|
Assos Assos
|
require_once $ldap_conf['directory_path'] . '/' . $ldap_conf['class'] . 'class.php';
|
1007 |
85ad3d82
|
Assos Assos
|
$ldap_type_class = new $ldap_conf['class']();
|
1008 |
|
|
return $ldap_type_class;
|
1009 |
|
|
|
1010 |
|
|
}
|
1011 |
|
|
|
1012 |
|
|
/**
|
1013 |
32700c57
|
Assos Assos
|
* Given a dn (such as cn=jdoe,ou=people)
|
1014 |
85ad3d82
|
Assos Assos
|
* and an rdn (such as cn)
|
1015 |
|
|
* determine that rdn value (such as jdoe)
|
1016 |
|
|
*
|
1017 |
|
|
* @param string $dn
|
1018 |
|
|
* @param string $rdn
|
1019 |
32700c57
|
Assos Assos
|
*
|
1020 |
85ad3d82
|
Assos Assos
|
* @return string value of rdn
|
1021 |
|
|
*/
|
1022 |
|
|
function ldap_servers_get_first_rdn_value_from_dn($dn, $rdn) {
|
1023 |
32700c57
|
Assos Assos
|
// Escapes attribute values, need to be unescaped later.
|
1024 |
|
|
$pairs = ldap_explode_dn($dn, 0);
|
1025 |
85ad3d82
|
Assos Assos
|
$count = array_shift($pairs);
|
1026 |
|
|
$rdn = drupal_strtolower($rdn);
|
1027 |
|
|
$rdn_value = FALSE;
|
1028 |
|
|
foreach ($pairs as $p) {
|
1029 |
|
|
$pair = explode('=', $p);
|
1030 |
|
|
if (drupal_strtolower(trim($pair[0])) == $rdn) {
|
1031 |
|
|
$rdn_value = ldap_pear_unescape_dn_value(trim($pair[1]));
|
1032 |
|
|
break;
|
1033 |
|
|
}
|
1034 |
|
|
}
|
1035 |
|
|
return $rdn_value;
|
1036 |
|
|
}
|
1037 |
|
|
|
1038 |
|
|
/**
|
1039 |
32700c57
|
Assos Assos
|
* Given a dn (such as cn=jdoe,ou=people)
|
1040 |
85ad3d82
|
Assos Assos
|
* and an rdn (such as cn)
|
1041 |
|
|
* determine that rdn value (such as jdoe)
|
1042 |
|
|
*
|
1043 |
|
|
* @param string $dn
|
1044 |
|
|
* @param string $rdn
|
1045 |
32700c57
|
Assos Assos
|
*
|
1046 |
85ad3d82
|
Assos Assos
|
* @return array of all values of rdn
|
1047 |
|
|
*/
|
1048 |
|
|
function ldap_servers_get_all_rdn_values_from_dn($dn, $rdn) {
|
1049 |
32700c57
|
Assos Assos
|
// Escapes attribute values, need to be unescaped later.
|
1050 |
|
|
$pairs = ldap_explode_dn($dn, 0);
|
1051 |
85ad3d82
|
Assos Assos
|
$count = array_shift($pairs);
|
1052 |
|
|
$rdn = drupal_strtolower($rdn);
|
1053 |
32700c57
|
Assos Assos
|
$rdn_values = [];
|
1054 |
85ad3d82
|
Assos Assos
|
foreach ($pairs as $p) {
|
1055 |
|
|
$pair = explode('=', $p);
|
1056 |
|
|
if (drupal_strtolower(trim($pair[0])) == $rdn) {
|
1057 |
|
|
$rdn_values[] = ldap_pear_unescape_dn_value(trim($pair[1]));
|
1058 |
|
|
}
|
1059 |
|
|
}
|
1060 |
|
|
return $rdn_values;
|
1061 |
|
|
}
|
1062 |
|
|
|
1063 |
|
|
/**
|
1064 |
32700c57
|
Assos Assos
|
* @return array
|
1065 |
|
|
* options for ldap type pulldown
|
1066 |
85ad3d82
|
Assos Assos
|
*/
|
1067 |
|
|
function ldap_servers_ldaps_option_array() {
|
1068 |
|
|
|
1069 |
32700c57
|
Assos Assos
|
$options = [];
|
1070 |
85ad3d82
|
Assos Assos
|
foreach (ldap_servers_ldap_servers_types() as $ldap_id => $conf) {
|
1071 |
|
|
$options[$ldap_id] = $conf['name'];
|
1072 |
|
|
}
|
1073 |
|
|
return $options;
|
1074 |
|
|
|
1075 |
|
|
}
|
1076 |
|
|
|
1077 |
|
|
/**
|
1078 |
32700c57
|
Assos Assos
|
* @param string $ldap_type
|
1079 |
|
|
* indicating ldap type 'default','ad','novell_edir', 'openldap'.
|
1080 |
|
|
* @param bool $reset
|
1081 |
|
|
* clear static array.
|
1082 |
|
|
* @param bool $flatten
|
1083 |
|
|
* indicating if only one ldap type returned, skip top level array key.
|
1084 |
85ad3d82
|
Assos Assos
|
*
|
1085 |
32700c57
|
Assos Assos
|
* @return mixed
|
1086 |
|
|
* one or more ldap type objects
|
1087 |
85ad3d82
|
Assos Assos
|
*/
|
1088 |
|
|
function ldap_servers_get_types($ldap_type = NULL, $reset = FALSE, $flatten = FALSE) {
|
1089 |
|
|
static $ldap_types;
|
1090 |
|
|
if ($reset || !is_array($ldap_types)) {
|
1091 |
|
|
$ldap_types = module_invoke_all('ldap_servers_type');
|
1092 |
|
|
if ($ldap_type) {
|
1093 |
32700c57
|
Assos Assos
|
require_once $ldap_types[$ldap_type]['directory_path'] . '/' . $ldap_types[$ldap_type]['class'] . '.class.php';
|
1094 |
|
|
$ldap_types[$ldap_type] = new $ldap_types[$ldap_type]['class']() . '.class.php';
|
1095 |
85ad3d82
|
Assos Assos
|
}
|
1096 |
|
|
else {
|
1097 |
|
|
foreach ($ldap_types as $ldap_type_id => $ldap_class_info) {
|
1098 |
32700c57
|
Assos Assos
|
require_once $ldap_class_info['directory_path'] . '/' . $ldap_class_info['class'] . '.class.php';
|
1099 |
|
|
$ldap_types[$ldap_type_id] = new $ldap_class_info['class']();
|
1100 |
85ad3d82
|
Assos Assos
|
}
|
1101 |
|
|
}
|
1102 |
|
|
}
|
1103 |
|
|
if ($flatten && $ldap_type) {
|
1104 |
|
|
return $ldap_types[$ldap_type];
|
1105 |
|
|
}
|
1106 |
|
|
else {
|
1107 |
|
|
return $ldap_types;
|
1108 |
|
|
}
|
1109 |
|
|
}
|
1110 |
|
|
|
1111 |
32700c57
|
Assos Assos
|
/**
|
1112 |
|
|
*
|
1113 |
|
|
*/
|
1114 |
85ad3d82
|
Assos Assos
|
function ldap_servers_no_enabled_servers_msg($action) {
|
1115 |
|
|
|
1116 |
|
|
$servers = ldap_servers_get_servers(NULL, 'enabled');
|
1117 |
|
|
if (count($servers) == 0) {
|
1118 |
|
|
|
1119 |
|
|
$message = t('At least one ldap server must configured and <em>enabled</em> before') .
|
1120 |
|
|
$action . '. ' . t('Please go to') . ' ' . l('admin/config/people/ldap/servers', 'admin/config/people/ldap/servers') . ' to configure an LDAP server';
|
1121 |
|
|
|
1122 |
|
|
drupal_set_message($message, 'warning');
|
1123 |
|
|
return $message;
|
1124 |
|
|
}
|
1125 |
|
|
} |