Skip to content
GitLab
Select Git revision
  • dev default
  • core-php8
  • master
  • 6342-update-the-locales-for-1-5
  • 6344-template-issue-when-creating-a-template-with-empty-password-error-message-should-not-be-seen
  • 6365-core-locking-mechanism-is-not-changing-the-mail-ressource-it-does-lock-the-mail-account
  • 6365-core-when-lock-mechanism-is-trigger-the-user-should-not-be-editable-if-not-unlock
  • fusiondirectory-1.5
  • fusiondirectory-1.4
  • fusiondirectory-1.3.1
  • fusiondirectory-1.3
  • fusiondirectory-1.2.3
  • fusiondirectory-1.2.2
  • fusiondirectory-1.2.1
  • fusiondirectory-1.2
  • fusiondirectory-1.1.1
  • fusiondirectory-1.1
  • fusiondirectory-1.0.20
  • fusiondirectory-1.0.19
  • fusiondirectory-1.0.18
  • fusiondirectory-1.0.17
  • fusiondirectory-1.0.16
  • fusiondirectory-1.0.15
  • fusiondirectory-1.0.14
  • fusiondirectory-1.0.13
  • fusiondirectory-1.0.12
  • fusiondirectory-1.0.11
Find file BlameHistoryPermalink
class_setupStepLdap.inc 7.85 KiB
1 
<?php
2 
/*
3 
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
4 
  Copyright (C) 2007  Fabian Hickert
5 
  Copyright (C) 2011-2016  FusionDirectory
6
7 
  This program is free software; you can redistribute it and/or modify
8 
  it under the terms of the GNU General Public License as published by
9 
  the Free Software Foundation; either version 2 of the License, or
10 
  (at your option) any later version.
11
12 
  This program is distributed in the hope that it will be useful,
13 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
14 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 
  GNU General Public License for more details.
16
17 
  You should have received a copy of the GNU General Public License
18 
  along with this program; if not, write to the Free Software
19 
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
20 
*/
21
22 
class setupStepLdap extends setupStep
23 
{
24 
  var $header_image = 'geticon.php?context=places&icon=network-server&size=48';
25
26 
  var $connect_id = FALSE;
27 
  var $bind_id    = FALSE;
28
29 
  private $lastBase       = '';
30 
  private $lastConnection = '';
31
32 
  static function getAttributesInfo (): array
33 
  {
34 
    return [
35 
      'connection' => [
36 
        'name'      => _('LDAP connection'),
37 
        'attrs'     => [
38 
          new StringAttribute(
39 
            _('Location name'), _('Name of this connexion to show in the LDAP server list'),
40 
            'location', TRUE,
41 
            'default'
42 
          ),
43 
          new StringAttribute(
44 
            _('Connection URI'), _('URI to contact the LDAP server. Usually starts with ldap://'),
45 
            'connection', TRUE,
46 
            'ldap://localhost:389'
47 
          ),
48 
          new BooleanAttribute(
49 
            _('TLS connection'), _('Should TLS be used to connect to this LDAP server?'),
50 
            'tls', FALSE
51 
          ),
52 
          new SelectAttribute(
53 
            _('Base'), _('The LDAP directory base'),
54 
            'base', TRUE
55 
          )
56 
        ]
57 
      ],
58 
      'auth' => [
59 
        'name'      => _('Authentication'),
60 
        'attrs'     => [
61 
          new CompositeAttribute(
62 
            _('DN of the admin account to use for binding to the LDAP. Base is automatically appended.'),
63 
            'admin',
64 
            [
65 
              new StringAttribute(
66 
                '', '',
67 
                'admin_given', TRUE,
68 
                'cn=admin'
69 
              ),
70 
              new DisplayAttribute(
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
'', '', 'base_append' ) ], '^(.+)(.*)$', '%s%s', '', _('Admin DN') ), new PasswordAttribute( _('Admin password'), _('Password for the admin account to use for binding to the LDAP'), 'password', TRUE ), ] ], 'status' => [ 'name' => _('Status'), 'attrs' => [ new DisplayAttribute( _('Current status'), _('Result of last attempt at checking LDAP binding and basic schemas'), 'status', FALSE ), ] ] ]; } function __construct ($parent) { parent::__construct($parent); $this->update_strings(); $this->attributesAccess['base']->setSubmitForm(TRUE); $this->attributesAccess['admin']->setLinearRendering(TRUE); $this->attributesAccess['status']->setAllowHTML(TRUE); $this->update_base_choices(); $this->status = $this->get_connection_status(); } function update_strings () { $this->s_short_name = _('LDAP setup'); $this->s_title = _('LDAP connection setup'); $this->s_description = _('This dialog performs the basic configuration of the LDAP connectivity for FusionDirectory.'); } function update_base_choices () { $attr = @LDAP::get_naming_contexts($this->connection); unset($attr['count']); if (count($attr)) { if (!($this->attributesAccess['base'] instanceof SelectAttribute)) { $this->attributesInfo['connection']['attrs']['base'] = new SelectAttribute( _('Base'), _('The LDAP directory base'), 'base', TRUE ); } $this->attributesAccess['base']->setChoices($attr); $this->attributesAccess['admin']->attributes[1]->setValue(','.$this->base); } else { $this->attributesInfo['connection']['attrs']['base'] = new StringAttribute( _('Base'), _('The LDAP directory base'), 'base', TRUE ); } $this->lastConnection = $this->connection; $this->lastBase = $this->base; } public function update (): bool { parent::update();
141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
$this->connection = preg_replace('/\/$/', '', $this->connection); if (($this->base != $this->lastBase) || ($this->connection != $this->lastConnection)) { $this->parent->disable_steps_from(($this->parent->step_name_to_id(get_class($this))) + 1); $this->lastBase = $this->base; if ($this->connection != $this->lastConnection) { $this->update_base_choices(); } } $this->attributesAccess['admin']->attributes[1]->setValue(','.$this->base); $this->status = $this->get_connection_status(); if ($this->bind_id && !empty($this->admin) && !empty($this->base)) { $this->is_completed = TRUE; $this->parent->read_ldap_config($this->get_attributes()); } else { $this->is_completed = FALSE; } return TRUE; } function get_connection_status () { $this->connect_id = FALSE; $this->bind_id = FALSE; @ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); $this->connect_id = ldap_connect($this->connection); if ($this->tls) { if ( @ldap_set_option($this->connect_id, LDAP_OPT_REFERRALS, 0) && @ldap_start_tls($this->connect_id) ) { $this->bind_id = @ldap_bind($this->connect_id, $this->admin, $this->password); } @ldap_set_option($this->connect_id, LDAP_OPT_PROTOCOL_VERSION, 3); } else { @ldap_set_option($this->connect_id, LDAP_OPT_PROTOCOL_VERSION, 3); $this->bind_id = @ldap_bind($this->connect_id, $this->admin, $this->password); } if (!$this->bind_id) { if (empty($this->admin)) { $str = sprintf(_("Anonymous bind to server '%s' failed!"), $this->connection); } else { $str = sprintf(_("Bind as user '%s' failed!"), $this->admin, $this->connection); } $str .= '<input type="submit" name="ldap_retry" value="'._('Retry').'"/>'; return '<div style="color:red;">'.$str.'</div>'; } else { if (empty($this->admin)) { $str = sprintf(_("Anonymous bind to server '%s' succeeded."), $this->connection); $str .= '<input type="submit" name="ldap_refresh" value="'._('Refresh').'"/>'; return '<div style="color:blue;">'.$str.'</div> <div style="color:red;">'._('Please specify user and password!').'</div>'; } else { $str = sprintf(_("Bind as user '%s' to server '%s' succeeded!"), $this->admin, $this->connection); $str .= '<input type="submit" name="ldap_refresh" value="'._('Refresh').'"/>'; return '<div style="color:green;">'.$str.'</div>'; } } } function check (): array { $errors = parent::check(); if (!empty($errors)) { $this->update_base_choices(); } elseif ($this->is_completed) {
211212213214215216217218219220221222223224225226227228229230231232233234235236237
$checked = check_schema($this->parent->captured_values); $errors = []; foreach ($checked as $check) { if (!$check['STATUS']) { if ($check['IS_MUST_HAVE']) { $errors[] = sprintf(_("%s\nSchema \"%s\": %s"), $check['MSG'], $check['SCHEMA_FILE'], $check['INFO']); } else { $warning = new FusionDirectoryWarning( nl2br(htmlescape(sprintf( _("%s\nSchema \"%s\": %s"), $check['MSG'], $check['SCHEMA_FILE'], $check['INFO'] ))) ); $warning->display(); } } } if (!empty($errors)) { $this->is_completed = FALSE; } } return $errors; } }