Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Annotate
Revision Log

class.ldap_functions.inc.php @ 5156

Revision 5156, 18.6 KB checked in by brunocosta, 12 years ago (diff)
Ticket #2142 - Ajuste do setup para publicação da versão 2.3.0

Line
1	<?php
2	define('PHPGW_INCLUDE_ROOT','../');
3	define('PHPGW_API_INC','../phpgwapi/inc');
4	include_once(PHPGW_API_INC.'/class.common.inc.php');
5	include_once('class.functions.inc.php');
6
7	function ldapRebind($ldap_connection, $ldap_url)
8	{
9	// Enquanto estivermos utilizando referral na arvore ldap, teremos que continuar a utilizar o usuário sistemas:expresso.
10	// Depois, quando não existir mais referral, não existirá a necessidade de ldapRebind.
11	//ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
12	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
13	{
14	@ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
15	}
16	}
17
18	class ldap_functions
19	{
20	var $ldap;
21	var $current_config;
22	var $functions;
23	var $manager_contexts;
24
25	function ldap_functions(){
26	$GLOBALS['phpgw_info']['server'] = $_SESSION['phpgw_info']['expresso']['server'];
27	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
28	$common = new common();
29
30	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
31	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
32	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
33	{
34	$this->ldap = $common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_master_host'],
35	$GLOBALS['phpgw_info']['server']['ldap_master_root_dn'],
36	$GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
37	}
38	else
39	{
40	$this->ldap = $common->ldapConnect();
41	}
42
43	$this->functions = new functions;
44	$manager_acl = $this->functions->read_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid']);
45	$this->manager_contexts = $manager_acl['contexts'];
46	}
47
48	//Busca usuários de um contexto e já retorna as options do select;
49	function get_available_users($params)
50	{
51	$context = $params['context'];
52	$recursive = $params['recursive'];
53	$justthese = array("cn", "uidNumber");
54	$filter="(phpgwAccountType=u)";
55
56	if ($recursive == 'true')
57	$groups_list=ldap_search($this->ldap, $context, $filter, $justthese);
58	else
59	$groups_list=ldap_list($this->ldap, $context, $filter, $justthese);
60
61	$entries = ldap_get_entries($this->ldap, $groups_list);
62
63	for ($i=0; $i<$entries["count"]; $i++){
64	$u_tmp[$entries[$i]["uidnumber"][0]] = $entries[$i]["cn"][0];
65	}
66
67	if (count($u_tmp))
68	natcasesort($u_tmp);
69
70	$i = 0;
71	$users = array();
72
73	if (count($u_tmp))
74	{
75	foreach ($u_tmp as $uidnumber => $cn)
76	{
77	$options .= "<option value=$uidnumber>$cn</option>";
78	}
79	unset($u_tmp);
80	}
81
82	return $options;
83	}
84
85	function get_available_groups($params)
86	{
87	$context = $params['context'];
88	$justthese = array("cn", "gidNumber");
89	$groups_list=ldap_list($this->ldap, $context, ("(phpgwAccountType=g)"), $justthese);
90	ldap_sort($this->ldap, $groups_list, "cn");
91
92	$entries = ldap_get_entries($this->ldap, $groups_list);
93
94	$options = '';
95	for ($i=0; $i<$entries['count']; $i++)
96	{
97	$options .= "<option value=" . $entries[$i]['gidnumber'][0] . ">" . $entries[$i]['cn'][0] . "</option>";
98	}
99
100	return $options;
101	}
102
103	function get_available_maillists($params)
104	{
105	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
106	return false;
107
108	$context = $params['context'];
109	$justthese = array("uid","mail","uidNumber");
110	$maillists=ldap_list($ldapMasterConnect, $context, ("(phpgwAccountType=l)"), $justthese);
111	ldap_sort($ldapMasterConnect, $maillists, "uid");
112
113	$entries = ldap_get_entries($ldapMasterConnect, $maillists);
114
115	$options = '';
116	for ($i=0; $i<$entries['count']; $i++)
117	{
118	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['uid'][0] . " (" . $entries[$i]['mail'][0] . ")" . "</option>";
119	}
120
121	ldap_close($ldapMasterConnect);
122	return $options;
123	}
124
125	function get_user_info($uidnumber)
126	{
127	foreach ($this->manager_contexts as $index=>$context)
128	{
129	$filter="(&(phpgwAccountType=u)(uidNumber=".$uidnumber."))";
130	$search = ldap_search($this->ldap, $context, $filter);
131	$entry = ldap_get_entries($this->ldap, $search);
132
133	if ($entry['count'])
134	{
135	//Pega o dn do setor do usuario.
136	$entry[0]['dn'] = strtolower($entry[0]['dn']);
137	$sector_dn_array = explode(",", $entry[0]['dn']);
138	for($i=1; $i<count($sector_dn_array); $i++)
139	$sector_dn .= $sector_dn_array[$i] . ',';
140	//Retira ultimo pipe.
141	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
142
143	$result['context'] = $sector_dn;
144	$result['uid'] = $entry[0]['uid'][0];
145	$result['uidnumber'] = $entry[0]['uidnumber'][0];
146	$result['gidnumber'] = $entry[0]['gidnumber'][0];
147	$result['departmentnumber'] = $entry[0]['departmentnumber'][0];
148	$result['givenname'] = $entry[0]['givenname'][0];
149	$result['sn'] = $entry[0]['sn'][0];
150	$result['telephonenumber'] = $entry[0]['telephonenumber'][0];
151	$result['passwd_expired'] = $entry[0]['phpgwlastpasswdchange'][0];
152	$result['phpgwaccountstatus'] = $entry[0]['phpgwaccountstatus'][0];
153	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
154	$result['accountstatus'] = $entry[0]['accountstatus'][0];
155	$result['mail'] = $entry[0]['mail'][0];
156	$result['mailalternateaddress'] = $entry[0]['mailalternateaddress'];
157	$result['mailforwardingaddress']= $entry[0]['mailforwardingaddress'];
158	$result['deliverymode'] = $entry[0]['deliverymode'][0];
159	$result['userPasswordRFC2617'] = $entry[0]['userpasswordrfc2617'][0];
160
161	//Photo
162	if ($entry[0]['jpegphoto']['count'] == 1)
163	$result['photo_exist'] = 'true';
164
165	// Samba
166	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
167	{
168	if ($entry[0]['objectclass'][$i] == 'sambaSamAccount')
169	$result['sambaUser'] = true;
170	}
171	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($result['sambaUser']))
172	{
173	$result['sambaaccflags'] = $entry[0]['sambaacctflags'][0];
174	$result['sambalogonscript'] = $entry[0]['sambalogonscript'][0];
175	$result['homedirectory'] = $entry[0]['homedirectory'][0];
176	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
177	array_pop($a_tmp);
178	$result['sambasid'] = implode("-", $a_tmp);
179	}
180
181	// Verifica o acesso do gerente aos atributos corporativos
182	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
183	{
184	$result['corporative_information_employeenumber']= $entry[0]['employeenumber'][0];
185	$result['corporative_information_cpf'] = $entry[0]['cpf'][0];
186	$result['corporative_information_rg'] = $entry[0]['rg'][0];
187	$result['corporative_information_rguf'] = $entry[0]['rguf'][0];
188	$result['corporative_information_description'] = utf8_decode($entry[0]['description'][0]);
189	}
190
191	// MailLists
192	$result['maillists_info'] = $this->get_user_maillists($result['mail']);
193	if($result['maillists_info'])
194	{
195	foreach ($result['maillists_info'] as $maillist)
196	{
197	$result['maillists'][] = $maillist['uid'];
198	}
199	}
200
201	// Groups
202	$justthese = array("gidnumber","cn");
203	$filter="(&(phpgwAccountType=g)(memberuid=".$result['uid']."))";
204	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
205	ldap_sort($this->ldap, $search, "cn");
206	$entries = ldap_get_entries($this->ldap, $search);
207	for ($i=0; $i<$entries['count']; $i++)
208	{
209	$result['groups_ldap'][ $entries[$i]['gidnumber'][0] ] = $entries[$i]['cn'][0];
210	}
211	}
212	}
213	if (is_array($result))
214	return $result;
215	else
216	return false;
217	}
218
219	function get_user_maillists($mail)
220	{
221	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
222	return false;
223
224	$result = array();
225
226	//Mostra somente os mailists dos contextos do gerente
227	$justthese = array("uid","mail","uidnumber");
228	$filter="(&(phpgwAccountType=l)(mailforwardingaddress=$mail))";
229
230	foreach ($this->manager_contexts as $index=>$context)
231	{
232	$search = ldap_search($ldapMasterConnect, $context, $filter, $justthese);
233	$entries = ldap_get_entries($ldapMasterConnect, $search);
234
235	for ($i=0; $i<$entries['count']; $i++)
236	{
237	$result[ $entries[$i]['uid'][0] ]['uid'] = $entries[$i]['uid'][0];
238	$result[ $entries[$i]['uid'][0] ]['mail'] = $entries[$i]['mail'][0];
239
240	$a_tmp[] = $entries[$i]['uid'][0];
241	}
242	}
243
244	if($a_tmp) {
245	natcasesort($a_tmp);
246
247	foreach ($a_tmp as $uid)
248	{
249	$return[$uid]['uid'] = $result[$uid]['uid'];
250	$return[$uid]['mail'] = $result[$uid]['mail'];
251	}
252	}
253	ldap_close($ldapMasterConnect);
254	return $return;
255	}
256
257	function get_group_info($gidnumber)
258	{
259	foreach ($this->manager_contexts as $index=>$context)
260	{
261	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
262	$search = ldap_search($this->ldap, $context, $filter);
263	$entry = ldap_get_entries($this->ldap, $search);
264
265	if ($entry['count'])
266	{
267	//Pega o dn do setor do grupo.
268	$entry[0]['dn'] = strtolower($entry[0]['dn']);
269	$sector_dn_array = explode(",", $entry[0]['dn']);
270	for($i=1; $i<count($sector_dn_array); $i++)
271	$sector_dn .= $sector_dn_array[$i] . ',';
272	//Retira ultimo pipe.
273	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
274
275	$result['context'] = $sector_dn;
276	$result['cn'] = $entry[0]['cn'][0];
277	$result['description'] = $entry[0]['description'][0];
278	$result['gidnumber'] = $entry[0]['gidnumber'][0];
279	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
280	$result['email'] = $entry[0]['mail'][0];
281
282	//MemberUid
283	for ($i=0; $i<$entry[0]['memberuid']['count']; $i++)
284	{
285	$justthese = array("cn","uid","uidnumber");
286
287	// Montagem dinamica do filtro
288	$filter="(&(phpgwAccountType=u)(\|";
289	for ($k=0; (($k<10) && ($i<$entry[0]['memberuid']['count'])); $k++)
290	{
291	$filter .= "(uid=".$entry[0]['memberuid'][$i].")";
292	$i++;
293	}
294	$i--;
295	$filter .= "))";
296
297	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
298	$user_entry = ldap_get_entries($this->ldap, $search);
299
300	for ($j=0; $j<$user_entry['count']; $j++)
301	{
302	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['cn'] = $user_entry[$j]['cn'][0];
303	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['uidnumber'] = $user_entry[$j]['uidnumber'][0];
304	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['type'] = 'u';
305	}
306	}
307
308	// Checamos e-mails que não fazem parte do expresso.
309	// Criamos um array temporario
310	$tmp_array = array();
311	if($result['memberuid_info'])
312	foreach ($result['memberuid_info'] as $uid => $user_data)
313	{
314	$tmp_array[] = $uid;
315	}
316
317	if($entry[0]['memberuid']) {
318	// Retira o count do array
319	array_shift($entry[0]['memberuid']);
320	// Vemos a diferença
321	$array_diff = array_diff($entry[0]['memberuid'], $tmp_array);
322	// Incluimos no resultado
323	foreach ($array_diff as $index=>$uid)
324	{
325	$result['memberuid_info'][$uid]['cn'] = $uid;
326	}
327	}
328
329	// Samba
330	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
331	{
332	if ($entry[0]['objectclass'][$i] == 'sambaGroupMapping')
333	$result['sambaGroup'] = true;
334
335	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
336	array_pop($a_tmp);
337	$result['sambasid'] = implode("-", $a_tmp);
338	}
339	return $result;
340	}
341	}
342	}
343
344	function get_maillist_info($uidnumber)
345	{
346	/* folling referral connection */
347	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
348	if ($ldap_conn_following_ref)
349	{
350	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
351	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
352
353	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
354	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
355	}
356
357	foreach ($this->manager_contexts as $index=>$context)
358	{
359	$filter="(&(phpgwAccountType=l)(uidNumber=".$uidnumber."))";
360	$search = ldap_search($this->ldap, $context, $filter);
361	$entry = ldap_get_entries($this->ldap, $search);
362
363	if ($entry['count'])
364	{
365	//Pega o dn do setor do usuario.
366	$entry[0]['dn'] = strtolower($entry[0]['dn']);
367	$sector_dn_array = explode(",", $entry[0]['dn']);
368	for($i=1; $i<count($sector_dn_array); $i++)
369	$sector_dn .= $sector_dn_array[$i] . ',';
370	//Retira ultimo pipe.
371	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
372
373	$result['context'] = $sector_dn;
374	$result['uidnumber'] = $entry[0]['uidnumber'][0];
375	$result['uid'] = strtolower($entry[0]['uid'][0]);
376	$result['cn'] = $entry[0]['cn'][0];
377	$result['mail'] = $entry[0]['mail'][0];
378	$result['description'] = utf8_decode($entry[0]['description'][0]);
379	$result['accountStatus'] = $entry[0]['accountstatus'][0];
380	$result['phpgwAccountVisible'] = $entry[0]['phpgwaccountvisible'][0];
381
382	//Members
383	for ($i=0; $i<$entry[0]['mailforwardingaddress']['count']; $i++)
384	{
385	$justthese = array("cn", "uidnumber", "uid", "phpgwaccounttype", "mail");
386
387	// Montagem dinamica do filtro, para nao ter muitas conexoes com o ldap
388	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|";
389	for ($k=0; (($k<10) && ($i<$entry[0]['mailforwardingaddress']['count'])); $k++)
390	{
391	$filter .= "(mail=".$entry[0]['mailforwardingaddress'][$i].")";
392	$i++;
393	}
394	$i--;
395	$filter .= "))";
396
397	$search = ldap_search($ldap_conn_following_ref, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
398	$user_entry = ldap_get_entries($ldap_conn_following_ref, $search);
399
400	for ($j=0; $j<$user_entry['count']; $j++)
401	{
402	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['uid'] = $user_entry[$j]['uid'][0];
403	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['cn'] = $user_entry[$j]['cn'][0];
404	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['type'] = $user_entry[$j]['phpgwaccounttype'][0];
405	$result['mailForwardingAddress'][] = $user_entry[$j]['mail'][0];
406	}
407	}
408
409	// Emails não encontrados no ldap
410	array_shift($entry[0]['mailforwardingaddress']); //Retira o count do array
411	$missing_emails = array_diff($entry[0]['mailforwardingaddress'], $result['mailForwardingAddress']);
412
413	// Incluimos estes no resultado
414	foreach ($missing_emails as $index=>$mailforwardingaddress)
415	{
416	$result['mailForwardingAddress_info'][$mailforwardingaddress]['uid'] = $mailforwardingaddress;
417	$result['mailForwardingAddress_info'][$mailforwardingaddress]['cn'] = 'E-Mail nao encontrado';
418	$result['mailForwardingAddress'][] = $mailforwardingaddress;
419	}
420
421	ldap_close($ldap_conn_following_ref);
422	return $result;
423	}
424	}
425	}
426
427
428
429	function group_exist($gidnumber)
430	{
431	$justthese = array("cn");
432	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
433	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
434
435	$entry = ldap_get_entries($this->ldap, $search);
436	if ($entry['count'] == 0)
437	return false;
438	else
439	return true;
440	}
441
442	function gidnumbers2cn($gidnumbers)
443	{
444	$result = array();
445	if (count($gidnumbers))
446	{
447	$justthese = array("cn");
448	$i = 0;
449	foreach ($gidnumbers as $gidnumber)
450	{
451	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
452	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
453
454	$entry = ldap_get_entries($this->ldap, $search);
455	if ($entry['count'] == 0)
456	$result['groups_info'][$i]['cn'] = '_' . $this->functions->lang('group only exist on DB, but does not exist on ldap');
457
458	else
459	$result['groups_info'][$i]['cn'] = $entry[0]['cn'][0];
460	$result['groups_info'][$i]['gidnumber'] = $gidnumber;
461
462	/* o gerente pode excluir um grupo de um usuario onde este grupo esta em outra OU ? */
463	/* é o mesmo que o manager editar um grupo de outra OU */
464	$result['groups_info'][$i]['group_disabled'] = 'true';
465	foreach ($this->manager_contexts as $index=>$context)
466	{
467	if (strpos(strtolower($entry[0]['dn']), strtolower($context)))
468	{
469	$result['groups_info'][$i]['group_disabled'] = 'false';
470	}
471	}
472
473	$i++;
474	}
475	}
476	return $result;
477	}
478
479	function uidnumber2uid($uidnumber)
480	{
481	$justthese = array("uid");
482	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
483	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
484	$entry = ldap_get_entries($this->ldap, $search);
485	return $entry[0]['uid'][0];
486	}
487
488	function uidnumber2mail($uidnumber)
489	{
490	$justthese = array("mail");
491	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
492	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
493	$entry = ldap_get_entries($this->ldap, $search);
494	return $entry[0]['mail'][0];
495	}
496
497	function search_user($params)
498	{
499	$search = $params['search'];
500	$justthese = array("cn","uid", "mail");
501	$users_list=ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], "(&(phpgwAccountType=u) (\|(cn=$search)(mail=$search*)) )", $justthese);
502
503	if (ldap_count_entries($this->ldap, $users_list) == 0)
504	{
505	$return['status'] = 'false';
506	$result['msg'] = $this->functions->lang('Any result was found') . '.';
507	return $return;
508	}
509
510	ldap_sort($this->ldap, $users_list, "cn");
511
512	$entries = ldap_get_entries($this->ldap, $users_list);
513
514	$options = '';
515	for ($i=0; $i<$entries['count']; $i++)
516	{
517	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['cn'][0] . " (".$entries[$i]['mail'][0].")" . "</option>";
518	}
519
520	return $options;
521	}
522	}
523	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: branches/2.3/reports/inc/class.ldap_functions.inc.php @ 5156

Download in other formats: