[382] | 1 | <?php |
---|
[417] | 2 | /***************************************************************************\ |
---|
| 3 | * Expresso - Expresso Messenger * |
---|
[1504] | 4 | * - Alexandre Correia / Rodrigo Souza * |
---|
| 5 | * - JETI - http://jeti-im.org/ * |
---|
[417] | 6 | * ------------------------------------------------------------------------- * |
---|
| 7 | * This program is free software; you can redistribute it and/or modify it * |
---|
| 8 | * under the terms of the GNU General Public License as published by the * |
---|
| 9 | * Free Software Foundation; either version 2 of the License, or (at your * |
---|
| 10 | * option) any later version. * |
---|
| 11 | \***************************************************************************/ |
---|
[382] | 12 | |
---|
[1757] | 13 | if( is_dir('../phpgwapi/inc') ) |
---|
| 14 | define('PHPGW_API_INC','../phpgwapi/inc'); |
---|
| 15 | else |
---|
| 16 | define('PHPGW_API_INC','../../phpgwapi/inc'); |
---|
| 17 | |
---|
[382] | 18 | require_once( PHPGW_API_INC . '/class.common.inc.php'); |
---|
| 19 | |
---|
| 20 | class ldap_im |
---|
| 21 | { |
---|
[1900] | 22 | private $attribute; |
---|
[946] | 23 | private $common; |
---|
| 24 | private $hostsJabber; |
---|
[382] | 25 | private $ldap; |
---|
| 26 | private $ldap_context; |
---|
[1160] | 27 | private $ldap_user; |
---|
[946] | 28 | private $ldap_host; |
---|
[951] | 29 | private $ldap_org; |
---|
[382] | 30 | private $ldap_pass; |
---|
| 31 | private $max_result; |
---|
| 32 | |
---|
| 33 | public final function __construct() |
---|
| 34 | { |
---|
[1757] | 35 | $this->ldap_host = $_SESSION['phpgw_info']['jabberit_messenger']['server_ldap_jabberit']; |
---|
| 36 | $this->ldap_context = $_SESSION['phpgw_info']['jabberit_messenger']['context_ldap_jabberit']; |
---|
| 37 | $this->ldap_user = $_SESSION['phpgw_info']['jabberit_messenger']['user_ldap_jabberit']; |
---|
| 38 | $this->ldap_pass = $_SESSION['phpgw_info']['jabberit_messenger']['password_ldap_jabberit']; |
---|
| 39 | |
---|
[946] | 40 | // Hosts Jabber |
---|
| 41 | $this->hostsJabber = unserialize($_SESSION['phpgw_info']['jabberit_messenger']['map_org_realm_jabberit']); |
---|
| 42 | |
---|
| 43 | // Result Ldap |
---|
[2151] | 44 | $this->max_result = 20; |
---|
[1757] | 45 | |
---|
[1900] | 46 | if ( file_exists('inc/attributeLdap.php') ) |
---|
| 47 | { |
---|
| 48 | require_once('attributeLdap.php'); |
---|
| 49 | $this->attribute = trim($attributeTypeName); |
---|
| 50 | } |
---|
[382] | 51 | } |
---|
| 52 | |
---|
| 53 | public final function __destruct() |
---|
| 54 | { |
---|
| 55 | if( $this->ldap ) |
---|
[1881] | 56 | @ldap_close($this->ldap); |
---|
[382] | 57 | } |
---|
| 58 | |
---|
[946] | 59 | private final function ldapConn() |
---|
[382] | 60 | { |
---|
[946] | 61 | $this->common = new common(); |
---|
[382] | 62 | |
---|
[946] | 63 | $GLOBALS['phpgw_info']['server']['ldap_version3'] = true; |
---|
[1504] | 64 | |
---|
| 65 | if( $this->ldap_user && $this->ldap_pass ) |
---|
| 66 | $this->ldap = $this->common->ldapConnect( $this->ldap_host, $this->ldap_user . "," . $this->ldap_context , $this->ldap_pass, false ); |
---|
| 67 | else |
---|
| 68 | $this->ldap = $this->common->ldapConnect( $this->ldap_host, $this->ldap_context , "", false ); |
---|
[382] | 69 | } |
---|
| 70 | |
---|
[946] | 71 | private final function ldapRoot() |
---|
[551] | 72 | { |
---|
[946] | 73 | $this->ldapConn(); |
---|
| 74 | } |
---|
[551] | 75 | |
---|
[946] | 76 | private final function ldapCatalog() |
---|
| 77 | { |
---|
| 78 | $version3 = true; |
---|
| 79 | $refer = true; |
---|
| 80 | |
---|
| 81 | if(!function_exists('ldap_connect')) |
---|
| 82 | return false; |
---|
[551] | 83 | |
---|
[946] | 84 | if(!$conn = ldap_connect($this->ldap_host)) |
---|
| 85 | return false; |
---|
| 86 | |
---|
| 87 | if( $version3 ) |
---|
| 88 | if( !ldap_set_option($conn,LDAP_OPT_PROTOCOL_VERSION,3) ) |
---|
| 89 | $version3 = false; |
---|
| 90 | |
---|
| 91 | ldap_set_option($conn, LDAP_OPT_REFERRALS, $refer); |
---|
| 92 | |
---|
| 93 | // Bind as Admin |
---|
[1160] | 94 | if($this->ldap_user && $this->ldap_pass && !ldap_bind($conn, $this->ldap_user . "," .$this->ldap_context, $this->ldap_pass)) |
---|
[946] | 95 | return false; |
---|
| 96 | |
---|
| 97 | // Bind as Anonymous |
---|
[1160] | 98 | if(!$this->ldap_user && !$this->ldap_pass && !@ldap_bind($conn)) |
---|
[946] | 99 | return false; |
---|
[1160] | 100 | |
---|
[946] | 101 | return $conn; |
---|
| 102 | } |
---|
| 103 | |
---|
[1757] | 104 | public final function getGroupsLdap($pData) |
---|
[946] | 105 | { |
---|
[1160] | 106 | $result_groups = ""; |
---|
[1757] | 107 | |
---|
| 108 | if( $pData['serverLdap'] == $this->ldap_host || $pData['serverLdap'] == 'localhost' ) |
---|
| 109 | { |
---|
| 110 | $this->ldapRoot(); |
---|
| 111 | } |
---|
| 112 | else |
---|
| 113 | { |
---|
| 114 | $confHosts = $this->hostsJabber; |
---|
| 115 | |
---|
| 116 | for($i = 0; $i < count($confHosts); $i++ ) |
---|
| 117 | { |
---|
| 118 | if( $pData['serverLdap'] == $confHosts[$i]['serverLdap'] ) |
---|
| 119 | { |
---|
| 120 | $this->ldap_host = $confHosts[$i]['serverLdap']; |
---|
| 121 | $this->ldap_context = $confHosts[$i]['contextLdap']; |
---|
| 122 | $this->ldap_user = $confHosts[$i]['user']; |
---|
| 123 | $this->ldap_org = $confHosts[$i]['org']; |
---|
| 124 | $this->ldap_pass = $confHosts[$i]['password']; |
---|
| 125 | |
---|
| 126 | $this->ldap = $this->ldapCatalog(); |
---|
| 127 | } |
---|
| 128 | } |
---|
| 129 | } |
---|
[946] | 130 | |
---|
[1757] | 131 | if( $this->ldap ) |
---|
[551] | 132 | { |
---|
[1757] | 133 | if( !$pData['search'] && $pData['ou'] != "-1" ) |
---|
| 134 | { |
---|
| 135 | $filter = "(&(phpgwAccountType=g)(objectClass=posixGroup))"; |
---|
| 136 | $justthese = array("cn","gidNumber"); |
---|
| 137 | $search = ldap_list( $this->ldap, $pData['ou'] , $filter, $justthese ); |
---|
| 138 | $entry = ldap_get_entries( $this->ldap, $search ); |
---|
| 139 | } |
---|
| 140 | |
---|
| 141 | if( $pData['search'] ) |
---|
| 142 | { |
---|
| 143 | $filter = "(&(phpgwAccountType=g)(&(objectClass=posixGroup)(cn=".$pData['search']."*)))"; |
---|
| 144 | $justthese = array("cn","gidNumber"); |
---|
| 145 | $search = ldap_search( $this->ldap, $this->ldap_context , $filter, $justthese ); |
---|
| 146 | $entry = ldap_get_entries( $this->ldap, $search ); |
---|
| 147 | } |
---|
| 148 | |
---|
| 149 | if( $entry && $entry['count'] > 0 ) |
---|
| 150 | { |
---|
| 151 | array_shift($entry); |
---|
[946] | 152 | |
---|
| 153 | foreach($entry as $tmp) |
---|
[1757] | 154 | $groups[] = $tmp['cn'][0]."/".$tmp['gidnumber'][0]; |
---|
[946] | 155 | |
---|
[1757] | 156 | natsort($groups); |
---|
| 157 | |
---|
| 158 | $result_groups = "<ldap>"; |
---|
| 159 | foreach($groups as $gtmp) |
---|
| 160 | { |
---|
| 161 | $tmp = explode("/",$gtmp); |
---|
| 162 | $result_groups .= "<org><cn>".$tmp[0]."</cn><gid>".$tmp[1]."</gid></org>"; |
---|
| 163 | } |
---|
| 164 | $result_groups .= "</ldap>"; |
---|
[946] | 165 | } |
---|
[551] | 166 | } |
---|
[1757] | 167 | |
---|
[946] | 168 | return $result_groups; |
---|
[551] | 169 | } |
---|
| 170 | |
---|
[1757] | 171 | public final function getGroupsMemberUid( $pGroup, $pLdap ) |
---|
[697] | 172 | { |
---|
[1757] | 173 | if( $pLdap == $this->ldap_host || $pLdap == 'localhost' ) |
---|
[697] | 174 | { |
---|
[1757] | 175 | $this->ldapRoot(); |
---|
[697] | 176 | |
---|
[1757] | 177 | if( $this->ldap ) |
---|
| 178 | { |
---|
[1853] | 179 | $filter = "(&(objectclass=posixgroup)(|".$pGroup."))"; |
---|
| 180 | if( strpos($pGroup, "gidnumber") === false ) |
---|
| 181 | $filter = "(&(objectclass=posixgroup)(cn=".$pGroup."))"; |
---|
| 182 | |
---|
| 183 | $justthese = array("dn","memberuid","gidnumber"); |
---|
| 184 | $search = ldap_search($this->ldap, $this->ldap_context, $filter, $justthese); |
---|
[1757] | 185 | $result = ldap_get_entries($this->ldap,$search); |
---|
| 186 | } |
---|
| 187 | } |
---|
| 188 | else |
---|
| 189 | { |
---|
| 190 | $confHosts = $this->hostsJabber; |
---|
[697] | 191 | |
---|
[1757] | 192 | for($i = 0; $i < count($confHosts); $i++ ) |
---|
| 193 | { |
---|
| 194 | if( $this->ldap ) |
---|
[1876] | 195 | @ldap_close($this->ldap); |
---|
[1757] | 196 | |
---|
[1911] | 197 | if( trim($pLdap) === trim($confHosts[$i]['serverLdap']) ) |
---|
[1757] | 198 | { |
---|
| 199 | $this->ldap_host = $confHosts[$i]['serverLdap']; |
---|
| 200 | $this->ldap_context = $confHosts[$i]['contextLdap']; |
---|
| 201 | $this->ldap_user = $confHosts[$i]['user']; |
---|
| 202 | $this->ldap_org = $confHosts[$i]['org']; |
---|
| 203 | $this->ldap_pass = $confHosts[$i]['password']; |
---|
| 204 | $this->ldap = $this->ldapCatalog(); |
---|
| 205 | |
---|
| 206 | if( $this->ldap ) |
---|
| 207 | { |
---|
| 208 | $filter = "(&(objectclass=posixgroup)(cn=".$pGroup."))"; |
---|
[1853] | 209 | $justthese = array("dn","memberuid","gidnumber"); |
---|
[1757] | 210 | $search = ldap_search($this->ldap,$this->ldap_context,$filter, $justthese); |
---|
| 211 | $result = ldap_get_entries($this->ldap,$search); |
---|
| 212 | } |
---|
[1911] | 213 | |
---|
[1757] | 214 | } |
---|
| 215 | } |
---|
| 216 | } |
---|
| 217 | |
---|
| 218 | if( $result['count'] > 0 ) |
---|
[1853] | 219 | return $result; |
---|
| 220 | |
---|
[697] | 221 | return false; |
---|
| 222 | } |
---|
| 223 | |
---|
[1757] | 224 | public final function getOrganizationsLdap($pLdap_host) |
---|
[551] | 225 | { |
---|
[1757] | 226 | |
---|
| 227 | if( $pLdap_host == $this->ldap_host || $pLdap_host == 'localhost' ) |
---|
| 228 | { |
---|
| 229 | $this->ldapRoot(); |
---|
| 230 | } |
---|
| 231 | else |
---|
| 232 | { |
---|
| 233 | $confHosts = $this->hostsJabber; |
---|
| 234 | |
---|
| 235 | for($i = 0; $i < count($confHosts); $i++ ) |
---|
| 236 | { |
---|
| 237 | if( $pLdap_host == $confHosts[$i]['serverLdap'] ) |
---|
| 238 | { |
---|
| 239 | $this->ldap_host = $confHosts[$i]['serverLdap']; |
---|
| 240 | $this->ldap_context = $confHosts[$i]['contextLdap']; |
---|
| 241 | $this->ldap_user = $confHosts[$i]['user']; |
---|
| 242 | $this->ldap_org = $confHosts[$i]['org']; |
---|
| 243 | $this->ldap_pass = $confHosts[$i]['password']; |
---|
| 244 | |
---|
| 245 | $this->ldap = $this->ldapCatalog(); |
---|
| 246 | } |
---|
| 247 | } |
---|
| 248 | } |
---|
[1160] | 249 | |
---|
[551] | 250 | if( $this->ldap ) |
---|
| 251 | { |
---|
[1504] | 252 | $filter = "(ou=*)"; |
---|
| 253 | $justthese = array("dn"); |
---|
| 254 | $search = ldap_search($this->ldap, $this->ldap_context, $filter, $justthese); |
---|
| 255 | $info = ldap_get_entries($this->ldap, $search); |
---|
| 256 | |
---|
| 257 | for ($i=0; $i<$info["count"]; $i++) |
---|
[1757] | 258 | { |
---|
| 259 | $a_sectors[] = $info[$i]['dn']; |
---|
| 260 | } |
---|
[946] | 261 | } |
---|
[551] | 262 | |
---|
[1504] | 263 | // Retiro o count do array info e inverto o array para ordenação. |
---|
| 264 | foreach ($a_sectors as $context) |
---|
| 265 | { |
---|
| 266 | $array_dn = ldap_explode_dn ( $context, 1 ); |
---|
| 267 | $array_dn_reverse = array_reverse ( $array_dn, true ); |
---|
| 268 | array_pop ( $array_dn_reverse ); |
---|
| 269 | $inverted_dn[$context] = implode ( "#", $array_dn_reverse ); |
---|
| 270 | } |
---|
| 271 | |
---|
| 272 | // Ordenação |
---|
| 273 | natcasesort($inverted_dn); |
---|
[551] | 274 | |
---|
[1504] | 275 | foreach ( $inverted_dn as $dn=>$invert_ufn ) |
---|
| 276 | { |
---|
| 277 | $display = ''; |
---|
[1438] | 278 | |
---|
[1504] | 279 | $array_dn_reverse = explode ( "#", $invert_ufn ); |
---|
| 280 | $array_dn = array_reverse ( $array_dn_reverse, true ); |
---|
[1438] | 281 | |
---|
[1504] | 282 | $level = count( $array_dn ) - (int)(count(explode(",", $this->ldap_context)) + 1); |
---|
| 283 | |
---|
| 284 | if ($level == 0) |
---|
| 285 | $display .= '+'; |
---|
| 286 | else |
---|
| 287 | { |
---|
| 288 | for( $i = 0; $i < $level; $i++) |
---|
| 289 | $display .= '---'; |
---|
| 290 | } |
---|
| 291 | |
---|
| 292 | reset ( $array_dn ); |
---|
| 293 | $display .= ' ' . (current ( $array_dn ) ); |
---|
| 294 | |
---|
| 295 | $dn = trim(strtolower($dn)); |
---|
| 296 | $options[$dn] = $display; |
---|
| 297 | } |
---|
| 298 | |
---|
| 299 | return $options; |
---|
| 300 | |
---|
| 301 | } |
---|
| 302 | |
---|
[1757] | 303 | public final function getUsersLdapCatalog( $search, $uid = false, $pLdap = false ) |
---|
[382] | 304 | { |
---|
[946] | 305 | $confHosts = $this->hostsJabber; |
---|
| 306 | $result = array(); |
---|
| 307 | $return = array(); |
---|
| 308 | $conn = ""; |
---|
| 309 | |
---|
[1757] | 310 | for( $i = 0; $i < count($confHosts); $i++ ) |
---|
[382] | 311 | { |
---|
[1757] | 312 | if( $pLdap && $pLdap == $confHosts[$i]['serverLdap'] ) |
---|
| 313 | { |
---|
| 314 | $this->ldap_host = $confHosts[$i]['serverLdap']; |
---|
| 315 | $this->ldap_context = $confHosts[$i]['contextLdap']; |
---|
| 316 | $this->ldap_user = $confHosts[$i]['user']; |
---|
| 317 | $this->ldap_org = $confHosts[$i]['org']; |
---|
| 318 | $this->ldap_pass = $confHosts[$i]['password']; |
---|
| 319 | $this->ldap = $this->ldapCatalog(); |
---|
[382] | 320 | |
---|
[1911] | 321 | if( $this->ldap ) |
---|
| 322 | { |
---|
| 323 | $filter = ( $uid ) ? "(&(phpgwaccounttype=u)(|".$uid.")(".$search ."))" : "(&(phpgwaccounttype=u)(".$search ."))"; |
---|
| 324 | $justthese = array( $this->attribute ,"uidNumber" ,"cn" ,"mail" ,"phpgwAccountVisible" ,"dn" ,"jpegPhoto" ); |
---|
| 325 | $searchRoot = ( $this->ldap_org != "*" ) ? "ou=".$this->ldap_org.",".$this->ldap_context : $this->ldap_context; |
---|
| 326 | $search1 = @ldap_search($this->ldap, $searchRoot, $filter, $justthese, 0, $this->max_result + 1); |
---|
| 327 | $entry1 = @ldap_get_entries( $this->ldap, $search1 ); |
---|
| 328 | $result = $this->resultArray( $entry1, $this->ldap, $this->ldap_org ); |
---|
| 329 | |
---|
| 330 | if( count($return) > 0 ) |
---|
| 331 | $return = array_merge($return, $result); |
---|
| 332 | else |
---|
| 333 | $return = $result; |
---|
| 334 | } |
---|
| 335 | |
---|
| 336 | if( $this->ldap ) |
---|
| 337 | ldap_close($this->ldap); |
---|
[382] | 338 | } |
---|
| 339 | } |
---|
[946] | 340 | |
---|
| 341 | return $return; |
---|
[382] | 342 | } |
---|
[946] | 343 | |
---|
[988] | 344 | public final function getUsersLdapRoot( $search, $uidnumber, $ous = false ) |
---|
[417] | 345 | { |
---|
[1757] | 346 | $result = array(); |
---|
[946] | 347 | $this->ldapRoot(); |
---|
[519] | 348 | |
---|
| 349 | if( $this->ldap ) |
---|
| 350 | { |
---|
[1757] | 351 | $searchRoot = ( $ous ) ? $ous.",".$this->ldap_context : $this->ldap_context ; |
---|
| 352 | $filter = "(&(phpgwaccounttype=u)(|".$uidnumber.")(".$search ."))"; |
---|
[1900] | 353 | $justthese = array( $this->attribute, "uidNumber", "cn", "mail", "phpgwAccountVisible", "dn", "jpegPhoto" ); |
---|
[1861] | 354 | $search = ldap_search( $this->ldap, $searchRoot, $filter, $justthese, 0, $this->max_result + 1); |
---|
[1757] | 355 | $entry = ldap_get_entries( $this->ldap, $search ); |
---|
[1861] | 356 | $result = $this->resultArray( $entry, $this->ldap ); |
---|
[946] | 357 | } |
---|
[519] | 358 | |
---|
[946] | 359 | return $result; |
---|
[417] | 360 | } |
---|
[563] | 361 | |
---|
[1878] | 362 | private final function resultArray($pArray, $pConn, $pOrg = false) |
---|
[563] | 363 | { |
---|
[1900] | 364 | $entry = $pArray; |
---|
| 365 | $result = array(); |
---|
| 366 | $j = 0; |
---|
| 367 | |
---|
| 368 | for( $i = 0 ; $i < $entry['count']; $i++ ) |
---|
[563] | 369 | { |
---|
[946] | 370 | if ( $entry[$i]['phpgwaccountvisible'][0] != '-1' ) |
---|
| 371 | { |
---|
[1900] | 372 | $result[$j]['uidnumber'] = $entry[$i]['uidnumber'][0]; |
---|
| 373 | $result[$j]['mail'] = $entry[$i]['mail'][0]; |
---|
| 374 | $result[$j]['uid'] = $entry[$i][$this->attribute][0]; |
---|
| 375 | $result[$j]['jid'] = $entry[$i][$this->attribute][0]; |
---|
| 376 | |
---|
[946] | 377 | $ou = explode("dc=", $entry[$i]['dn']); |
---|
| 378 | $ou = explode("ou=",$ou[0]); |
---|
| 379 | $ou = array_pop($ou); |
---|
[1878] | 380 | $result[$j]['ou'] = strtoupper(substr($ou,0,strlen($ou)-1)); |
---|
[1900] | 381 | |
---|
[1878] | 382 | if( $pOrg === "*" ) |
---|
| 383 | $result[$j]['ouAll'] = "*"; |
---|
| 384 | |
---|
[946] | 385 | if( $entry[$i]['jpegphoto'][0] ) |
---|
| 386 | { |
---|
| 387 | $result[$j]['photo'] = "1"; |
---|
| 388 | $filterPhoto = "(objectclass=*)"; |
---|
| 389 | $photoLdap = ldap_read($pConn, $entry[$i]['dn'], $filterPhoto, array("jpegPhoto")); |
---|
| 390 | $firstEntry = ldap_first_entry($pConn, $photoLdap); |
---|
| 391 | $photo = ldap_get_values_len($pConn, $firstEntry, "jpegPhoto"); |
---|
[1504] | 392 | $_SESSION['phpgw_info']['jabberit_messenger']['photo'][trim($result[$j]['ou'])][trim($result[$j]['uid'])] = $photo[0]; |
---|
[946] | 393 | } |
---|
| 394 | else |
---|
| 395 | $result[$j]['photo'] = "0"; |
---|
[563] | 396 | |
---|
[946] | 397 | $result[$j++]['cn'] = $entry[$i]['cn'][0]; |
---|
[563] | 398 | } |
---|
[1504] | 399 | |
---|
| 400 | $organization = $this->attr_org; |
---|
[563] | 401 | } |
---|
[1900] | 402 | |
---|
[946] | 403 | return $result; |
---|
[563] | 404 | } |
---|
[382] | 405 | } |
---|
| 406 | |
---|
[1504] | 407 | ?> |
---|