[4445] | 1 | <?php |
---|
[5068] | 2 | /** |
---|
[5405] | 3 | * |
---|
| 4 | * Copyright (C) 2011 Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) |
---|
| 5 | * |
---|
| 6 | * This program is free software; you can redistribute it and/or |
---|
| 7 | * modify it under the terms of the GNU General Public License |
---|
| 8 | * as published by the Free Software Foundation; either version 2 |
---|
| 9 | * of the License, or (at your option) any later version. |
---|
| 10 | * |
---|
| 11 | * This program is distributed in the hope that it will be useful, |
---|
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 14 | * GNU General Public License for more details. |
---|
| 15 | * |
---|
| 16 | * You should have received a copy of the GNU General Public License |
---|
| 17 | * along with this program; if not, write to the Free Software |
---|
| 18 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
---|
| 19 | * |
---|
| 20 | * You can contact Prognus Software Livre headquarters at Av. Tancredo Neves, |
---|
| 21 | * 6731, PTI, Bl. 05, Esp. 02, Sl. 10, Foz do Iguaçu - PR - Brasil or at |
---|
| 22 | * e-mail address prognus@prognus.com.br. |
---|
| 23 | * |
---|
| 24 | * |
---|
| 25 | * @package LdapService |
---|
| 26 | * @license http://www.gnu.org/copyleft/gpl.html GPL |
---|
| 27 | * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) |
---|
| 28 | * @sponsor Caixa Econômica Federal |
---|
| 29 | * @version 1.0 |
---|
| 30 | * @since 2.4.0 |
---|
| 31 | */ |
---|
| 32 | class LdapService { |
---|
[5130] | 33 | |
---|
[4828] | 34 | var $limit = 11; |
---|
[5405] | 35 | var $allTargetTypes = array('i', 'g', 'l', 'u', 's'); |
---|
[4445] | 36 | var $connection; |
---|
| 37 | |
---|
[5405] | 38 | function LdapService() { |
---|
| 39 | if (isset($GLOBALS['phpgw_info']['server']['ldap_context'])) |
---|
| 40 | $this->context = $GLOBALS['phpgw_info']['server']['ldap_context']; |
---|
[4445] | 41 | } |
---|
| 42 | |
---|
[5405] | 43 | public function setContext($pContext) { |
---|
| 44 | $this->context = $pContext; |
---|
| 45 | } |
---|
| 46 | |
---|
| 47 | function connect($host='', $dn='', $passwd='', $ldapreferral=false) { |
---|
| 48 | if (!$host || $host == $GLOBALS['phpgw_info']['server']['ldap_host']) { |
---|
| 49 | $dn = $dn ? $dn : $GLOBALS['phpgw_info']['server']['ldap_root_dn']; |
---|
[4445] | 50 | $passwd = $passwd ? $passwd : $GLOBALS['phpgw_info']['server']['ldap_root_pw']; |
---|
[5405] | 51 | $host = $host ? $host : $GLOBALS['phpgw_info']['server']['ldap_host']; |
---|
[4445] | 52 | } |
---|
| 53 | |
---|
| 54 | $conection = ldap_connect($host); |
---|
| 55 | |
---|
[5405] | 56 | if (!ldap_set_option($conection, LDAP_OPT_PROTOCOL_VERSION, 3)) |
---|
[4445] | 57 | $GLOBALS['phpgw_info']['server']['ldap_version3'] = False; |
---|
[5405] | 58 | |
---|
[4445] | 59 | ldap_set_option($conection, LDAP_OPT_REFERRALS, $ldapreferral); |
---|
| 60 | |
---|
[5405] | 61 | if ($ldapreferral) { |
---|
[4445] | 62 | $GLOBALS['phpgw_info']['server']['user_ldap_referral'] = $dn; |
---|
| 63 | $GLOBALS['phpgw_info']['server']['password_ldap_referral'] = $passwd; |
---|
| 64 | ldap_set_rebind_proc($conection, ldap_rebind); |
---|
| 65 | } |
---|
| 66 | |
---|
[5405] | 67 | if ($dn && $passwd && !@ldap_bind($conection, $dn, $passwd)) |
---|
| 68 | @ldap_bind($conection, $dn, $passwd); |
---|
[4445] | 69 | |
---|
| 70 | $this->connection = $conection; |
---|
| 71 | |
---|
[5405] | 72 | return( $conection ); |
---|
[4445] | 73 | } |
---|
| 74 | |
---|
[5405] | 75 | function _or($toWrap) { |
---|
| 76 | return (!is_array($toWrap) && count($toWrap) > 0 ) ? $toWrap : $this->wrap($toWrap, '|'); |
---|
[4445] | 77 | } |
---|
| 78 | |
---|
[5405] | 79 | function _and($toWrap) { |
---|
| 80 | return (!is_array($toWrap) && count($toWrap) > 0 ) ? $toWrap : $this->wrap($toWrap, '&'); |
---|
[4445] | 81 | } |
---|
| 82 | |
---|
[5405] | 83 | function _not($toWrap) { |
---|
| 84 | return (!is_array($toWrap) && count($toWrap) > 0 ) ? $toWrap : $this->wrap($toWrap, '!'); |
---|
[4445] | 85 | } |
---|
| 86 | |
---|
[5405] | 87 | function wrap($toWrap, $conditional = "") { |
---|
| 88 | if (!$toWrap || ( is_array($toWrap) && count($toWrap) < 1)) |
---|
| 89 | return ''; |
---|
[4445] | 90 | |
---|
[5405] | 91 | if (!is_array($toWrap)) |
---|
| 92 | $toWrap = array($toWrap); |
---|
| 93 | |
---|
| 94 | $toWrap = array_unique($toWrap); |
---|
| 95 | |
---|
| 96 | return '(' . $conditional . implode('', $toWrap) . ")"; |
---|
[4445] | 97 | } |
---|
| 98 | |
---|
[5405] | 99 | function getSearchFilter($search, $targetTypes = false, $customFilter = '', $exact = false) { |
---|
| 100 | $search = utf8_encode($search); |
---|
[4445] | 101 | |
---|
[5405] | 102 | if (!$targetTypes) |
---|
| 103 | $targetTypes = $this->allTargetTypes; |
---|
[4445] | 104 | |
---|
[5405] | 105 | if (!is_array($targetTypes)) |
---|
| 106 | $targetTypes = array($targetTypes); |
---|
[4445] | 107 | |
---|
[5405] | 108 | $searchFilter = ''; |
---|
[4445] | 109 | |
---|
[5405] | 110 | foreach ($targetTypes as $targetType) { |
---|
| 111 | switch ($targetType) { |
---|
| 112 | case 'g': |
---|
| 113 | $searchFilter = $this->stemFilter($search, 'cn'); |
---|
| 114 | break; |
---|
[4445] | 115 | |
---|
[5405] | 116 | default : |
---|
| 117 | $searchFilter = $this->stemFilter($search, array('cn', 'givenName', 'uid', 'sn', 'displayName', 'mail', 'mailAlternateAddress')); |
---|
| 118 | break; |
---|
| 119 | } |
---|
| 120 | } |
---|
[4445] | 121 | |
---|
[5405] | 122 | $filter = array(); |
---|
| 123 | |
---|
| 124 | if ($customFilter) |
---|
| 125 | $filter[] = $customFilter; |
---|
| 126 | if ($search) |
---|
| 127 | $filter[] = $searchFilter; |
---|
| 128 | |
---|
| 129 | return $this->_and(array( |
---|
| 130 | // Somente objetos relacionados com o Expresso |
---|
| 131 | $this->accountFilter($targetTypes), |
---|
| 132 | // Objetos ocultados e/ou desativados pelo Administrador nao podem ser exibidos nas consultas do Expresso |
---|
| 133 | $this->securityFilter($targetTypes), |
---|
| 134 | //foco da busca |
---|
| 135 | ( $exact ? $this->_and($filter) : $this->_or($filter) ) |
---|
| 136 | )); |
---|
| 137 | } |
---|
| 138 | |
---|
| 139 | function securityFilter($targetTypes) { |
---|
| 140 | if (!$targetTypes) |
---|
[4445] | 141 | $targetTypes = $this->allTargetTypes; |
---|
| 142 | |
---|
[5405] | 143 | if (!is_array($targetTypes)) |
---|
| 144 | $targetTypes = array($targetTypes); |
---|
[4445] | 145 | |
---|
| 146 | $typeFilter = array(); |
---|
| 147 | |
---|
[5405] | 148 | foreach ($targetTypes as $targetType) { |
---|
| 149 | switch ($targetType) { |
---|
| 150 | case 'g': $typeFilter[] = "(objectClass=posixGroup)"; |
---|
| 151 | break; |
---|
[4445] | 152 | |
---|
[5405] | 153 | default : $typeFilter[] = "(phpgwAccountStatus=A)(accountStatus=active)"; |
---|
| 154 | break; |
---|
| 155 | } |
---|
| 156 | } |
---|
| 157 | |
---|
| 158 | return $this->_and(array('(!(phpgwAccountVisible=-1))', $this->_or($typeFilter))); |
---|
[4445] | 159 | } |
---|
| 160 | |
---|
[5405] | 161 | function accountFilter($targetTypes) { |
---|
| 162 | if (!$targetTypes) |
---|
| 163 | $targetTypes = $this->allTargetTypes; |
---|
| 164 | |
---|
| 165 | if (!is_array($targetTypes)) |
---|
| 166 | $targetTypes = array($targetTypes); |
---|
| 167 | |
---|
| 168 | $typeFilter = array(); |
---|
| 169 | |
---|
| 170 | foreach ($targetTypes as $targetType) |
---|
| 171 | $typeFilter[] = '(phpgwAccountType=' . $targetType . ')'; |
---|
| 172 | |
---|
| 173 | return $this->_and(array('(objectClass=phpgwAccount)', $this->_or($typeFilter))); |
---|
[4445] | 174 | } |
---|
| 175 | |
---|
[5405] | 176 | function stemFilter($search, $params) { |
---|
| 177 | $search = str_replace(' ', '*', $search); |
---|
| 178 | |
---|
| 179 | if (!is_array($params)) |
---|
| 180 | $params = array($params); |
---|
| 181 | |
---|
| 182 | foreach ($params as $i => $param) |
---|
| 183 | $params[$i] = "($param=*$search*)"; |
---|
| 184 | |
---|
| 185 | return $this->_or($params); |
---|
[4445] | 186 | } |
---|
| 187 | |
---|
[5405] | 188 | function phoneticFilter($search, $params) { |
---|
[5928] | 189 | if (preg_match('/\d/i', $search)) |
---|
[5405] | 190 | return( "" ); |
---|
| 191 | |
---|
| 192 | if (!is_array($params)) |
---|
| 193 | $params = array($params); |
---|
| 194 | |
---|
| 195 | foreach ($params as $i => $param) |
---|
| 196 | $params[$i] = "($param~=$search)"; |
---|
| 197 | |
---|
| 198 | return $this->_or($params); |
---|
[4445] | 199 | } |
---|
| 200 | |
---|
[5405] | 201 | function approxFilter($search, $params) { |
---|
| 202 | return $this->_or(array($this->stemFilter($search, $params), |
---|
| 203 | $this->phoneticFilter($search, $params))); |
---|
| 204 | } |
---|
| 205 | |
---|
| 206 | public function accountSearch($search, $justthese = "*", $context = false, $accountType = false, $sort = false) { |
---|
| 207 | if (!$this->connection) |
---|
[4445] | 208 | $this->connect(); |
---|
| 209 | |
---|
[5405] | 210 | $filter = $this->getSearchFilter($search, $accountType); |
---|
[4445] | 211 | |
---|
[5405] | 212 | if (!$context) |
---|
| 213 | $context = $this->context; |
---|
[4445] | 214 | |
---|
[5405] | 215 | $sr = ldap_search($this->connection, utf8_encode($context), $filter, $justthese, 0, $this->limit); |
---|
[4445] | 216 | |
---|
[5405] | 217 | if (!$sr) |
---|
| 218 | return false; |
---|
[5130] | 219 | |
---|
[5405] | 220 | if ($sort) |
---|
| 221 | ldap_sort($this->connection, $sr, $sort); |
---|
[4445] | 222 | |
---|
[5405] | 223 | return $this->formatEntries(ldap_get_entries($this->connection, $sr)); |
---|
| 224 | } |
---|
[4445] | 225 | |
---|
[5405] | 226 | private function formatEntries($pEntries) { |
---|
[4445] | 227 | |
---|
[5405] | 228 | if (!$pEntries) |
---|
| 229 | return( false ); |
---|
[4445] | 230 | |
---|
[5405] | 231 | $return = array(); |
---|
[4445] | 232 | |
---|
[5405] | 233 | for ($i = 0; $i < $pEntries["count"]; $i++) { |
---|
| 234 | $entrieTmp = array(); |
---|
| 235 | foreach ($pEntries[$i] as $index => $value) { |
---|
| 236 | if (!is_numeric($index) && $index != 'count') { |
---|
| 237 | if (is_array($value)) { |
---|
| 238 | if (count($value) == 2) |
---|
| 239 | $entrieTmp[$index] = utf8_decode($value['0']); |
---|
| 240 | else { |
---|
| 241 | foreach ($value as $index2 => $value2) { |
---|
| 242 | if ($index != 'count') |
---|
| 243 | $entrieTmp[$index][$index2] = utf8_decode($value2); |
---|
| 244 | } |
---|
| 245 | } |
---|
| 246 | } |
---|
| 247 | else |
---|
| 248 | $entrieTmp[$index] = utf8_decode($value); |
---|
| 249 | } |
---|
| 250 | } |
---|
[4445] | 251 | |
---|
[5405] | 252 | $return[] = $entrieTmp; |
---|
| 253 | } |
---|
| 254 | |
---|
| 255 | return( $return ); |
---|
[4445] | 256 | } |
---|
| 257 | |
---|
[5405] | 258 | /** |
---|
| 259 | * Retorna o endereço de e-mail da conta pelo uidNumber |
---|
| 260 | * |
---|
| 261 | * @license http://www.gnu.org/copyleft/gpl.html GPL |
---|
| 262 | * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) |
---|
| 263 | * @sponsor Caixa Econômica Federal |
---|
| 264 | * @author Cristiano Corrêa Schmidt |
---|
| 265 | * @param int $pUidNumber uidNumber da conta |
---|
| 266 | * @return string |
---|
| 267 | * @access public |
---|
| 268 | */ |
---|
| 269 | public function getMailByUidNumber($pUidNumber) { |
---|
| 270 | if (!$this->connection) |
---|
| 271 | $this->connect(); |
---|
| 272 | $sr = ldap_search($this->connection, $this->context, '(uidNumber=' . $pUidNumber . ')', array('mail')); |
---|
| 273 | if (!$sr) |
---|
| 274 | return false; |
---|
[5130] | 275 | |
---|
[5405] | 276 | $return = ldap_get_entries($this->connection, $sr); |
---|
| 277 | return $return[0]['mail'][0]; |
---|
| 278 | } |
---|
| 279 | |
---|
| 280 | /** |
---|
| 281 | * Retorna em um array os endereços de e-mails alternativos da conta pelo uidNumber |
---|
| 282 | * |
---|
| 283 | * @license http://www.gnu.org/copyleft/gpl.html GPL |
---|
| 284 | * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) |
---|
| 285 | * @sponsor Caixa Econômica Federal |
---|
| 286 | * @author Cristiano Corrêa Schmidt |
---|
| 287 | * @param int $pUidNumber uidNumber da conta |
---|
| 288 | * @return Array |
---|
| 289 | * @access public |
---|
| 290 | */ |
---|
| 291 | public function getMailAlternateByUidNumber($pUidNumber) { |
---|
| 292 | if (!$this->connection) |
---|
| 293 | $this->connect(); |
---|
| 294 | |
---|
| 295 | $sr = ldap_search($this->connection, $this->context, '(uidNumber=' . $pUidNumber . ')', array('mailAlternateAddress')); |
---|
| 296 | if (!$sr) |
---|
| 297 | return false; |
---|
| 298 | |
---|
| 299 | $returnL = ldap_get_entries($this->connection, $sr); |
---|
| 300 | $return = array(); |
---|
| 301 | if (is_array($returnL[0]['mailalternateaddress'])) |
---|
| 302 | foreach ($returnL[0]['mailalternateaddress'] as $i => $v) { |
---|
| 303 | if ($i === 'count') |
---|
| 304 | continue; |
---|
| 305 | $return[] = $v; |
---|
| 306 | } |
---|
| 307 | return $return; |
---|
| 308 | } |
---|
| 309 | |
---|
[4445] | 310 | } |
---|
| 311 | |
---|
[5405] | 312 | ServiceLocator::register('ldap', new LdapService()); |
---|
[4445] | 313 | |
---|