Changeset 5405
- Timestamp:
- 01/19/12 14:32:20 (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/services/class.ldap.php
r5318 r5405 1 1 <?php 2 2 /** 3 * 4 * Copyright (C) 2011 Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 2 9 * of the License, or (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 19 * 20 * You can contact Prognus Software Livre headquarters at Av. Tancredo Neves, 21 * 6731, PTI, Bl. 05, Esp. 02, Sl. 10, Foz do Iguaçu - PR - Brasil or at 22 * e-mail address prognus@prognus.com.br. 23 * 24 * 25 * @package LdapService 26 * @license http://www.gnu.org/copyleft/gpl.html GPL 27 * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 28 * @sponsor Caixa Econômica Federal 29 * @version 1.0 30 * @since 2.4.0 31 */ 32 33 class LdapService 34 { 3 * 4 * Copyright (C) 2011 Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 2 9 * of the License, or (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 19 * 20 * You can contact Prognus Software Livre headquarters at Av. Tancredo Neves, 21 * 6731, PTI, Bl. 05, Esp. 02, Sl. 10, Foz do Iguaçu - PR - Brasil or at 22 * e-mail address prognus@prognus.com.br. 23 * 24 * 25 * @package LdapService 26 * @license http://www.gnu.org/copyleft/gpl.html GPL 27 * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 28 * @sponsor Caixa Econômica Federal 29 * @version 1.0 30 * @since 2.4.0 31 */ 32 class LdapService { 33 35 34 var $limit = 11; 36 37 var $allTargetTypes = array( 'i', 'g', 'l', 'u', 's' ); 38 35 var $allTargetTypes = array('i', 'g', 'l', 'u', 's'); 39 36 var $connection; 40 37 41 function LdapService() 42 { 43 if(isset($GLOBALS['phpgw_info']['server']['ldap_context']) ) 44 $this->context = $GLOBALS['phpgw_info']['server']['ldap_context']; 45 } 46 47 public function setContext( $pContext ) 48 { 49 $this->context = $pContext; 50 } 51 52 function connect($host='', $dn='', $passwd='', $ldapreferral=false) 53 { 54 if(!$host || $host == $GLOBALS['phpgw_info']['server']['ldap_host']) 55 { 56 $dn = $dn ? $dn : $GLOBALS['phpgw_info']['server']['ldap_root_dn']; 38 function LdapService() { 39 if (isset($GLOBALS['phpgw_info']['server']['ldap_context'])) 40 $this->context = $GLOBALS['phpgw_info']['server']['ldap_context']; 41 } 42 43 public function setContext($pContext) { 44 $this->context = $pContext; 45 } 46 47 function connect($host='', $dn='', $passwd='', $ldapreferral=false) { 48 if (!$host || $host == $GLOBALS['phpgw_info']['server']['ldap_host']) { 49 $dn = $dn ? $dn : $GLOBALS['phpgw_info']['server']['ldap_root_dn']; 57 50 $passwd = $passwd ? $passwd : $GLOBALS['phpgw_info']['server']['ldap_root_pw']; 58 $host 51 $host = $host ? $host : $GLOBALS['phpgw_info']['server']['ldap_host']; 59 52 } 60 53 61 54 $conection = ldap_connect($host); 62 55 63 if (!ldap_set_option($conection,LDAP_OPT_PROTOCOL_VERSION,3))56 if (!ldap_set_option($conection, LDAP_OPT_PROTOCOL_VERSION, 3)) 64 57 $GLOBALS['phpgw_info']['server']['ldap_version3'] = False; 65 58 66 59 ldap_set_option($conection, LDAP_OPT_REFERRALS, $ldapreferral); 67 60 68 if($ldapreferral) 69 { 61 if ($ldapreferral) { 70 62 $GLOBALS['phpgw_info']['server']['user_ldap_referral'] = $dn; 71 63 $GLOBALS['phpgw_info']['server']['password_ldap_referral'] = $passwd; … … 73 65 } 74 66 75 if ($dn && $passwd && !@ldap_bind($conection,$dn,$passwd))76 @ldap_bind($conection, $dn,$passwd);67 if ($dn && $passwd && !@ldap_bind($conection, $dn, $passwd)) 68 @ldap_bind($conection, $dn, $passwd); 77 69 78 70 $this->connection = $conection; 79 71 80 return( $connection ); 81 } 82 83 function _or( $toWrap ) 84 { 85 if( !is_array( $toWrap ) ) 86 return( $toWrap ); 87 88 return $this->wrap( $toWrap, '|' ); 89 } 90 91 function _and( $toWrap ) 92 { 93 if( !is_array( $toWrap ) ) 94 return( $toWrap ); 95 96 return $this->wrap( $toWrap, '&' ); 97 } 98 99 function _not( $toWrap ) 100 { 101 return $this->wrap( $toWrap, '!' ); 102 } 103 104 function wrap( $toWrap, $conditional = "" ) 105 { 106 if( !is_array( $toWrap ) ) 107 $toWrap = array( $toWrap ); 108 109 $toWrap = array_unique( $toWrap ); 110 111 return "(".$conditional.implode( "", $toWrap ).")"; 112 } 113 114 function getSearchFilter( $search, $targetTypes = false, $customFilter = '', $exact = false ) 115 { 116 $search = utf8_encode( $search ); 117 118 if( !$targetTypes ) 119 $targetTypes = $this->allTargetTypes; 120 121 if( !is_array( $targetTypes ) ) 122 $targetTypes = array( $targetTypes ); 123 124 $searchFilter = ''; 125 126 foreach( $targetTypes as $targetType ) 127 { 128 switch( $targetType ) 129 { 130 case 'g': 131 { 132 //no caso de grupos, a busca so precisa ser feita em cima do CN 133 $searchFilter = $this->stemFilter( $search, 'cn' ); 134 } 135 break; 136 137 default : 138 { 139 //parametros que a busca tem que ser sintaticas 140 $searchFilter = /*array( */$this->stemFilter( $search, array( 141 // UID e employeeNumber podem ser iguais ou muito similares, dependendo da organizacao 142 'uid', /*'employeeNumber', */'cn', 143 // givenName e SN sao complementares (nome e sobrenome) 144 'givenName', 'sn', 'displayName', 'mail', 'mailAlternateAddress' ) //), 145 //parametros que a busca pode ser por aproximacao fonetica 146 /*$this->approxFilter( $search, array( 147 // O CN e displayName geralmente sao a mesma coisa 148 'cn', 'displayName' ))*/ ); 149 150 $searchFilter = $this->stemFilter( $search, array( 'cn', 'givenName', 'uid', 151 'sn', 'displayName', 'mail', 'mailAlternateAddress' ) ); 152 } 153 break; 154 } 155 } 156 157 $filter = array(); 158 159 if( $customFilter ) 160 $filter[] = $customFilter; 161 if( $search ) 162 $filter[] = $searchFilter; 163 164 return $this->_and( array( 165 // Somente objetos relacionados com o Expresso 166 $this->accountFilter( $targetTypes ), 167 // Objetos ocultados e/ou desativados pelo Administrador nao podem ser exibidos nas consultas do Expresso 168 $this->securityFilter( $targetTypes ), 169 //foco da busca 170 ( $exact ? $this->_and( $filter ) : $this->_or( $filter ) ) 171 )); 172 173 } 174 175 function securityFilter( $targetTypes ) 176 { 177 if( !$targetTypes ) 178 $targetTypes = $this->allTargetTypes; 179 180 if( !is_array( $targetTypes ) ) 181 $targetTypes = array( $targetTypes ); 182 183 $typeFilter = array(); 184 185 foreach( $targetTypes as $targetType ) 186 { 187 switch( $targetType ) 188 { 189 case 'g': $typeFilter[] = "(objectClass=posixGroup)"; 190 break; 191 192 default : $typeFilter[] = "(phpgwAccountStatus=A)(accountStatus=active)"; 193 break; 194 } 195 } 196 197 return $this->_and( array( '(!(phpgwAccountVisible=-1))', $this->_or( $typeFilter ) ) ); 198 } 199 200 function accountFilter( $targetTypes ) 201 { 202 if( !$targetTypes ) 72 return( $conection ); 73 } 74 75 function _or($toWrap) { 76 return (!is_array($toWrap) && count($toWrap) > 0 ) ? $toWrap : $this->wrap($toWrap, '|'); 77 } 78 79 function _and($toWrap) { 80 return (!is_array($toWrap) && count($toWrap) > 0 ) ? $toWrap : $this->wrap($toWrap, '&'); 81 } 82 83 function _not($toWrap) { 84 return (!is_array($toWrap) && count($toWrap) > 0 ) ? $toWrap : $this->wrap($toWrap, '!'); 85 } 86 87 function wrap($toWrap, $conditional = "") { 88 if (!$toWrap || ( is_array($toWrap) && count($toWrap) < 1)) 89 return ''; 90 91 if (!is_array($toWrap)) 92 $toWrap = array($toWrap); 93 94 $toWrap = array_unique($toWrap); 95 96 return '(' . $conditional . implode('', $toWrap) . ")"; 97 } 98 99 function getSearchFilter($search, $targetTypes = false, $customFilter = '', $exact = false) { 100 $search = utf8_encode($search); 101 102 if (!$targetTypes) 203 103 $targetTypes = $this->allTargetTypes; 204 104 205 if( !is_array( $targetTypes ) ) 206 $targetTypes = array( $targetTypes ); 105 if (!is_array($targetTypes)) 106 $targetTypes = array($targetTypes); 107 108 $searchFilter = ''; 109 110 foreach ($targetTypes as $targetType) { 111 switch ($targetType) { 112 case 'g': 113 $searchFilter = $this->stemFilter($search, 'cn'); 114 break; 115 116 default : 117 $searchFilter = $this->stemFilter($search, array('cn', 'givenName', 'uid', 'sn', 'displayName', 'mail', 'mailAlternateAddress')); 118 break; 119 } 120 } 121 122 $filter = array(); 123 124 if ($customFilter) 125 $filter[] = $customFilter; 126 if ($search) 127 $filter[] = $searchFilter; 128 129 return $this->_and(array( 130 // Somente objetos relacionados com o Expresso 131 $this->accountFilter($targetTypes), 132 // Objetos ocultados e/ou desativados pelo Administrador nao podem ser exibidos nas consultas do Expresso 133 $this->securityFilter($targetTypes), 134 //foco da busca 135 ( $exact ? $this->_and($filter) : $this->_or($filter) ) 136 )); 137 } 138 139 function securityFilter($targetTypes) { 140 if (!$targetTypes) 141 $targetTypes = $this->allTargetTypes; 142 143 if (!is_array($targetTypes)) 144 $targetTypes = array($targetTypes); 207 145 208 146 $typeFilter = array(); 209 147 210 foreach( $targetTypes as $targetType ) 211 $typeFilter[] = '(phpgwAccountType='.$targetType.')'; 212 213 return $this->_and( array( '(objectClass=phpgwAccount)', $this->_or( $typeFilter ) ) ); 214 } 215 216 function stemFilter( $search, $params ) 217 { 218 $search = str_replace( ' ', '*', $search ); 219 220 if( !is_array( $params ) ) 221 $params = array( $params ); 222 223 foreach( $params as $i => $param ) 224 $params[$i] = "($param=*$search*)"; 225 226 return $this->_or( $params ); 227 } 228 229 function phoneticFilter( $search, $params ) 230 { 231 if( eregi( "\d", $search ) ) 232 return( "" ); 233 234 if( !is_array( $params ) ) 235 $params = array( $params ); 236 237 foreach( $params as $i => $param ) 238 $params[$i] = "($param~=$search)"; 239 240 return $this->_or( $params ); 241 } 242 243 244 245 246 function approxFilter( $search, $params ) 247 { 248 return $this->_or( array( $this->stemFilter( $search, $params ), 249 $this->phoneticFilter( $search, $params ) ) ); 250 } 251 252 public function accountSearch($search, $justthese = "*", $context = false , $accountType = false, $sort = false) 253 { 254 if( !$this->connection ) 148 foreach ($targetTypes as $targetType) { 149 switch ($targetType) { 150 case 'g': $typeFilter[] = "(objectClass=posixGroup)"; 151 break; 152 153 default : $typeFilter[] = "(phpgwAccountStatus=A)(accountStatus=active)"; 154 break; 155 } 156 } 157 158 return $this->_and(array('(!(phpgwAccountVisible=-1))', $this->_or($typeFilter))); 159 } 160 161 function accountFilter($targetTypes) { 162 if (!$targetTypes) 163 $targetTypes = $this->allTargetTypes; 164 165 if (!is_array($targetTypes)) 166 $targetTypes = array($targetTypes); 167 168 $typeFilter = array(); 169 170 foreach ($targetTypes as $targetType) 171 $typeFilter[] = '(phpgwAccountType=' . $targetType . ')'; 172 173 return $this->_and(array('(objectClass=phpgwAccount)', $this->_or($typeFilter))); 174 } 175 176 function stemFilter($search, $params) { 177 $search = str_replace(' ', '*', $search); 178 179 if (!is_array($params)) 180 $params = array($params); 181 182 foreach ($params as $i => $param) 183 $params[$i] = "($param=*$search*)"; 184 185 return $this->_or($params); 186 } 187 188 function phoneticFilter($search, $params) { 189 if (eregi("\d", $search)) 190 return( "" ); 191 192 if (!is_array($params)) 193 $params = array($params); 194 195 foreach ($params as $i => $param) 196 $params[$i] = "($param~=$search)"; 197 198 return $this->_or($params); 199 } 200 201 function approxFilter($search, $params) { 202 return $this->_or(array($this->stemFilter($search, $params), 203 $this->phoneticFilter($search, $params))); 204 } 205 206 public function accountSearch($search, $justthese = "*", $context = false, $accountType = false, $sort = false) { 207 if (!$this->connection) 255 208 $this->connect(); 256 209 257 $filter = $this->getSearchFilter($search,$accountType); 258 259 if( !$context ) 260 $context = $this->context; 261 262 $sr = ldap_search( $this->connection, utf8_encode($context), $filter, $justthese, 0, $this->limit ); 263 264 if(!$sr) return false; 265 266 if($sort) 267 ldap_sort( $this->connection, $sr, $sort ); 268 269 return $this->formatEntries( ldap_get_entries( $this->connection, $sr ) ); 270 } 271 272 private function formatEntries ( $pEntries ) 273 { 274 275 if( !$pEntries ) return( false ); 276 277 $return = array(); 278 279 for ($i=0; $i < $pEntries["count"]; $i++) 280 { 281 $entrieTmp = array(); 282 foreach ($pEntries[$i] as $index => $value) 283 { 284 if(!is_numeric($index) && $index != 'count') 285 { 286 if(is_array($value)) 287 { 288 if(count($value) == 2) 289 $entrieTmp[$index] = utf8_decode($value['0']); 290 else 291 { 292 foreach ($value as $index2 =>$value2) 293 { 294 if($index != 'count') 295 $entrieTmp[$index][$index2] = utf8_decode($value2); 296 } 297 } 298 } 299 else 300 $entrieTmp[$index] = utf8_decode($value); 301 } 302 } 303 304 $return[] = $entrieTmp; 305 } 306 307 return( $return ); 308 } 309 310 /** 311 * Retorna o endereço de e-mail da conta pelo uidNumber 312 * 313 * @license http://www.gnu.org/copyleft/gpl.html GPL 314 * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 315 * @sponsor Caixa Econômica Federal 316 * @author Cristiano Corrêa Schmidt 317 * @param int $pUidNumber uidNumber da conta 318 * @return string 319 * @access public 320 */ 321 public function getMailByUidNumber( $pUidNumber ) 322 { 323 if( !$this->connection ) $this->connect(); 324 $sr = ldap_search( $this->connection, $this->context, '(uidNumber='.$pUidNumber.')', array('mail') ); 325 if(!$sr) return false; 326 327 $return = ldap_get_entries( $this->connection, $sr ); 328 return $return[0]['mail'][0]; 329 } 330 331 /** 332 * Retorna em um array os endereços de e-mails alternativos da conta pelo uidNumber 333 * 334 * @license http://www.gnu.org/copyleft/gpl.html GPL 335 * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 336 * @sponsor Caixa Econômica Federal 337 * @author Cristiano Corrêa Schmidt 338 * @param int $pUidNumber uidNumber da conta 339 * @return Array 340 * @access public 341 */ 342 public function getMailAlternateByUidNumber( $pUidNumber ) 343 { 344 if( !$this->connection ) $this->connect(); 345 346 $sr = ldap_search( $this->connection, $this->context, '(uidNumber='.$pUidNumber.')', array('mailAlternateAddress')); 347 if(!$sr) return false; 348 349 $returnL = ldap_get_entries( $this->connection,$sr); 350 $return = array(); 351 if(is_array($returnL[0]['mailalternateaddress'])) 352 foreach ($returnL[0]['mailalternateaddress'] as $i => $v) 353 { 354 if($i === 'count') continue; 355 $return[] = $v; 356 } 357 return $return; 358 } 210 $filter = $this->getSearchFilter($search, $accountType); 211 212 if (!$context) 213 $context = $this->context; 214 215 $sr = ldap_search($this->connection, utf8_encode($context), $filter, $justthese, 0, $this->limit); 216 217 if (!$sr) 218 return false; 219 220 if ($sort) 221 ldap_sort($this->connection, $sr, $sort); 222 223 return $this->formatEntries(ldap_get_entries($this->connection, $sr)); 224 } 225 226 private function formatEntries($pEntries) { 227 228 if (!$pEntries) 229 return( false ); 230 231 $return = array(); 232 233 for ($i = 0; $i < $pEntries["count"]; $i++) { 234 $entrieTmp = array(); 235 foreach ($pEntries[$i] as $index => $value) { 236 if (!is_numeric($index) && $index != 'count') { 237 if (is_array($value)) { 238 if (count($value) == 2) 239 $entrieTmp[$index] = utf8_decode($value['0']); 240 else { 241 foreach ($value as $index2 => $value2) { 242 if ($index != 'count') 243 $entrieTmp[$index][$index2] = utf8_decode($value2); 244 } 245 } 246 } 247 else 248 $entrieTmp[$index] = utf8_decode($value); 249 } 250 } 251 252 $return[] = $entrieTmp; 253 } 254 255 return( $return ); 256 } 257 258 /** 259 * Retorna o endereço de e-mail da conta pelo uidNumber 260 * 261 * @license http://www.gnu.org/copyleft/gpl.html GPL 262 * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 263 * @sponsor Caixa Econômica Federal 264 * @author Cristiano Corrêa Schmidt 265 * @param int $pUidNumber uidNumber da conta 266 * @return string 267 * @access public 268 */ 269 public function getMailByUidNumber($pUidNumber) { 270 if (!$this->connection) 271 $this->connect(); 272 $sr = ldap_search($this->connection, $this->context, '(uidNumber=' . $pUidNumber . ')', array('mail')); 273 if (!$sr) 274 return false; 275 276 $return = ldap_get_entries($this->connection, $sr); 277 return $return[0]['mail'][0]; 278 } 279 280 /** 281 * Retorna em um array os endereços de e-mails alternativos da conta pelo uidNumber 282 * 283 * @license http://www.gnu.org/copyleft/gpl.html GPL 284 * @author Consórcio Expresso Livre - 4Linux (www.4linux.com.br) e Prognus Software Livre (www.prognus.com.br) 285 * @sponsor Caixa Econômica Federal 286 * @author Cristiano Corrêa Schmidt 287 * @param int $pUidNumber uidNumber da conta 288 * @return Array 289 * @access public 290 */ 291 public function getMailAlternateByUidNumber($pUidNumber) { 292 if (!$this->connection) 293 $this->connect(); 294 295 $sr = ldap_search($this->connection, $this->context, '(uidNumber=' . $pUidNumber . ')', array('mailAlternateAddress')); 296 if (!$sr) 297 return false; 298 299 $returnL = ldap_get_entries($this->connection, $sr); 300 $return = array(); 301 if (is_array($returnL[0]['mailalternateaddress'])) 302 foreach ($returnL[0]['mailalternateaddress'] as $i => $v) { 303 if ($i === 'count') 304 continue; 305 $return[] = $v; 306 } 307 return $return; 308 } 359 309 360 310 } 361 311 362 ServiceLocator::register( 'ldap', new LdapService());363 312 ServiceLocator::register('ldap', new LdapService()); 313
Note: See TracChangeset
for help on using the changeset viewer.