diff --git a/conf/class.auth.ldap.php b/conf/class.auth.ldap.php index 1d753c4..7f85d30 100644 --- a/conf/class.auth.ldap.php +++ b/conf/class.auth.ldap.php @@ -26,28 +26,27 @@ class myDcAuth extends dcAuth # Store the password $cur->user_pwd = $pwd; - # If the user exist, then we just update his password. - if ($this->core->userExists($user_id)) - { - $this->sudo(array($this->core,'updUser'),$user_id,$cur); - $this->con->commit(); - } - # If not, we create him. - # In order for him to connect, - # it is necessary to give him at least - # a permission "usage" on the blog "default". - else - { - # search the user in ldap, and get infos - $sr=ldap_search($ds,$racine,"uid=$user_id",array( "dn", "cn", "sn", "mail", "givenname")); # /!\ fields have to be in lowercase - $info = ldap_get_entries($ds, $sr); + # search the user in ldap, and get infos + $filter="(&(|(objectclass=posixAccount))(uid=".$user_id.")(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))"; + $sr=ldap_search($ds,$racine, $filter, array("dn", "cn", "sn", "mail", "givenname")); # /!\ fields have to be in lowercase + $info = ldap_get_entries($ds, $sr); - - if ($info["count"] ==1) - { - $cur->user_id = $user_id; - $cur->user_email = $info[0]['mail'][0]; - $cur->user_name = $info[0]['givenname'][0]; + if ($info["count"] == 1) + { + # If the user exist, then we just update his password. + if ($this->core->userExists($user_id)) + { + $this->sudo(array($this->core,'updUser'),$user_id,$cur); + } + # If not, we create him. + # In order for him to connect, + # it is necessary to give him at least + # a permission "usage" on the blog "default". + else + { + $cur->user_id = $user_id; + $cur->user_email = $info[0]['mail'][0]; + $cur->user_name = $info[0]['givenname'][0]; $cur->user_firstname = $info[0]['sn'][0]; $cur->user_lang = 'fr'; # Can change this, PR are welcome $cur->user_tz = 'Europe/Paris'; # Can change this, PR are welcome @@ -65,9 +64,9 @@ class myDcAuth extends dcAuth #pages "manage pages" #blogroll "manage blogroll" $this->sudo(array($this->core,'setUserBlogPermissions'),$user_id,'default',array('usage'=>true)); # Can change this, PR are welcome - $this->con->commit(); - } - } + } + $this->con->commit(); + } # The previous operations proceeded without error, # we can now call the parent method @@ -78,4 +77,4 @@ class myDcAuth extends dcAuth return false; } } -?> \ No newline at end of file +?> diff --git a/scripts/install b/scripts/install index 132bfd9..d53e307 100755 --- a/scripts/install +++ b/scripts/install @@ -113,6 +113,7 @@ password=$(ynh_string_random 30) cp $php_config.in $php_config cp ../conf/class.auth.ldap.php $final_path/inc/class.auth.ldap.php +ynh_replace_string "__APP__" "$app" $final_path/inc/class.auth.ldap.php admin_url=$(ynh_url_join $path_url admin/index.php) diff --git a/scripts/upgrade b/scripts/upgrade index 27fb5c7..0ea9ab4 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -152,6 +152,7 @@ ynh_add_fpm_config cp $php_config.in $php_config cp ../conf/class.auth.ldap.php $final_path/inc/class.auth.ldap.php +ynh_replace_string "__APP__" "$app" $final_path/inc/class.auth.ldap.php firstname=$(yunohost user info $admin | grep firstname: | cut -d' ' -f2 | tr -d '\n') lastname=$(yunohost user info $admin | grep lastname: | cut -d' ' -f2 | tr -d '\n')