YunoHost-Apps/dotclear2_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dotclear2_ynh.git synced 2024-09-03 18:26:29 +02:00
Code Issues Activity Actions 1

Refactor ldap class

Browse source
This commit is contained in:
Kay0u 2020-04-17 23:49:35 +02:00
parent 0bea9e1e6d
commit a4b2910d5d
No known key found for this signature in database
GPG key ID: AE1DCADB6415A156
3 changed files with 66 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
conf/class.auth.ldap.php
View file

@ -1,42 +1,44 @@
<?php <?php
class myDcAuth extends dcAuth class ldapDcAuth extends dcAuth
{ {
# The user can't change his password # The user can't change his password
protected $allow_pass_change = false; protected $allow_pass_change = false;
public function checkUser($user_id, $pwd=null, $user_key=null, $check_blog=true) # LDAP parameter
private $server = "localhost";
private $port = "389";
private $base = "dc=yunohost,dc=org";
public function checkUser($user_id, $pwd=null, $user_key=null)
{ {
if ($pwd == '') { if ($pwd == '') {
return parent::checkUser($user_id, null, $user_key, $check_blog); return parent::checkUser($user_id, null, $user_key);
} }
$this->con->begin();
$cur = $this->con->openCursor($this->user_table);
# LDAP parameter
$server = "localhost";
$port = "389";
$racine = "dc=yunohost,dc=org";
# LDAP connection # LDAP connection
$ds=ldap_connect($server); $ds = ldap_connect("ldap://".$this->server.":".$this->port);
ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, 3); if ($ds)
if (ldap_bind($ds,"uid=".$user_id.",ou=users,dc=yunohost,dc=org",$pwd))
{ {
# Store the password ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
$cur->user_pwd = $pwd;
if (ldap_bind($ds, "uid=".$user_id.",ou=users,".$this->base, $pwd))
{
# search the user in ldap, and get infos # search the user in ldap, and get infos
$filter="(&(|(objectclass=posixAccount))(uid=".$user_id.")(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))"; $filter = "(&(|(objectclass=posixAccount))(uid=".$user_id.")(permission=cn=__APP__.admin,ou=permission,".$this->base."))";
$sr=ldap_search($ds,$racine, $filter, array("dn", "cn", "sn", "mail", "givenname")); # /!\ fields have to be in lowercase $sr = ldap_search($ds, $this->base, $filter, array("dn", "cn", "sn", "mail", "givenname")); # /!\ fields have to be in lowercase
$info = ldap_get_entries($ds, $sr); $info = ldap_get_entries($ds, $sr);
if ($info["count"] == 1) if ($info["count"] == 1)
{ {
$this->con->begin();
$cur = $this->con->openCursor($this->user_table);
# Store the password
$cur->user_pwd = $pwd;
# If the user exist, then we just update his password. # If the user exist, then we just update his password.
if ($this->core->userExists($user_id)) if ($this->core->userExists($user_id))
{ {
$this->sudo(array($this->core,'updUser'),$user_id,$cur); $this->sudo(array($this->core, 'updUser'), $user_id, $cur);
} }
# If not, we create him. # If not, we create him.
# In order for him to connect, # In order for him to connect,
@ -51,7 +53,7 @@ class myDcAuth extends dcAuth
$cur->user_lang = 'fr'; # Can change this, PR are welcome $cur->user_lang = 'fr'; # Can change this, PR are welcome
$cur->user_tz = 'Europe/Paris'; # Can change this, PR are welcome $cur->user_tz = 'Europe/Paris'; # Can change this, PR are welcome
$cur->user_default_blog = 'default'; # Can change this, PR are welcome $cur->user_default_blog = 'default'; # Can change this, PR are welcome
$this->sudo(array($this->core,'addUser'),$cur); $this->sudo(array($this->core,'addUser'), $cur);
# Possible roles: # Possible roles:
#admin "administrator" #admin "administrator"
#usage "manage their own entries and comments" #usage "manage their own entries and comments"
@ -63,14 +65,15 @@ class myDcAuth extends dcAuth
#media_admin "manage all media items" #media_admin "manage all media items"
#pages "manage pages" #pages "manage pages"
#blogroll "manage blogroll" #blogroll "manage blogroll"
$this->sudo(array($this->core,'setUserBlogPermissions'),$user_id,'default',array('usage'=>true)); # Can change this, PR are welcome $this->sudo(array($this->core, 'setUserBlogPermissions'), $user_id, 'default', array('usage'=>true)); # Can change this, PR are welcome
} }
$this->con->commit(); $this->con->commit();
}
# The previous operations proceeded without error, # The previous operations proceeded without error,
# we can now call the parent method # we can now call the parent method
return parent::checkUser($user_id, $pwd, $user_key, $check_blog); return parent::checkUser($user_id, $pwd);
}
}
} }
# In case of error we cancel and return "false" # In case of error we cancel and return "false"
$this->con->rollback(); $this->con->rollback();

4
scripts/install
View file

@ -128,8 +128,8 @@ ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_fil
cat << EOF >> $php_config cat << EOF >> $php_config
\$__autoload['myDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php'; \$__autoload['ldapDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php';
define('DC_AUTH_CLASS','myDcAuth'); define('DC_AUTH_CLASS','ldapDcAuth');
EOF EOF
ynh_store_file_checksum --file=$php_config ynh_store_file_checksum --file=$php_config

4
scripts/upgrade
View file

@ -163,8 +163,8 @@ ynh_replace_string "__APP__" "$app" $final_path/inc/class.auth.ldap.php
cat << EOF >> $php_config cat << EOF >> $php_config
\$__autoload['myDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php'; \$__autoload['ldapDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php';
define('DC_AUTH_CLASS','myDcAuth'); define('DC_AUTH_CLASS','ldapDcAuth');
EOF EOF
# Recalculate and store the checksum of the file for the next upgrade. # Recalculate and store the checksum of the file for the next upgrade.