con->begin(); $cur = $this->con->openCursor($this->user_table); # LDAP parameter $server = "localhost"; $port = "389"; $racine = "dc=yunohost,dc=org"; # LDAP connection $ds=ldap_connect($server); ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, 3); if (ldap_bind($ds,"uid=".$user_id.",ou=users,dc=yunohost,dc=org",$pwd)) { # Store the password $cur->user_pwd = $pwd; # search the user in ldap, and get infos $filter="(&(|(objectclass=posixAccount))(uid=".$user_id.")(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))"; $sr=ldap_search($ds,$racine, $filter, array("dn", "cn", "sn", "mail", "givenname")); # /!\ fields have to be in lowercase $info = ldap_get_entries($ds, $sr); if ($info["count"] == 1) { # If the user exist, then we just update his password. if ($this->core->userExists($user_id)) { $this->sudo(array($this->core,'updUser'),$user_id,$cur); } # If not, we create him. # In order for him to connect, # it is necessary to give him at least # a permission "usage" on the blog "default". else { $cur->user_id = $user_id; $cur->user_email = $info[0]['mail'][0]; $cur->user_name = $info[0]['givenname'][0]; $cur->user_firstname = $info[0]['sn'][0]; $cur->user_lang = 'fr'; # Can change this, PR are welcome $cur->user_tz = 'Europe/Paris'; # Can change this, PR are welcome $cur->user_default_blog = 'default'; # Can change this, PR are welcome $this->sudo(array($this->core,'addUser'),$cur); # Possible roles: #admin "administrator" #usage "manage their own entries and comments" #publish "publish entries and comments" #delete "delete entries and comments" #contentadmin "manage all entries and comments" #categories "manage categories" #media "manage their own media items" #media_admin "manage all media items" #pages "manage pages" #blogroll "manage blogroll" $this->sudo(array($this->core,'setUserBlogPermissions'),$user_id,'default',array('usage'=>true)); # Can change this, PR are welcome } $this->con->commit(); } # The previous operations proceeded without error, # we can now call the parent method return parent::checkUser($user_id, $pwd, $user_key, $check_blog); } # In case of error we cancel and return "false" $this->con->rollback(); return false; } } ?>