Retrieve dn with getBaseDN static method
This commit is contained in:
parent
a03f372c72
commit
0b7b63dd35
|
@ -16,7 +16,7 @@ if (isset($_SESSION['login'])) {
|
|||
}
|
||||
|
||||
if (!empty($_POST['login'])) {
|
||||
if ($server = new LdapServer(Html::clean($_POST['login']))) {
|
||||
if ($server = new LdapServer(Html::clean($_POST['login']), LDAP_BASE, LDAP_ADMIN_DN, LDAP_ADMIN_PASS, LDAP_URI)) {
|
||||
if ($server->login(Html::clean($_POST['password']))) {
|
||||
$_SESSION['login'] = $server->getLogin();
|
||||
$_SESSION['dn'] = $server->getDn();
|
||||
|
|
|
@ -8,7 +8,7 @@ if (empty($_SESSION['login'])) {
|
|||
exit(0);
|
||||
} else {
|
||||
try {
|
||||
$server = new LdapServer($_SESSION['login']);
|
||||
$server = new LdapServer($_SESSION['login'], LDAP_BASE, LDAP_ADMIN_DN, LDAP_ADMIN_PASS, LDAP_URI);
|
||||
if (!empty($_GET['domain'])) {
|
||||
$domain = new LdapDomain($server, Html::clean($_GET['domain']));
|
||||
if (!empty($_GET['account'])) {
|
||||
|
|
|
@ -2,20 +2,17 @@
|
|||
|
||||
class LdapAccount extends LdapDomain {
|
||||
static $objectClass = array('mailAccount', 'posixAccount', 'organizationalRole');
|
||||
|
||||
static public function getClassFilter() {
|
||||
return '(ObjectClass='.self::$objectClass[0].')';
|
||||
}
|
||||
static $dn='uid';
|
||||
|
||||
protected $domain,$uid,$name,$active=false,$admin=false,$courier=false,$authsmtp=false;
|
||||
private $aliases=array(),$redirections=array();
|
||||
|
||||
public function __construct(LdapDomain $domain, $uid) {
|
||||
$this->conn = $domain->conn;
|
||||
$this->domain = $domain->getName();
|
||||
$this->domain = $domain;
|
||||
$this->conn = $this->domain->server->getConn();
|
||||
|
||||
$this->uid = $uid;
|
||||
if ($sr = @ldap_search($this->conn, "uid=".$uid.",cn=".$this->domain.",".LDAP_BASE, self::getClassFilter())) {
|
||||
if ($sr = @ldap_search($this->conn, self::getBaseDN($this->domain, $uid), self::getClassFilter())) {
|
||||
$objects = ldap_get_entries($this->conn, $sr);
|
||||
$object = $objects[0];
|
||||
$this->name = $object['cn'][0];
|
||||
|
@ -23,7 +20,7 @@ class LdapAccount extends LdapDomain {
|
|||
$this->admin = ($object['isadmin'][0] == 'TRUE') ? true : false;
|
||||
$this->courier = ($object['courieractive'][0] == 'TRUE') ? true : false;
|
||||
$this->authsmtp = ($object['authsmtpactive'][0] == 'TRUE') ? true : false;
|
||||
//$this->quota = getquota($this->domain,'user');
|
||||
//$this->quota = getquota($this->domain->getName(),'user');
|
||||
$this->aliases = array_filter($object['mailacceptinggeneralid'], "is_string");
|
||||
$this->redirections = array_filter($object['maildrop'], "is_string");
|
||||
} else {
|
||||
|
@ -43,7 +40,7 @@ class LdapAccount extends LdapDomain {
|
|||
$info["webmailActive"] = ($webmailactive) ? 'TRUE' : 'FALSE';
|
||||
$info["authsmtpActive"] = ($authsmtpactive) ? 'TRUE' : 'FALSE';
|
||||
#$info["amavisBypassSpamChecks"] = ($amavisBypassSpamChecks) ? 'TRUE' : 'FALSE';
|
||||
if (!ldap_mod_replace($this->conn, "uid=".$this->uid.",cn=".$this->domain.",".LDAP_BASE, $info)) {
|
||||
if (!ldap_mod_replace($this->conn, self::getBaseDN(), $info)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur pendant la modification du compte : $error");
|
||||
}
|
||||
|
@ -66,7 +63,7 @@ class LdapAccount extends LdapDomain {
|
|||
}
|
||||
|
||||
public function getAliases() {
|
||||
return preg_replace('/@'.$this->domain.'/', '', $this->aliases);
|
||||
return preg_replace('/@'.$this->domain->getName().'/', '', $this->aliases);
|
||||
}
|
||||
|
||||
public function getRedirections() {
|
||||
|
|
|
@ -2,20 +2,17 @@
|
|||
|
||||
class LdapAlias extends LdapDomain {
|
||||
static $objectClass = array('mailAlias');
|
||||
|
||||
static public function getClassFilter() {
|
||||
return '(ObjectClass='.self::$objectClass[0].')';
|
||||
}
|
||||
static $dn='cn';
|
||||
|
||||
protected $domain,$name,$active=false;
|
||||
private $aliases=array(),$redirections=array();
|
||||
|
||||
public function __construct(LdapDomain $domain, $name) {
|
||||
$this->conn = $domain->conn;
|
||||
$this->domain = $domain->getName();
|
||||
$this->domain = $domain;
|
||||
$this->conn = $this->conn = $this->domain->server->getConn();
|
||||
|
||||
$this->name = $name;
|
||||
if ($sr = @ldap_search($this->conn, "cn=".$name.",cn=".$this->domain.",".LDAP_BASE, self::getClassFilter())) {
|
||||
if ($sr = @ldap_search($this->conn, self::getBaseDN($this->domain, $name), self::getClassFilter())) {
|
||||
$objects = ldap_get_entries($this->conn, $sr);
|
||||
$object = $objects[0];
|
||||
$this->active = ($object['isactive'][0] == 'TRUE') ? true : false;
|
||||
|
@ -37,7 +34,7 @@ class LdapAlias extends LdapDomain {
|
|||
return filter_var($value, FILTER_VALIDATE_EMAIL);
|
||||
});
|
||||
|
||||
if (!@ldap_mod_replace($this->conn, "cn=".$this->getName().",cn=".$this->domain.",".LDAP_BASE, $info)) {
|
||||
if (!@ldap_mod_replace($this->conn, self::getBaseDN($this), $info)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur pendant la modification de l'alias : $error");
|
||||
}
|
||||
|
@ -48,7 +45,7 @@ class LdapAlias extends LdapDomain {
|
|||
}
|
||||
|
||||
public function getAliases() {
|
||||
return preg_replace('/@'.$this->domain.'/', '', $this->aliases);
|
||||
return preg_replace('/@'.$this->domain->getName().'/', '', $this->aliases);
|
||||
}
|
||||
|
||||
public function getRedirections() {
|
||||
|
|
|
@ -2,22 +2,17 @@
|
|||
|
||||
class LdapDomain extends LdapServer {
|
||||
static $objectClass = array('postfixDomain', 'posixGroup');
|
||||
static $dn='cn';
|
||||
|
||||
static public function getClassFilter() {
|
||||
return '(ObjectClass='.self::$objectClass[0].')';
|
||||
}
|
||||
|
||||
protected $domain,$active=false;
|
||||
protected $domain,$active=false,$server;
|
||||
private $quota="0M/0M",$mail_accounts=array(),$mail_alias=array(),$posix_accounts=array(),$smb_accounts=array(),$accounts=array(),$alias=array();
|
||||
|
||||
public function __construct(LdapServer $server, $name) {
|
||||
$this->conn = $server->conn;
|
||||
$this->login = $server->login;
|
||||
$this->superadmin = $server->superadmin;
|
||||
$this->dn = $server->dn;
|
||||
$this->server = $server;
|
||||
$this->conn = $server->getConn();
|
||||
|
||||
$this->domain = $name;
|
||||
if ($sr = @ldap_search($this->conn, "cn=".$this->domain.",".LDAP_BASE, "(ObjectClass=*)")) {
|
||||
if ($sr = @ldap_search($this->conn, self::getBaseDN($this), "(ObjectClass=*)")) {
|
||||
$objects = ldap_get_entries($this->conn, $sr);
|
||||
|
||||
foreach($objects as $object) {
|
||||
|
@ -29,10 +24,10 @@ class LdapDomain extends LdapServer {
|
|||
array_push($this->posix_accounts,$object['uid'][0]);
|
||||
}
|
||||
if (in_array(LdapAccount::$objectClass[0], $object['objectclass'])) {
|
||||
array_push($this->mail_accounts,$object['uid'][0]);
|
||||
array_push($this->mail_accounts,$object[LdapAccount::$dn][0]);
|
||||
}
|
||||
if (in_array(LdapAlias::$objectClass[0], $object['objectclass'])) {
|
||||
array_push($this->mail_alias,$object['cn'][0]);
|
||||
array_push($this->mail_alias,$object[LdapAlias::$dn][0]);
|
||||
}
|
||||
if (in_array("sambaSamAccount",$object['objectclass'])) {
|
||||
array_push($this->smb_accounts,$object['uid'][0]);
|
||||
|
@ -46,18 +41,12 @@ class LdapDomain extends LdapServer {
|
|||
}
|
||||
|
||||
public function getAccounts() {
|
||||
global $conf;
|
||||
if (count($this->accounts) == 0) {
|
||||
if (! $conf['domaines']['onlyone']) {
|
||||
$rdn = ($conf['evoadmin']['version'] > 2) ? "cn=" .$this->domain. "," .LDAP_BASE : "domain=" .$this->domain. "," .LDAP_BASE;
|
||||
} else {
|
||||
$rdn = "ou=people," .LDAP_BASE;
|
||||
}
|
||||
$sr = ldap_search($this->conn, $rdn, LdapAccount::getClassfilter());
|
||||
$sr = ldap_search($this->conn, self::getBaseDN($this), LdapAccount::getClassfilter());
|
||||
$objects = ldap_get_entries($this->conn, $sr);
|
||||
foreach($objects as $object) {
|
||||
if(!empty($object["uid"][0])) {
|
||||
$account = new LdapAccount($this, $object["uid"][0]);
|
||||
if(!empty($object[LdapAccount::$dn][0])) {
|
||||
$account = new LdapAccount($this, $object[LdapAccount::$dn][0]);
|
||||
array_push($this->accounts, $account);
|
||||
}
|
||||
}
|
||||
|
@ -66,18 +55,12 @@ class LdapDomain extends LdapServer {
|
|||
}
|
||||
|
||||
public function getAlias() {
|
||||
global $conf;
|
||||
if (count($this->alias) == 0) {
|
||||
if (! $conf['domaines']['onlyone']) {
|
||||
$rdn = ($conf['evoadmin']['version'] > 2) ? "cn=" .$this->domain. "," .LDAP_BASE : "domain=" .$this->domain. "," .LDAP_BASE;
|
||||
} else {
|
||||
$rdn = "ou=people," .LDAP_BASE;
|
||||
}
|
||||
$sr = ldap_search($this->conn, $rdn, LdapAlias::getClassFilter());
|
||||
$sr = ldap_search($this->conn, self::getBaseDN($this), LdapAlias::getClassFilter());
|
||||
$objects = ldap_get_entries($this->conn, $sr);
|
||||
foreach($objects as $object) {
|
||||
if(!empty($object["cn"][0])) {
|
||||
$alias = new LdapAlias($this, $object["cn"][0]);
|
||||
if(!empty($object[LdapAlias::$dn][0])) {
|
||||
$alias = new LdapAlias($this, $object[LdapAlias::$dn][0]);
|
||||
array_push($this->alias, $alias);
|
||||
}
|
||||
}
|
||||
|
@ -95,7 +78,7 @@ class LdapDomain extends LdapServer {
|
|||
}
|
||||
$mail = $uid.'@'.$this->getName();
|
||||
$password = "{SSHA}".Ldap::ssha($password);
|
||||
$info["uid"] = $mail;
|
||||
$info[LdapAccount::$dn] = $mail;
|
||||
$info["cn"] = $name;
|
||||
$info["homeDirectory"] = "/home/vmail/" .$this->getName(). "/" .$uid. "/";
|
||||
$info["uidNumber"]= $conf['unix']['uid'];
|
||||
|
@ -112,7 +95,7 @@ class LdapDomain extends LdapServer {
|
|||
#$info["amavisBypassSpamChecks"] = ($amavisBypassSpamChecks) ? 'TRUE' : 'FALSE';
|
||||
$info["userPassword"] = $password;
|
||||
|
||||
if (@ldap_add($this->conn, "uid=".$mail.",cn=".$this->domain.",".LDAP_BASE, $info)) {
|
||||
if (@ldap_add($this->conn, LdapAccount::getBaseDN($this, $mail), $info)) {
|
||||
mail($name, 'Premier message',"Mail d'initialisation du compte.");
|
||||
mailnotify($info,$this->getname(),$password);
|
||||
} else {
|
||||
|
@ -122,7 +105,7 @@ class LdapDomain extends LdapServer {
|
|||
}
|
||||
|
||||
public function addAlias($name,$active=false,$mailaccept=array(),$maildrop=array()) {
|
||||
$info["cn"] = $name;
|
||||
$info[LdapAlias::$dn] = $name;
|
||||
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
|
||||
$info["objectclass"] = LdapAlias::$objectClass;
|
||||
$info["mailacceptinggeneralid"] = $mailaccept;
|
||||
|
@ -130,14 +113,14 @@ class LdapDomain extends LdapServer {
|
|||
return filter_var($value, FILTER_VALIDATE_EMAIL);
|
||||
});
|
||||
|
||||
if (!@ldap_add($this->conn, "cn=".$name.",cn=".$this->domain.",".LDAP_BASE, $info)) {
|
||||
if (!@ldap_add($this->conn, LdapAlias::getBaseDN($this, $name), $info)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur dans l'ajout de l'alias : $error");
|
||||
}
|
||||
}
|
||||
|
||||
public function delAccount($uid) {
|
||||
$dn = "uid=".$uid.",cn=".$this->domain.",".LDAP_BASE;
|
||||
$dn = LdapAccount::getBaseDN($this, $uid);
|
||||
if ($sr = @ldap_search($this->conn, $dn, LdapAccount::getClassFilter())) {
|
||||
// Delete account
|
||||
if (!ldap_delete($this->conn, $dn)) {
|
||||
|
@ -150,7 +133,7 @@ class LdapDomain extends LdapServer {
|
|||
}
|
||||
|
||||
public function delAlias($name) {
|
||||
$dn = "cn=".$name.",cn=".$this->domain.",".LDAP_BASE;
|
||||
$dn = LdapAlias::getBaseDN($this, $name);
|
||||
if ($sr = @ldap_search($this->conn, $dn, LdapAlias::getClassFilter())) {
|
||||
// Delete alias
|
||||
if (!ldap_delete($this->conn, $dn)) {
|
||||
|
@ -164,7 +147,7 @@ class LdapDomain extends LdapServer {
|
|||
|
||||
public function update($active=false) {
|
||||
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
|
||||
if (!ldap_mod_replace($this->conn, "cn=".$this->getName().",".LDAP_BASE, $info)) {
|
||||
if (!ldap_mod_replace($this->conn, self::getBaseDN($this), $info)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur pendant la modification du domaine : $error");
|
||||
}
|
||||
|
|
|
@ -1,19 +1,48 @@
|
|||
<?php
|
||||
|
||||
class LdapServer {
|
||||
protected $conn=NULL,$login,$dn,$superadmin=false;
|
||||
private $domains=array();
|
||||
private $conn=NULL,$login,$base,$superadmin=false,$domains=array();
|
||||
|
||||
public function __construct($login) {
|
||||
static public function getClassFilter() {
|
||||
return '(ObjectClass='.static::$objectClass[0].')';
|
||||
}
|
||||
|
||||
static public function getBaseDN($object, $name=NULL) {
|
||||
$class = get_called_class();
|
||||
if ($class == "LdapDomain") {
|
||||
if (empty($name)) {
|
||||
return static::$dn.'='.$object->getName().','.LdapServer::getBaseDN($object->server);
|
||||
} else {
|
||||
return static::$dn.'='.$name.','.LdapServer::getBaseDN($object);
|
||||
}
|
||||
} elseif ($class == "LdapAccount") {
|
||||
if (empty($name)) {
|
||||
return static::$dn.'='.$object->getUid().','.LdapDomain::getBaseDN($object->domain);
|
||||
} else {
|
||||
return static::$dn.'='.$name.','.LdapDomain::getBaseDN($object);
|
||||
}
|
||||
} elseif ($class == "LdapAlias") {
|
||||
if (empty($name)) {
|
||||
return static::$dn.'='.$object->getName().','.LdapDomain::getBaseDN($object->domain);
|
||||
} else {
|
||||
return static::$dn.'='.$name.','.LdapDomain::getBaseDN($object);
|
||||
}
|
||||
} else {
|
||||
return $object->base;
|
||||
}
|
||||
}
|
||||
|
||||
public function __construct($login, $base, $adminDN, $adminPass, $uri='ldap://127.0.0.1') {
|
||||
global $conf;
|
||||
$this->login = $login;
|
||||
if (!$this->conn = ldap_connect(LDAP_URI)) {
|
||||
throw new Exception("Impossible de se connecter au serveur LDPA ".LDAP_URI);
|
||||
$this->base = $base;
|
||||
if (!$this->conn = ldap_connect($uri)) {
|
||||
throw new Exception("Impossible de se connecter au serveur LDAP $uri");
|
||||
}
|
||||
if (!ldap_set_option($this->conn, LDAP_OPT_PROTOCOL_VERSION, 3)) {
|
||||
throw new Exception("Impossible de modifier la version du protocole LDAP à 3");
|
||||
}
|
||||
if (!ldap_bind($this->conn, LDAP_ADMIN_DN, LDAP_ADMIN_PASS)) {
|
||||
if (!ldap_bind($this->conn, $adminDN, $adminPass)) {
|
||||
throw new Exception("Authentification LDAP échoué !");
|
||||
}
|
||||
if (in_array($this->login, $conf['admin']['logins'])) {
|
||||
|
@ -23,13 +52,12 @@ class LdapServer {
|
|||
}
|
||||
|
||||
public function login($password) {
|
||||
global $conf;
|
||||
$sr=ldap_search($this->conn, LDAP_BASE, "(&(uid=".$this->login.")(isAdmin=TRUE))");
|
||||
$sr=ldap_search($this->conn, self::getBaseDN($this), "(&(uid=".$this->login.")(isAdmin=TRUE))");
|
||||
$info = ldap_get_entries($this->conn, $sr);
|
||||
if ($info['count']) {
|
||||
if (@ldap_bind($this->conn, $info[0]['dn'], $password)) {
|
||||
unset($password);
|
||||
$this->dn = $info[0]['dn'];
|
||||
$this->base = $info[0]['dn'];
|
||||
# EvoLog::log("Login success for " . $this->login);
|
||||
return true;
|
||||
} else {
|
||||
|
@ -45,14 +73,13 @@ class LdapServer {
|
|||
}
|
||||
|
||||
public function getDomains() {
|
||||
global $conf;
|
||||
if (count($this->domains) == 0) {
|
||||
if ($this->superadmin) {
|
||||
$sr = ldap_search($this->conn, LDAP_BASE, LdapDomain::getClassFilter());
|
||||
$sr = ldap_search($this->conn, self::getBaseDN($this), LdapDomain::getClassFilter());
|
||||
$objects = ldap_get_entries($this->conn, $sr);
|
||||
foreach($objects as $object) {
|
||||
if(!empty($object["cn"][0])) {
|
||||
$domain = new LdapDomain($this, $object["cn"][0]);
|
||||
if(!empty($object[LdapDomain::$dn][0])) {
|
||||
$domain = new LdapDomain($this, $object[LdapDomain::$dn][0]);
|
||||
array_push($this->domains, $domain);
|
||||
}
|
||||
}
|
||||
|
@ -67,43 +94,29 @@ class LdapServer {
|
|||
}
|
||||
|
||||
public function addDomain($name,$active=false) {
|
||||
global $conf;
|
||||
$info["cn"]=$name;
|
||||
$info[LdapDomain::$dn]=$name;
|
||||
$info["objectclass"] = LdapDomain::$objectClass;
|
||||
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
|
||||
$info["gidNumber"]= getfreegid();
|
||||
|
||||
if (!@ldap_add($this->conn, "cn=".$name.",".LDAP_BASE, $info)) {
|
||||
if (!@ldap_add($this->conn, LdapDomain::getBaseDN($this, $name), $info)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur dans l'ajout du domaine : $error");
|
||||
}
|
||||
}
|
||||
|
||||
public function delDomain($name) {
|
||||
if ($sr = @ldap_search($this->conn, "cn=".$name.",".LDAP_BASE, "(ObjectClass=*)")) {
|
||||
$objects = ldap_get_entries($this->conn, $sr);
|
||||
if ($domain = new LdapDomain($this, $name)) {
|
||||
// Delete aliases
|
||||
foreach($objects as $object) {
|
||||
if (!empty($object['objectclass']) && !in_array(LdapDomain::$objectClass[0], $object['objectclass']) && in_array(LdapAlias::$objectClass[0], $object['objectclass'])) {
|
||||
$dn = "cn=".$object['cn'][0]. ",cn=".$name.",".LDAP_BASE;
|
||||
if (!ldap_delete($this->conn, $dn)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur dans la suppression de l'alias $dn : $error");
|
||||
}
|
||||
}
|
||||
foreach($domain->getAlias() as $alias) {
|
||||
$domain->delAlias($alias->getName());
|
||||
}
|
||||
// Delete accounts
|
||||
foreach($objects as $object) {
|
||||
if (!empty($object['objectclass']) && !in_array(LdapDomain::$objectClass[0], $object['objectclass']) && !in_array(LdapAlias::$objectClass[0], $object['objectclass'])) {
|
||||
$dn = "uid=".$object['cn'][0]. ",cn=".$name.",".LDAP_BASE;
|
||||
if (!ldap_delete($this->conn, $dn)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur dans la suppression du compte $dn : $error");
|
||||
}
|
||||
}
|
||||
foreach($domain->getAccounts() as $account) {
|
||||
$domain->delAccount($account->getUid());
|
||||
}
|
||||
// Delete domain
|
||||
$dn = "cn=".$name.",".LDAP_BASE;
|
||||
$dn = LdapDomain::getBaseDN($this, $name);
|
||||
if (!ldap_delete($this->conn, $dn)) {
|
||||
$error = ldap_error($this->conn);
|
||||
throw new Exception("Erreur dans la suppression du domaine $dn : $error");
|
||||
|
@ -125,6 +138,10 @@ class LdapServer {
|
|||
return $this->dn;
|
||||
}
|
||||
|
||||
public function getConn() {
|
||||
return $this->conn;
|
||||
}
|
||||
|
||||
public function __destruct() {
|
||||
ldap_unbind($this->conn);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue