diff options
| author | Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> | 2015-06-25 09:01:57 +0200 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2015-06-25 09:01:57 +0200 |
| commit | 9c3649a550fa896cdbe8673d039292ad89332143 (patch) | |
| tree | 9c8a076723dcaf7a07aab1bba4fc0f4f63a64b6c | |
| parent | b9fdc766577e5d464fca95f911cd5905ee78faa5 (diff) | |
| download | webadmin-9c3649a550fa896cdbe8673d039292ad89332143.tar.gz | |
Allow values of attributes defined to be expanded and as such, match between the configured user type and the LDAP object entry (T496)
Summary: Allow values of attributes defined to be expanded and as such, match between the configured user type and the LDAP object entry (T496)
Test Plan: No particular test plan.
Reviewers: #web_administration_panel_developers, machniak
Reviewed By: #web_administration_panel_developers, machniak
Subscribers: machniak
Maniphest Tasks: T496
Differential Revision: https://git.kolab.org/D24
| -rw-r--r-- | lib/kolab_api_service.php | 61 |
1 files changed, 60 insertions, 1 deletions
diff --git a/lib/kolab_api_service.php b/lib/kolab_api_service.php index 0c7182a..1c8480f 100644 --- a/lib/kolab_api_service.php +++ b/lib/kolab_api_service.php @@ -28,6 +28,7 @@ */ abstract class kolab_api_service { + protected $base_dn = null; protected $cache = array(); protected $conf; protected $controller; @@ -155,13 +156,31 @@ abstract class kolab_api_service // Static attributes score $elem_values_score = 0; foreach ((array) $elem['attributes']['fields'] as $attr => $value) { + // Skip the object classes we have already compared + if ($attr == "objectclass") { + continue; + } + $v = $attributes[$attr]; + if (is_array($value)) { + foreach ($value as $_value) { + $_value = $this->conf->expand($_value, $custom = Array('base_dn' => $this->base_dn())); + + if (in_array($_value, (array)$v)) { + $elem_values_score++; + } + } + $value = implode('', $value); + } else { + $value = $this->conf->expand($_value, $custom = Array('base_dn' => $this->base_dn())); } + if (is_array($v)) { $v = implode('', $v); } + $elem_values_score += intval($v == $value); } @@ -350,11 +369,19 @@ abstract class kolab_api_service if (isset($type_attrs['fields'])) { foreach ($type_attrs['fields'] as $key => $value) { if (!is_array($value)) { - $value2 = $this->conf->expand($value); + $value2 = $this->conf->expand($value, $custom = Array('base_dn' => $this->base_dn())); if ($value !== $value2) { Log::trace("Made value " . var_export($value, TRUE) . " in to: " . var_export($value2, TRUE)); $value = $value2; } + } else { + foreach ($value as $_key => $_value) { + $_value2 = $this->conf->expand($_value, $custom = Array('base_dn' => $this->base_dn())); + if ($_value !== $_value2) { + Log::trace("Made value " . var_export($_value, TRUE) . " in to: " . var_export($_value2, TRUE)); + $value[$_key] = $_value2; + } + } } if (empty($attribs[$key])) { @@ -663,4 +690,36 @@ abstract class kolab_api_service return $this->cache['unique_attributes'][$dn] = $result; } + + private function base_dn() + { + if (!empty($this->base_dn)) { + return $this->base_dn; + } + + // Get the domain information for expansion later + $auth = Auth::get_instance(); + $domain_info = $auth->domain_info($_SESSION['user']->get_domain()); + $domain_info = $domain_info[key($domain_info)]; + $dna = $this->conf->get('domain_name_attribute'); + + if (empty($dna)) { + $dna = 'associateddomain'; + } + + $domain = $domain_info[$dna]; + if (is_array($domain)) { + $domain = $domain[0]; + } + + $dba = 'inetdomainbasedn'; + + if (empty($domain_info[$dba])) { + $this->base_dn = 'dc=' . implode('dc=,', explode('.', $domain)); + } else { + $this->base_dn = $domain_info[$dba]; + } + + return $this->base_dn; + } } |