diff options
| -rw-r--r-- | lib/Auth/LDAP.php | 43 |
1 files changed, 26 insertions, 17 deletions
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php index 7c5b658..f09e37f 100644 --- a/lib/Auth/LDAP.php +++ b/lib/Auth/LDAP.php @@ -68,7 +68,12 @@ class LDAP if (!isset($domain) || empty($domain)) { // If not, attempt to get the domain from the session. if (isset($_SESSION['user'])) { - $domain = $_SESSION['user']->get_domain(); + try { + $domain = $_SESSION['user']->get_domain(); + } catch (Exception $e) { + // TODO: Debug logging + error_log("Warning, user not authenticated yet"); + } } } @@ -183,11 +188,11 @@ class LDAP '/usr/lib64/mozldap/ldapsearch', '-x', '-h', - // TODO: Get from conf - 'ldap.klab.cc', + $this->_ldap_server, + '-p', + $this->_ldap_port, '-b', - // TODO: Get from conf - 'dc=klab,dc=cc', + $conf->get('base_dn'), '-D', '"' . $_SESSION['user']->user_bind_dn . '"', '-w', @@ -560,8 +565,12 @@ class LDAP { $conf = Conf::get_instance(); - $base_dn = $conf->get('ldap', 'user_base_dn'); - $filter = $conf->get('ldap', 'user_filter'); + $base_dn = $conf->get('user_base_dn'); + + if (!$base_dn) + $base_dn = $conf->get('base_dn'); + + $filter = $conf->get('user_filter'); if (empty($attributes) || !is_array($attributes)) { $attributes = array('*'); @@ -579,8 +588,7 @@ class LDAP { $conf = Conf::get_instance(); - // TODO: From config - $base_dn = "dc=klab,dc=cc"; + $base_dn = $conf->get('base_dn'); // TODO: From config $filter = "(&(objectclass=ldapsubentry)(objectclass=nsroledefinition))"; @@ -598,14 +606,12 @@ class LDAP private function groups_list($attributes = array(), $search = array()) { - // TODO: From config - $base_dn = "ou=Groups,dc=klab,dc=cc"; - // TODO: From config - $filter = "(|" - ."(objectClass=kolabgroupofnames)" - ."(objectclass=kolabgroupofuniquenames)" - ."(objectclass=kolabgroupofurls)" - .")"; + $base_dn = $conf->get('group_base_dn'); + + if (!$base_dn) + $base_dn = $conf->get('base_dn'); + + $filter = $conf->get('group_filter'); if (empty($attributes) || !is_array($attributes)) { $attributes = array('*'); @@ -641,6 +647,7 @@ class LDAP else { $result[$dn][$attr] = array(); for ($z = 0; $z < $__result[$x][$attr]["count"]; $z++) { + // The first result in the array is the primary domain. if ($z == 0 && $attr == $dn_attr) { $result[$dn]['primary_domain'] = $__result[$x][$attr][$z]; } @@ -1102,6 +1109,7 @@ class LDAP private function _get_group_dn($root_dn, $search_filter) { + // TODO: Why does this use privileged credentials? if (($this->_bind($this->conf->get('bind_dn'), $this->conf->get('bind_pw'))) == false) { $this->_bind($this->conf->get('manager_bind_dn'), $this->conf->get('manager_bind_pw')); } @@ -1124,6 +1132,7 @@ class LDAP private function _get_user_dn($root_dn, $search_filter) { + // TODO: Why does this use privileged credentials? if (($this->_bind($this->conf->get('bind_dn'), $this->conf->get('bind_pw'))) == false) { //message("WARNING: Invalid Service bind credentials supplied"); $this->_bind($this->conf->get('manager_bind_dn'), $this->conf->get('manager_bind_pw')); |