diff options
| -rw-r--r-- | lib/Auth.php | 12 | ||||
| -rw-r--r-- | lib/Auth/LDAP.php | 44 | ||||
| -rw-r--r-- | lib/api/kolab_api_service_form_value.php | 26 | ||||
| -rw-r--r-- | lib/api/kolab_api_service_roles.php | 117 | ||||
| -rw-r--r-- | lib/kolab_api_controller.php | 1 |
5 files changed, 200 insertions, 0 deletions
diff --git a/lib/Auth.php b/lib/Auth.php index 9eaa498..de29e7f 100644 --- a/lib/Auth.php +++ b/lib/Auth.php @@ -219,6 +219,18 @@ class Auth { return $groups; } + public function list_roles($domain = NULL, $attributes = array(), $search = array(), $params = array()) + { + $this->connect($domain); + if ($domain === NULL) { + $domain = $this->conf->get('primary_domain'); + } + + $roles = $this->_auth[$domain]->list_roles($attributes, $search, $params); + + return $roles; + } + public function primary_for_valid_domain($domain) { $this->domains = $this->list_domains(); diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php index dd41176..315bfe4 100644 --- a/lib/Auth/LDAP.php +++ b/lib/Auth/LDAP.php @@ -455,6 +455,29 @@ class LDAP return $users; } + public function list_roles($attributes = array(), $search = array(), $params = array()) + { + if (!empty($params['sort_by'])) { + if (!in_array($params['sort_by'], $attributes)) { + $attributes[] = $params['sort_by']; + } + } + + $roles = $this->roles_list($attributes, $search); + $roles = $this->normalize_result($roles); + + if (!empty($params['sort_by'])) { + $this->sort_result_key = $params['sort_by']; + uasort($roles, array($this, 'sort_result')); + + if ($params['sort_order'] == 'DESC') { + $roles = array_reverse($roles, true); + } + } + + return $roles; + } + static function normalize_result($__result) { $conf = Conf::get_instance(); @@ -663,6 +686,27 @@ class LDAP return $this->search($base_dn, $filter, $attributes); } + public function roles_list($attributes = array(), $search = array()) + { + $conf = Conf::get_instance(); + + // TODO: From config + $base_dn = "dc=klab,dc=cc"; + // TODO: From config + $filter = "(&(objectclass=ldapsubentry)(objectclass=nsroledefinition))"; + + if (empty($attributes) || !is_array($attributes)) { + $attributes = array('*'); + } + + if ($s_filter = $this->_search_filter($search)) { + // join search filter with objectClass filter + $filter = '(&' . $filter . $s_filter . ')'; + } + + return $this->search($base_dn, $filter, $attributes); + } + public function search($base_dn, $search_filter = '(objectClass=*)', $attributes = array('*')) { error_log("Searching $base_dn with filter '$search_filter'"); diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php index 6c7223e..ff63c3d 100644 --- a/lib/api/kolab_api_service_form_value.php +++ b/lib/api/kolab_api_service_form_value.php @@ -446,4 +446,30 @@ class kolab_api_service_form_value extends kolab_api_service return $list; } + + private function list_options_nsrole($postdata, $attribs = array()) + { + $service = $this->controller->get_service('roles'); + + $keyword = array('value' => $postdata['search']); + $data = array( + 'attributes' => array('displayname', 'mail'), + 'page_size' => 15, + 'search' => array( + 'displayname' => $keyword, + 'cn' => $keyword, + 'mail' => $keyword, + ), + ); + + $result = $service->roles_list(null, $data); + $list = $result['list']; + + // convert to key=>value array + foreach ($list as $idx => $value) { + $list[$idx] = is_array($value['cn']) ? implode('/', $value['cn']) : $value['cn']; + } + + return $list; + } } diff --git a/lib/api/kolab_api_service_roles.php b/lib/api/kolab_api_service_roles.php new file mode 100644 index 0000000..2be1d7a --- /dev/null +++ b/lib/api/kolab_api_service_roles.php @@ -0,0 +1,117 @@ +<?php +/* + +--------------------------------------------------------------------------+ + | This file is part of the Kolab Web Admin Panel | + | | + | Copyright (C) 2011-2012, Kolab Systems AG | + | | + | This program is free software: you can redistribute it and/or modify | + | it under the terms of the GNU Affero General Public License as published | + | by the Free Software Foundation, either version 3 of the License, or | + | (at your option) any later version. | + | | + | This program is distributed in the hope that it will be useful, | + | but WITHOUT ANY WARRANTY; without even the implied warranty of | + | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | + | GNU Affero General Public License for more details. | + | | + | You should have received a copy of the GNU Affero General Public License | + | along with this program. If not, see <http://www.gnu.org/licenses/> | + +--------------------------------------------------------------------------+ + | Author: Aleksander Machniak <machniak@kolabsys.com> | + | Author: Jeroen van Meeuwen <vanmeeuwen@kolabsys.com> | + +--------------------------------------------------------------------------+ +*/ + +/** + * + */ +class kolab_api_service_roles extends kolab_api_service +{ + public $list_attribs = array( + 'cn', + 'objectclass', + 'dn', + 'description', + ); + + + public function capabilities($domain) + { + return array( + 'list' => 'r', + ); + } + + public function roles_list($get, $post) + { + $auth = Auth::get_instance(); + + // returned attributes + if (!empty($post['attributes']) && is_array($post['attributes'])) { + // get only supported attributes + $attributes = array_intersect($this->list_attribs, $post['attributes']); + // need to fix array keys + $attributes = array_values($attributes); + } + if (empty($attributes)) { + $attributes = (array)$this->list_attribs[0]; + } + + $search = array(); + $params = array(); + + // searching + if (!empty($post['search']) && is_array($post['search'])) { + $params = $post['search']; + foreach ($params as $idx => $param) { + // get only supported attributes + if (!in_array($idx, $this->list_attribs)) { + unset($params[$idx]); + continue; + } + + // search string + if (empty($param['value'])) { + unset($params[$idx]); + continue; + } + } + + $search['params'] = $params; + if (!empty($post['search_operator'])) { + $search['operator'] = $post['search_operator']; + } + } + + if (!empty($post['sort_by'])) { + // check if sort attribute is supported + if (in_array($post['sort_by'], $this->list_attribs)) { + $params['sort_by'] = $post['sort_by']; + } + } + + if (!empty($post['sort_order'])) { + $params['sort_order'] = $post['sort_order'] == 'DESC' ? 'DESC' : 'ASC'; + } + + $roles = $auth->list_roles(null, $attributes, $search, $params); + $count = count($roles); + + // pagination + if (!empty($post['page_size']) && $count) { + $size = (int) $post['page_size']; + $page = !empty($post['page']) ? $post['page'] : 1; + $page = max(1, (int) $page); + $offset = ($page - 1) * $size; + + $roles = array_slice($roles, $offset, $size, true); + } + + return array( + 'list' => $roles, + 'count' => $count, + ); + } + +} diff --git a/lib/kolab_api_controller.php b/lib/kolab_api_controller.php index 0880700..2aaef55 100644 --- a/lib/kolab_api_controller.php +++ b/lib/kolab_api_controller.php @@ -64,6 +64,7 @@ class kolab_api_controller $this->add_service('user', 'kolab_api_service_user'); $this->add_service('users', 'kolab_api_service_users'); $this->add_service('domains', 'kolab_api_service_domains'); + $this->add_service('roles', 'kolab_api_service_roles'); } /** |