[Evolvis-commits] r49: modify ldap-scripts↵
sfromm at evolvis.org
sfromm at evolvis.org
Mon Nov 17 12:22:06 CET 2008
Author: sfromm
Date: 2008-11-17 11:22:05 +0000 (Mon, 17 Nov 2008)
New Revision: 49
Added:
trunk/gforge_base/login_management/ldap/ldap_user.class
Modified:
trunk/gforge_base/login_management/ldap/ldap2ldap.php
trunk/gforge_base/login_management/ldap/ldap_delete.php
Log:
modify ldap-scripts
Modified: trunk/gforge_base/login_management/ldap/ldap2ldap.php
===================================================================
--- trunk/gforge_base/login_management/ldap/ldap2ldap.php 2008-11-14 16:17:10 UTC (rev 48)
+++ trunk/gforge_base/login_management/ldap/ldap2ldap.php 2008-11-17 11:22:05 UTC (rev 49)
@@ -11,25 +11,30 @@
//############ SETTINGS #############
+//TODO ?? variable path
+require_once("ldap_user.class");
+$ldap=new ldap_user();
//settings for evolvis-ldap at localhost
$dest_ldaphost = "localhost";
-$dest_dn = "dc=my, dc=path, dc=de";
+$dest_dn = "dc=evolvis, dc=tarent, dc=de";
$dest_ldapuser="admin";
-$dest_ldappw="mypassword";
+$dest_ldappw="PASSWORD";
$dest_bind_rdn= "cn=".$dest_ldapuser.", ".$dest_dn;
$dest_addr="ou=People, ".$dest_dn;
$dest_filter = "objectClass=person";
-$src_ldaphost = "path.to.ldap";
-$src_dn = "dc=my dc=path, dc=de";
-$src_ldapuser="user";
-$src_ldappw="mypassword";
+$src_ldaphost = "ldaphost.domain";
+$src_dn = "dc=tarent,dc=de";
+$src_ldapuser="searchuser";
+$src_ldappw="PASSWORD";
-$src_bind_rdn= "uid=".$src_ldapuser.",cn=users, ".$src_dn ;
-$src_filter = "objectClass=organizationalPerson";
+
+$src_bind_rdn= "uid=".$src_ldapuser.",cn=users,".$src_dn ;
+// $src_filter = "objectClass=organizationalPerson";
+$src_filter = "isMitarbeiter=1";
$src_addr="cn=users, ".$src_dn;
@@ -93,7 +98,8 @@
//------------------- loop through LDAP user records -----------------------
for ($i=0; $i<$info["count"]; $i++) {
-// $notice_criteria = $info[$i]["givenname"];
+ $notice_criteria = $info[$i]["givenname"];
+// $notice_criteria = $info[$i]["ismitarbeiter"];
if ($notice_criteria){
@@ -101,7 +107,7 @@
$uname = $info[$i]["uid"][0];
// prepare new item
- $item["uid"] = $uname;
+ $item["uid"][0] = $uname;
$item["userpassword"] = $info[$i]["userpassword"][0];
echo "USERPASSWD: ".$item["userpassword"]."\n";
$item["givenname"] = $info[$i]["givenname"][0];
@@ -109,18 +115,18 @@
$item["sn"] = $info[$i]["sn"][0];
$item["mail"] = $info[$i]["mailprimaryaddress"][0];
$item["loginshell"] = "/lib/anonsvnsh";
- //TODO generate uid and gid
- $item["uidnumber"] = 0;
- $item["gidnumber"] = 0;
+ $item["uidnumber"] = $ldap->get_next_id('uid');
+ $item["gidnumber"] = $ldap->get_next_id('gid');
+ $item["uid"][1] = $ldap->get_next_id();
$item["homeDirectory"] = "/var/lib/gforge/chroot/home/users/".$uname;
-
- $item["objectclass"][0]='inetOrgPerson';
- $item["objectclass"][1]='organizationalPerson';
- $item["objectclass"][2]='person';
- $item["objectclass"][3]='posixAccount';
- $item["objectclass"][4]='top';
- $item["objectclass"][5]='shadowAccount';
- $item["objectclass"][6]='debGforgeAccount';
+ $item["uid"][2] = 1;
+ $item["objectclass"][0] = 'inetOrgPerson';
+ $item["objectclass"][1] = 'organizationalPerson';
+ $item["objectclass"][2] = 'person';
+ $item["objectclass"][3] = 'posixAccount';
+ $item["objectclass"][4] = 'top';
+ $item["objectclass"][5] = 'shadowAccount';
+ $item["objectclass"][6] = 'debGforgeAccount';
//search in dest_entries_array if entry already exists
if (array_search ($uname , $dest_entries_array)){
Modified: trunk/gforge_base/login_management/ldap/ldap_delete.php
===================================================================
--- trunk/gforge_base/login_management/ldap/ldap_delete.php 2008-11-14 16:17:10 UTC (rev 48)
+++ trunk/gforge_base/login_management/ldap/ldap_delete.php 2008-11-17 11:22:05 UTC (rev 49)
@@ -13,7 +13,7 @@
$dest_ldaphost = "localhost";
$dest_dn = "dc=my, dc=domain, dc=de";
$dest_ldapuser="admin";
-$dest_ldappw="mypassword";
+$dest_ldappw="PASSWORD";
$dest_bind_rdn= "cn=".$dest_ldapuser.", ".$dest_dn;
$dest_addr="ou=People, ".$dest_dn;
Added: trunk/gforge_base/login_management/ldap/ldap_user.class
===================================================================
--- trunk/gforge_base/login_management/ldap/ldap_user.class (rev 0)
+++ trunk/gforge_base/login_management/ldap/ldap_user.class 2008-11-17 11:22:05 UTC (rev 49)
@@ -0,0 +1,131 @@
+<?php
+class ldap_user {
+ var $connection=false;
+ var $is_connected=false;
+ var $ldaphost = "localhost";
+ var $dn = "dc=evolvis-test, dc=tarent, dc=de";
+ //var $ldapuser="SF_robot";
+ var $ldapuser="admin";
+ var $ldappw="PASSWORD";
+ var $user_selected=false;
+ var $userarr=array();
+ var $uname_actual='';
+
+ function ldap_user($uname='')
+ {
+ $this->change_uname($uname);
+ if(!$this->is_connected)
+ $this->connect();
+ }
+
+ function connect() //should be private
+ {
+ $this->connection=ldap_connect($this->ldaphost);
+ ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_bind($this->connection,"cn=".$this->ldapuser.", ".$this->dn, $this->ldappw);
+ $this->is_connected=true;
+ }
+
+ function change_uname($uname) //public
+ {
+ $this->uname_actual=$this->ldap_escape_string($uname);
+ }
+
+ function select_user_specialid($uname)
+ {
+ $search=ldap_search($this->connection, "ou=People, ".$this->dn, 'uid='.$uname);
+ $info = ldap_get_entries($this->connection, $search);
+ $this->userarr=$info;
+ return $this->userarr;
+ }
+
+ function select_user() //public
+ {
+ $search=ldap_search($this->connection, "ou=People, ".$this->dn, 'uid='.$this->uname_actual);
+ $info = ldap_get_entries($this->connection, $search);
+ $this->userarr=$info;
+ return $this->userarr;
+ }
+
+ function edit_user($edit=array()) //public
+ {
+ $edit['uid']=$this->uname_actual;
+ ldap_modify($this->connection,"uid=".$edit['uid'].", ou=people, ".$this->dn,$edit);
+ }
+
+ function delete_user() //public
+ {
+ ldap_delete($this->connection,"uid=".$this->uname_actual.", ou=People, ".$this->dn);
+ }
+
+ function add_user($info=array()) //public
+ {
+ if((!empty($info)) AND ($this->select_user_specialid($info['user_name'])==array('count'=>0)))
+ {
+ $item["uid"][0] = $info['user_name'];
+ $item["uid"][2] = 0; //isMitarbeiter = 0
+ $item["userpassword"] = '{crypt}'.crypt($info["userpassword"]);
+ $item["givenname"] = $info["first_name"];
+ $item["cn"] = $info["full_name"];
+ $item["sn"] = $info["last_name"];
+ $item["mail"] = $info["email"];
+ $item["loginshell"] = "/lib/anonsvnsh";
+ $item["homeDirectory"] = "/var/lib/gforge/chroot/home/users/".$info['user_name'];
+ $item["objectclass"][0]='inetOrgPerson';
+ $item["objectclass"][1]='organizationalPerson';
+ $item["objectclass"][2]='person';
+ $item["objectclass"][3]='posixAccount';
+ $item["objectclass"][4]='top';
+ $item["objectclass"][5]='shadowAccount';
+ $item["objectclass"][6]='debGforgeAccount';
+ $item["uid"][1]=$this->get_next_id();
+ $item["gidNumber"]=$this->get_next_id('gid');
+ $item["uidNumber"]=$this->get_next_id('uid');
+ ldap_add($this->connection," uid=".$this->ldap_escape_string($info['user_name']).", ou=People, ".$this->dn,$item);
+
+ $this->update_sql();
+ return $item["uid"][1];
+ } else
+ {
+ return false;
+ }
+ }
+
+ function get_next_id($str='user_id') //public
+ {
+ $conn = pg_connect ("host=evolvis-test port=5432
+ dbname=gforge user=gforge
+ password=CHANGEIT"
+ );
+ $db = pg_dbname ($conn);
+
+ $sql = "SELECT user_id FROM users order by user_id DESC LIMIT 1;";
+ $res = pg_query($sql);
+ $ar['user_id']=pg_fetch_result($res,0,'user_id')+1;
+ $ar['gid']=20000+$ar['user_id'];
+ $ar['uid']=20000+$ar['user_id'];
+ return $ar[$str];
+ }
+
+ function ldap_escape_string($string) //public
+ {
+ $string = str_replace(",", '\\,', $string);
+ $string = str_replace('"', '\\"', $string);
+ $string = str_replace("'", '\\\'', $string);
+ $string = str_replace("<", '\\<', $string);
+ $string = str_replace(">", '\\>', $string);
+ $string = str_replace(";", '\\;', $string);
+ $string = str_replace('\\', '\\\\', $string);
+ $string = str_replace("+", '\\+,', $string);
+ $string = str_replace("=", '\\=,', $string);
+ $string = str_replace("#", '\\#', $string);
+ return $string;
+ }
+
+ function update_sql() //should be private
+ {
+ $internal=true;
+ include "ldap2sql.php";
+ }
+}
+?>
More information about the evolvis-commits
mailing list