chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

re-activate ldap user search feature using new ldap libs

Browse Source
1.10.x
eric 11 years ago
parent 9053c702ef
commit 6f6b200dbb
4 changed files with 50 additions and 56 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/admin/index.php
  2. 14
      main/admin/ldap_users_list.php
  3. 72
      main/auth/ldap/authldap.php
  4. 18
      main/auth/ldap/ldap_var.inc.php

2
main/admin/index.php
Unescape View File

@ -120,7 +120,7 @@ if (api_is_platform_admin()) {
$items[] = array('url'=>'group_add.php', 'label' => get_lang('AddGroups')); $items[] = array('url'=>'group_add.php', 'label' => get_lang('AddGroups'));
$items[] = array('url'=>'group_list.php', 'label' => get_lang('GroupList')); $items[] = array('url'=>'group_list.php', 'label' => get_lang('GroupList'));
} }
if (isset($extAuthSource) && isset($extAuthSource['ldap']) && count($extAuthSource['ldap']) > 0) { if (isset($extAuthSource) && isset($extAuthSource['extldap']) && count($extAuthSource['extldap']) > 0) {
$items[] = array('url'=>'ldap_users_list.php', 'label' => get_lang('ImportLDAPUsersIntoPlatform')); $items[] = array('url'=>'ldap_users_list.php', 'label' => get_lang('ImportLDAPUsersIntoPlatform'));
} }
$items[] = array('url'=>'user_fields.php', 'label' => get_lang('ManageUserFields')); $items[] = array('url'=>'user_fields.php', 'label' => get_lang('ManageUserFields'));

14
main/admin/ldap_users_list.php
Unescape View File

@ -17,11 +17,11 @@ $this_section = SECTION_PLATFORM_ADMIN;
api_protect_admin_script(); api_protect_admin_script();
$action = $_GET["action"]; $action = @$_GET["action"] ?: null;
$login_as_user_id = $_GET["user_id"]; $login_as_user_id = @$_GET["user_id"] ?: null;
// Login as ... // Login as ...
if ($_GET['action'] == "login_as" && isset ($login_as_user_id)) if ($action == "login_as" && !empty ($login_as_user_id))
{ {
login_user($login_as_user_id); login_user($login_as_user_id);
} }
@ -200,10 +200,10 @@ $form->display();
$parameters['keyword_username'] = $_GET['keyword_username']; $parameters['keyword_username'] = @$_GET['keyword_username'] ?: null;
$parameters['keyword_firstname'] = $_GET['keyword_firstname']; $parameters['keyword_firstname'] = @$_GET['keyword_firstname'] ?: null;
$parameters['keyword_lastname'] = $_GET['keyword_lastname']; $parameters['keyword_lastname'] = @$_GET['keyword_lastname'] ?: null;
$parameters['keyword_email'] = $_GET['keyword_email']; $parameters['keyword_email'] = @$_GET['keyword_email'] ?: null;
if (isset($_GET['id_session'])) if (isset($_GET['id_session']))
$parameters['id_session'] = $_GET['id_session']; $parameters['id_session'] = $_GET['id_session'];
// Create a sortable table with user-data // Create a sortable table with user-data

72
main/auth/ldap/authldap.php
Unescape View File

@ -62,6 +62,7 @@ use \ChamiloSession as Session;
/** /**
* Code * Code
*/ */
require_once api_get_path(SYS_CODE_PATH).'auth/external_login/ldap.inc.php';
require 'ldap_var.inc.php'; require 'ldap_var.inc.php';
/** /**
* Check login and password with LDAP * Check login and password with LDAP
@ -325,7 +326,9 @@ function ldap_set_version(&$resource) {
*/ */
function ldap_handle_bind(&$ldap_handler,&$ldap_bind) { function ldap_handle_bind(&$ldap_handler,&$ldap_bind) {
//error_log('Entering ldap_handle_bind(&$ldap_handler,&$ldap_bind)',0); //error_log('Entering ldap_handle_bind(&$ldap_handler,&$ldap_bind)',0);
global $ldap_rdn,$ldap_pass; global $ldap_rdn,$ldap_pass, $extldap_config;
$ldap_rdn = $extldap_config['admin_dn'];
$ldap_pass = $extldap_config['admin_password'];
if (!empty($ldap_rdn) and !empty($ldap_pass)) { if (!empty($ldap_rdn) and !empty($ldap_pass)) {
//error_log('Trying authenticated login :'.$ldap_rdn.'/'.$ldap_pass,0); //error_log('Trying authenticated login :'.$ldap_rdn.'/'.$ldap_pass,0);
$ldap_bind = ldap_bind($ldap_handler,$ldap_rdn,$ldap_pass); $ldap_bind = ldap_bind($ldap_handler,$ldap_rdn,$ldap_pass);
@ -352,21 +355,23 @@ function ldap_handle_bind(&$ldap_handler,&$ldap_bind) {
*/ */
function ldap_get_users() { function ldap_get_users() {
global $ldap_basedn, $ldap_host, $ldap_port, $ldap_rdn, $ldap_pass; global $ldap_basedn, $ldap_host, $ldap_port, $ldap_rdn, $ldap_pass, $ldap_search_dn, $extldap_user_correspondance;
$keyword_firstname = trim(Database::escape_string($_GET['keyword_firstname'])); $keyword_firstname = isset($_GET['keyword_firstname']) ? trim(Database::escape_string($_GET['keyword_firstname'])): '';
$keyword_lastname = trim(Database::escape_string($_GET['keyword_lastname'])); $keyword_lastname = isset($_GET['keyword_lastname']) ? trim(Database::escape_string($_GET['keyword_lastname'])) : '';
$keyword_username = trim(Database::escape_string($_GET['keyword_username'])); $keyword_username = isset($_GET['keyword_username']) ? trim(Database::escape_string($_GET['keyword_username'])) : '';
$keyword_type = Database::escape_string($_GET['keyword_type']); $keyword_type = isset($_GET['keyword_type']) ? Database::escape_string($_GET['keyword_type']) : '';
$ldap_query=array(); $ldap_query=array();
if ($keyword_username != "") { if ($keyword_username != "") {
$ldap_query[]="(uid=".$keyword_username."*)"; $ldap_query[] = str_replace('%username%', $keyword_username, $ldap_search_dn);
} else if ($keyword_lastname!=""){ } else {
$ldap_query[]="(sn=".$keyword_lastname."*)"; if ($keyword_lastname!=""){
$ldap_query[]="(".$extldap_user_correspondance['lastname']."=".$keyword_lastname."*)";
}
if ($keyword_firstname!="") { if ($keyword_firstname!="") {
$ldap_query[]="(givenName=".$keyword_firstname."*)"; $ldap_query[]="(".$extldap_user_correspondance['firstname']."=".$keyword_firstname."*)";
} }
} }
if ($keyword_type !="" && $keyword_type !="all") { if ($keyword_type !="" && $keyword_type !="all") {
@ -380,7 +385,7 @@ function ldap_get_users() {
} }
$str_query.=" )"; $str_query.=" )";
} else { } else {
$str_query=$ldap_query[0]; $str_query= count($ldap_query) > 0 ? $ldap_query[0] : null;
} }
$ds = ldap_connect($ldap_host, $ldap_port); $ds = ldap_connect($ldap_host, $ldap_port);
@ -421,6 +426,9 @@ function ldap_get_number_of_users() {
* @author Mustapha Alouani * @author Mustapha Alouani
*/ */
function ldap_get_user_data($from, $number_of_items, $column, $direction) { function ldap_get_user_data($from, $number_of_items, $column, $direction) {
global $extldap_user_correspondance;
$users = array(); $users = array();
$is_western_name_order = api_is_western_name_order(); $is_western_name_order = api_is_western_name_order();
if (isset($_GET['submit'])) { if (isset($_GET['submit'])) {
@ -434,17 +442,17 @@ function ldap_get_user_data($from, $number_of_items, $column, $direction) {
//$dn_array=ldap_explode_dn($info[$key]["dn"],1); //$dn_array=ldap_explode_dn($info[$key]["dn"],1);
//$user[] = $dn_array[0]; // uid is first key //$user[] = $dn_array[0]; // uid is first key
//$user[] = $dn_array[0]; // uid is first key //$user[] = $dn_array[0]; // uid is first key
$user[] = $info[$key]['uid'][0]; $user[] = $info[$key][$extldap_user_correspondance['username']][0];
$user[] = $info[$key]['uid'][0]; $user[] = $info[$key][$extldap_user_correspondance['username']][0];
if ($is_western_name_order) { if ($is_western_name_order) {
$user[] = api_convert_encoding($info[$key]['cn'][0], api_get_system_encoding(), 'UTF-8'); $user[] = api_convert_encoding($info[$key][$extldap_user_correspondance['firstname']][0], api_get_system_encoding(), 'UTF-8');
$user[] = api_convert_encoding($info[$key]['sn'][0], api_get_system_encoding(), 'UTF-8'); $user[] = api_convert_encoding($info[$key][$extldap_user_correspondance['lastname']][0], api_get_system_encoding(), 'UTF-8');
} else { } else {
$user[] = api_convert_encoding($info[$key]['sn'][0], api_get_system_encoding(), 'UTF-8'); $user[] = api_convert_encoding($info[$key][$extldap_user_correspondance['firstname']][0], api_get_system_encoding(), 'UTF-8');
$user[] = api_convert_encoding($info[$key]['cn'][0], api_get_system_encoding(), 'UTF-8'); $user[] = api_convert_encoding($info[$key][$extldap_user_correspondance['lastname']][0], api_get_system_encoding(), 'UTF-8');
} }
$user[] = $info[$key]['mail'][0]; $user[] = $info[$key]['mail'][0];
$outab[] = $info[$key]['eduPersonPrimaryAffiliation'][0]; // Ici "student" $user[] = $info[$key][$extldap_user_correspondance['username']][0];
$users[] = $user; $users[] = $user;
} }
} else { } else {
@ -462,9 +470,12 @@ function ldap_get_user_data($from, $number_of_items, $column, $direction) {
* @author Mustapha Alouani * @author Mustapha Alouani
*/ */
function modify_filter($user_id,$url_params, $row) { function modify_filter($user_id,$url_params, $row) {
$url_params_id="id[]=".$row[0]; $query_string="id[]=".$row[0];
if (!empty($_GET['id_session'])){
$query_string .= '&id_session='.Security::remove_XSS($_GET['id_session']);
}
//$url_params_id="id=".$row[0]; //$url_params_id="id=".$row[0];
$result .= '<a href="ldap_users_list.php?action=add_user&amp;user_id='.$user_id.'&amp;id_session='.Security::remove_XSS($_GET['id_session']).'&amp;'.$url_params_id.'&amp;sec_token='.$_SESSION['sec_token'].'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, api_get_system_encoding()))."'".')) return false;">'.Display::return_icon('add_user.gif', get_lang('AddUsers')).'</a>'; $result = '<a href="ldap_users_list.php?action=add_user&amp;user_id='.$user_id.'&amp;'.$query_string.'&amp;sec_token='.$_SESSION['sec_token'].'" onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, api_get_system_encoding()))."'".')) return false;">'.Display::return_icon('add_user.gif', get_lang('AddUsers')).'</a>';
return $result; return $result;
} }
@ -474,26 +485,9 @@ function modify_filter($user_id,$url_params, $row) {
* @author Mustapha Alouani * @author Mustapha Alouani
*/ */
function ldap_add_user($login) { function ldap_add_user($login) {
global $ldap_basedn, $ldap_host, $ldap_port, $ldap_rdn, $ldap_pass; if ($ldap_user = extldap_authenticate($login, 'nopass', true)) {
$ds = ldap_connect($ldap_host, $ldap_port); return extldap_add_user_by_array($ldap_user);
ldap_set_version($ds);
$user_id = 0;
if ($ds) {
$str_query="(uid=".$login.")";
$r = false;
$res = ldap_handle_bind($ds, $r);
$sr = ldap_search($ds, $ldap_basedn, $str_query);
//echo "Number of results is : ".ldap_count_entries($ds,$sr)."<p>";
$info = ldap_get_entries($ds, $sr);
for ($key = 0; $key < $info['count']; $key ++) {
$user_id = ldap_add_user_by_array($info[$key]);
}
} else {
Display :: display_error_message(get_lang('LDAPConnectionError'));
} }
return $user_id;
} }
function ldap_add_user_by_array($data, $update_if_exists = true) { function ldap_add_user_by_array($data, $update_if_exists = true) {

18
main/auth/ldap/ldap_var.inc.php
Unescape View File

@ -23,24 +23,24 @@
* Configuration settings * Configuration settings
*/ */
// your ldap server // your ldap server
$ldap_host = api_get_setting('ldap_main_server_address'); $ldap_host = $extldap_config['host'][0];
// your ldap server's port number // your ldap server's port number
$ldap_port = api_get_setting('ldap_main_server_port'); $ldap_port = @$extldap_config['port'] ?: null;
//domain //domain
$ldap_basedn = api_get_setting('ldap_domain'); $ldap_basedn = $extldap_config['base_dn'];
//search term for students //search term for students
$ldap_search_dn = api_get_setting('ldap_search_string'); $ldap_search_dn = $extldap_config['user_search'];
//additional server params for use of replica in case of problems //additional server params for use of replica in case of problems
$ldap_host2 = api_get_setting('ldap_replicate_server_address'); $ldap_host2 = count($extldap_config['host']) > 1 ? $extldap_config['host'][1] : null;
$ldap_port2 = api_get_setting('ldap_replicate_server_port'); $ldap_port2 = $extldap_config['port'];
//protocol version - set to 3 for LDAP 3 //protocol version - set to 3 for LDAP 3
$ldap_version = api_get_setting('ldap_version'); $ldap_version = $extldap_config['protocol_version'];
//non-anonymous LDAP mode //non-anonymous LDAP mode
$ldap_rdn = api_get_setting('ldap_authentication_login'); $ldap_rdn = $extldap_config['admin_dn'];
$ldap_pass = api_get_setting('ldap_authentication_password'); $ldap_pass = $extldap_config['admin_password'];
$ldap_pass_placeholder = "PLACEHOLDER"; $ldap_pass_placeholder = "PLACEHOLDER";

Write Preview
Loading…
Cancel
Save