Auth: Add update_user() method on backends and save() method on user
This commit is contained in:
parent
f7de9b9648
commit
4f1deefa09
3 changed files with 112 additions and 0 deletions
|
@ -21,6 +21,18 @@ class Backend {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update a user
|
||||||
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
* @param array<string,mixed> $changes Array of changes
|
||||||
|
* @param boolean $no_change_as_success Consider no change provided as success
|
||||||
|
* (optional, default: false)
|
||||||
|
* @return boolean True if user was updated, false otherwise
|
||||||
|
*/
|
||||||
|
public static function update_user($user, $changes, $no_change_as_success=False) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check a user password
|
* Check a user password
|
||||||
* @param \EesyPHP\Auth\User $user The user object
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
|
|
@ -263,6 +263,69 @@ class Ldap extends Backend {
|
||||||
return new User($username, '\\EesyPHP\\Auth\\Ldap', $info);
|
return new User($username, '\\EesyPHP\\Auth\\Ldap', $info);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update a user
|
||||||
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
* @param array<string,mixed> $changes Array of changes
|
||||||
|
* @param boolean $no_change_as_success Consider no change provided as success
|
||||||
|
* (optional, default: false)
|
||||||
|
* @return boolean True if user was updated, false otherwise
|
||||||
|
*/
|
||||||
|
public static function update_user($user, $changes, $no_change_as_success=False) {
|
||||||
|
Log::debug("Ldap::update_user(%s): changes=%s", $user->dn, vardump($changes));
|
||||||
|
if (!$user->dn) {
|
||||||
|
Log::error("Ldap::update_user(): Invalid user provided (no DN)");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!is_array($changes)) {
|
||||||
|
Log::error("Ldap::update_user(%s): Invalid changes provided (not an array)", $user->dn);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$attrs = App::get('auth.ldap.user_attributes', null, 'array');
|
||||||
|
$updated_attrs = [];
|
||||||
|
$deleted_attrs = [];
|
||||||
|
foreach($changes as $attr => $value) {
|
||||||
|
if ($attr == "dn") continue;
|
||||||
|
if (!array_key_exists($attr, $attrs)) {
|
||||||
|
Log::error(
|
||||||
|
"Ldap::update_user(%s): Changes on unknown attribute %s provided",
|
||||||
|
$user->dn, $attr
|
||||||
|
);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$ldap_name = Config::get("$attr.ldap_name", $attr, 'string', false, $attrs);
|
||||||
|
if ($value)
|
||||||
|
$updated_attrs[$ldap_name] = ensure_is_array($value);
|
||||||
|
else
|
||||||
|
$deleted_attrs[] = $ldap_name;
|
||||||
|
}
|
||||||
|
if (empty($updated_attrs) && empty($deleted_attrs)) {
|
||||||
|
Log::debug("Ldap::update_user(%s): no change provided", $user->dn);
|
||||||
|
return $no_change_as_success;
|
||||||
|
}
|
||||||
|
if (!self :: connect()) return false;
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
$entry = self :: $connection -> getEntry($user->dn);
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
if (Net_LDAP2::isError($entry)) {
|
||||||
|
Log::warning('User "%s" (%s) not found', $user->username, $user->dn);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if ($updated_attrs) $entry->replace($updated_attrs);
|
||||||
|
if ($deleted_attrs) $entry->delete($deleted_attrs);
|
||||||
|
$result = $entry -> update();
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
if (Net_LDAP2::isError($result)) {
|
||||||
|
Log::error(
|
||||||
|
'Fail to update user "%s" (%s): %s',
|
||||||
|
$user->username, $user->dn, $result->getMessage()
|
||||||
|
);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
Log::info('User "%s" (%s) updated', $user->username, $user->dn);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check a user password
|
* Check a user password
|
||||||
* @param \EesyPHP\Auth\User $user The user object
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
|
|
@ -2,8 +2,10 @@
|
||||||
|
|
||||||
namespace EesyPHP\Auth;
|
namespace EesyPHP\Auth;
|
||||||
|
|
||||||
|
use EesyPHP\Hook;
|
||||||
use EesyPHP\Log;
|
use EesyPHP\Log;
|
||||||
use function EesyPHP\ensure_is_array;
|
use function EesyPHP\ensure_is_array;
|
||||||
|
use function EesyPHP\vardump;
|
||||||
|
|
||||||
class User {
|
class User {
|
||||||
|
|
||||||
|
@ -25,6 +27,12 @@ class User {
|
||||||
*/
|
*/
|
||||||
private $info;
|
private $info;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Original user object (set on change and keep to handle update)
|
||||||
|
* @var User|null
|
||||||
|
*/
|
||||||
|
private $original_user;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor
|
* Constructor
|
||||||
* @param string $username The username
|
* @param string $username The username
|
||||||
|
@ -66,6 +74,7 @@ class User {
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public function __set($key, $value) {
|
public function __set($key, $value) {
|
||||||
|
Log::trace("%s->__set(%s): new value=%s", $this, $key, vardump($value));
|
||||||
switch ($key) {
|
switch ($key) {
|
||||||
case 'username':
|
case 'username':
|
||||||
$this -> username = strval($value);
|
$this -> username = strval($value);
|
||||||
|
@ -77,6 +86,8 @@ class User {
|
||||||
$this -> info = ensure_is_array($value);
|
$this -> info = ensure_is_array($value);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
if (!isset($this ->original_user))
|
||||||
|
$this -> original_user = new User($this->username, $this->backend, $this->info);
|
||||||
$this -> info[$key] = $value;
|
$this -> info[$key] = $value;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -119,4 +130,30 @@ class User {
|
||||||
return $this -> namename;
|
return $this -> namename;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update user
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function save() {
|
||||||
|
if (!isset($this -> original_user)) {
|
||||||
|
Log::debug("%s->save(): original_user not set, no change to save.", $this);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
$changes = [];
|
||||||
|
foreach ($this->info as $attr => $value)
|
||||||
|
if ($this->original_user->$attr != $value)
|
||||||
|
$changes[$attr] = $value;
|
||||||
|
if (!$changes) {
|
||||||
|
Log::debug("%s->save(): no info updated, no change to save", $this);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
$result = call_user_func(
|
||||||
|
array($this -> backend, 'update_user'),
|
||||||
|
$this -> original_user, $changes, true
|
||||||
|
);
|
||||||
|
if ($result)
|
||||||
|
Hook::trigger("user_updated", ["user" => $this, "changes" => $changes]);
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue