Compare commits
2 commits
62fbdbf1c2
...
23f28d39c7
Author | SHA1 | Date | |
---|---|---|---|
|
23f28d39c7 | ||
|
f7de9b9648 |
4 changed files with 94 additions and 6 deletions
|
@ -24,12 +24,6 @@ repos:
|
||||||
- id: php-stan
|
- id: php-stan
|
||||||
files: ^(?!example/).*\.(php)$
|
files: ^(?!example/).*\.(php)$
|
||||||
args: ["--configuration=phpstan.neon"]
|
args: ["--configuration=phpstan.neon"]
|
||||||
- repo: https://github.com/digitalpulp/pre-commit-php.git
|
|
||||||
rev: 1.4.0
|
|
||||||
hooks:
|
|
||||||
- id: php-stan
|
|
||||||
files: ^example/.*\.(php)$
|
|
||||||
args: ["--configuration=example/phpstan.neon"]
|
|
||||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
rev: v4.4.0
|
rev: v4.4.0
|
||||||
hooks:
|
hooks:
|
||||||
|
|
|
@ -21,6 +21,18 @@ class Backend {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update a user
|
||||||
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
* @param array<string,mixed> $changes Array of changes
|
||||||
|
* @param boolean $no_change_as_success Consider no change provided as success
|
||||||
|
* (optional, default: false)
|
||||||
|
* @return boolean True if user was updated, false otherwise
|
||||||
|
*/
|
||||||
|
public static function update_user($user, $changes, $no_change_as_success=False) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check a user password
|
* Check a user password
|
||||||
* @param \EesyPHP\Auth\User $user The user object
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
|
|
@ -263,6 +263,68 @@ class Ldap extends Backend {
|
||||||
return new User($username, '\\EesyPHP\\Auth\\Ldap', $info);
|
return new User($username, '\\EesyPHP\\Auth\\Ldap', $info);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update a user
|
||||||
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
* @param array<string,mixed> $changes Array of changes
|
||||||
|
* @param boolean $no_change_as_success Consider no change provided as success
|
||||||
|
* (optional, default: false)
|
||||||
|
* @return boolean True if user was updated, false otherwise
|
||||||
|
*/
|
||||||
|
public static function update_user($user, $changes, $no_change_as_success=False) {
|
||||||
|
Log::debug("Ldap::update_user(%s): changes=%s", $user->dn, vardump($changes));
|
||||||
|
if (!$user->dn) {
|
||||||
|
Log::error("Ldap::update_user(): Invalid user provided (no DN)");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!is_array($changes)) {
|
||||||
|
Log::error("Ldap::update_user(%s): Invalid changes provided (not an array)", $user->dn);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$attrs = App::get('auth.ldap.user_attributes', null, 'array');
|
||||||
|
$updated_attrs = [];
|
||||||
|
$deleted_attrs = [];
|
||||||
|
foreach($changes as $attr => $value) {
|
||||||
|
if (!array_key_exists($attr, $attrs)) {
|
||||||
|
Log::error(
|
||||||
|
"Ldap::update_user(%s): Changes on unknown attribute %s provided",
|
||||||
|
$user->dn, $attr
|
||||||
|
);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$ldap_name = Config::get("$attr.ldap_name", $attr, 'string', false, $attrs);
|
||||||
|
if ($value)
|
||||||
|
$updated_attrs[$ldap_name] = ensure_is_array($value);
|
||||||
|
else
|
||||||
|
$deleted_attrs[] = $ldap_name;
|
||||||
|
}
|
||||||
|
if (empty($updated_attrs) && empty($deleted_attrs)) {
|
||||||
|
Log::debug("Ldap::update_user(%s): no change provided", $user->dn);
|
||||||
|
return $no_change_as_success;
|
||||||
|
}
|
||||||
|
if (!self :: connect()) return false;
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
$entry = self :: $connection -> getEntry($user->dn);
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
if (Net_LDAP2::isError($entry)) {
|
||||||
|
Log::warning('User "%s" (%s) not found', $user->username, $user->dn);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if ($updated_attrs) $entry->replace($updated_attrs);
|
||||||
|
if ($deleted_attrs) $entry->delete($deleted_attrs);
|
||||||
|
$result = $entry -> update();
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
if (Net_LDAP2::isError($result)) {
|
||||||
|
Log::error(
|
||||||
|
'Fail to update user "%s" (%s): %s',
|
||||||
|
$user->username, $user->dn, $result->getMessage()
|
||||||
|
);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
Log::info('User "%s" (%s) updated', $user->username, $user->dn);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check a user password
|
* Check a user password
|
||||||
* @param \EesyPHP\Auth\User $user The user object
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
|
|
@ -25,6 +25,12 @@ class User {
|
||||||
*/
|
*/
|
||||||
private $info;
|
private $info;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Original user object (set on change and keep to handle update)
|
||||||
|
* @var User|null
|
||||||
|
*/
|
||||||
|
private $original_user;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor
|
* Constructor
|
||||||
* @param string $username The username
|
* @param string $username The username
|
||||||
|
@ -77,6 +83,8 @@ class User {
|
||||||
$this -> info = ensure_is_array($value);
|
$this -> info = ensure_is_array($value);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
if (!isset($this ->original_user))
|
||||||
|
$this -> original_user = new User($this->username, $this->backend, $this->info);
|
||||||
$this -> info[$key] = $value;
|
$this -> info[$key] = $value;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -119,4 +127,16 @@ class User {
|
||||||
return $this -> namename;
|
return $this -> namename;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update user
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function save() {
|
||||||
|
if (!isset($this -> original_user)) return true;
|
||||||
|
return call_user_func(
|
||||||
|
array($this -> backend, 'update_user'),
|
||||||
|
$this -> original_user, $this -> info, true
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue