Compare commits
2 commits
951c6acfcb
...
78144a4dfc
Author | SHA1 | Date | |
---|---|---|---|
|
78144a4dfc | ||
|
c94b878bc2 |
4 changed files with 101 additions and 1 deletions
|
@ -21,6 +21,18 @@ class Backend {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update a user
|
||||||
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
* @param array<string,mixed> $changes Array of changes
|
||||||
|
* @param boolean $no_change_as_success Consider no change provided as success
|
||||||
|
* (optional, default: false)
|
||||||
|
* @return boolean True if user was updated, false otherwise
|
||||||
|
*/
|
||||||
|
public static function update_user($user, $changes, $no_change_as_success=False) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check a user password
|
* Check a user password
|
||||||
* @param \EesyPHP\Auth\User $user The user object
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
|
|
@ -263,6 +263,69 @@ class Ldap extends Backend {
|
||||||
return new User($username, '\\EesyPHP\\Auth\\Ldap', $info);
|
return new User($username, '\\EesyPHP\\Auth\\Ldap', $info);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update a user
|
||||||
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
* @param array<string,mixed> $changes Array of changes
|
||||||
|
* @param boolean $no_change_as_success Consider no change provided as success
|
||||||
|
* (optional, default: false)
|
||||||
|
* @return boolean True if user was updated, false otherwise
|
||||||
|
*/
|
||||||
|
public static function update_user($user, $changes, $no_change_as_success=False) {
|
||||||
|
Log::debug("Ldap::update_user(%s): changes=%s", $user->dn, vardump($changes));
|
||||||
|
if (!$user->dn) {
|
||||||
|
Log::error("Ldap::update_user(): Invalid user provided (no DN)");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!is_array($changes)) {
|
||||||
|
Log::error("Ldap::update_user(%s): Invalid changes provided (not an array)", $user->dn);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$attrs = App::get('auth.ldap.user_attributes', null, 'array');
|
||||||
|
$updated_attrs = [];
|
||||||
|
$deleted_attrs = [];
|
||||||
|
foreach($changes as $attr => $value) {
|
||||||
|
if ($attr == "dn") continue;
|
||||||
|
if (!array_key_exists($attr, $attrs)) {
|
||||||
|
Log::error(
|
||||||
|
"Ldap::update_user(%s): Changes on unknown attribute %s provided",
|
||||||
|
$user->dn, $attr
|
||||||
|
);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$ldap_name = Config::get("$attr.ldap_name", $attr, 'string', false, $attrs);
|
||||||
|
if ($value)
|
||||||
|
$updated_attrs[$ldap_name] = ensure_is_array($value);
|
||||||
|
else
|
||||||
|
$deleted_attrs[] = $ldap_name;
|
||||||
|
}
|
||||||
|
if (empty($updated_attrs) && empty($deleted_attrs)) {
|
||||||
|
Log::debug("Ldap::update_user(%s): no change provided", $user->dn);
|
||||||
|
return $no_change_as_success;
|
||||||
|
}
|
||||||
|
if (!self :: connect()) return false;
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
$entry = self :: $connection -> getEntry($user->dn);
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
if (Net_LDAP2::isError($entry)) {
|
||||||
|
Log::warning('User "%s" (%s) not found', $user->username, $user->dn);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if ($updated_attrs) $entry->replace($updated_attrs);
|
||||||
|
if ($deleted_attrs) $entry->delete($deleted_attrs);
|
||||||
|
$result = $entry -> update();
|
||||||
|
// @phpstan-ignore-next-line
|
||||||
|
if (Net_LDAP2::isError($result)) {
|
||||||
|
Log::error(
|
||||||
|
'Fail to update user "%s" (%s): %s',
|
||||||
|
$user->username, $user->dn, $result->getMessage()
|
||||||
|
);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
Log::info('User "%s" (%s) updated', $user->username, $user->dn);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check a user password
|
* Check a user password
|
||||||
* @param \EesyPHP\Auth\User $user The user object
|
* @param \EesyPHP\Auth\User $user The user object
|
||||||
|
|
|
@ -4,6 +4,7 @@ namespace EesyPHP\Auth;
|
||||||
|
|
||||||
use EesyPHP\Log;
|
use EesyPHP\Log;
|
||||||
use function EesyPHP\ensure_is_array;
|
use function EesyPHP\ensure_is_array;
|
||||||
|
use function EesyPHP\vardump;
|
||||||
|
|
||||||
class User {
|
class User {
|
||||||
|
|
||||||
|
@ -25,6 +26,12 @@ class User {
|
||||||
*/
|
*/
|
||||||
private $info;
|
private $info;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Original user object (set on change and keep to handle update)
|
||||||
|
* @var User|null
|
||||||
|
*/
|
||||||
|
private $original_user;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor
|
* Constructor
|
||||||
* @param string $username The username
|
* @param string $username The username
|
||||||
|
@ -66,6 +73,7 @@ class User {
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public function __set($key, $value) {
|
public function __set($key, $value) {
|
||||||
|
Log::trace("%s->__set(%s): new value=%s", $this, $key, vardump($value));
|
||||||
switch ($key) {
|
switch ($key) {
|
||||||
case 'username':
|
case 'username':
|
||||||
$this -> username = strval($value);
|
$this -> username = strval($value);
|
||||||
|
@ -77,6 +85,8 @@ class User {
|
||||||
$this -> info = ensure_is_array($value);
|
$this -> info = ensure_is_array($value);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
if (!isset($this ->original_user))
|
||||||
|
$this -> original_user = new User($this->username, $this->backend, $this->info);
|
||||||
$this -> info[$key] = $value;
|
$this -> info[$key] = $value;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -119,4 +129,19 @@ class User {
|
||||||
return $this -> namename;
|
return $this -> namename;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update user
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function save() {
|
||||||
|
if (!isset($this -> original_user)) {
|
||||||
|
Log::debug("%s->save(): no change to save", $this);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return call_user_func(
|
||||||
|
array($this -> backend, 'update_user'),
|
||||||
|
$this -> original_user, $this -> info, true
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -492,7 +492,7 @@ class Url {
|
||||||
public static function get_absolute_url($relative_url=null) {
|
public static function get_absolute_url($relative_url=null) {
|
||||||
if (!is_string($relative_url))
|
if (!is_string($relative_url))
|
||||||
$relative_url = self :: get_current_url();
|
$relative_url = self :: get_current_url();
|
||||||
if (self :: $public_root_url[0] == '/') {
|
if (self :: $public_root_url && self :: $public_root_url[0] == '/') {
|
||||||
Log :: debug(
|
Log :: debug(
|
||||||
"URL :: get_absolute_url($relative_url): configured public root URL is relative ".
|
"URL :: get_absolute_url($relative_url): configured public root URL is relative ".
|
||||||
"(%s) => try to detect it from current request infos.",
|
"(%s) => try to detect it from current request infos.",
|
||||||
|
|
Loading…
Reference in a new issue