2008-02-05 17:11:21 +01:00
|
|
|
|
<?php
|
|
|
|
|
/*******************************************************************************
|
|
|
|
|
* Copyright (C) 2007 Easter-eggs
|
|
|
|
|
* http://ldapsaisie.labs.libre-entreprise.org
|
|
|
|
|
*
|
|
|
|
|
* Author: See AUTHORS file in top-level directory.
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License version 2
|
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
|
|
|
|
|
******************************************************************************/
|
|
|
|
|
|
2020-04-29 15:54:21 +02:00
|
|
|
|
/**
|
2008-02-05 17:11:21 +01:00
|
|
|
|
* Gestion des sessions
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Cette classe gère les sessions d'utilisateurs.
|
2008-02-05 17:11:21 +01:00
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*/
|
|
|
|
|
class LSsession {
|
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// La configuration du serveur Ldap utilisé
|
|
|
|
|
public static $ldapServer = NULL;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// L'id du serveur Ldap utilisé
|
|
|
|
|
private static $ldapServerId = NULL;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Le topDn courant
|
|
|
|
|
private static $topDn = NULL;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Le DN de l'utilisateur connecté
|
|
|
|
|
private static $dn = NULL;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Le RDN de l'utilisateur connecté (son identifiant)
|
|
|
|
|
private static $rdn = NULL;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Les LSprofiles de l'utilisateur
|
|
|
|
|
private static $LSprofiles = array();
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Les droits d'accès de l'utilisateur
|
|
|
|
|
private static $LSaccess = array();
|
2015-08-21 17:51:52 +02:00
|
|
|
|
|
|
|
|
|
// LSaddons views
|
|
|
|
|
private static $LSaddonsViews = array();
|
|
|
|
|
private static $LSaddonsViewsAccess = array();
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Les fichiers temporaires
|
|
|
|
|
private static $tmp_file = array();
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
/*
|
|
|
|
|
* Constante de classe non stockée en session
|
2008-02-05 17:11:21 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Le template à afficher
|
|
|
|
|
private static $template = NULL;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Les subDn des serveurs Ldap
|
|
|
|
|
private static $_subDnLdapServer = array();
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Affichage Ajax
|
|
|
|
|
private static $ajaxDisplay = false;
|
|
|
|
|
|
|
|
|
|
// Les fichiers JS à charger dans la page
|
|
|
|
|
private static $JSscripts = array();
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-05 12:48:52 +02:00
|
|
|
|
// Libs JS files to load on page
|
|
|
|
|
private static $LibsJSscripts = array();
|
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Les fichiers CSS à charger dans la page
|
|
|
|
|
private static $CssFiles = array();
|
|
|
|
|
|
2020-05-05 12:48:52 +02:00
|
|
|
|
// Libs CSS files to load on page
|
|
|
|
|
private static $LibsCssFiles = array();
|
|
|
|
|
|
2020-05-12 19:23:24 +02:00
|
|
|
|
// The LSldapObject of connected user
|
2009-01-24 18:45:14 +01:00
|
|
|
|
private static $LSuserObject = NULL;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-12 19:23:24 +02:00
|
|
|
|
// The LSldapObject type of connected user
|
|
|
|
|
private static $LSuserObjectType = NULL;
|
|
|
|
|
|
2010-03-10 19:07:58 +01:00
|
|
|
|
// The LSauht object of the session
|
|
|
|
|
private static $LSauthObject = false;
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2014-11-18 13:16:38 +01:00
|
|
|
|
// User LDAP credentials
|
|
|
|
|
private static $userLDAPcreds = false;
|
|
|
|
|
|
2020-05-02 17:48:34 +02:00
|
|
|
|
// Initialized telltale
|
|
|
|
|
private static $initialized = false;
|
|
|
|
|
|
2020-05-14 10:53:41 +02:00
|
|
|
|
// List of currently loaded LSaddons
|
|
|
|
|
private static $loadedAddons = array();
|
|
|
|
|
|
2020-05-12 19:23:24 +02:00
|
|
|
|
/**
|
|
|
|
|
* Get session info by key
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $key string The info
|
|
|
|
|
*
|
|
|
|
|
* @retval mixed The info or null
|
|
|
|
|
*/
|
|
|
|
|
public static function get($key) {
|
|
|
|
|
switch($key) {
|
|
|
|
|
case 'top_dn':
|
|
|
|
|
return self :: getTopDn();
|
|
|
|
|
case 'root_dn':
|
|
|
|
|
return self :: getRootDn();
|
|
|
|
|
case 'sub_dn_name':
|
|
|
|
|
return self :: getSubDnName();
|
|
|
|
|
case 'sub_dn_label':
|
|
|
|
|
return self :: getSubDnLabel();
|
|
|
|
|
case 'authenticated_user_dn':
|
|
|
|
|
return self :: $dn;
|
|
|
|
|
case 'authenticated_user_type':
|
|
|
|
|
return self :: $LSuserObjectType;
|
|
|
|
|
case 'authenticated_user':
|
|
|
|
|
return self :: getLSuserObject();
|
|
|
|
|
case 'is_connected':
|
|
|
|
|
return self :: isConnected();
|
|
|
|
|
case 'global_search_enabled':
|
|
|
|
|
return self :: globalSearch();
|
|
|
|
|
case 'email_sender':
|
|
|
|
|
return self :: getEmailSender();
|
|
|
|
|
}
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-21 18:08:09 +01:00
|
|
|
|
/**
|
2020-05-07 11:16:09 +02:00
|
|
|
|
* Include PHP file
|
2009-01-21 18:08:09 +01:00
|
|
|
|
*
|
2020-05-07 11:16:09 +02:00
|
|
|
|
* @param[in] $file string The path to the file to include :
|
|
|
|
|
* - if $external == false : the path must be relative to LS_ROOT_DIR
|
|
|
|
|
* - if $external == true : the path could be absolute or relative. If
|
|
|
|
|
* relative, it will be treated with PHP include path.
|
|
|
|
|
* @param[in] $external boolean If true, file consided as external (optional, default: false)
|
|
|
|
|
* @param[in] $warn boolean If true, a warning will be log if file not found (optional, default: true)
|
|
|
|
|
* This warning will be emit using LSlog if it's already loaded or error_log()
|
|
|
|
|
* otherwise.
|
2009-01-21 18:08:09 +01:00
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
2020-05-07 11:16:09 +02:00
|
|
|
|
* @retval boolean True if file is loaded, false otherwise
|
2009-01-21 18:08:09 +01:00
|
|
|
|
*/
|
2020-05-07 11:16:09 +02:00
|
|
|
|
public static function includeFile($file, $external=false, $warn=true) {
|
2020-04-29 15:15:41 +02:00
|
|
|
|
$path = ($external?'':LS_ROOT_DIR."/").$file;
|
2020-04-29 19:18:23 +02:00
|
|
|
|
$local_path = ($external?'':LS_ROOT_DIR."/").LS_LOCAL_DIR.$file;
|
2020-04-29 15:15:41 +02:00
|
|
|
|
$path = (file_exists($local_path)?$local_path:$path);
|
2020-04-29 19:18:23 +02:00
|
|
|
|
if ($path[0] != '/') {
|
|
|
|
|
$found = stream_resolve_include_path($path);
|
|
|
|
|
if ($found === false) {
|
2020-05-07 11:16:09 +02:00
|
|
|
|
if (!$warn)
|
|
|
|
|
return false;
|
2020-05-02 18:35:19 +02:00
|
|
|
|
$log_msg = "includeFile($file, external=$external) : file $path not found in include path.";
|
|
|
|
|
if (class_exists('LSlog'))
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_warning($log_msg);
|
2020-05-02 18:35:19 +02:00
|
|
|
|
else
|
|
|
|
|
error_log($log_msg);
|
2020-05-07 11:16:09 +02:00
|
|
|
|
return false;
|
2020-04-29 19:18:23 +02:00
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$path = $found;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (!file_exists($path)) {
|
2020-05-07 11:16:09 +02:00
|
|
|
|
if (!$warn)
|
|
|
|
|
return false;
|
2020-05-02 18:35:19 +02:00
|
|
|
|
$log_msg = "includeFile($file, external=$external) : file not found ($local_path / $path)";
|
|
|
|
|
if (class_exists('LSlog'))
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_warning($log_msg);
|
2020-05-02 18:35:19 +02:00
|
|
|
|
else
|
|
|
|
|
error_log($log_msg);
|
2020-05-07 11:16:09 +02:00
|
|
|
|
return false;
|
2009-01-21 18:08:09 +01:00
|
|
|
|
}
|
2020-04-29 15:15:41 +02:00
|
|
|
|
return include_once($path);
|
2009-01-21 18:08:09 +01:00
|
|
|
|
}
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2009-03-25 13:26:32 +01:00
|
|
|
|
* Lancement de LSconfig
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval true si tout c'est bien passé, false sinon
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2009-03-25 13:26:32 +01:00
|
|
|
|
private static function startLSconfig() {
|
|
|
|
|
if (self :: loadLSclass('LSconfig')) {
|
|
|
|
|
if (LSconfig :: start()) {
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
2009-03-25 13:26:32 +01:00
|
|
|
|
}
|
|
|
|
|
die("ERROR : Can't load configuration files.");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-28 18:00:37 +02:00
|
|
|
|
/**
|
|
|
|
|
* Lancement de LSlog
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @retval true si tout c'est bien passé, false sinon
|
|
|
|
|
*/
|
|
|
|
|
private static function startLSlog() {
|
|
|
|
|
if (self :: loadLSclass('LSlog')) {
|
|
|
|
|
if (LSlog :: start()) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return False;
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-08 15:51:21 +02:00
|
|
|
|
/*
|
|
|
|
|
* Log a message via class logger (of other method if LSlog is not loaded)
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $level string The log level (see LSlog)
|
|
|
|
|
* @param[in] $message string The message to log
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
|
|
|
|
protected static function log($level, $message) {
|
|
|
|
|
if (class_exists('LSlog')) {
|
|
|
|
|
LSlog :: get_logger(get_called_class()) -> logging($level, $message);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
// Alternative logging if LSlog is not already started
|
|
|
|
|
$formated_message = "LSsession - $level - $message";
|
|
|
|
|
switch ($level) {
|
|
|
|
|
case 'FATAL':
|
|
|
|
|
case 'ERROR':
|
|
|
|
|
error_log($formated_message);
|
|
|
|
|
if ($level == 'FATAL')
|
|
|
|
|
die($formated_message);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
LSdebug($formated_message);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Log a message with level DEBUG
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $message The message to log
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
|
|
|
|
protected static function log_debug($message) {
|
|
|
|
|
self :: log('DEBUG', $message);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Log a message with level INFO
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $message The message to log
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
|
|
|
|
protected static function log_info($message) {
|
|
|
|
|
self :: log('INFO', $message);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Log a message with level WARNING
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $message The message to log
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
|
|
|
|
protected static function log_warning($message) {
|
|
|
|
|
self :: log('WARNING', $message);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Log a message with level ERROR
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $message The message to log
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
|
|
|
|
protected static function log_error($message) {
|
|
|
|
|
self :: log('ERROR', $message);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Log a message with level FATAL
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $message The message to log
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
|
|
|
|
protected static function log_fatal($message) {
|
|
|
|
|
self :: log('FATAL', $message);
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-02 17:48:34 +02:00
|
|
|
|
/**
|
|
|
|
|
* Lancement de LSurl
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @retval true si tout c'est bien passé, false sinon
|
|
|
|
|
*/
|
|
|
|
|
private static function startLSurl() {
|
|
|
|
|
if (self :: loadLSclass('LSurl') && self :: includeFile(LS_INCLUDE_DIR . "routes.php")) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return False;
|
|
|
|
|
}
|
|
|
|
|
|
2009-03-25 13:26:32 +01:00
|
|
|
|
/**
|
|
|
|
|
* Lancement et initialisation de Smarty
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @retval true si tout c'est bien passé, false sinon
|
2020-04-29 15:15:41 +02:00
|
|
|
|
*/
|
2009-03-25 13:26:32 +01:00
|
|
|
|
private static function startLStemplate() {
|
2013-06-17 23:39:22 +02:00
|
|
|
|
if ( self :: loadLSclass('LStemplate') ) {
|
2013-06-19 03:00:58 +02:00
|
|
|
|
return LStemplate :: start(
|
2013-06-17 23:39:22 +02:00
|
|
|
|
array(
|
2020-04-29 15:15:41 +02:00
|
|
|
|
'smarty_path' => LSconfig :: get('Smarty'),
|
|
|
|
|
'template_dir' => LS_ROOT_DIR . '/'. LS_TEMPLATES_DIR,
|
2020-05-06 12:17:35 +02:00
|
|
|
|
'image_dir' => LS_ROOT_DIR. '/'. LS_IMAGES_DIR,
|
|
|
|
|
'css_dir' => LS_ROOT_DIR. '/'. LS_CSS_DIR,
|
|
|
|
|
'js_dir' => LS_ROOT_DIR. '/'. LS_JS_DIR,
|
|
|
|
|
'libs_dir' => LS_ROOT_DIR. '/'. LS_LIB_DIR,
|
2020-04-29 15:15:41 +02:00
|
|
|
|
'compile_dir' => LS_TMP_DIR_PATH,
|
|
|
|
|
'debug' => LSdebug,
|
|
|
|
|
'debug_smarty' => (isset($_REQUEST) && isset($_REQUEST['LStemplate_debug'])),
|
2013-06-17 23:39:22 +02:00
|
|
|
|
)
|
|
|
|
|
);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2013-06-17 23:39:22 +02:00
|
|
|
|
return False;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:15:41 +02:00
|
|
|
|
|
2009-03-25 13:26:32 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le topDn de la session
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @retval string le topDn de la session
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function getTopDn() {
|
2009-10-30 01:03:17 +01:00
|
|
|
|
if (!is_null(self :: $topDn)) {
|
|
|
|
|
return self :: $topDn;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return self :: getRootDn();
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le rootDn de la session
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @retval string le rootDn de la session
|
|
|
|
|
*/
|
|
|
|
|
public static function getRootDn() {
|
|
|
|
|
return self :: $ldapServer['ldap_config']['basedn'];
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* Initialisation de la gestion des erreurs
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Création de l'objet LSerror
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean true si l'initialisation a réussi, false sinon.
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
private static function startLSerror() {
|
|
|
|
|
if(!self :: loadLSclass('LSerror')) {
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return;
|
2009-01-02 17:00:25 +01:00
|
|
|
|
}
|
2009-01-25 15:37:03 +01:00
|
|
|
|
self :: defineLSerrors();
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2019-06-20 19:58:16 +02:00
|
|
|
|
* Load an LdapSaisie class
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2019-06-20 19:58:16 +02:00
|
|
|
|
* @param[in] $class The class name to load (Example : LSpeople)
|
|
|
|
|
* @param[in] $type (Optionnel) The class type to load (Example : LSobjects)
|
|
|
|
|
* @param[in] $warn (Optionnel) Trigger LSsession_05 error if an error occured loading this class (Default: false)
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2019-06-20 19:58:16 +02:00
|
|
|
|
* @retval boolean true on success, otherwise false
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2019-06-20 19:58:16 +02:00
|
|
|
|
public static function loadLSclass($class, $type=null, $warn=false) {
|
2008-02-08 18:39:24 +01:00
|
|
|
|
if (class_exists($class))
|
|
|
|
|
return true;
|
2019-06-20 19:58:16 +02:00
|
|
|
|
if($type)
|
|
|
|
|
$class = "$type.$class";
|
2020-05-07 11:19:36 +02:00
|
|
|
|
if (self :: includeFile(LS_CLASS_DIR .'class.'.$class.'.php', false, $warn))
|
2019-06-20 19:58:16 +02:00
|
|
|
|
return true;
|
|
|
|
|
if ($warn)
|
|
|
|
|
LSerror :: addErrorCode('LSsession_05', $class);
|
|
|
|
|
return False;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2020-06-15 10:40:48 +02:00
|
|
|
|
* Load LSobject type
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2020-06-15 10:40:48 +02:00
|
|
|
|
* @param[in] $object string Name of the LSobject type
|
|
|
|
|
* @param[in] $warn boolean Set to false to avoid warning in case of loading error (optional, default: true)
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2020-06-15 10:40:48 +02:00
|
|
|
|
* @retval boolean True if LSobject type loaded, false otherwise
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2020-06-15 10:40:48 +02:00
|
|
|
|
public static function loadLSobject($object, $warn=true) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
if(class_exists($object)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2009-01-02 17:00:25 +01:00
|
|
|
|
$error = 0;
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: loadLSclass('LSldapObject');
|
|
|
|
|
if (!self :: loadLSclass($object,'LSobjects')) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("loadLSobject($object): Fail to load LSldapObject class");
|
2009-01-02 17:00:25 +01:00
|
|
|
|
$error = 1;
|
2008-04-25 15:48:12 +02:00
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (!self :: includeFile( LS_OBJECTS_DIR . 'config.LSobjects.'.$object.'.php' )) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("loadLSobject($object): Fail to include 'config.LSobjects.$object.php' file");
|
2009-01-02 17:00:25 +01:00
|
|
|
|
$error = 1;
|
|
|
|
|
}
|
2009-03-25 13:26:32 +01:00
|
|
|
|
else {
|
|
|
|
|
if (!LSconfig :: set("LSobjects.$object",$GLOBALS['LSobjects'][$object])) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("loadLSobject($object): Fail to LSconfig :: set('LSobjects.$object', \$GLOBALS['LSobjects'][$object])");
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$error = 1;
|
|
|
|
|
}
|
2010-03-05 17:44:07 +01:00
|
|
|
|
else if (isset($GLOBALS['LSobjects'][$object]['LSaddons'])){
|
|
|
|
|
if (is_array($GLOBALS['LSobjects'][$object]['LSaddons'])) {
|
|
|
|
|
foreach ($GLOBALS['LSobjects'][$object]['LSaddons'] as $addon) {
|
|
|
|
|
if (!self :: loadLSaddon($addon)) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("loadLSobject($object): Fail to load LSaddon '$addon'");
|
2010-03-05 17:44:07 +01:00
|
|
|
|
$error = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (!self :: loadLSaddon($GLOBALS['LSobjects'][$object]['LSaddons'])) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("loadLSobject($object): Fail to load LSaddon '".$GLOBALS['LSobjects'][$object]['LSaddons']."'");
|
2010-03-05 17:44:07 +01:00
|
|
|
|
$error = 1;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
}
|
2010-03-05 17:44:07 +01:00
|
|
|
|
}
|
2009-03-25 13:26:32 +01:00
|
|
|
|
}
|
2020-06-15 10:40:48 +02:00
|
|
|
|
if ($error && $warn) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_04',$object);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return;
|
2008-04-25 15:48:12 +02:00
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2020-05-14 10:53:41 +02:00
|
|
|
|
* Load a LSaddon (if not already loaded)
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2020-05-14 10:53:41 +02:00
|
|
|
|
* @param[in] $addon The addon name (ex: samba)
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-05-14 10:53:41 +02:00
|
|
|
|
* @retval boolean True if addon loaded, false otherwise
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function loadLSaddon($addon) {
|
2020-05-14 10:53:41 +02:00
|
|
|
|
if (in_array($addon, self :: $loadedAddons))
|
|
|
|
|
return true;
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if(self :: includeFile(LS_ADDONS_DIR .'LSaddons.'.$addon.'.php')) {
|
2020-05-07 11:34:30 +02:00
|
|
|
|
// Load LSaddon config file (without warning if not found)
|
|
|
|
|
$conf_file = LS_CONF_DIR."LSaddons/config.LSaddons.".$addon.".php";
|
|
|
|
|
if (self :: includeFile($conf_file, false, false))
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug("loadLSaddon($addon): config file '$conf_file' loaded.");
|
2020-05-07 11:34:30 +02:00
|
|
|
|
else
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug("loadLSaddon($addon): config file '$conf_file' not found.");
|
2008-09-25 17:15:33 +02:00
|
|
|
|
if (!call_user_func('LSaddon_'. $addon .'_support')) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_02',$addon);
|
2008-09-25 17:15:33 +02:00
|
|
|
|
return;
|
|
|
|
|
}
|
2020-05-14 10:53:41 +02:00
|
|
|
|
self :: $loadedAddons[] = $addon;
|
2008-09-25 17:15:33 +02:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2010-03-10 17:07:18 +01:00
|
|
|
|
/**
|
|
|
|
|
* Chargement d'une classe d'authentification d'LdapSaisie
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2010-03-10 17:07:18 +01:00
|
|
|
|
* @retval boolean true si le chargement a reussi, false sinon.
|
|
|
|
|
*/
|
2010-11-24 19:12:21 +01:00
|
|
|
|
public static function loadLSauth() {
|
2010-03-10 17:07:18 +01:00
|
|
|
|
if (self :: loadLSclass('LSauth')) {
|
2010-11-24 19:12:21 +01:00
|
|
|
|
return true;
|
2010-03-10 17:07:18 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_05','LSauth');
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-29 15:15:41 +02:00
|
|
|
|
/**
|
|
|
|
|
* Load LdapSaisie CLI class
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean true if loaded, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
public static function loadLScli() {
|
|
|
|
|
if (self :: loadLSclass('LScli')) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_05','LScli');
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* Chargement des addons LdapSaisie
|
|
|
|
|
*
|
|
|
|
|
* Chargement des LSaddons contenue dans la variable
|
|
|
|
|
* $GLOBALS['LSaddons']['loads']
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean true si le chargement a réussi, false sinon.
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function loadLSaddons() {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$conf=LSconfig :: get('LSaddons.loads');
|
|
|
|
|
if(!is_array($conf)) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_01',"LSaddons['loads']");
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2009-03-25 13:26:32 +01:00
|
|
|
|
foreach ($conf as $addon) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: loadLSaddon($addon);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2009-03-25 18:46:48 +01:00
|
|
|
|
|
|
|
|
|
/**
|
2020-05-06 16:06:05 +02:00
|
|
|
|
* Load and start LSlang, the I18N manager
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-05-06 16:06:05 +02:00
|
|
|
|
* @param[in] $lang string|null The lang (optional, default: see LSlang :: setLocale())
|
|
|
|
|
* @param[in] $encoding string|null The encoding (optional, default: see LSlang :: setLocale())
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-05-06 16:06:05 +02:00
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-05-06 16:06:05 +02:00
|
|
|
|
* @retval boolean true if LSlang started, false otherwise
|
|
|
|
|
*/
|
|
|
|
|
private static function startLSlang($lang=null, $encoding=null) {
|
|
|
|
|
if(!self :: loadLSclass('LSlang')) {
|
2009-03-19 18:42:51 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2020-05-06 16:06:05 +02:00
|
|
|
|
LSlang :: setLocale($lang, $encoding);
|
|
|
|
|
return true;
|
2009-03-19 18:42:51 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2020-05-06 16:06:05 +02:00
|
|
|
|
* Initialize LdapSaisie
|
2009-01-24 18:45:14 +01:00
|
|
|
|
*
|
2020-05-06 16:06:05 +02:00
|
|
|
|
* @param[in] $lang string|null The lang (optional, default: see LSlang :: setLocale())
|
|
|
|
|
* @param[in] $encoding string|null The encoding (optional, default: see LSlang :: setLocale())
|
2015-08-21 12:58:50 +02:00
|
|
|
|
*
|
2020-05-06 16:06:05 +02:00
|
|
|
|
* @retval boolean True if initialized, false otherwise
|
2009-01-24 18:45:14 +01:00
|
|
|
|
*/
|
2020-05-06 16:06:05 +02:00
|
|
|
|
public static function initialize($lang=null, $encoding=null) {
|
2020-05-02 17:48:34 +02:00
|
|
|
|
if (self :: $initialized)
|
|
|
|
|
return true;
|
2015-07-25 18:24:03 +02:00
|
|
|
|
try {
|
|
|
|
|
if (!self :: startLSconfig()) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
self :: startLSerror();
|
2019-06-28 18:00:37 +02:00
|
|
|
|
self :: startLSlog();
|
2020-04-29 17:15:27 +02:00
|
|
|
|
self :: loadLScli();
|
2015-07-25 18:24:03 +02:00
|
|
|
|
self :: startLStemplate();
|
2020-05-02 17:48:34 +02:00
|
|
|
|
self :: startLSurl();
|
2015-07-25 18:24:03 +02:00
|
|
|
|
|
2020-04-29 15:15:41 +02:00
|
|
|
|
if (php_sapi_name() != "cli")
|
|
|
|
|
session_start();
|
2015-07-25 18:24:03 +02:00
|
|
|
|
|
2020-05-06 16:06:05 +02:00
|
|
|
|
self :: startLSlang($lang, $encoding);
|
2015-07-25 18:24:03 +02:00
|
|
|
|
|
|
|
|
|
self :: loadLSaddons();
|
|
|
|
|
self :: loadLSauth();
|
|
|
|
|
}
|
|
|
|
|
catch (Exception $e) {
|
|
|
|
|
die('LSsession : fail to initialize session. Error : '.$e->getMessage());
|
2009-03-19 18:42:51 +01:00
|
|
|
|
}
|
2020-05-02 17:48:34 +02:00
|
|
|
|
self :: $initialized = true;
|
2009-01-24 18:45:14 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-05 17:11:21 +01:00
|
|
|
|
* Initialisation de la session LdapSaisie
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* Initialisation d'une LSsession :
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* - Authentification et activation du mécanisme de session de LdapSaisie
|
2020-04-29 15:54:21 +02:00
|
|
|
|
* - ou Chargement des paramètres de la session à partir de la variable
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* $_SESSION['LSsession'].
|
|
|
|
|
* - ou Destruction de la session en cas de $_GET['LSsession_logout'].
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'initialisation à réussi (utilisateur authentifié), false sinon.
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function startLSsession() {
|
|
|
|
|
if (!self :: initialize()) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-12 19:23:24 +02:00
|
|
|
|
if(isset($_SESSION['LSsession']['LSuserObjectType']) && isset($_SESSION['LSsession']['dn']) && !isset($_GET['LSsession_recoverPassword'])) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug('existing session');
|
2010-11-24 19:12:21 +01:00
|
|
|
|
// --------------------- Session existante --------------------- //
|
2020-05-12 19:23:24 +02:00
|
|
|
|
self :: $topDn = $_SESSION['LSsession']['topDn'];
|
|
|
|
|
self :: $dn = $_SESSION['LSsession']['dn'];
|
|
|
|
|
self :: $LSuserObjectType = $_SESSION['LSsession']['LSuserObjectType'];
|
|
|
|
|
self :: $rdn = $_SESSION['LSsession']['rdn'];
|
|
|
|
|
self :: $ldapServerId = $_SESSION['LSsession']['ldapServerId'];
|
|
|
|
|
self :: $tmp_file = $_SESSION['LSsession']['tmp_file'];
|
|
|
|
|
self :: $userLDAPcreds = $_SESSION['LSsession']['userLDAPcreds'];
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if ( self :: cacheLSprofiles() && !isset($_REQUEST['LSsession_refresh']) ) {
|
|
|
|
|
self :: setLdapServer(self :: $ldapServerId);
|
2010-11-24 19:12:21 +01:00
|
|
|
|
if (!LSauth :: start()) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("startLSsession(): can't start LSauth -> stop");
|
2010-11-24 19:12:21 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: $LSprofiles = $_SESSION['LSsession']['LSprofiles'];
|
|
|
|
|
self :: $LSaccess = $_SESSION['LSsession']['LSaccess'];
|
2015-08-21 17:51:52 +02:00
|
|
|
|
self :: $LSaddonsViewsAccess = $_SESSION['LSsession']['LSaddonsViewsAccess'];
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (!self :: LSldapConnect())
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
self :: setLdapServer(self :: $ldapServerId);
|
2010-11-24 19:12:21 +01:00
|
|
|
|
if (!LSauth :: start()) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("startLSsession(): can't start LSauth -> stop");
|
2010-11-24 19:12:21 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (!self :: LSldapConnect())
|
|
|
|
|
return;
|
|
|
|
|
self :: loadLSprofiles();
|
2008-06-05 15:21:18 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if ( self :: cacheSudDn() && (!isset($_REQUEST['LSsession_refresh'])) ) {
|
2010-11-08 17:00:33 +01:00
|
|
|
|
self :: $_subDnLdapServer = ((isset($_SESSION['LSsession_subDnLdapServer']))?$_SESSION['LSsession_subDnLdapServer']:NULL);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-12 19:23:24 +02:00
|
|
|
|
if (!self :: loadLSobject(self :: $LSuserObjectType)) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2019-05-21 12:06:24 +02:00
|
|
|
|
|
|
|
|
|
LStemplate :: assign('globalSearch', self :: globalSearch());
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2010-03-10 19:36:23 +01:00
|
|
|
|
if (isset($_GET['LSsession_logout'])) {
|
2019-03-27 18:02:04 +01:00
|
|
|
|
// Trigger LSauth logout
|
2010-11-24 19:12:21 +01:00
|
|
|
|
LSauth :: logout();
|
2019-03-27 18:02:04 +01:00
|
|
|
|
|
|
|
|
|
// Delete temporaries files
|
2010-03-10 19:36:23 +01:00
|
|
|
|
if (is_array($_SESSION['LSsession']['tmp_file'])) {
|
|
|
|
|
self :: $tmp_file = $_SESSION['LSsession']['tmp_file'];
|
|
|
|
|
}
|
|
|
|
|
self :: deleteTmpFile();
|
2019-03-27 18:02:04 +01:00
|
|
|
|
|
|
|
|
|
// Destroy local session
|
2010-03-10 19:36:23 +01:00
|
|
|
|
unset($_SESSION['LSsession']);
|
2019-03-27 18:02:04 +01:00
|
|
|
|
session_destroy();
|
|
|
|
|
|
|
|
|
|
// Trigger LSauth after logout
|
|
|
|
|
LSauth :: afterLogout();
|
|
|
|
|
|
|
|
|
|
// Redirect user on home page
|
2020-05-07 09:56:28 +02:00
|
|
|
|
LSurl :: redirect();
|
2010-03-10 19:36:23 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if ( !self :: cacheLSprofiles() || isset($_REQUEST['LSsession_refresh']) ) {
|
2015-08-21 17:49:04 +02:00
|
|
|
|
self :: loadLSprofiles();
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: loadLSaccess();
|
2015-08-21 17:51:52 +02:00
|
|
|
|
self :: loadLSaddonsViewsAccess();
|
2015-08-21 17:49:04 +02:00
|
|
|
|
$_SESSION['LSsession']=self :: getContextInfos();
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign('LSsession_username',self :: getLSuserObject() -> getDisplayName());
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2010-11-08 17:00:33 +01:00
|
|
|
|
if (isset ($_POST['LSsession_topDn']) && $_POST['LSsession_topDn']) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: validSubDnLdapServer($_POST['LSsession_topDn'])) {
|
|
|
|
|
self :: $topDn = $_POST['LSsession_topDn'];
|
|
|
|
|
$_SESSION['LSsession']['topDn'] = $_POST['LSsession_topDn'];
|
|
|
|
|
} // end if
|
|
|
|
|
} // end if
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
return true;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2010-11-24 19:12:21 +01:00
|
|
|
|
// --------------------- Session inexistante --------------------- //
|
2010-03-10 19:07:58 +01:00
|
|
|
|
if (isset($_GET['LSsession_recoverPassword'])) {
|
|
|
|
|
session_destroy();
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
// Session inexistante
|
2009-10-31 02:33:01 +01:00
|
|
|
|
if (isset($_POST['LSsession_ldapserver'])) {
|
|
|
|
|
self :: setLdapServer($_POST['LSsession_ldapserver']);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
self :: setLdapServer(0);
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-31 02:33:01 +01:00
|
|
|
|
// Connexion au serveur LDAP
|
|
|
|
|
if (self :: LSldapConnect()) {
|
|
|
|
|
|
|
|
|
|
// topDn
|
2010-11-16 19:26:49 +01:00
|
|
|
|
if (isset($_POST['LSsession_topDn']) && $_POST['LSsession_topDn'] != '' ){
|
2009-10-31 02:33:01 +01:00
|
|
|
|
self :: $topDn = $_POST['LSsession_topDn'];
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-10-31 02:33:01 +01:00
|
|
|
|
self :: $topDn = self :: $ldapServer['ldap_config']['basedn'];
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
2009-10-31 02:33:01 +01:00
|
|
|
|
$_SESSION['LSsession_topDn']=self :: $topDn;
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2010-11-24 19:12:21 +01:00
|
|
|
|
if (!LSauth :: start()) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("startLSsession(): can't start LSauth -> stop");
|
2010-11-24 19:12:21 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-31 02:33:01 +01:00
|
|
|
|
if (isset($_GET['LSsession_recoverPassword'])) {
|
2020-05-07 11:36:25 +02:00
|
|
|
|
$recoveryPasswordInfos = self :: recoverPasswd (
|
|
|
|
|
(isset($_REQUEST['LSsession_user'])?$_REQUEST['LSsession_user']:''),
|
|
|
|
|
(isset($_GET['recoveryHash'])?$_GET['recoveryHash']:'')
|
|
|
|
|
);
|
2009-10-31 02:33:01 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2010-11-24 19:12:21 +01:00
|
|
|
|
$LSuserObject = LSauth :: forceAuthentication();
|
|
|
|
|
if ($LSuserObject) {
|
|
|
|
|
// Authentication successful
|
|
|
|
|
self :: $LSuserObject = $LSuserObject;
|
2020-05-12 19:23:24 +02:00
|
|
|
|
self :: $LSuserObjectType = $LSuserObject -> getType();
|
2010-11-24 19:12:21 +01:00
|
|
|
|
self :: $dn = $LSuserObject->getValue('dn');
|
|
|
|
|
self :: $rdn = $LSuserObject->getValue('rdn');
|
2014-11-18 13:16:38 +01:00
|
|
|
|
if (isset(self :: $ldapServer['useUserCredentials']) && self :: $ldapServer['useUserCredentials']) {
|
|
|
|
|
self :: $userLDAPcreds = LSauth :: getLDAPcredentials($LSuserObject);
|
|
|
|
|
if (!is_array(self :: $userLDAPcreds)) {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_14');
|
|
|
|
|
self :: $userLDAPcreds = false;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if (!LSldap :: reconnectAs(self :: $userLDAPcreds['dn'],self :: $userLDAPcreds['pwd'])) {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_15');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-11-24 19:12:21 +01:00
|
|
|
|
self :: loadLSprofiles();
|
|
|
|
|
self :: loadLSaccess();
|
2015-08-21 17:51:52 +02:00
|
|
|
|
self :: loadLSaddonsViewsAccess();
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign('LSsession_username',self :: getLSuserObject() -> getDisplayName());
|
2019-05-21 12:06:24 +02:00
|
|
|
|
LStemplate :: assign('globalSearch', self :: globalSearch());
|
2010-11-24 19:12:21 +01:00
|
|
|
|
$_SESSION['LSsession']=self :: getContextInfos();
|
|
|
|
|
return true;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-06-05 15:21:18 +02:00
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
2009-10-31 02:33:01 +01:00
|
|
|
|
else {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_09');
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: $ldapServerId) {
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign('ldapServerId',self :: $ldapServerId);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign('topDn',self :: $topDn);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (isset($_GET['LSsession_recoverPassword'])) {
|
|
|
|
|
self :: displayRecoverPasswordForm($recoveryPasswordInfos);
|
|
|
|
|
}
|
2010-11-24 19:12:21 +01:00
|
|
|
|
elseif(LSauth :: displayLoginForm()) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: displayLoginForm();
|
|
|
|
|
}
|
2009-10-31 02:33:01 +01:00
|
|
|
|
else {
|
2020-05-07 12:16:12 +02:00
|
|
|
|
self :: setTemplate('base.tpl');
|
2009-10-31 02:33:01 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_10');
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:15:41 +02:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Initialize a CLI session for LdapSaisie
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True if intialized, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
public static function startCliLSsession() {
|
|
|
|
|
if (php_sapi_name() != "cli") return;
|
|
|
|
|
if (!self :: initialize()) return;
|
|
|
|
|
if (!self :: loadLScli()) return;
|
|
|
|
|
return True;
|
|
|
|
|
}
|
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
/**
|
|
|
|
|
* Do recover password
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @param[in] $username string The submited username
|
|
|
|
|
* @param[in] $recoveryHash string The submited recoveryHash
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @retval array The recoveryPassword infos for template
|
|
|
|
|
**/
|
2020-05-12 19:23:24 +02:00
|
|
|
|
private static function recoverPasswd($username, $recoveryHash) {
|
|
|
|
|
// Check feature is enabled and LSmail available
|
|
|
|
|
if (!isset(self :: $ldapServer['recoverPassword']) || !self :: loadLSaddon('mail')) {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_18');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Start LSauth
|
|
|
|
|
if (!LSauth :: start()) {
|
|
|
|
|
self :: log_error("recoverPasswd(): can't start LSauth -> stop");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Search user by recoveryHash or username
|
|
|
|
|
if (!empty($recoveryHash)) {
|
|
|
|
|
$users = array();
|
|
|
|
|
$filter = Net_LDAP2_Filter::create(
|
|
|
|
|
self :: $ldapServer['recoverPassword']['recoveryHashAttr'],
|
|
|
|
|
'equals',
|
|
|
|
|
$recoveryHash
|
|
|
|
|
);
|
|
|
|
|
foreach (LSauth :: getAuthObjectTypes() as $objType => $objParams) {
|
|
|
|
|
if (!self :: loadLSobject($objType))
|
|
|
|
|
return false;
|
|
|
|
|
$authobject = new $objType();
|
|
|
|
|
$users = array_merge(
|
|
|
|
|
$users,
|
|
|
|
|
$authobject -> listObjects($filter, self :: $topDn, array('onlyAccessible' => false))
|
2009-10-30 01:03:17 +01:00
|
|
|
|
);
|
2010-03-10 19:07:58 +01:00
|
|
|
|
}
|
2020-05-12 19:23:24 +02:00
|
|
|
|
}
|
|
|
|
|
elseif (!empty($username)) {
|
|
|
|
|
$users = LSauth :: username2LSobjects($username);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
self :: log_debug('recoverPasswd(): no username or recoveryHash provided.');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check user found (and not duplicated)
|
|
|
|
|
$nbresult = count($users);
|
|
|
|
|
if ($nbresult == 0) {
|
|
|
|
|
self :: log_debug('recoverPasswd(): incorrect hash/username');
|
|
|
|
|
LSerror :: addErrorCode('LSsession_06');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
elseif ($nbresult > 1) {
|
|
|
|
|
self :: log_debug("recoverPasswd(): duplicated user found with hash='$recoveryHash' / username='$username'");
|
|
|
|
|
LSerror :: addErrorCode('LSsession_07');
|
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-12 19:23:24 +02:00
|
|
|
|
$user = array_pop($users);
|
|
|
|
|
$rdn = $user -> getValue('rdn');
|
|
|
|
|
$username = $rdn[0];
|
|
|
|
|
self :: log_debug("recoverPasswd(): user found, username = '$username'");
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-12 19:23:24 +02:00
|
|
|
|
|
|
|
|
|
self :: log_debug("recoverPasswd(): start recovering password");
|
|
|
|
|
$emailAddress = $user -> getValue(self :: $ldapServer['recoverPassword']['mailAttr']);
|
|
|
|
|
$emailAddress = $emailAddress[0];
|
|
|
|
|
|
|
|
|
|
if (!checkEmail($emailAddress)) {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_19');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
self :: log_debug("recoverPasswd(): Email = '$emailAddress'");
|
|
|
|
|
self :: $dn = $user -> getDn();
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
$recoveryPasswordInfos = array();
|
|
|
|
|
|
|
|
|
|
// First step : send recoveryHash
|
|
|
|
|
if (empty($recoveryHash)) {
|
|
|
|
|
$hash = self :: recoverPasswdFirstStep($user);
|
|
|
|
|
if ($hash) {
|
|
|
|
|
if (self :: recoverPasswdSendMail($emailAddress, 1, $hash)) {
|
|
|
|
|
// Recovery hash sent
|
|
|
|
|
$recoveryPasswordInfos['recoveryHashMail'] = $emailAddress;
|
2009-10-30 01:03:17 +01:00
|
|
|
|
}
|
2020-05-12 19:23:24 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// Second step : generate and send new password
|
|
|
|
|
else {
|
|
|
|
|
$pwd = self :: recoverPasswdSecondStep($user);
|
|
|
|
|
if ($pwd) {
|
|
|
|
|
if (self :: recoverPasswdSendMail($emailAddress, 2, $pwd)) {
|
|
|
|
|
// New password sent
|
|
|
|
|
$recoveryPasswordInfos['newPasswordMail'] = $emailAddress;
|
2009-10-30 01:03:17 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $recoveryPasswordInfos;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
/**
|
|
|
|
|
* Send recover password mail
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @param[in] $mail string The user's mail
|
|
|
|
|
* @param[in] $step integer The step
|
|
|
|
|
* @param[in] $info string The info for formatted message
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @retval boolean True on success or False
|
|
|
|
|
**/
|
|
|
|
|
private static function recoverPasswdSendMail($mail,$step,$info) {
|
|
|
|
|
// Header des mails
|
|
|
|
|
$sendParams=array();
|
|
|
|
|
if (self :: $ldapServer['recoverPassword']['recoveryEmailSender']) {
|
|
|
|
|
$sendParams['From']=self :: $ldapServer['recoverPassword']['recoveryEmailSender'];
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
if ($step==1) {
|
|
|
|
|
$subject = self :: $ldapServer['recoverPassword']['recoveryHashMail']['subject'];
|
|
|
|
|
$msg = getFData(
|
|
|
|
|
self :: $ldapServer['recoverPassword']['recoveryHashMail']['msg'],
|
2020-05-07 11:36:25 +02:00
|
|
|
|
LSurl :: get_public_absolute_url('index')."?LSsession_recoverPassword&recoveryHash=$info"
|
2009-10-30 01:03:17 +01:00
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$subject = self :: $ldapServer['recoverPassword']['newPasswordMail']['subject'];
|
|
|
|
|
$msg = getFData(
|
|
|
|
|
self :: $ldapServer['recoverPassword']['newPasswordMail']['msg'],
|
|
|
|
|
$info
|
|
|
|
|
);
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
if (!sendMail($mail,$subject,$msg,$sendParams)) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug("recoverPasswdSendMail($mail, $step): error sending email.");
|
2009-10-30 01:03:17 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_20',4);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
/**
|
|
|
|
|
* Do first step of recovering password
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @param[in] $user LSldapObject The LSldapObject of the user
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @retval string|False The recory hash on success or False
|
|
|
|
|
**/
|
|
|
|
|
private static function recoverPasswdFirstStep($user) {
|
|
|
|
|
// Generer un hash
|
|
|
|
|
$rdn=$user -> getValue('rdn');
|
|
|
|
|
$rdn = $rdn[0];
|
|
|
|
|
$recovery_hash = md5($rdn . strval(time()) . strval(rand()));
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
$lostPasswdForm = $user -> getForm('lostPassword');
|
|
|
|
|
$lostPasswdForm -> setPostData(
|
|
|
|
|
array(
|
|
|
|
|
self :: $ldapServer['recoverPassword']['recoveryHashAttr'] => $recovery_hash
|
|
|
|
|
)
|
|
|
|
|
,true
|
|
|
|
|
);
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
if($lostPasswdForm -> validate()) {
|
|
|
|
|
if ($user -> updateData('lostPassword')) {
|
|
|
|
|
// recoveryHash de l'utilisateur mis à jour
|
|
|
|
|
return $recovery_hash;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
// Erreur durant la mise à jour de l'objet
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("recoverPasswdFirstStep($user): error updating user.");
|
2009-10-30 01:03:17 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_20',6);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
// Erreur durant la validation du formulaire de modification de perte de password
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("recoverPasswdFirstStep($user): error validating form.");
|
2009-10-30 01:03:17 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_20',5);
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Do second step of recovering password
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @param[in] $user LSldapObject The LSldapObject of the user
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @retval string|False The new password on success or False
|
|
|
|
|
**/
|
|
|
|
|
private static function recoverPasswdSecondStep($user) {
|
2020-05-12 19:23:24 +02:00
|
|
|
|
$pwd_attr_name = LSauth :: getUserPasswordAttribute($user);
|
|
|
|
|
if (array_key_exists($pwd_attr_name, $user -> attrs)) {
|
|
|
|
|
$pwd_attr = $user -> attrs[$pwd_attr_name];
|
|
|
|
|
$pwd = generatePassword(
|
|
|
|
|
$pwd_attr -> getConfig('html_options.chars'),
|
2020-05-12 20:20:11 +02:00
|
|
|
|
$pwd_attr -> getConfig('html_options.lenght')
|
2009-10-30 01:03:17 +01:00
|
|
|
|
);
|
2020-05-12 19:23:24 +02:00
|
|
|
|
self :: log_debug("recoverPasswdSecondStep($user): new password = '$pwd'.");
|
2009-10-30 01:03:17 +01:00
|
|
|
|
$lostPasswdForm = $user -> getForm('lostPassword');
|
|
|
|
|
$lostPasswdForm -> setPostData(
|
|
|
|
|
array(
|
|
|
|
|
self :: $ldapServer['recoverPassword']['recoveryHashAttr'] => array(''),
|
2020-05-12 19:23:24 +02:00
|
|
|
|
$pwd_attr_name => array($pwd)
|
2009-10-30 01:03:17 +01:00
|
|
|
|
)
|
|
|
|
|
,true
|
|
|
|
|
);
|
|
|
|
|
if($lostPasswdForm -> validate()) {
|
|
|
|
|
if ($user -> updateData('lostPassword')) {
|
2020-05-12 19:23:24 +02:00
|
|
|
|
return $pwd;
|
2009-10-30 01:03:17 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
// Erreur durant la mise à jour de l'objet
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("recoverPasswdSecondStep($user): error updating user.");
|
2009-10-30 01:03:17 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_20',3);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
// Erreur durant la validation du formulaire de modification de perte de password
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error("recoverPasswdSecondStep($user): error validating form.");
|
2009-10-30 01:03:17 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_20',2);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
// l'attribut password n'existe pas
|
2020-05-12 19:23:24 +02:00
|
|
|
|
self :: log_error("recoverPasswdSecondStep($user): password attribute '$pwd_attr_name' does not exists.");
|
2009-10-30 01:03:17 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_20',1);
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne les informations du contexte
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-01-24 18:45:14 +01:00
|
|
|
|
* @retval array Tableau associatif des informations du contexte
|
|
|
|
|
*/
|
|
|
|
|
private static function getContextInfos() {
|
|
|
|
|
return array(
|
|
|
|
|
'tmp_file' => self :: $tmp_file,
|
|
|
|
|
'topDn' => self :: $topDn,
|
|
|
|
|
'dn' => self :: $dn,
|
|
|
|
|
'rdn' => self :: $rdn,
|
2020-05-12 19:23:24 +02:00
|
|
|
|
'LSuserObjectType' => self :: $LSuserObjectType,
|
2014-11-18 13:16:38 +01:00
|
|
|
|
'userLDAPcreds' => self :: $userLDAPcreds,
|
2009-01-24 18:45:14 +01:00
|
|
|
|
'ldapServerId' => self :: $ldapServerId,
|
|
|
|
|
'ldapServer' => self :: $ldapServer,
|
|
|
|
|
'LSprofiles' => self :: $LSprofiles,
|
2015-08-21 17:51:52 +02:00
|
|
|
|
'LSaccess' => self :: $LSaccess,
|
|
|
|
|
'LSaddonsViewsAccess' => self :: $LSaddonsViewsAccess
|
2009-01-24 18:45:14 +01:00
|
|
|
|
);
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne l'objet de l'utilisateur connecté
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-01-24 18:45:14 +01:00
|
|
|
|
* @retval mixed L'objet de l'utilisateur connecté ou false si il n'a pas put
|
|
|
|
|
* être créé
|
|
|
|
|
*/
|
2020-05-12 19:23:24 +02:00
|
|
|
|
public static function &getLSuserObject($dn=null) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if ($dn) {
|
|
|
|
|
self :: $dn = $dn;
|
|
|
|
|
}
|
|
|
|
|
if (!self :: $LSuserObject) {
|
2020-05-12 19:23:24 +02:00
|
|
|
|
if (self :: $LSuserObjectType && self :: loadLSobject(self :: $LSuserObjectType)) {
|
|
|
|
|
self :: $LSuserObject = new self :: $LSuserObjectType();
|
|
|
|
|
if (!self :: $LSuserObject -> loadData(self :: $dn)) {
|
|
|
|
|
self :: $LSuserObject = null;
|
|
|
|
|
return;
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
|
|
|
|
return self :: $LSuserObject;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-07 12:16:12 +02:00
|
|
|
|
/**
|
|
|
|
|
* Check if user is connected
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True if user connected, false instead
|
|
|
|
|
*/
|
|
|
|
|
public static function isConnected() {
|
2020-05-12 19:23:24 +02:00
|
|
|
|
if (self :: getLSuserObject())
|
2020-05-07 12:16:12 +02:00
|
|
|
|
return true;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le DN de l'utilisateur connecté
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-01-24 18:45:14 +01:00
|
|
|
|
* @retval string Le DN de l'utilisateur connecté
|
|
|
|
|
*/
|
|
|
|
|
public static function getLSuserObjectDn() {
|
|
|
|
|
return self :: $dn;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-07-29 15:45:02 +02:00
|
|
|
|
/**
|
2020-05-12 19:23:24 +02:00
|
|
|
|
* Live change of the connected user
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-05-12 19:23:24 +02:00
|
|
|
|
* @param[in] $object LSldapObject The new connected user object
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-05-12 19:23:24 +02:00
|
|
|
|
* @retval boolean True on succes, false otherwise
|
2008-07-29 15:45:02 +02:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function changeAuthUser($object) {
|
2020-05-12 19:23:24 +02:00
|
|
|
|
if($object instanceof LSldapObject)
|
|
|
|
|
return;
|
|
|
|
|
if(!in_array($object -> getType(), LSauth :: getAuthObjectTypes()))
|
|
|
|
|
return;
|
|
|
|
|
self :: $dn = $object -> getDn();
|
|
|
|
|
$rdn = $object -> getValue('rdn');
|
|
|
|
|
if(is_array($rdn)) {
|
|
|
|
|
$rdn = $rdn[0];
|
|
|
|
|
}
|
|
|
|
|
self :: $rdn = $rdn;
|
|
|
|
|
self :: $LSuserObject = $object;
|
|
|
|
|
self :: $LSuserObjectType = $object -> getType();
|
|
|
|
|
|
|
|
|
|
if(self :: loadLSprofiles()) {
|
|
|
|
|
self :: loadLSaccess();
|
|
|
|
|
self :: loadLSaddonsViewsAccess();
|
|
|
|
|
$_SESSION['LSsession']=self :: getContextInfos();
|
|
|
|
|
return true;
|
2008-07-29 15:45:02 +02:00
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Définition du serveur Ldap de la session
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2020-04-29 15:54:21 +02:00
|
|
|
|
* Définition du serveur Ldap de la session à partir de son ID dans
|
2009-03-25 18:46:48 +01:00
|
|
|
|
* le tableau LSconfig :: get('ldap_servers').
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @param[in] integer Index du serveur Ldap
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True sinon false.
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function setLdapServer($id) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$conf = LSconfig :: get("ldap_servers.$id");
|
|
|
|
|
if ( is_array($conf) ) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: $ldapServerId = $id;
|
2009-03-25 13:26:32 +01:00
|
|
|
|
self :: $ldapServer = $conf;
|
2020-05-06 16:06:05 +02:00
|
|
|
|
LSlang :: setLocale();
|
2014-12-12 22:11:32 +01:00
|
|
|
|
self :: setGlobals();
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* Connexion au serveur Ldap
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True sinon false.
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function LSldapConnect() {
|
2020-06-15 10:40:48 +02:00
|
|
|
|
if (!self :: $ldapServer && !self :: setLdapServer(0)) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: $ldapServer) {
|
2020-04-29 15:15:41 +02:00
|
|
|
|
self :: includeFile(LSconfig :: get('NetLDAP2'), true);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (!self :: loadLSclass('LSldap')) {
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return;
|
2008-12-05 15:38:42 +01:00
|
|
|
|
}
|
2014-11-18 13:16:38 +01:00
|
|
|
|
if (self :: $dn && isset(self :: $ldapServer['useUserCredentials']) && self :: $ldapServer['useUserCredentials']) {
|
|
|
|
|
LSldap :: reconnectAs(self :: $userLDAPcreds['dn'], self :: $userLDAPcreds['pwd'],self :: $ldapServer['ldap_config']);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
LSldap :: connect(self :: $ldapServer['ldap_config']);
|
|
|
|
|
}
|
2009-01-25 15:37:03 +01:00
|
|
|
|
if (LSldap :: isConnected()) {
|
2008-12-05 15:38:42 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_03');
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-10-26 00:34:06 +01:00
|
|
|
|
/**
|
|
|
|
|
* Use this function to know if subDn is enabled for the curent LdapServer
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-26 00:34:06 +01:00
|
|
|
|
* @retval boolean
|
|
|
|
|
**/
|
|
|
|
|
public static function subDnIsEnabled() {
|
|
|
|
|
if (!isset(self :: $ldapServer['subDn'])) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if ( !is_array(self :: $ldapServer['subDn']) ) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* Retourne les sous-dns du serveur Ldap courant
|
|
|
|
|
*
|
|
|
|
|
* @retval mixed Tableau des subDn, false si une erreur est survenue.
|
|
|
|
|
*/
|
2010-11-16 11:50:18 +01:00
|
|
|
|
public static function getSubDnLdapServer($login=false) {
|
|
|
|
|
$login=(bool)$login;
|
|
|
|
|
if (self :: cacheSudDn() && isset(self :: $_subDnLdapServer[self :: $ldapServerId][$login])) {
|
2010-11-26 14:46:48 +01:00
|
|
|
|
return self :: $_subDnLdapServer[self :: $ldapServerId][$login];
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
2009-10-26 00:34:06 +01:00
|
|
|
|
if (!self::subDnIsEnabled()) {
|
2009-01-02 17:00:25 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
$return=array();
|
2009-01-24 18:45:14 +01:00
|
|
|
|
foreach(self :: $ldapServer['subDn'] as $subDn_name => $subDn_config) {
|
2010-11-25 12:27:46 +01:00
|
|
|
|
if ($login && isset($subDn_config['nologin']) && $subDn_config['nologin']) continue;
|
2009-01-02 17:00:25 +01:00
|
|
|
|
if ($subDn_name == 'LSobject') {
|
|
|
|
|
if (is_array($subDn_config)) {
|
|
|
|
|
foreach($subDn_config as $LSobject_name => $LSoject_config) {
|
2010-11-25 12:27:46 +01:00
|
|
|
|
if (isset($LSoject_config['basedn']) && !empty($LSoject_config['basedn'])) {
|
2009-01-03 23:00:32 +01:00
|
|
|
|
$basedn = $LSoject_config['basedn'];
|
2009-01-02 17:00:25 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-10-30 01:03:17 +01:00
|
|
|
|
$basedn = self::getRootDn();
|
2009-01-03 23:00:32 +01:00
|
|
|
|
}
|
2010-11-25 12:27:46 +01:00
|
|
|
|
if (isset($LSoject_config['displayName']) && !empty($LSoject_config['displayName'])) {
|
2009-01-07 20:58:08 +01:00
|
|
|
|
$displayName = $LSoject_config['displayName'];
|
2009-01-03 23:00:32 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-07 20:58:08 +01:00
|
|
|
|
$displayName = NULL;
|
2009-01-02 17:00:25 +01:00
|
|
|
|
}
|
2017-03-23 16:26:28 +01:00
|
|
|
|
$sparams = array();
|
|
|
|
|
$sparams['onlyAccessible'] = (isset($LSoject_config['onlyAccessible'])?$LSoject_config['onlyAccessible']:False);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if( self :: loadLSobject($LSobject_name) ) {
|
2009-01-02 17:00:25 +01:00
|
|
|
|
if ($subdnobject = new $LSobject_name()) {
|
2017-03-23 16:26:28 +01:00
|
|
|
|
$tbl_return = $subdnobject -> getSelectArray(NULL,$basedn,$displayName,false,false,NULL,$sparams);
|
2009-01-02 17:00:25 +01:00
|
|
|
|
if (is_array($tbl_return)) {
|
|
|
|
|
$return=array_merge($return,$tbl_return);
|
2008-04-25 15:48:12 +02:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_17',3);
|
2008-04-25 15:48:12 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_17',2);
|
2008-04-25 15:48:12 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: addErrorCode('LSsession_17',1);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-01-02 17:00:25 +01:00
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if ((isCompatibleDNs($subDn_config['dn'],self :: $ldapServer['ldap_config']['basedn']))&&($subDn_config['dn']!="")) {
|
2009-03-20 11:42:45 +01:00
|
|
|
|
$return[$subDn_config['dn']] = __($subDn_name);
|
2009-01-02 17:00:25 +01:00
|
|
|
|
}
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: cacheSudDn()) {
|
2010-11-16 11:50:18 +01:00
|
|
|
|
self :: $_subDnLdapServer[self :: $ldapServerId][$login]=$return;
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$_SESSION['LSsession_subDnLdapServer'] = self :: $_subDnLdapServer;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2009-01-02 17:00:25 +01:00
|
|
|
|
return $return;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-06-18 14:27:35 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne la liste de subDn du serveur Ldap utilise
|
|
|
|
|
* trié par la profondeur dans l'arboressence (ordre décroissant)
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-18 14:27:35 +02:00
|
|
|
|
* @return array() Tableau des subDn trié
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*/
|
2010-11-16 11:50:18 +01:00
|
|
|
|
public static function getSortSubDnLdapServer($login=false) {
|
|
|
|
|
$subDnLdapServer = self :: getSubDnLdapServer($login);
|
2008-06-20 17:52:15 +02:00
|
|
|
|
if (!$subDnLdapServer) {
|
|
|
|
|
return array();
|
|
|
|
|
}
|
2008-06-18 14:27:35 +02:00
|
|
|
|
uksort($subDnLdapServer,"compareDn");
|
|
|
|
|
return $subDnLdapServer;
|
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne les options d'une liste déroulante pour le choix du topDn
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* de connexion au serveur Ldap
|
|
|
|
|
*
|
2009-01-24 18:45:14 +01:00
|
|
|
|
* Liste les subdn (self :: $ldapServer['subDn'])
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval string Les options (<option>) pour la sélection du topDn.
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2010-11-16 11:50:18 +01:00
|
|
|
|
public static function getSubDnLdapServerOptions($selected=NULL,$login=false) {
|
|
|
|
|
$list = self :: getSubDnLdapServer($login);
|
2008-04-25 15:48:12 +02:00
|
|
|
|
if ($list) {
|
2008-07-19 21:14:57 +02:00
|
|
|
|
asort($list);
|
2008-04-25 15:48:12 +02:00
|
|
|
|
$display='';
|
|
|
|
|
foreach($list as $dn => $txt) {
|
|
|
|
|
if ($selected && ($selected==$dn)) {
|
|
|
|
|
$selected_txt = ' selected';
|
2008-02-05 17:11:21 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2008-04-25 15:48:12 +02:00
|
|
|
|
$selected_txt = '';
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
$display.="<option value=\"".$dn."\"$selected_txt>".$txt."</option>\n";
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-04-25 15:48:12 +02:00
|
|
|
|
return $display;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-04-25 15:48:12 +02:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
/**
|
|
|
|
|
* Vérifie qu'un subDn est déclaré
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string Un subDn
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-01-24 18:45:14 +01:00
|
|
|
|
* @retval boolean True si le subDn existe, False sinon
|
|
|
|
|
*/
|
|
|
|
|
public static function validSubDnLdapServer($subDn) {
|
|
|
|
|
$listTopDn = self :: getSubDnLdapServer();
|
2008-04-25 15:48:12 +02:00
|
|
|
|
if(is_array($listTopDn)) {
|
|
|
|
|
foreach($listTopDn as $dn => $txt) {
|
|
|
|
|
if ($subDn==$dn) {
|
|
|
|
|
return true;
|
|
|
|
|
} // end if
|
|
|
|
|
} // end foreach
|
|
|
|
|
} // end if
|
|
|
|
|
return;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* Test un couple LSobject/pwd
|
|
|
|
|
*
|
|
|
|
|
* Test un bind sur le serveur avec le dn de l'objet et le mot de passe fourni.
|
|
|
|
|
*
|
|
|
|
|
* @param[in] LSobject L'object "user" pour l'authentification
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @param[in] string Le mot de passe à tester
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'authentification à réussi, false sinon.
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function checkUserPwd($object,$pwd) {
|
2009-01-25 15:37:03 +01:00
|
|
|
|
return LSldap :: checkBind($object -> getValue('dn'),$pwd);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* Affiche le formulaire de login
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Défini les informations pour le template Smarty du formulaire de login.
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function displayLoginForm() {
|
2020-05-07 11:36:25 +02:00
|
|
|
|
LStemplate :: assign('pagetitle', _('Connection'));
|
|
|
|
|
$ldapservers = array();
|
|
|
|
|
foreach(LSconfig :: get('ldap_servers') as $id => $infos)
|
|
|
|
|
$ldapservers[$id] = __($infos['name']);
|
|
|
|
|
LStemplate :: assign('ldapservers', $ldapservers);
|
|
|
|
|
LStemplate :: assign('ldapServerId', (self :: $ldapServerId?self :: $ldapServerId:0));
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: setTemplate('login.tpl');
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: addJSscript('LSsession_login.js');
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Affiche le formulaire de récupération de mot de passe
|
|
|
|
|
*
|
2020-04-29 15:54:21 +02:00
|
|
|
|
* Défini les informations pour le template Smarty du formulaire de
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* récupération de mot de passe
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
|
|
|
|
* @param[in] $infos array() Information sur le status du processus de
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* recouvrement de mot de passe
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function displayRecoverPasswordForm($recoveryPasswordInfos) {
|
2020-05-07 11:36:25 +02:00
|
|
|
|
LStemplate :: assign('pagetitle', _('Recovery of your credentials'));
|
2008-06-05 15:21:18 +02:00
|
|
|
|
|
2020-05-07 11:36:25 +02:00
|
|
|
|
$ldapservers = array();
|
|
|
|
|
foreach(LSconfig :: get('ldap_servers') as $id => $infos)
|
|
|
|
|
$ldapservers[$id] = __($infos['name']);
|
|
|
|
|
LStemplate :: assign('ldapservers', $ldapservers);
|
|
|
|
|
LStemplate :: assign('ldapServerId', (self :: $ldapServerId?self :: $ldapServerId:0));
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2019-03-08 11:26:54 +01:00
|
|
|
|
$recoverpassword_step = 'start';
|
2009-02-12 13:38:56 +01:00
|
|
|
|
$recoverpassword_msg = _('Please fill the identifier field to proceed recovery procedure');
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-06-05 15:21:18 +02:00
|
|
|
|
if (isset($recoveryPasswordInfos['recoveryHashMail'])) {
|
2019-03-08 11:26:54 +01:00
|
|
|
|
$recoverpassword_step = 'token_sent';
|
2008-06-19 16:20:59 +02:00
|
|
|
|
$recoverpassword_msg = getFData(
|
2009-02-12 13:38:56 +01:00
|
|
|
|
_("An email has been sent to %{mail}. " .
|
|
|
|
|
"Please follow the instructions on it."),
|
2008-06-19 16:20:59 +02:00
|
|
|
|
$recoveryPasswordInfos['recoveryHashMail']
|
2008-06-05 15:21:18 +02:00
|
|
|
|
);
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-06-05 15:21:18 +02:00
|
|
|
|
if (isset($recoveryPasswordInfos['newPasswordMail'])) {
|
2019-03-08 11:26:54 +01:00
|
|
|
|
$recoverpassword_step = 'new_password_sent';
|
2008-06-19 16:20:59 +02:00
|
|
|
|
$recoverpassword_msg = getFData(
|
2020-04-29 15:38:41 +02:00
|
|
|
|
_("Your new password has been sent to %{mail}."),
|
2008-06-19 16:20:59 +02:00
|
|
|
|
$recoveryPasswordInfos['newPasswordMail']
|
2008-06-05 15:21:18 +02:00
|
|
|
|
);
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-07 11:36:25 +02:00
|
|
|
|
LStemplate :: assign('recoverpassword_step', $recoverpassword_step);
|
|
|
|
|
LStemplate :: assign('recoverpassword_msg', $recoverpassword_msg);
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: setTemplate('recoverpassword.tpl');
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: addJSscript('LSsession_recoverPassword.js');
|
2008-06-05 15:21:18 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Défini le template Smarty à utiliser
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2020-04-29 15:54:21 +02:00
|
|
|
|
* Remarque : les fichiers de templates doivent se trouver dans le dossier
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* templates/.
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string Le nom du fichier de template
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function setTemplate($template) {
|
|
|
|
|
self :: $template = $template;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2020-05-05 12:48:52 +02:00
|
|
|
|
/**
|
|
|
|
|
* Add a JS script to load on page
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $file string The JS filename
|
|
|
|
|
* @param[in] $path string|null The sub-directory path that contain this file.
|
2020-05-28 16:56:36 +02:00
|
|
|
|
* @deprecated
|
|
|
|
|
* @see LStemplate :: addJSscript()
|
2020-05-05 12:48:52 +02:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
public static function addJSscript($file, $path=NULL) {
|
|
|
|
|
if ($path)
|
|
|
|
|
$file = $path.$file;
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: addJSscript($file);
|
|
|
|
|
LSerror :: addErrorCode(
|
|
|
|
|
'LSsession_27',
|
|
|
|
|
array(
|
2020-06-04 19:05:23 +02:00
|
|
|
|
'old' => 'LSsession :: addJSscript()',
|
2020-05-28 16:56:36 +02:00
|
|
|
|
'new' => 'LStemplate :: addJSscript()',
|
|
|
|
|
'context' => LSlog :: get_debug_backtrace_context(),
|
|
|
|
|
)
|
|
|
|
|
);
|
2020-05-05 12:48:52 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Add a library JS file to load on page
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $file string The JS filename
|
2020-05-28 16:56:36 +02:00
|
|
|
|
* @deprecated
|
|
|
|
|
* @see LStemplate :: addLibJSscript()
|
2020-05-05 12:48:52 +02:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
public static function addLibJSscript($file) {
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: addLibJSscript($file);
|
|
|
|
|
LSerror :: addErrorCode(
|
|
|
|
|
'LSsession_27',
|
|
|
|
|
array(
|
2020-06-04 19:05:23 +02:00
|
|
|
|
'old' => 'LSsession :: addLibJSscript()',
|
2020-05-28 16:56:36 +02:00
|
|
|
|
'new' => 'LStemplate :: addLibJSscript()',
|
|
|
|
|
'context' => LSlog :: get_debug_backtrace_context(),
|
|
|
|
|
)
|
|
|
|
|
);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-07-18 16:02:46 +02:00
|
|
|
|
/**
|
|
|
|
|
* Ajouter un paramètre de configuration Javascript
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-07-18 16:02:46 +02:00
|
|
|
|
* @param[in] $name string Nom de la variable de configuration
|
|
|
|
|
* @param[in] $val mixed Valeur de la variable de configuration
|
2020-05-28 16:56:36 +02:00
|
|
|
|
* @deprecated
|
|
|
|
|
* @see LStemplate :: addJSconfigParam()
|
2008-07-18 16:02:46 +02:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2020-05-28 16:56:36 +02:00
|
|
|
|
public static function addJSconfigParam($name, $val) {
|
|
|
|
|
LStemplate :: addJSconfigParam($name, $val);
|
|
|
|
|
LSerror :: addErrorCode(
|
|
|
|
|
'LSsession_27',
|
|
|
|
|
array(
|
2020-06-04 19:05:23 +02:00
|
|
|
|
'old' => 'LSsession :: addJSconfigParam()',
|
2020-05-28 16:56:36 +02:00
|
|
|
|
'new' => 'LStemplate :: addJSconfigParam()',
|
|
|
|
|
'context' => LSlog :: get_debug_backtrace_context(),
|
|
|
|
|
),
|
|
|
|
|
false
|
|
|
|
|
);
|
2008-07-18 16:02:46 +02:00
|
|
|
|
}
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2020-05-05 12:48:52 +02:00
|
|
|
|
* Add a CSS file to load on page
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
2020-05-05 12:48:52 +02:00
|
|
|
|
* @param[in] $file string The CSS filename
|
|
|
|
|
* @param[in] $path string|null The sub-directory path that contain this file.
|
2020-05-28 16:56:36 +02:00
|
|
|
|
* @deprecated
|
|
|
|
|
* @see LStemplate :: addCssFile()
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2020-05-05 12:48:52 +02:00
|
|
|
|
public static function addCssFile($file, $path=NULL) {
|
|
|
|
|
if ($path)
|
2013-06-19 03:06:29 +02:00
|
|
|
|
$file = $path.$file;
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: addCssFile($file);
|
|
|
|
|
LSerror :: addErrorCode(
|
|
|
|
|
'LSsession_27',
|
|
|
|
|
array(
|
2020-06-04 19:05:23 +02:00
|
|
|
|
'old' => 'LSsession :: addCssFile()',
|
2020-05-28 16:56:36 +02:00
|
|
|
|
'new' => 'LStemplate :: addCssFile()',
|
|
|
|
|
'context' => LSlog :: get_debug_backtrace_context(),
|
|
|
|
|
)
|
|
|
|
|
);
|
2020-05-05 12:48:52 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Add a library CSS file to load on page
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $file string The CSS filename
|
2020-05-28 16:56:36 +02:00
|
|
|
|
* @deprecated
|
|
|
|
|
* @see LStemplate :: addLibCssFile()
|
2020-05-05 12:48:52 +02:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
public static function addLibCssFile($file) {
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: addLibCssFile($file);
|
|
|
|
|
LSerror :: addErrorCode(
|
|
|
|
|
'LSsession_27',
|
|
|
|
|
array(
|
2020-06-04 19:05:23 +02:00
|
|
|
|
'old' => 'LSsession :: addLibCssFile()',
|
2020-05-28 16:56:36 +02:00
|
|
|
|
'new' => 'LStemplate :: addLibCssFile()',
|
|
|
|
|
'context' => LSlog :: get_debug_backtrace_context(),
|
|
|
|
|
)
|
|
|
|
|
);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-05 17:11:21 +01:00
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-08 18:39:24 +01:00
|
|
|
|
* Affiche le template Smarty
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Charge les dépendances et affiche le template Smarty
|
2008-02-08 18:39:24 +01:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function displayTemplate() {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$KAconf = LSconfig :: get('keepLSsessionActive');
|
2020-04-29 15:54:21 +02:00
|
|
|
|
if (
|
2009-02-21 12:42:26 +01:00
|
|
|
|
(
|
|
|
|
|
(!isset(self :: $ldapServer['keepLSsessionActive']))
|
|
|
|
|
&&
|
2009-03-25 13:26:32 +01:00
|
|
|
|
(!($KAconf === false))
|
2009-02-21 12:42:26 +01:00
|
|
|
|
)
|
|
|
|
|
||
|
|
|
|
|
(self :: $ldapServer['keepLSsessionActive'])
|
|
|
|
|
) {
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: addJSconfigParam('keepLSsessionActive',ini_get('session.gc_maxlifetime'));
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
|
|
|
|
// Access
|
2019-06-05 12:40:56 +02:00
|
|
|
|
LStemplate :: assign('LSaccess', self :: getLSaccess());
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LStemplate :: assign('LSaddonsViewsAccess', self :: $LSaddonsViewsAccess);
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-04-25 15:48:12 +02:00
|
|
|
|
// Niveau
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$listTopDn = self :: getSubDnLdapServer();
|
2008-04-25 15:48:12 +02:00
|
|
|
|
if (is_array($listTopDn)) {
|
2008-07-19 21:14:57 +02:00
|
|
|
|
asort($listTopDn);
|
2020-08-06 13:20:49 +02:00
|
|
|
|
LStemplate :: assign('LSsession_subDn_level',self :: getSubDnLabel());
|
|
|
|
|
LStemplate :: assign('LSsession_subDn_refresh',_('Refresh'));
|
2008-04-25 15:48:12 +02:00
|
|
|
|
$LSsession_topDn_index = array();
|
|
|
|
|
$LSsession_topDn_name = array();
|
|
|
|
|
foreach($listTopDn as $index => $name) {
|
|
|
|
|
$LSsession_topDn_index[] = $index;
|
|
|
|
|
$LSsession_topDn_name[] = $name;
|
|
|
|
|
}
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign('LSsession_subDn_indexes',$LSsession_topDn_index);
|
|
|
|
|
LStemplate :: assign('LSsession_subDn_names',$LSsession_topDn_name);
|
|
|
|
|
LStemplate :: assign('LSsession_subDn',self :: $topDn);
|
|
|
|
|
LStemplate :: assign('LSsession_subDnName',self :: getSubDnName());
|
2008-04-25 15:48:12 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-06 16:06:05 +02:00
|
|
|
|
LStemplate :: assign('LSlanguages', LSlang :: getLangList());
|
|
|
|
|
LStemplate :: assign('LSlang', LSlang :: getLang());
|
|
|
|
|
LStemplate :: assign('LSencoding', LSlang :: getEncoding());
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign('displayLogoutBtn',LSauth :: displayLogoutBtn());
|
|
|
|
|
LStemplate :: assign('displaySelfAccess',LSauth :: displaySelfAccess());
|
2008-09-09 17:48:07 +02:00
|
|
|
|
|
|
|
|
|
// Infos
|
|
|
|
|
if((!empty($_SESSION['LSsession_infos']))&&(is_array($_SESSION['LSsession_infos']))) {
|
2018-06-08 17:41:28 +02:00
|
|
|
|
LStemplate :: assign('LSinfos',$_SESSION['LSsession_infos']);
|
2008-09-09 17:48:07 +02:00
|
|
|
|
$_SESSION['LSsession_infos']=array();
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: $ajaxDisplay) {
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign('LSerror_txt',LSerror :: getErrors());
|
|
|
|
|
LStemplate :: assign('LSdebug_txt',LSdebug_print(true));
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
LSerror :: display();
|
2008-09-26 20:03:56 +02:00
|
|
|
|
LSdebug_print();
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (!self :: $template)
|
2020-05-07 12:16:12 +02:00
|
|
|
|
self :: setTemplate('base_connected.tpl');
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: display(self :: $template);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
/**
|
|
|
|
|
* Défini que l'affichage se fera ou non via un retour Ajax
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-01-24 18:45:14 +01:00
|
|
|
|
* @param[in] $val boolean True pour que l'affichage se fasse par un retour
|
|
|
|
|
* Ajax, false sinon
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
public static function setAjaxDisplay($val=true) {
|
|
|
|
|
self :: $ajaxDisplay = (boolean)$val;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-11-10 00:14:51 +01:00
|
|
|
|
/**
|
|
|
|
|
* Affiche un retour Ajax
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function displayAjaxReturn($data=array()) {
|
2009-01-21 18:08:09 +01:00
|
|
|
|
if (isset($data['LSredirect']) && (!LSdebugDefined()) ) {
|
|
|
|
|
echo json_encode($data);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-06-04 19:04:48 +02:00
|
|
|
|
if (class_exists('LStemplate'))
|
|
|
|
|
$data['LSjsConfig'] = LStemplate :: getJSconfigParam();
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-11-10 00:14:51 +01:00
|
|
|
|
// Infos
|
|
|
|
|
if((!empty($_SESSION['LSsession_infos']))&&(is_array($_SESSION['LSsession_infos']))) {
|
|
|
|
|
$txt_infos="<ul>\n";
|
|
|
|
|
foreach($_SESSION['LSsession_infos'] as $info) {
|
|
|
|
|
$txt_infos.="<li>$info</li>\n";
|
|
|
|
|
}
|
|
|
|
|
$txt_infos.="</ul>\n";
|
|
|
|
|
$data['LSinfos'] = $txt_infos;
|
|
|
|
|
$_SESSION['LSsession_infos']=array();
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (LSerror :: errorsDefined()) {
|
|
|
|
|
$data['LSerror'] = LSerror :: getErrors();
|
2008-11-10 00:14:51 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (isset($_REQUEST['imgload'])) {
|
|
|
|
|
$data['imgload'] = $_REQUEST['imgload'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (LSdebugDefined()) {
|
2009-10-30 01:03:17 +01:00
|
|
|
|
$data['LSdebug'] = LSdebug_print(true,false);
|
2008-11-10 00:14:51 +01:00
|
|
|
|
}
|
|
|
|
|
|
2020-04-29 15:54:21 +02:00
|
|
|
|
echo json_encode($data);
|
2008-11-10 00:14:51 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-10-15 19:40:04 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retournne un template Smarty compilé
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string $template Le template à retourner
|
|
|
|
|
* @param[in] array $variables Variables Smarty à assigner avant l'affichage
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-10-15 19:40:04 +02:00
|
|
|
|
* @retval string Le HTML compilé du template
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function fetchTemplate($template,$variables=array()) {
|
2008-10-15 19:40:04 +02:00
|
|
|
|
foreach($variables as $name => $val) {
|
2013-06-17 23:39:22 +02:00
|
|
|
|
LStemplate :: assign($name,$val);
|
2008-10-15 19:40:04 +02:00
|
|
|
|
}
|
2013-06-17 23:39:22 +02:00
|
|
|
|
return LStemplate :: fetch($template);
|
2008-10-15 19:40:04 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
/**
|
|
|
|
|
* Prend un tableau de LSobject et le réduit en utilisant un filtre de
|
|
|
|
|
* recherche sur un autre type de LSobject.
|
|
|
|
|
*
|
|
|
|
|
* Si une erreur est présente dans le tableau de définition du filtre, un
|
|
|
|
|
* tableau vide est renvoyé.
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string $LSobject le type LSobject par défaut
|
|
|
|
|
* @param[in] array $set tableau de LSobject
|
|
|
|
|
* @param[in] array $filter_def définition du filtre de recherche pour la réduction
|
|
|
|
|
* @param[in] string $basend basedn pour la recherche, null par défaut
|
|
|
|
|
*
|
|
|
|
|
* @retval array le nouveau tableau de LSobject
|
|
|
|
|
*/
|
|
|
|
|
private static function reduceLdapSet($LSobject, $set, $filter_def, $basedn=null) {
|
|
|
|
|
if (empty($set)) {
|
|
|
|
|
return array();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (! isset($filter_def['filter']) &&
|
|
|
|
|
(! isset($filter_def['attr']) ||
|
|
|
|
|
! isset($filter_def['attr_value']))) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug("reduceLdapSet(): LSobject LSprofil filter invalid : " . varDump($filter_def));
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
return array();
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug('reduceLdapSet(): reducing set of');
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
foreach ($set as $object) {
|
|
|
|
|
LSdebug('LSsession :: -> ' . $object -> getDn());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$LSobject = isset($filter_def['LSObject']) ? $filter_def['LSobject'] : $LSobject;
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug('reduceLdapSet(): LSobject = ' . $LSobject);
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
$filters = array();
|
|
|
|
|
foreach ($set as $object) {
|
|
|
|
|
if (isset($filter_def['filter'])) {
|
|
|
|
|
$filters[] = $object -> getFData($filter_def['filter']);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$value = $object -> getFData($filter_def['attr_value']);
|
|
|
|
|
$filters[] = Net_LDAP2_Filter::create($filter_def['attr'], 'equals', $value);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$filter = LSldap::combineFilters('or', $filters);
|
|
|
|
|
$params = array(
|
|
|
|
|
'basedn' => isset($filter_def['basedn']) ? $filter_def['basedn'] : $basedn,
|
|
|
|
|
'filter' => $filter,
|
2017-03-23 14:43:23 +01:00
|
|
|
|
'onlyAccessible' => False
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
);
|
|
|
|
|
if (isset($filter_def['params']) && is_array($filter_def['params'])) {
|
|
|
|
|
$params = array_merge($filter_def['params'],$params);
|
|
|
|
|
}
|
|
|
|
|
$LSsearch = new LSsearch($LSobject,'LSsession :: loadLSprofiles',$params,true);
|
|
|
|
|
$LSsearch -> run(false);
|
|
|
|
|
|
|
|
|
|
$set = $LSsearch -> listObjects();
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug('reduceLdapSet(): reduced set to');
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
foreach ($set as $object) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug('reduceLdapSet(): -> ' . $object -> getDn());
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
}
|
|
|
|
|
return $set;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Charge les droits LS de l'utilisateur : uniquement du type LSobjects
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string $
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
private static function loadLSprofilesLSobjects($profile, $LSobject, $listInfos) {
|
|
|
|
|
if (! self :: loadLSclass('LSsearch')) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_error('Fail to load class LSsearch');
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
# we are gonna grow a set of objects progressively, we start from the user
|
|
|
|
|
$set = array(self :: getLSuserObject());
|
|
|
|
|
$basedn = isset($listInfos['basedn']) ? $listInfos['basedn'] : null;
|
|
|
|
|
$LSobject = isset($listInfos['LSobject']) ? $listInfos['LSobject'] : $LSobject;
|
|
|
|
|
|
|
|
|
|
if (isset($listInfos['filters']) && is_array($listInfos['filters'])) {
|
|
|
|
|
foreach ($listInfos['filters'] as $filter_def) {
|
|
|
|
|
$set = self :: reduceLdapSet($LSobject, $set, $filter_def, $basedn);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (isset($listInfos['filter']) || (isset($listInfos['attr']) && isset($listInfos['attr_value']))) {
|
|
|
|
|
# support legacy profile definition
|
|
|
|
|
$set = self :: reduceLdapSet($LSobject, $set, $listInfos, $basedn);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$DNs = [];
|
|
|
|
|
foreach ($set as $object) {
|
|
|
|
|
$DNs[] = $object -> getDn();
|
|
|
|
|
}
|
|
|
|
|
if (!is_array(self :: $LSprofiles[$profile])) {
|
|
|
|
|
self :: $LSprofiles[$profile]=$DNs;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
foreach($DNs as $dn) {
|
|
|
|
|
if (!in_array($dn,self :: $LSprofiles[$profile])) {
|
|
|
|
|
self :: $LSprofiles[$profile][] = $dn;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-02-08 18:39:24 +01:00
|
|
|
|
/**
|
|
|
|
|
* Charge les droits LS de l'utilisateur
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si le chargement à réussi, false sinon.
|
2008-02-08 18:39:24 +01:00
|
|
|
|
**/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
private static function loadLSprofiles() {
|
|
|
|
|
if (is_array(self :: $ldapServer['LSprofiles'])) {
|
|
|
|
|
foreach (self :: $ldapServer['LSprofiles'] as $profile => $profileInfos) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if (is_array($profileInfos)) {
|
|
|
|
|
foreach ($profileInfos as $topDn => $rightsInfos) {
|
2019-10-14 12:59:37 +02:00
|
|
|
|
// Do not handle 'label' key as a topDn
|
|
|
|
|
if ($topDn == 'label') {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2009-01-02 17:00:25 +01:00
|
|
|
|
/*
|
|
|
|
|
* If $topDn == 'LSobject', we search for each LSobject type to find
|
|
|
|
|
* all items on witch the user will have powers.
|
|
|
|
|
*/
|
2019-10-14 12:59:37 +02:00
|
|
|
|
elseif ($topDn == 'LSobjects') {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if (is_array($rightsInfos)) {
|
|
|
|
|
foreach ($rightsInfos as $LSobject => $listInfos) {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug('loadLSprofiles(): loading LSprofile ' . $profile . ' for LSobject ' . $LSobject . ' with params ' . var_export($listInfos, true));
|
Allow a sequence of filters in LSobjects profile configurations
It's now possible for example to define a profile on an LSobject whose
attribute would contain the DN of a group the user is member of instead
of directly the dn of the user. A possible configuation using this new feature:
'LSprofile' => array(
'admin' => array(
'LSobjects' => array(
'LSsupannGroupAdminByGroup' => array(
'filters' => array(
array(
'basedn' => $basedn,
'attr' => 'member',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
),
array(
'basedn' => $basedn,
'attr' => 'supannGroupeAdminDN',
'attr_value' => '%{dn}',
'LSobject' => 'LSsupannGroup',
)
),
),
),
),
)
Signed-off-by: Benjamin Renard <brenard@easter-eggs.com>
2014-12-13 12:15:37 +01:00
|
|
|
|
self :: loadLSprofilesLSobjects($profile, $LSobject, $listInfos);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_warning('loadLSprofiles(): LSobjects => [] must be an array');
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if (is_array($rightsInfos)) {
|
|
|
|
|
foreach($rightsInfos as $dn => $conf) {
|
|
|
|
|
if ((isset($conf['attr'])) && (isset($conf['LSobject']))) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if( self :: loadLSobject($conf['LSobject']) ) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if ($object = new $conf['LSobject']()) {
|
|
|
|
|
if ($object -> loadData($dn)) {
|
|
|
|
|
$listDns=$object -> getValue($conf['attr']);
|
2008-12-06 01:27:18 +01:00
|
|
|
|
$valKey = (isset($conf['attr_value']))?$conf['attr_value']:'%{dn}';
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$val = self :: getLSuserObject() -> getFData($valKey);
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if (is_array($listDns)) {
|
2008-12-05 15:38:42 +01:00
|
|
|
|
if (in_array($val,$listDns)) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: $LSprofiles[$profile][] = $topDn;
|
2008-11-12 17:57:40 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_warning("loadLSprofiles(): fail to load DN '$dn'.");
|
2008-11-12 17:57:40 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_warning("loadLSprofiles(): fail to instanciate LSobject type '".$conf['LSobject']."'.");
|
2008-11-12 17:57:40 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: $dn == $dn) {
|
|
|
|
|
self :: $LSprofiles[$profile][] = $topDn;
|
2008-11-12 17:57:40 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-11-12 17:57:40 +01:00
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if ( self :: $dn == $rightsInfos ) {
|
|
|
|
|
self :: $LSprofiles[$profile][] = $topDn;
|
2008-11-12 17:57:40 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} // fin else ($topDn == 'LSobjects')
|
|
|
|
|
} // fin foreach($profileInfos)
|
|
|
|
|
} // fin is_array($profileInfos)
|
2009-01-02 17:00:25 +01:00
|
|
|
|
} // fin foreach LSprofiles
|
2020-05-08 15:51:21 +02:00
|
|
|
|
self :: log_debug("loadLSprofiles(): LSprofiles = ".print_r(self :: $LSprofiles,1));
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Charge les droits d'accès de l'utilisateur pour construire le menu de l'interface
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
private static function loadLSaccess() {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
$LSaccess=array();
|
2010-11-16 19:31:07 +01:00
|
|
|
|
if (isset(self :: $ldapServer['subDn']) && is_array(self :: $ldapServer['subDn'])) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
foreach(self :: $ldapServer['subDn'] as $name => $config) {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
if ($name=='LSobject') {
|
|
|
|
|
if (is_array($config)) {
|
|
|
|
|
|
2020-04-29 15:54:21 +02:00
|
|
|
|
// Définition des subDns
|
2008-06-21 18:16:15 +02:00
|
|
|
|
foreach($config as $objectType => $objectConf) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: loadLSobject($objectType)) {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
if ($subdnobject = new $objectType()) {
|
2017-03-23 15:15:31 +01:00
|
|
|
|
$tbl = $subdnobject -> getSelectArray(NULL,self::getRootDn(),NULL,NULL,false,NULL,array('onlyAccessible' => False));
|
2008-06-21 18:16:15 +02:00
|
|
|
|
if (is_array($tbl)) {
|
|
|
|
|
// Définition des accès
|
|
|
|
|
$access=array();
|
|
|
|
|
if (is_array($objectConf['LSobjects'])) {
|
|
|
|
|
foreach($objectConf['LSobjects'] as $type) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: loadLSobject($type)) {
|
|
|
|
|
if (self :: canAccess($type)) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$access[$type] = LSconfig :: get('LSobjects.'.$type.'.label');
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
foreach($tbl as $dn => $dn_name) {
|
|
|
|
|
$LSaccess[$dn]=$access;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if ((isCompatibleDNs(self :: $ldapServer['ldap_config']['basedn'],$config['dn']))&&($config['dn']!='')) {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
$access=array();
|
|
|
|
|
if (is_array($config['LSobjects'])) {
|
|
|
|
|
foreach($config['LSobjects'] as $objectType) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: loadLSobject($objectType)) {
|
|
|
|
|
if (self :: canAccess($objectType)) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$access[$objectType] = LSconfig :: get('LSobjects.'.$objectType.'.label');
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$LSaccess[$config['dn']]=$access;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-02-12 18:59:44 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if(is_array(self :: $ldapServer['LSaccess'])) {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
$access=array();
|
2009-01-24 18:45:14 +01:00
|
|
|
|
foreach(self :: $ldapServer['LSaccess'] as $objectType) {
|
|
|
|
|
if (self :: loadLSobject($objectType)) {
|
2020-05-25 11:09:32 +02:00
|
|
|
|
if (self :: canAccess($objectType))
|
|
|
|
|
$access[$objectType] = $objectType :: getLabel();
|
|
|
|
|
else
|
|
|
|
|
self :: log_debug("loadLSaccess(): authenticated user have no access to $objectType");
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$LSaccess[self :: $topDn] = $access;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
2010-11-25 12:39:35 +01:00
|
|
|
|
if (LSauth :: displaySelfAccess()) {
|
|
|
|
|
foreach($LSaccess as $dn => $access) {
|
|
|
|
|
$LSaccess[$dn] = array_merge(
|
|
|
|
|
array(
|
|
|
|
|
'SELF' => 'My account'
|
|
|
|
|
),
|
|
|
|
|
$access
|
|
|
|
|
);
|
|
|
|
|
}
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: $LSaccess = $LSaccess;
|
2008-06-21 18:16:15 +02:00
|
|
|
|
$_SESSION['LSsession']['LSaccess'] = $LSaccess;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2015-08-21 17:51:52 +02:00
|
|
|
|
|
2019-06-05 12:40:56 +02:00
|
|
|
|
/**
|
|
|
|
|
* Get user access
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $topDn string Top DN (optional, default : current)
|
|
|
|
|
*
|
|
|
|
|
* @retval array User's access
|
|
|
|
|
**/
|
|
|
|
|
public static function getLSaccess($topDn=null) {
|
|
|
|
|
if (is_null($topDn)) $topDn = self :: $topDn;
|
|
|
|
|
if (isset(self :: $LSaccess[self :: $topDn])) {
|
|
|
|
|
return self :: $LSaccess[self :: $topDn];
|
|
|
|
|
}
|
|
|
|
|
return array();
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-21 17:51:52 +02:00
|
|
|
|
/**
|
|
|
|
|
* Load user access to LSaddons views
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
private static function loadLSaddonsViewsAccess() {
|
|
|
|
|
$LSaddonsViewsAccess=array();
|
|
|
|
|
foreach (self :: $LSaddonsViews as $addon => $conf) {
|
|
|
|
|
foreach ($conf as $viewId => $viewConf) {
|
|
|
|
|
if (self :: canAccessLSaddonView($addon,$viewId)) {
|
2018-09-13 18:36:45 +02:00
|
|
|
|
$LSaddonsViewsAccess["$addon::$viewId"]=array (
|
2015-08-21 17:51:52 +02:00
|
|
|
|
'LSaddon' => $addon,
|
|
|
|
|
'id' => $viewId,
|
2015-08-24 12:24:33 +02:00
|
|
|
|
'label' => $viewConf['label'],
|
|
|
|
|
'showInMenu' => $viewConf['showInMenu']
|
2015-08-21 17:51:52 +02:00
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
self :: $LSaddonsViewsAccess = $LSaddonsViewsAccess;
|
|
|
|
|
$_SESSION['LSsession']['LSaddonsViewsAccess'] = $LSaddonsViewsAccess;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
/**
|
2008-11-12 17:57:40 +01:00
|
|
|
|
* Dit si l'utilisateur est du profil pour le DN spécifié
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*
|
2008-11-12 17:57:40 +01:00
|
|
|
|
* @param[in] string $dn DN de l'objet
|
2017-01-25 15:39:06 +01:00
|
|
|
|
* @param[in] string $profile Profil
|
|
|
|
|
*
|
2008-11-12 17:57:40 +01:00
|
|
|
|
* @retval boolean True si l'utilisateur est du profil sur l'objet, false sinon.
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function isLSprofile($dn,$profile) {
|
|
|
|
|
if (is_array(self :: $LSprofiles[$profile])) {
|
|
|
|
|
foreach(self :: $LSprofiles[$profile] as $topDn) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if($dn == $topDn) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
else if ( isCompatibleDNs($dn,$topDn) ) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-01-25 15:39:06 +01:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Dit si l'utilisateur est d'au moins un des profils pour le DN spécifié
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string $dn DN de l'objet
|
|
|
|
|
* @param[in] string $profiles Profils
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True si l'utilisateur est d'au moins un profil sur l'objet, false sinon.
|
|
|
|
|
*/
|
|
|
|
|
public static function isLSprofiles($dn,$profiles) {
|
|
|
|
|
foreach ($profiles as $profile) {
|
|
|
|
|
if (self :: isLSprofile($dn,$profile))
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne qui est l'utilisateur par rapport à l'object
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*
|
|
|
|
|
* @param[in] string Le DN de l'objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval string 'admin'/'self'/'user' pour Admin , l'utilisateur lui même ou un simple utilisateur
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function whoami($dn) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
$retval = array('user');
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2020-05-25 11:09:32 +02:00
|
|
|
|
if (self :: $LSuserObjectType)
|
|
|
|
|
$retval[] = self :: $LSuserObjectType;
|
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
foreach(self :: $LSprofiles as $profile => $infos) {
|
|
|
|
|
if(self :: isLSprofile($dn,$profile)) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
$retval[]=$profile;
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
if (self :: $dn == $dn) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
$retval[]='self';
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-11-12 17:57:40 +01:00
|
|
|
|
return $retval;
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne le droit de l'utilisateur à accèder à un objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-12 18:59:44 +01:00
|
|
|
|
* @param[in] string $LSobject Le type de l'objet
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
|
|
|
|
* @param[in] string $right Le type de droit d'accès à tester ('r'/'w')
|
|
|
|
|
* @param[in] string $attr Le nom de l'attribut auquel on test l'accès
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function canAccess($LSobject,$dn=NULL,$right=NULL,$attr=NULL) {
|
|
|
|
|
if (!self :: loadLSobject($LSobject)) {
|
2008-02-08 18:39:24 +01:00
|
|
|
|
return;
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
2020-05-01 15:46:07 +02:00
|
|
|
|
|
|
|
|
|
// Access always granted in CLI mode
|
|
|
|
|
if (php_sapi_name() == "cli")
|
|
|
|
|
return true;
|
|
|
|
|
|
2008-02-08 18:39:24 +01:00
|
|
|
|
if ($dn) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$whoami = self :: whoami($dn);
|
|
|
|
|
if ($dn==self :: getLSuserObject() -> getValue('dn')) {
|
|
|
|
|
if (!self :: in_menu('SELF')) {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$obj = new $LSobject();
|
|
|
|
|
$obj -> dn = $dn;
|
2009-10-30 01:03:17 +01:00
|
|
|
|
if (!self :: in_menu($LSobject,$obj -> subDnValue)) {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$objectdn=LSconfig :: get('LSobjects.'.$LSobject.'.container_dn').','.self :: $topDn;
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$whoami = self :: whoami($objectdn);
|
2008-02-12 18:59:44 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
// Pour un attribut particulier
|
|
|
|
|
if ($attr) {
|
|
|
|
|
if ($attr=='rdn') {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$attr=LSconfig :: get('LSobjects.'.$LSobject.'.rdn');
|
2008-02-12 18:59:44 +01:00
|
|
|
|
}
|
2009-03-25 13:26:32 +01:00
|
|
|
|
if (!is_array(LSconfig :: get('LSobjects.'.$LSobject.'.attrs.'.$attr))) {
|
2008-02-12 18:59:44 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
2008-11-12 17:57:40 +01:00
|
|
|
|
|
|
|
|
|
$r = 'n';
|
|
|
|
|
foreach($whoami as $who) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$nr = LSconfig :: get('LSobjects.'.$LSobject.'.attrs.'.$attr.'.rights.'.$who);
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if($nr == 'w') {
|
|
|
|
|
$r = 'w';
|
|
|
|
|
}
|
|
|
|
|
else if($nr == 'r') {
|
|
|
|
|
if ($r=='n') {
|
|
|
|
|
$r='r';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
if (($right=='r')||($right=='w')) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if ($r==$right) {
|
2008-02-12 18:59:44 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
else {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if ( ($r=='r') || ($r=='w') ) {
|
2008-02-12 18:59:44 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
// Pour un attribut quelconque
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$attrs_conf=LSconfig :: get('LSobjects.'.$LSobject.'.attrs');
|
|
|
|
|
if (is_array($attrs_conf)) {
|
2008-02-08 18:39:24 +01:00
|
|
|
|
if (($right=='r')||($right=='w')) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
foreach($whoami as $who) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
foreach ($attrs_conf as $attr_name => $attr_config) {
|
2010-11-16 19:32:10 +01:00
|
|
|
|
if (isset($attr_config['rights'][$who]) && $attr_config['rights'][$who]==$right) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
foreach($whoami as $who) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
foreach ($attrs_conf as $attr_name => $attr_config) {
|
2010-11-16 19:32:10 +01:00
|
|
|
|
if ( (isset($attr_config['rights'][$who])) && ( ($attr_config['rights'][$who]=='r') || ($attr_config['rights'][$who]=='w') ) ) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne le droit de l'utilisateur à editer à un objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-12 18:59:44 +01:00
|
|
|
|
* @param[in] string $LSobject Le type de l'objet
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
|
|
|
|
* @param[in] string $attr Le nom de l'attribut auquel on test l'accès
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function canEdit($LSobject,$dn=NULL,$attr=NULL) {
|
|
|
|
|
return self :: canAccess($LSobject,$dn,'w',$attr);
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2008-02-12 18:59:44 +01:00
|
|
|
|
|
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne le droit de l'utilisateur à supprimer un objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-12 18:59:44 +01:00
|
|
|
|
* @param[in] string $LSobject Le type de l'objet
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
2008-02-12 18:59:44 +01:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function canRemove($LSobject,$dn) {
|
|
|
|
|
return self :: canAccess($LSobject,$dn,'w','rdn');
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-12 18:59:44 +01:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne le droit de l'utilisateur à créer un objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-12 18:59:44 +01:00
|
|
|
|
* @param[in] string $LSobject Le type de l'objet
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function canCreate($LSobject) {
|
2010-08-02 14:39:50 +02:00
|
|
|
|
if (!self :: loadLSobject($LSobject)) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if (LSconfig :: get("LSobjects.$LSobject.disable_creation")) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
return self :: canAccess($LSobject,NULL,'w','rdn');
|
2008-02-08 18:39:24 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-26 18:40:05 +01:00
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne le droit de l'utilisateur à gérer la relation d'objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
2008-10-08 16:50:48 +02:00
|
|
|
|
* @param[in] string $LSobject Le type de l'objet
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @param[in] string $relationName Le nom de la relation avec l'objet
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @param[in] string $right Le type de droit a vérifier ('r' ou 'w')
|
2008-02-26 18:40:05 +01:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
2008-02-26 18:40:05 +01:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function relationCanAccess($dn,$LSobject,$relationName,$right=NULL) {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
$relConf=LSconfig :: get('LSobjects.'.$LSobject.'.LSrelation.'.$relationName);
|
|
|
|
|
if (!is_array($relConf))
|
2008-02-26 18:40:05 +01:00
|
|
|
|
return;
|
2020-05-01 15:46:07 +02:00
|
|
|
|
|
|
|
|
|
// Access always granted in CLI mode
|
|
|
|
|
if (php_sapi_name() == "cli")
|
|
|
|
|
return true;
|
|
|
|
|
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$whoami = self :: whoami($dn);
|
2008-04-25 15:48:12 +02:00
|
|
|
|
|
2008-02-26 18:40:05 +01:00
|
|
|
|
if (($right=='w') || ($right=='r')) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
$r = 'n';
|
|
|
|
|
foreach($whoami as $who) {
|
2010-11-16 19:34:04 +01:00
|
|
|
|
$nr = ((isset($relConf['rights'][$who]))?$relConf['rights'][$who]:'');
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if($nr == 'w') {
|
|
|
|
|
$r = 'w';
|
|
|
|
|
}
|
|
|
|
|
else if($nr == 'r') {
|
|
|
|
|
if ($r=='n') {
|
|
|
|
|
$r='r';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-11-12 17:57:40 +01:00
|
|
|
|
if ($r == $right) {
|
2008-02-26 18:40:05 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
foreach($whoami as $who) {
|
2010-11-16 19:34:04 +01:00
|
|
|
|
if ((isset($relConf['rights'][$who])) && ( ($relConf['rights'][$who] == 'w') || ($relConf['rights'][$who] == 'r') ) ) {
|
2008-11-12 17:57:40 +01:00
|
|
|
|
return true;
|
|
|
|
|
}
|
2008-02-26 18:40:05 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne le droit de l'utilisateur à modifier la relation d'objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
2008-10-08 16:50:48 +02:00
|
|
|
|
* @param[in] string $LSobject Le type de l'objet
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @param[in] string $relationName Le nom de la relation avec l'objet
|
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function relationCanEdit($dn,$LSobject,$relationName) {
|
|
|
|
|
return self :: relationCanAccess($dn,$LSobject,$relationName,'w');
|
2008-02-26 18:40:05 +01:00
|
|
|
|
}
|
|
|
|
|
|
2011-03-25 18:05:26 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le droit de l'utilisateur a executer une customAction
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2011-03-25 18:05:26 +01:00
|
|
|
|
* @param[in] string $dn Le DN de l'objet
|
|
|
|
|
* @param[in] string $LSobject Le type de l'objet
|
|
|
|
|
* @param[in] string $customActionName Le nom de la customAction
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True si l'utilisateur peut executer cette customAction, false sinon
|
|
|
|
|
*/
|
|
|
|
|
public static function canExecuteCustomAction($dn,$LSobject,$customActionName) {
|
|
|
|
|
$conf=LSconfig :: get('LSobjects.'.$LSobject.'.customActions.'.$customActionName);
|
|
|
|
|
if (!is_array($conf))
|
|
|
|
|
return;
|
2020-05-01 15:46:07 +02:00
|
|
|
|
|
|
|
|
|
// Access always granted in CLI mode
|
|
|
|
|
if (php_sapi_name() == "cli")
|
|
|
|
|
return true;
|
|
|
|
|
|
2011-03-25 18:05:26 +01:00
|
|
|
|
$whoami = self :: whoami($dn);
|
|
|
|
|
|
|
|
|
|
if (isset($conf['rights']) && is_array($conf['rights'])) {
|
|
|
|
|
foreach($whoami as $who) {
|
|
|
|
|
if (in_array($who,$conf['rights'])) {
|
|
|
|
|
return True;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2011-03-25 18:05:26 +01:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-08 17:24:30 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le droit de l'utilisateur a executer une customAction
|
|
|
|
|
* sur une recherche
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string $LSsearch L'objet LSsearch
|
|
|
|
|
* @param[in] string $customActionName Le nom de la customAction
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True si l'utilisateur peut executer cette customAction, false sinon
|
|
|
|
|
*/
|
|
|
|
|
public static function canExecuteLSsearchCustomAction($LSsearch,$customActionName) {
|
|
|
|
|
$conf=LSconfig :: get('LSobjects.'.$LSsearch -> LSobject.'.LSsearch.customActions.'.$customActionName);
|
|
|
|
|
if (!is_array($conf))
|
|
|
|
|
return;
|
2020-05-01 15:46:07 +02:00
|
|
|
|
|
|
|
|
|
// Access always granted in CLI mode
|
|
|
|
|
if (php_sapi_name() == "cli")
|
|
|
|
|
return true;
|
|
|
|
|
|
2014-10-08 17:24:30 +02:00
|
|
|
|
$dn=$LSsearch -> basedn;
|
|
|
|
|
if (is_null($dn)) $dn=self::getTopDn();
|
|
|
|
|
|
|
|
|
|
$whoami = self :: whoami($dn);
|
|
|
|
|
|
|
|
|
|
if (isset($conf['rights']) && is_array($conf['rights'])) {
|
|
|
|
|
foreach($whoami as $who) {
|
|
|
|
|
if (in_array($who,$conf['rights'])) {
|
|
|
|
|
return True;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-21 17:51:52 +02:00
|
|
|
|
/**
|
|
|
|
|
* Return user right to access to a LSaddon view
|
|
|
|
|
*
|
|
|
|
|
* @param[in] string $LSaddon The LSaddon
|
|
|
|
|
* @param[in] string $viewId The LSaddon view ID
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True if user is allowed, false otherwise
|
|
|
|
|
*/
|
|
|
|
|
public static function canAccessLSaddonView($LSaddon,$viewId) {
|
|
|
|
|
if (self :: loadLSaddon($LSaddon)) {
|
|
|
|
|
if (!isset(self :: $LSaddonsViews[$LSaddon]) || !isset(self :: $LSaddonsViews[$LSaddon][$viewId]))
|
|
|
|
|
return;
|
|
|
|
|
if (!is_array(self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles'])) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
$whoami = self :: whoami(self :: $topDn);
|
|
|
|
|
|
|
|
|
|
if (isset(self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles']) && is_array(self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles'])) {
|
|
|
|
|
foreach($whoami as $who) {
|
|
|
|
|
if (in_array($who,self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles'])) {
|
|
|
|
|
return True;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* Ajoute un fichier temporaire
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function addTmpFile($value,$filePath) {
|
2008-02-26 18:40:05 +01:00
|
|
|
|
$hash = mhash(MHASH_MD5,$value);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: $tmp_file[$filePath] = $hash;
|
2008-02-26 18:40:05 +01:00
|
|
|
|
$_SESSION['LSsession']['tmp_file'][$filePath] = $hash;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-26 18:40:05 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le chemin du fichier temporaire si l'existe
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @param[in] $value La valeur du fichier
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
|
|
|
|
* @retval mixed
|
2008-02-26 18:40:05 +01:00
|
|
|
|
**/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function tmpFileExist($value) {
|
2008-02-26 18:40:05 +01:00
|
|
|
|
$hash = mhash(MHASH_MD5,$value);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
foreach(self :: $tmp_file as $filePath => $contentHash) {
|
2008-02-26 18:40:05 +01:00
|
|
|
|
if ($hash == $contentHash) {
|
|
|
|
|
return $filePath;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-02-26 18:40:05 +01:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le chemin du fichier temporaire
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-05 15:21:18 +02:00
|
|
|
|
* Retourne le chemin du fichier temporaire qu'il créera à partir de la valeur
|
|
|
|
|
* s'il n'existe pas déjà .
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @param[in] $value La valeur du fichier
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
|
|
|
|
* @retval mixed
|
2008-02-26 18:40:05 +01:00
|
|
|
|
**/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function getTmpFile($value) {
|
|
|
|
|
$exist = self :: tmpFileExist($value);
|
2008-02-26 18:40:05 +01:00
|
|
|
|
if (!$exist) {
|
2020-04-29 15:15:41 +02:00
|
|
|
|
$img_path = LS_TMP_DIR_PATH .rand().'.tmp';
|
2008-02-26 18:40:05 +01:00
|
|
|
|
$fp = fopen($img_path, "w");
|
|
|
|
|
fwrite($fp, $value);
|
|
|
|
|
fclose($fp);
|
2020-04-29 15:15:41 +02:00
|
|
|
|
self :: addTmpFile($value, $img_path);
|
2008-02-26 18:40:05 +01:00
|
|
|
|
return $img_path;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return $exist;
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:15:41 +02:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Retourne l'URL du fichier temporaire
|
|
|
|
|
*
|
|
|
|
|
* Retourne l'URL du fichier temporaire qu'il créera à partir de la valeur
|
|
|
|
|
* s'il n'existe pas déjà .
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $value La valeur du fichier
|
|
|
|
|
*
|
|
|
|
|
* @retval mixed
|
|
|
|
|
**/
|
|
|
|
|
public static function getTmpFileURL($value) {
|
|
|
|
|
$path = self :: getTmpFile($value);
|
2020-05-06 21:23:07 +02:00
|
|
|
|
if ($path && is_file($path))
|
|
|
|
|
return "tmp/".basename($path);
|
2020-04-29 15:15:41 +02:00
|
|
|
|
return False;
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-04 17:55:46 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le chemin du fichier temporaire à partir du nom du fichier (s'il existe)
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $hash La valeur du fichier
|
|
|
|
|
*
|
|
|
|
|
* @retval mixed
|
|
|
|
|
**/
|
|
|
|
|
public static function getTmpFileByFilename($filename) {
|
|
|
|
|
foreach(self :: $tmp_file as $filePath => $contentHash) {
|
|
|
|
|
if (basename($filePath) == $filename) {
|
|
|
|
|
return $filePath;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return False;
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-15 12:56:55 +02:00
|
|
|
|
/**
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* Supprime les fichiers temporaires
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-02-26 18:40:05 +01:00
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function deleteTmpFile($filePath=NULL) {
|
2008-02-26 18:40:05 +01:00
|
|
|
|
if ($filePath) {
|
|
|
|
|
@unlink($filePath);
|
2009-01-24 18:45:14 +01:00
|
|
|
|
unset(self :: $tmp_file[$filePath]);
|
2008-02-26 18:40:05 +01:00
|
|
|
|
unset($_SESSION['LSsession']['tmp_file'][$filePath]);
|
|
|
|
|
}
|
|
|
|
|
else {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
foreach(self :: $tmp_file as $file => $content) {
|
2008-02-26 18:40:05 +01:00
|
|
|
|
@unlink($file);
|
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
self :: $tmp_file = array();
|
2008-02-26 18:40:05 +01:00
|
|
|
|
$_SESSION['LSsession']['tmp_file'] = array();
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-02-12 18:59:44 +01:00
|
|
|
|
|
2008-06-18 14:27:35 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne true si le cache des droits est activé
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-18 14:27:35 +02:00
|
|
|
|
* @retval boolean True si le cache des droits est activé, false sinon.
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function cacheLSprofiles() {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
return ( (LSconfig :: get('cacheLSprofiles')) || (self :: $ldapServer['cacheLSprofiles']) );
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Retourne true si le cache des subDn est activé
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-18 14:27:35 +02:00
|
|
|
|
* @retval boolean True si le cache des subDn est activé, false sinon.
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function cacheSudDn() {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
return ( (LSconfig :: get('cacheSubDn')) || (self :: $ldapServer['cacheSubDn']));
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-06-18 14:27:35 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne true si le cache des recherches est activé
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-18 14:27:35 +02:00
|
|
|
|
* @retval boolean True si le cache des recherches est activé, false sinon.
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function cacheSearch() {
|
2009-03-25 13:26:32 +01:00
|
|
|
|
return ( (LSconfig :: get('cacheSearch')) || (self :: $ldapServer['cacheSearch']));
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
2019-05-21 12:06:24 +02:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Return true if global search is enabled
|
|
|
|
|
*
|
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
|
|
|
|
*
|
|
|
|
|
* @retval boolean True if global search is enabled, false instead
|
|
|
|
|
*/
|
|
|
|
|
public static function globalSearch() {
|
|
|
|
|
return LSconfig :: get('globalSearch', LSconfig :: get('globalSearch', true, 'bool'), 'bool', self :: $ldapServer);
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-18 14:27:35 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le label des niveaux pour le serveur ldap courant
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-18 14:27:35 +02:00
|
|
|
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-18 14:27:35 +02:00
|
|
|
|
* @retval string Le label des niveaux pour le serveur ldap dourant
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function getSubDnLabel() {
|
2009-03-20 11:42:45 +01:00
|
|
|
|
return (self :: $ldapServer['subDnLabel']!='')?__(self :: $ldapServer['subDnLabel']):_('Level');
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-06-18 14:27:35 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne le nom du subDn
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-18 14:27:35 +02:00
|
|
|
|
* @param[in] $subDn string subDn
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-21 18:16:15 +02:00
|
|
|
|
* @retval string Le nom du subDn ou '' sinon
|
2008-06-18 14:27:35 +02:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function getSubDnName($subDn=false) {
|
2008-06-18 14:27:35 +02:00
|
|
|
|
if (!$subDn) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$subDn = self :: $topDn;
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
2010-11-26 14:46:48 +01:00
|
|
|
|
if (self :: getSubDnLdapServer(false)) {
|
|
|
|
|
if (isset(self :: $_subDnLdapServer[self :: $ldapServerId][false][$subDn])) {
|
|
|
|
|
return self :: $_subDnLdapServer[self :: $ldapServerId][false][$subDn];
|
2008-06-18 14:27:35 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return '';
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-20 17:52:15 +02:00
|
|
|
|
/**
|
|
|
|
|
* L'objet est t-il utilisé pour listé les subDnS
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-20 17:52:15 +02:00
|
|
|
|
* @param[in] $type string Le type d'objet
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-21 18:16:15 +02:00
|
|
|
|
* @retval boolean true si le type d'objet est un subDnObject, false sinon
|
2008-06-20 17:52:15 +02:00
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function isSubDnLSobject($type) {
|
2008-06-20 17:52:15 +02:00
|
|
|
|
$result = false;
|
2010-11-16 19:34:57 +01:00
|
|
|
|
if (isset(self :: $ldapServer['subDn']['LSobject']) && is_array(self :: $ldapServer['subDn']['LSobject'])) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
foreach(self :: $ldapServer['subDn']['LSobject'] as $key => $value) {
|
2008-06-20 17:52:15 +02:00
|
|
|
|
if ($key==$type) {
|
|
|
|
|
$result=true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-06-21 18:16:15 +02:00
|
|
|
|
/**
|
2008-07-05 22:28:49 +02:00
|
|
|
|
* Indique si un type d'objet est dans le menu courant
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-06-21 18:16:15 +02:00
|
|
|
|
* @retval boolean true si le type d'objet est dans le menu, false sinon
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function in_menu($LSobject,$topDn=NULL) {
|
2008-06-21 18:16:15 +02:00
|
|
|
|
if (!$topDn) {
|
2009-01-24 18:45:14 +01:00
|
|
|
|
$topDn=self :: $topDn;
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
2009-01-24 18:45:14 +01:00
|
|
|
|
return isset(self :: $LSaccess[$topDn][$LSobject]);
|
2008-06-21 18:16:15 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-07-05 22:28:49 +02:00
|
|
|
|
/**
|
|
|
|
|
* Indique si le serveur LDAP courant a des subDn
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-07-05 22:28:49 +02:00
|
|
|
|
* @retval boolean true si le serveur LDAP courant a des subDn, false sinon
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function haveSubDn() {
|
2010-11-08 17:02:35 +01:00
|
|
|
|
return (isset(self :: $ldapServer['subDn']) && is_array(self :: $ldapServer['subDn']));
|
2008-07-05 22:28:49 +02:00
|
|
|
|
}
|
2008-09-09 17:48:07 +02:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Ajoute une information à afficher
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-09-09 17:48:07 +02:00
|
|
|
|
* @param[in] $msg string Le message à afficher
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-09-09 17:48:07 +02:00
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function addInfo($msg) {
|
2008-09-09 17:48:07 +02:00
|
|
|
|
$_SESSION['LSsession_infos'][]=$msg;
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-09-09 17:48:07 +02:00
|
|
|
|
/**
|
2020-05-04 18:28:20 +02:00
|
|
|
|
* Redirect user to another URL
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-05-04 18:28:20 +02:00
|
|
|
|
* /!\ DEPRECATED /!\ : please use LSurl :: redirect()
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $url string The destination URL
|
|
|
|
|
* @param[in] $exit boolean Unsed (keep for reto-compatibility)
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-09-09 17:48:07 +02:00
|
|
|
|
* @retval void
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*/
|
2020-05-04 18:28:20 +02:00
|
|
|
|
public static function redirect($url, $exit=true) {
|
2020-05-28 16:56:36 +02:00
|
|
|
|
LSerror :: addErrorCode(
|
|
|
|
|
'LSsession_27',
|
|
|
|
|
array(
|
|
|
|
|
'old' => 'LSsession :: redirect()',
|
|
|
|
|
'new' => 'LSurl :: redirect()',
|
|
|
|
|
'context' => LSlog :: get_debug_backtrace_context(),
|
|
|
|
|
)
|
|
|
|
|
);
|
2020-05-04 18:28:20 +02:00
|
|
|
|
LSurl :: redirect($url);
|
2008-09-09 17:48:07 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-09-25 17:15:33 +02:00
|
|
|
|
/**
|
|
|
|
|
* Retourne l'adresse mail d'emission configurée pour le serveur courant
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-09-25 17:15:33 +02:00
|
|
|
|
* @retval string Adresse mail d'emission
|
|
|
|
|
*/
|
2009-01-24 18:45:14 +01:00
|
|
|
|
public static function getEmailSender() {
|
2020-04-29 15:54:21 +02:00
|
|
|
|
return self :: $ldapServer['emailSender'];
|
2008-09-25 17:15:33 +02:00
|
|
|
|
}
|
2018-09-13 18:36:45 +02:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Redirect to default view (if defined)
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
public static function redirectToDefaultView($force=false) {
|
|
|
|
|
if (isset(self :: $ldapServer['defaultView'])) {
|
|
|
|
|
if (array_key_exists(self :: $ldapServer['defaultView'], self :: $LSaccess[self :: $topDn])) {
|
2020-05-03 18:48:33 +02:00
|
|
|
|
LSurl :: redirect('object/'.self :: $ldapServer['defaultView']);
|
2018-09-13 18:36:45 +02:00
|
|
|
|
}
|
|
|
|
|
elseif (array_key_exists(self :: $ldapServer['defaultView'], self :: $LSaddonsViewsAccess)) {
|
|
|
|
|
$addon = self :: $LSaddonsViewsAccess[self :: $ldapServer['defaultView']];
|
2020-05-03 18:48:33 +02:00
|
|
|
|
LSurl :: redirect('addon/'.urlencode(self :: $LSaddonsViewsAccess[self :: $ldapServer['defaultView']]['LSaddon'])."/".urlencode(self :: $LSaddonsViewsAccess[self :: $ldapServer['defaultView']]['id']));
|
2018-09-13 18:36:45 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($force)
|
2020-05-07 09:56:28 +02:00
|
|
|
|
LSurl :: redirect();
|
2018-09-13 18:36:45 +02:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2008-11-10 03:10:42 +01:00
|
|
|
|
/**
|
2020-06-04 19:04:48 +02:00
|
|
|
|
* Add help info
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2020-06-04 19:04:48 +02:00
|
|
|
|
* @param[in] $group string The group name of this information
|
|
|
|
|
* @param[in] $info array Array of the information to add (name => value)
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2008-11-10 03:10:42 +01:00
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
2020-06-04 19:04:48 +02:00
|
|
|
|
public static function addHelpInfos($group, $info) {
|
|
|
|
|
LStemplate :: addHelpInfo($group, $info);
|
|
|
|
|
LSerror :: addErrorCode(
|
|
|
|
|
'LSsession_27',
|
|
|
|
|
array(
|
|
|
|
|
'old' => 'LStemplate :: addHelpInfo()',
|
|
|
|
|
'new' => 'LStemplate :: addHelpInfo()',
|
|
|
|
|
'context' => LSlog :: get_debug_backtrace_context(),
|
|
|
|
|
)
|
|
|
|
|
);
|
2008-11-10 03:10:42 +01:00
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-01-25 15:37:03 +01:00
|
|
|
|
/**
|
|
|
|
|
* Défini les codes erreur relative à la classe LSsession
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-01-25 15:37:03 +01:00
|
|
|
|
* @retval void
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*/
|
2009-01-25 15:37:03 +01:00
|
|
|
|
private static function defineLSerrors() {
|
|
|
|
|
/*
|
|
|
|
|
* Error Codes
|
|
|
|
|
*/
|
|
|
|
|
LSerror :: defineError('LSsession_01',
|
|
|
|
|
_("LSsession : The constant %{const} is not defined.")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_02',
|
|
|
|
|
_("LSsession : The %{addon} support is uncertain. Verify system compatibility and the add-on configuration.")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_03',
|
2009-03-13 22:32:08 +01:00
|
|
|
|
_("LSsession : LDAP server's configuration data are invalid. Can't connect.")
|
2009-01-25 15:37:03 +01:00
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_04',
|
|
|
|
|
_("LSsession : Failed to load LSobject type %{type} : unknon type.")
|
|
|
|
|
);
|
2009-10-26 00:34:06 +01:00
|
|
|
|
LSerror :: defineError('LSsession_05',
|
|
|
|
|
_("LSsession : Failed to load LSclass %{class}.")
|
|
|
|
|
);
|
2009-01-25 15:37:03 +01:00
|
|
|
|
LSerror :: defineError('LSsession_06',
|
|
|
|
|
_("LSsession : Login or password incorrect.")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_07',
|
|
|
|
|
_("LSsession : Impossible to identify you : Duplication of identities.")
|
|
|
|
|
);
|
2009-10-31 02:33:01 +01:00
|
|
|
|
LSerror :: defineError('LSsession_08',
|
|
|
|
|
_("LSsession : Can't load class of authentification (%{class}).")
|
|
|
|
|
);
|
2009-01-25 15:37:03 +01:00
|
|
|
|
LSerror :: defineError('LSsession_09',
|
|
|
|
|
_("LSsession : Can't connect to LDAP server.")
|
|
|
|
|
);
|
2009-10-31 02:33:01 +01:00
|
|
|
|
LSerror :: defineError('LSsession_10',
|
|
|
|
|
_("LSsession : Impossible to authenticate you.")
|
|
|
|
|
);
|
2009-01-25 15:37:03 +01:00
|
|
|
|
LSerror :: defineError('LSsession_11',
|
|
|
|
|
_("LSsession : Your are not authorized to do this action.")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_12',
|
|
|
|
|
_("LSsession : Some informations are missing to display this page.")
|
|
|
|
|
);
|
2011-03-25 18:05:26 +01:00
|
|
|
|
LSerror :: defineError('LSsession_13',
|
|
|
|
|
_("LSsession : The function of the custom action %{name} does not exists or is not configured.")
|
|
|
|
|
);
|
2014-11-18 13:16:38 +01:00
|
|
|
|
LSerror :: defineError('LSsession_14',
|
|
|
|
|
_("LSsession : Fail to retreive user's LDAP credentials from LSauth.")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_15',
|
|
|
|
|
_("LSsession : Fail to reconnect to LDAP server with user's LDAP credentials.")
|
|
|
|
|
);
|
2015-07-30 16:37:42 +02:00
|
|
|
|
LSerror :: defineError('LSsession_16',
|
|
|
|
|
_("LSsession : No import/export format define for this object type.")
|
|
|
|
|
);
|
2009-01-25 15:37:03 +01:00
|
|
|
|
LSerror :: defineError('LSsession_17',
|
|
|
|
|
_("LSsession : Error during creation of list of levels. Contact administrators. (Code : %{code})")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_18',
|
|
|
|
|
_("LSsession : The password recovery is disabled for this LDAP server.")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_19',
|
|
|
|
|
_("LSsession : Some informations are missing to recover your password. Contact administrators.")
|
|
|
|
|
);
|
|
|
|
|
LSerror :: defineError('LSsession_20',
|
|
|
|
|
_("LSsession : Error during password recovery. Contact administrators.(Step : %{step})")
|
|
|
|
|
);
|
2015-08-12 14:16:25 +02:00
|
|
|
|
LSerror :: defineError('LSsession_21',
|
|
|
|
|
_("LSsession : call function %{func} do not provided from LSaddon %{addon}.")
|
|
|
|
|
);
|
2009-01-25 15:37:03 +01:00
|
|
|
|
LSerror :: defineError('LSsession_22',
|
|
|
|
|
_("LSsession : problem during initialisation.")
|
|
|
|
|
);
|
2015-08-21 17:51:52 +02:00
|
|
|
|
LSerror :: defineError('LSsession_23',
|
|
|
|
|
_("LSsession : view function %{func} for LSaddon %{addon} doet not exist.")
|
|
|
|
|
);
|
2017-08-02 12:00:11 +02:00
|
|
|
|
LSerror :: defineError('LSsession_24',
|
|
|
|
|
_("LSsession : invalid related object's DN pass in parameter.")
|
|
|
|
|
);
|
2020-05-02 18:32:31 +02:00
|
|
|
|
LSerror :: defineError('LSsession_25',
|
|
|
|
|
_("LSsession : the LSaddon %{addon} keep using old-style addon view URL. Please upgrade it.")
|
|
|
|
|
);
|
2020-05-03 18:48:33 +02:00
|
|
|
|
LSerror :: defineError('LSsession_26',
|
|
|
|
|
_("LSsession : You have been redirect from an old-style URL %{url}. Please upgrade this link.")
|
|
|
|
|
);
|
2020-05-04 18:28:20 +02:00
|
|
|
|
LSerror :: defineError('LSsession_27',
|
2020-05-28 16:56:36 +02:00
|
|
|
|
_("LSsession : You always seem to use %{old} in your custom code: Please upgrade it and use %{new}.<pre>\nContext:\n%{context}</pre>")
|
2020-05-04 18:28:20 +02:00
|
|
|
|
);
|
2009-01-25 15:37:03 +01:00
|
|
|
|
}
|
2009-02-20 15:05:22 +01:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
/**
|
|
|
|
|
* Ajax method when change ldapserver on login form
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @param[in] $data array The return data address
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
2020-04-29 15:54:21 +02:00
|
|
|
|
public static function ajax_onLdapServerChangedLogin(&$data) {
|
2009-02-20 15:05:22 +01:00
|
|
|
|
if ( isset($_REQUEST['server']) ) {
|
|
|
|
|
self :: setLdapServer($_REQUEST['server']);
|
|
|
|
|
$data = array();
|
|
|
|
|
if ( self :: LSldapConnect() ) {
|
2010-11-16 19:36:26 +01:00
|
|
|
|
if (session_id()=="") session_start();
|
2009-02-20 15:05:22 +01:00
|
|
|
|
if (isset($_SESSION['LSsession_topDn'])) {
|
|
|
|
|
$sel = $_SESSION['LSsession_topDn'];
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sel = NULL;
|
|
|
|
|
}
|
2010-11-16 11:50:18 +01:00
|
|
|
|
$list = self :: getSubDnLdapServerOptions($sel,true);
|
2009-02-20 15:05:22 +01:00
|
|
|
|
if (is_string($list)) {
|
|
|
|
|
$data['list_topDn'] = "<select name='LSsession_topDn' id='LSsession_topDn'>".$list."</select>";
|
|
|
|
|
$data['subDnLabel'] = self :: getSubDnLabel();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$data['recoverPassword'] = isset(self :: $ldapServer['recoverPassword']);
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-29 15:54:21 +02:00
|
|
|
|
|
2009-10-30 01:03:17 +01:00
|
|
|
|
/**
|
|
|
|
|
* Ajax method when change ldapserver on recoverPassword form
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @param[in] $data array The return data address
|
2020-04-29 15:54:21 +02:00
|
|
|
|
*
|
2009-10-30 01:03:17 +01:00
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
2020-04-29 15:54:21 +02:00
|
|
|
|
public static function ajax_onLdapServerChangedRecoverPassword(&$data) {
|
2009-02-20 15:05:22 +01:00
|
|
|
|
if ( isset($_REQUEST['server']) ) {
|
|
|
|
|
self :: setLdapServer($_REQUEST['server']);
|
|
|
|
|
$data=array('recoverPassword' => isset(self :: $ldapServer['recoverPassword']));
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-12-12 22:11:32 +01:00
|
|
|
|
|
2015-08-21 17:50:31 +02:00
|
|
|
|
/**
|
|
|
|
|
* Set globals from the ldap server
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
*/
|
|
|
|
|
public static function setGlobals() {
|
|
|
|
|
if ( isset(self :: $ldapServer['globals'])) {
|
|
|
|
|
foreach(self :: $ldapServer['globals'] as $key => $value) {
|
|
|
|
|
$GLOBALS[$key] = $value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-21 17:51:52 +02:00
|
|
|
|
/**
|
|
|
|
|
* Register a LSaddon view
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $LSaddon string The LSaddon
|
|
|
|
|
* @param[in] $viewId string The view ID
|
|
|
|
|
* @param[in] $label string The view's label
|
|
|
|
|
* @param[in] $viewFunction string The view's function name
|
|
|
|
|
* @param[in] $allowedLSprofiles array|null Array listing allowed profiles.
|
|
|
|
|
* If null, no access control will
|
|
|
|
|
* be done for this view.
|
2015-08-24 12:24:33 +02:00
|
|
|
|
* @param[in] $showInMenu boolean Show (or not) this view in menu
|
|
|
|
|
*
|
2015-08-21 17:51:52 +02:00
|
|
|
|
* @retval bool True is the view have been registred, false otherwise
|
|
|
|
|
**/
|
2015-08-24 12:24:33 +02:00
|
|
|
|
public static function registerLSaddonView($LSaddon,$viewId,$label,$viewFunction,$allowedLSprofiles=null,$showInMenu=True) {
|
2015-08-21 17:51:52 +02:00
|
|
|
|
if (function_exists($viewFunction)) {
|
|
|
|
|
$func = new ReflectionFunction($viewFunction);
|
|
|
|
|
if (basename($func->getFileName())=="LSaddons.$LSaddon.php") {
|
|
|
|
|
self :: $LSaddonsViews[$LSaddon][$viewId]=array (
|
|
|
|
|
'LSaddon' => $LSaddon,
|
|
|
|
|
'label' => $label,
|
|
|
|
|
'function' => $viewFunction,
|
2015-08-24 12:24:33 +02:00
|
|
|
|
'allowedLSprofiles' => $allowedLSprofiles,
|
|
|
|
|
'showInMenu' => (bool)$showInMenu
|
2015-08-21 17:51:52 +02:00
|
|
|
|
);
|
|
|
|
|
return True;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_21',array('func' => $func -> getName(),'addon' => $addon));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
LSerror :: addErrorCode('LSsession_23',array('func' => $viewFunction,'addon' => $LSaddon));
|
|
|
|
|
}
|
|
|
|
|
return False;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Show LSaddon view
|
|
|
|
|
*
|
|
|
|
|
* @param[in] $LSaddon string The LSaddon
|
|
|
|
|
* @param[in] $viewId string The view ID
|
|
|
|
|
*
|
|
|
|
|
* @retval void
|
|
|
|
|
**/
|
|
|
|
|
public static function showLSaddonView($LSaddon,$viewId) {
|
|
|
|
|
if (self :: canAccessLSaddonView($LSaddon,$viewId)) {
|
|
|
|
|
call_user_func(self :: $LSaddonsViews[$LSaddon][$viewId]['function']);
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-03-11 22:42:20 +01:00
|
|
|
|
|
2015-08-21 17:51:52 +02:00
|
|
|
|
}
|