LSldapObject: fix/improve validateAttrData()

2024-11-23 02:19:07 +01:00 · 2020-12-14 19:36:21 +01:00 · 2020-12-14 19:36:21 +01:00 · a49cf4ba0c
commit a49cf4ba0c
parent 8b292f538d
1 changed files with 106 additions and 82 deletions
--- a/src/includes/class/class.LSldapObject.php
+++ b/src/includes/class/class.LSldapObject.php
@ -464,99 +464,120 @@ class LSldapObject extends LSlog_staticLoggerClass {
    $vconfig = $attr -> getValidateConfig();
-    $data=$attr -> getUpdateData();
+    // Validate attribute values
-    if(!is_array($data)) {
+    foreach($attr -> getConfig('validation', array(), 'array') as $test) {
-      $data=array($data);
+      self :: log_trace("validateAttrData(".$LSform->idForm.", ".$attr->name."): run validation with following config:\n".varDump($test));
    }
-    // Validation des valeurs de l'attribut
+      // Generate error message
-    if(is_array($vconfig)) {
+      $msg_error = LSconfig :: get('msg', null, 'string', $test);
-      foreach($vconfig as $test) {
+      if ($msg_error) {
-        // DÃ©finition du basedn par dÃ©faut
+        $msg_error = $this -> getFData(__($msg_error));
        if (!isset($test['basedn'])) {
          $test['basedn']=LSsession :: getTopDn();
        }
        // DÃ©finition du message d'erreur
        if (!empty($test['msg'])) {
          $msg_error=getFData(__($test['msg']),$this,'getValue');
      }
      else {
        $msg_error = getFData(_("The attribute %{attr} is not valid."), $attr -> getLabel());
      }
-        foreach($data as $val) {
+
-          // validation par check LDAP
+      // Iter on attribute values to check all of it
      foreach(ensureIsArray($attr -> getUpdateData()) as $val) {
        // Validation using LDAP search
        if((isset($test['filter'])||isset($test['basedn']))&&(isset($test['result']))) {
            $sparams=array('onlyAccessible' => False);
            if (isset($test['scope']))
              $sparams['scope'] = $test['scope'];
          $this -> other_values['val'] = $val;
-            // Filter from test configuration
+          $sparams = array(
-            if (isset($test['filter']) && !empty($test['filter'])) {
+            'scope' => LSconfig :: get('scope', 'sub', 'string', $test),
-              $sfilter_user=getFData($test['filter'],$this,'getValue');
+            'onlyAccessible' => False,
-              if ($sfilter_user[0]!='(') $sfilter_user="(".$sfilter_user.")";
+          );
          // Handle filter parameter
          $sfilter_user = LSconfig :: get('filter', null, 'string', $test);
          if ($sfilter_user) {
            $sfilter_user = $this -> getFData($test['filter']);
            // Check if filter format is surronded by '()'
            if ($sfilter_user[0]!='(')
              $sfilter_user = "($sfilter_user)";
            $sfilter_user = Net_LDAP2_Filter::parse($sfilter_user);
          }
            else {
              $sfilter_user=NULL;
            }
            if(isset($test['object_type']) && LSsession :: loadLSobject($test['object_type']) ) {
              $sfilter=self :: _getObjectFilter($test['object_type']);
-              if ($sfilter_user) {
+          // Handle object_type parameter & compose final LDAP filter string
          $object_type = LSconfig :: get('object_type', null, 'string', $test);
          if($object_type && LSsession :: loadLSobject($object_type) ) {
            $sfilter = self :: _getObjectFilter($object_type);
            if ($sfilter_user)
              $sfilter = LSldap::combineFilters('and', array($sfilter_user, $sfilter));
          }
            }
          else {
            $sfilter = $sfilter_user;
          }
-            $sbasedn=(isset($test['basedn']))?getFData($test['basedn'],$this,'getValue'):NULL;
+
-            if (isset($test['except_current_object']) && (bool)$test['except_current_object'] && !$LSform -> idForm!='create') {
+          // Handle base_dn parameter
          $sbasedn = LSconfig :: get('basedn', null, 'string', $test);
          if ($sbasedn)
            $sbasedn = $this -> getFData($sbasedn);
          // If except_current_object (and not create form), list matching objets to exclude current one
          if (LSconfig :: get('except_current_object', false, 'bool', $test) && $LSform -> idForm != 'create') {
            $sret = LSldap :: search($sfilter, $sbasedn, $sparams);
            $dn = $this->getDn();
            $ret = 0;
-              foreach($sret as $obj) {
+            foreach($sret as $obj)
              if ($obj['dn'] != $dn)
                $ret++;
          }
            }
          else {
            // Otherwise, just retreive number of matching objets
            $ret=LSldap :: getNumberResult($sfilter, $sbasedn, $sparams);
          }
-            if($test['result']==0) {
+
          // Check result
          if(LSconfig :: get('result', null, 'int', $test) == 0) {
            if($ret != 0) {
-                if ($LSform) $LSform -> setElementError($attr,$msg_error);
+              if ($LSform)
                $LSform -> setElementError($attr, $msg_error);
              $retval = false;
            }
          }
          else {
            if($ret < 0) {
-                if ($LSform) $LSform -> setElementError($attr,$msg_error);
+              if ($LSform)
                $LSform -> setElementError($attr, $msg_error);
              $retval = false;
            }
          }
        }
-          // Validation par fonction externe
+        // Validation using external function
        else if(isset($test['function'])) {
          if (function_exists($test['function'])) {
            if(!call_user_func_array($test['function'], array(&$this))) {
-                if ($LSform) $LSform -> setElementError($attr,$msg_error);
+              if ($LSform)
                $LSform -> setElementError($attr,$msg_error);
              $retval = false;
            }
          }
          else {
-              LSerror :: addErrorCode('LSldapObject_04',array('attr' => $attr->name,'obj' => $this->getType(),'func' => $test['function']));
+            LSerror :: addErrorCode(
              'LSldapObject_04',
              array(
                'attr' => $attr->name,
                'obj' => $this->getType(),
                'func' => $test['function']
              )
            );
            $retval = false;
          }
        }
        else {
-            LSerror :: addErrorCode('LSldapObject_05',array('attr' => $attr->name,'obj' => $this->getType()));
+          LSerror :: addErrorCode(
            'LSldapObject_05',
            array(
              'attr' => $attr->name,
              'obj' => $this->getType()
            )
          );
          $retval = false;
        }
      }
    }
-    }
+
-    // GÃ©nÃ©ration des valeurs des attributs dÃ©pendants
+    // Generate values of dependent attributes
    $dependsAttrs = $attr->getDependsAttrs();
    if (!empty($dependsAttrs)) {
      foreach($dependsAttrs as $dependAttr) {
@ -581,6 +602,9 @@ class LSldapObject extends LSlog_staticLoggerClass {
        }
      }
    }
    else {
      self :: log_trace("validateAttrData(".$LSform->idForm.", ".$attr->name."): no dependent attribute");
    }
    $attr -> validate();
    unset($this -> other_values['val']);