LSldapObject: fix/improve validateAttrData()

This commit is contained in:
Benjamin Renard 2020-12-14 19:36:21 +01:00
parent 8b292f538d
commit a49cf4ba0c

View file

@ -464,99 +464,120 @@ class LSldapObject extends LSlog_staticLoggerClass {
$vconfig = $attr -> getValidateConfig(); $vconfig = $attr -> getValidateConfig();
$data=$attr -> getUpdateData(); // Validate attribute values
if(!is_array($data)) { foreach($attr -> getConfig('validation', array(), 'array') as $test) {
$data=array($data); self :: log_trace("validateAttrData(".$LSform->idForm.", ".$attr->name."): run validation with following config:\n".varDump($test));
}
// Validation des valeurs de l'attribut // Generate error message
if(is_array($vconfig)) { $msg_error = LSconfig :: get('msg', null, 'string', $test);
foreach($vconfig as $test) { if ($msg_error) {
// Définition du basedn par défaut $msg_error = $this -> getFData(__($msg_error));
if (!isset($test['basedn'])) {
$test['basedn']=LSsession :: getTopDn();
}
// Définition du message d'erreur
if (!empty($test['msg'])) {
$msg_error=getFData(__($test['msg']),$this,'getValue');
} }
else { else {
$msg_error = getFData(_("The attribute %{attr} is not valid."), $attr -> getLabel()); $msg_error = getFData(_("The attribute %{attr} is not valid."), $attr -> getLabel());
} }
foreach($data as $val) {
// validation par check LDAP // Iter on attribute values to check all of it
foreach(ensureIsArray($attr -> getUpdateData()) as $val) {
// Validation using LDAP search
if((isset($test['filter'])||isset($test['basedn']))&&(isset($test['result']))) { if((isset($test['filter'])||isset($test['basedn']))&&(isset($test['result']))) {
$sparams=array('onlyAccessible' => False);
if (isset($test['scope']))
$sparams['scope'] = $test['scope'];
$this -> other_values['val'] = $val; $this -> other_values['val'] = $val;
// Filter from test configuration $sparams = array(
if (isset($test['filter']) && !empty($test['filter'])) { 'scope' => LSconfig :: get('scope', 'sub', 'string', $test),
$sfilter_user=getFData($test['filter'],$this,'getValue'); 'onlyAccessible' => False,
if ($sfilter_user[0]!='(') $sfilter_user="(".$sfilter_user.")"; );
// Handle filter parameter
$sfilter_user = LSconfig :: get('filter', null, 'string', $test);
if ($sfilter_user) {
$sfilter_user = $this -> getFData($test['filter']);
// Check if filter format is surronded by '()'
if ($sfilter_user[0]!='(')
$sfilter_user = "($sfilter_user)";
$sfilter_user = Net_LDAP2_Filter::parse($sfilter_user); $sfilter_user = Net_LDAP2_Filter::parse($sfilter_user);
} }
else {
$sfilter_user=NULL;
}
if(isset($test['object_type']) && LSsession :: loadLSobject($test['object_type']) ) {
$sfilter=self :: _getObjectFilter($test['object_type']);
if ($sfilter_user) { // Handle object_type parameter & compose final LDAP filter string
$object_type = LSconfig :: get('object_type', null, 'string', $test);
if($object_type && LSsession :: loadLSobject($object_type) ) {
$sfilter = self :: _getObjectFilter($object_type);
if ($sfilter_user)
$sfilter = LSldap::combineFilters('and', array($sfilter_user, $sfilter)); $sfilter = LSldap::combineFilters('and', array($sfilter_user, $sfilter));
} }
}
else { else {
$sfilter = $sfilter_user; $sfilter = $sfilter_user;
} }
$sbasedn=(isset($test['basedn']))?getFData($test['basedn'],$this,'getValue'):NULL;
if (isset($test['except_current_object']) && (bool)$test['except_current_object'] && !$LSform -> idForm!='create') { // Handle base_dn parameter
$sbasedn = LSconfig :: get('basedn', null, 'string', $test);
if ($sbasedn)
$sbasedn = $this -> getFData($sbasedn);
// If except_current_object (and not create form), list matching objets to exclude current one
if (LSconfig :: get('except_current_object', false, 'bool', $test) && $LSform -> idForm != 'create') {
$sret = LSldap :: search($sfilter, $sbasedn, $sparams); $sret = LSldap :: search($sfilter, $sbasedn, $sparams);
$dn = $this->getDn(); $dn = $this->getDn();
$ret = 0; $ret = 0;
foreach($sret as $obj) { foreach($sret as $obj)
if ($obj['dn'] != $dn) if ($obj['dn'] != $dn)
$ret++; $ret++;
} }
}
else { else {
// Otherwise, just retreive number of matching objets
$ret=LSldap :: getNumberResult($sfilter, $sbasedn, $sparams); $ret=LSldap :: getNumberResult($sfilter, $sbasedn, $sparams);
} }
if($test['result']==0) {
// Check result
if(LSconfig :: get('result', null, 'int', $test) == 0) {
if($ret != 0) { if($ret != 0) {
if ($LSform) $LSform -> setElementError($attr,$msg_error); if ($LSform)
$LSform -> setElementError($attr, $msg_error);
$retval = false; $retval = false;
} }
} }
else { else {
if($ret < 0) { if($ret < 0) {
if ($LSform) $LSform -> setElementError($attr,$msg_error); if ($LSform)
$LSform -> setElementError($attr, $msg_error);
$retval = false; $retval = false;
} }
} }
} }
// Validation par fonction externe // Validation using external function
else if(isset($test['function'])) { else if(isset($test['function'])) {
if (function_exists($test['function'])) { if (function_exists($test['function'])) {
if(!call_user_func_array($test['function'], array(&$this))) { if(!call_user_func_array($test['function'], array(&$this))) {
if ($LSform) $LSform -> setElementError($attr,$msg_error); if ($LSform)
$LSform -> setElementError($attr,$msg_error);
$retval = false; $retval = false;
} }
} }
else { else {
LSerror :: addErrorCode('LSldapObject_04',array('attr' => $attr->name,'obj' => $this->getType(),'func' => $test['function'])); LSerror :: addErrorCode(
'LSldapObject_04',
array(
'attr' => $attr->name,
'obj' => $this->getType(),
'func' => $test['function']
)
);
$retval = false; $retval = false;
} }
} }
else { else {
LSerror :: addErrorCode('LSldapObject_05',array('attr' => $attr->name,'obj' => $this->getType())); LSerror :: addErrorCode(
'LSldapObject_05',
array(
'attr' => $attr->name,
'obj' => $this->getType()
)
);
$retval = false; $retval = false;
} }
} }
} }
}
// Génération des valeurs des attributs dépendants // Generate values of dependent attributes
$dependsAttrs = $attr->getDependsAttrs(); $dependsAttrs = $attr->getDependsAttrs();
if (!empty($dependsAttrs)) { if (!empty($dependsAttrs)) {
foreach($dependsAttrs as $dependAttr) { foreach($dependsAttrs as $dependAttr) {
@ -581,6 +602,9 @@ class LSldapObject extends LSlog_staticLoggerClass {
} }
} }
} }
else {
self :: log_trace("validateAttrData(".$LSform->idForm.", ".$attr->name."): no dependent attribute");
}
$attr -> validate(); $attr -> validate();
unset($this -> other_values['val']); unset($this -> other_values['val']);