2022-07-21 16:15:47 +02:00
< ? php
namespace App\Service ;
use Symfony\Component\DependencyInjection\ContainerInterface ;
use App\Entity\User ;
use App\Entity\Niveau01 ;
use App\Entity\Niveau02 ;
use App\Entity\Group ;
use App\Entity\UserGroup ;
class LdapService
{
2022-09-23 14:53:47 +02:00
private $appMasteridentity ;
private $synchro ;
private $host ;
private $port ;
private $usetls ;
private $userwriter ;
private $user ;
private $password ;
private $basedn ;
private $baseorganisation ;
private $baseniveau01 ;
private $baseniveau02 ;
private $basegroup ;
private $baseuser ;
private $username ;
private $firstname ;
private $lastname ;
private $email ;
private $avatar ;
private $memberof ;
private $groupgid ;
private $groupname ;
private $groupmember ;
private $groupmemberisdn ;
private $filtergroup ;
private $filteruser ;
private $userattributes ;
2022-07-21 16:15:47 +02:00
private $connection ;
public function __construct ( ContainerInterface $container )
{
$this -> appMasteridentity = $container -> getParameter ( " appMasteridentity " );
$this -> synchro = $container -> getParameter ( " appSynchro " );
$this -> host = $container -> getParameter ( " ldapHost " );
$this -> port = $container -> getParameter ( " ldapPort " );
$this -> usetls = $container -> getParameter ( " ldapUsetls " );
$this -> userwriter = $container -> getParameter ( " ldapUserwriter " );
$this -> user = $container -> getParameter ( " ldapUser " );
$this -> password = $container -> getParameter ( " ldapPassword " );
$this -> basedn = $container -> getParameter ( " ldapBasedn " );
$this -> baseorganisation = $container -> getParameter ( " ldapBaseorganisation " );
$this -> baseniveau01 = $container -> getParameter ( " ldapBaseniveau01 " );
$this -> baseniveau02 = $container -> getParameter ( " ldapBaseniveau02 " );
$this -> basegroup = $container -> getParameter ( " ldapBasegroup " );
$this -> baseuser = $container -> getParameter ( " ldapBaseuser " );
$this -> username = $container -> getParameter ( " ldapUsername " );
$this -> firstname = $container -> getParameter ( " ldapFirstname " );
$this -> lastname = $container -> getParameter ( " ldapLastname " );
$this -> email = $container -> getParameter ( " ldapEmail " );
$this -> avatar = $container -> getParameter ( " ldapAvatar " );
$this -> memberof = $container -> getParameter ( " ldapMemberof " );
$this -> groupgid = $container -> getParameter ( " ldapGroupgid " );
$this -> groupname = $container -> getParameter ( " ldapGroupname " );
$this -> groupmember = $container -> getParameter ( " ldapGroupmember " );
$this -> groupmemberisdn = $container -> getParameter ( " ldapGroupmemberisdn " );
$this -> filtergroup = $container -> getParameter ( " ldapFiltergroup " );
$this -> filteruser = $container -> getParameter ( " ldapFilteruser " );
$this -> userattributes = [ $this -> username , $this -> firstname , $this -> lastname , $this -> email , $this -> avatar , $this -> memberof ];
}
public function isNine2Ldap () {
2022-07-21 16:33:00 +02:00
return ( $this -> appMasteridentity == " SQL " && $this -> synchro == " NINE2LDAP " && $this -> userwriter && $this -> baseorganisation && $this -> baseniveau01 && $this -> baseniveau02 && $this -> basegroup && $this -> baseuser && $this -> connect ());
2022-07-21 16:15:47 +02:00
}
public function connect () {
// Si on est déjà co = on rebind pour gérer le cas d'un timeout de connection
if ( $this -> connection ){
if ( !@ ldap_bind ( $this -> connection , $this -> user , $this -> password )){
$this -> disconnect ();
}
}
if ( $this -> connection ){
return $this -> connection ;
} else {
$ldapConn = ldap_connect ( $this -> host , $this -> port );
if ( $ldapConn ){
ldap_set_option ( $ldapConn , LDAP_OPT_PROTOCOL_VERSION , 3 );
ldap_set_option ( $ldapConn , LDAP_OPT_REFERRALS , 0 );
if ( $this -> usetls ) ldap_start_tls ( $ldapConn );
if ( @ ldap_bind ( $ldapConn , $this -> user , $this -> password )){
$this -> connection = $ldapConn ;
return $this -> connection ;
}
}
}
return false ;
}
public function userconnect ( $username , $userpassword ) {
$ldapConn = ldap_connect ( $this -> host , $this -> port );
$this -> connection = $ldapConn ;
if ( $this -> connection ){
ldap_set_option ( $ldapConn , LDAP_OPT_PROTOCOL_VERSION , 3 );
ldap_set_option ( $ldapConn , LDAP_OPT_REFERRALS , 0 );
if ( $this -> usetls ) ldap_start_tls ( $ldapConn );
$dn = $this -> getUserDN ( $username );
if ( @ ldap_bind ( $ldapConn , $dn , $userpassword )){
$res = $this -> search ( str_replace ( " * " , $username , $this -> filteruser ), $this -> userattributes , $this -> baseuser );
$this -> disconnect ();
return $res ;
}
}
$this -> disconnect ();
return false ;
}
public function getParameter ( $key ) {
switch ( $key ) {
case " baseuser " : return $this -> baseuser ; break ;
case " basegroup " : return $this -> basegroup ; break ;
case " baseniveau01 " : return $this -> baseniveau01 ; break ;
case " baseniveau02 " : return $this -> baseniveau02 ; break ;
case " basedn " : return $this -> basedn ; break ;
case " filteruser " : return $this -> filteruser ; break ;
}
}
public function search ( $filter , $attributes = array (), $subBranch = '' ) {
$connection = $this -> connect ();
$branch = ( $subBranch ? $subBranch : $this -> basedn );
$result = ldap_search ( $connection , $branch , $filter , $attributes , 0 , 0 , 0 );
if ( ! $result ) {
$this -> ldapError ();
}
return $this -> resultToArray ( $result );
}
public function searchdn ( $dn , $subBranch = '' ) {
$connection = $this -> connect ();
$tbdn = ldap_explode_dn ( $dn , 0 );
$branch = ( $subBranch ? $subBranch : $this -> basedn );
$result = ldap_search ( $connection , $branch , " ( " . $tbdn [ 0 ] . " ) " , [], 0 , 0 , 0 );
if ( ! $result ) {
$this -> ldapError ();
}
return $this -> resultToArray ( $result );
}
public function deleteByDN ( $dn ){
$connection = $this -> connect ();
$removed = ldap_delete ( $connection , $dn );
if ( ! $removed ){
$this -> ldapError ();
}
}
public function rename ( $oldDN , $newDN , $parentDN = '' , $deleteOldDN = true ){
$connection = $this -> connect ();
$result = ldap_rename ( $connection , $oldDN , $newDN , $parentDN , $deleteOldDN );
if ( ! $result ) $this -> ldapError ();
return $result ;
}
private function resultToArray ( $result ){
$connection = $this -> connect ();
$resultArray = array ();
if ( $result ){
$entry = ldap_first_entry ( $connection , $result );
while ( $entry ){
$row = array ();
$attr = ldap_first_attribute ( $connection , $entry );
while ( $attr ){
$val = ldap_get_values_len ( $connection , $entry , $attr );
if ( array_key_exists ( 'count' , $val ) AND $val [ 'count' ] == 1 ){
$row [ strtolower ( $attr )] = $val [ 0 ];
} else {
$row [ strtolower ( $attr )] = $val ;
}
if ( is_array ( $row [ strtolower ( $attr )])) {
unset ( $row [ strtolower ( $attr )][ " count " ]);
}
$attr = ldap_next_attribute ( $connection , $entry );
}
$resultArray [] = $row ;
$entry = ldap_next_entry ( $connection , $entry );
}
}
return $resultArray ;
}
public function in_array_r ( $item , $array ){
return preg_match ( '/"' . $item . '"/i' , json_encode ( $array ));
}
public function disconnect (){
if ( $this -> connection ) {
ldap_unbind ( $this -> connection );
$this -> connection = null ;
}
}
public function ldapError (){
$connection = $this -> connect ();
throw new \Exception (
'Error: (' . ldap_errno ( $connection ) . ') ' . ldap_error ( $connection )
);
}
public function ldapModify ( $dn , $attrs ) {
$connection = $this -> connect ();
$result = ldap_modify ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
}
//==================================================================================================================================================================
//== Function Organisation==========================================================================================================================================
//==================================================================================================================================================================
public function addOrganisations () {
$ldapentrys = $this -> searchdn ( $this -> baseorganisation );
if ( empty ( $ldapentrys )) {
2022-08-22 13:13:10 +02:00
$this -> addOrganisation ( $this -> baseorganisation );
2022-07-21 16:15:47 +02:00
}
$ldapentrys = $this -> searchdn ( $this -> baseniveau01 , $this -> baseorganisation );
if ( empty ( $ldapentrys )) {
$this -> addOrganisation ( $this -> baseniveau01 );
}
$ldapentrys = $this -> searchdn ( $this -> baseniveau02 , $this -> baseorganisation );
if ( empty ( $ldapentrys )) {
$this -> addOrganisation ( $this -> baseniveau02 );
}
$ldapentrys = $this -> searchdn ( $this -> basegroup , $this -> baseorganisation );
if ( empty ( $ldapentrys )) {
$this -> addOrganisation ( $this -> basegroup );
}
$ldapentrys = $this -> searchdn ( $this -> baseuser , $this -> baseorganisation );
if ( empty ( $ldapentrys )) {
$this -> addOrganisation ( $this -> baseuser );
}
}
public function addOrganisation ( $dn ) {
$connection = $this -> connect ();
$attrs = array ();
$attrs [ 'objectclass' ] = [ " top " , " organizationalUnit " ];
$result = ldap_add ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
return $result ;
}
//==================================================================================================================================================================
//== Function User==================================================================================================================================================
//==================================================================================================================================================================
public function addUser ( User $user ) {
$connection = $this -> connect ();
$dn = $this -> getUserDN ( $user -> getUsername ());
$attrs = array ();
$attrs [ 'objectclass' ] = $this -> getObjectClassesUser ();
$this -> fillAttributesUser ( $user , $attrs );
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
unset ( $attrs [ $key ]);
}
}
$result = ldap_add ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
return $result ;
}
public function ismodifyUser ( User $user , $entry ){
$attrs = [];
$this -> fillAttributesUser ( $user , $attrs );
foreach ( $attrs as $key => $value ) {
if ( ! array_key_exists ( $key , $entry ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $entry ) && $value != $entry [ $key ]) return true ;
}
foreach ( $entry as $key => $value ) {
if ( ! array_key_exists ( $key , $attrs ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $attrs ) && $value != $attrs [ $key ]) return true ;
}
return false ;
}
public function modifyUser ( User $user ){
$dn = $this -> basedn ;
$connection = $this -> connect ();
$attrs = array ();
$this -> fillAttributesUser ( $user , $attrs );
// Rechercher le DN du user
$dn = $this -> getUserDN ( $user -> getUsername ());
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ ldap_mod_del ( $connection , $dn , array ( $key => array ()));
unset ( $attrs [ $key ]);
}
}
$result = ldap_modify ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
}
public function modifyUserpwd ( User $user ){
$dn = $this -> basedn ;
$connection = $this -> connect ();
$attrs = array ();
// Attributs associés au password
$attrs [ 'userpassword' ] = $user -> getPassword ();
// Rechercher le DN du user
$dn = $this -> getUserDN ( $user -> getUsername ());
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ ldap_mod_del ( $connection , $dn , array ( $key => array ()));
unset ( $attrs [ $key ]);
}
}
$result = ldap_modify ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
}
public function updateNiveauUser ( User $user , $todel = false ) {
$dn = $this -> basedn ;
$connection = $this -> connect ();
// NIVEAU01
// On recherche le Niveau01 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid=' . $user -> getUsername () . '))' ;
$subbranch = $this -> baseniveau01 ;
$results = $this -> search ( $criteria , array ( 'cn' ), $subbranch );
foreach ( $results as $result ) {
// Si Niveau01 différent de celui en cours on le détache de ce Niveau01
if ( $result [ " cn " ] != $user -> getNiveau01 () -> getLabel () || $todel ) {
$dn = $this -> getNiveau01DN ( $result [ " cn " ]);
$entry [ 'memberuid' ] = $user -> getUsername ();
$result = ldap_mod_del ( $connection , $dn , $entry );
if ( ! $result ) $this -> ldapError ();
}
}
// On recherche le Niveau01 en cours
if ( ! $todel ) {
$criteria = '(cn=' . $user -> getNiveau01 () -> getLabel () . ')' ;
$subbranch = $this -> baseniveau01 ;
$result = $this -> search ( $criteria , array ( 'memberuid' ), $subbranch );
// S'il n'est pas membre du Niveau01 on le rattache
if ( ! $this -> in_array_r ( $user -> getUsername (), $result [ 0 ])) {
$dn = $this -> getNiveau01DN ( $user -> getNiveau01 () -> getLabel ());
$entry [ 'memberuid' ] = $user -> getUsername ();
$result = ldap_mod_add ( $connection , $dn , $entry );
if ( ! $result ) $this -> ldapError ();
}
}
// NIVEAU02
// On recherche le Niveau02 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid=' . $user -> getUsername () . '))' ;
$subbranch = $this -> baseniveau02 ;
$results = $this -> search ( $criteria , array ( 'cn' ), $subbranch );
foreach ( $results as $result ) {
// Si Niveau02 différent de celui en cours on le détache de ce Niveau02
if ( $user -> getNiveau02 () === null || $result [ " cn " ] != $user -> getNiveau02 () -> getLabel () || $todel ) {
$dn = $this -> getNiveau02DN ( $result [ " cn " ]);
$entry [ 'memberuid' ] = $user -> getUsername ();
$result = ldap_mod_del ( $connection , $dn , $entry );
if ( ! $result ) $this -> ldapError ();
}
}
// On recherche le Niveau02 en cours
if ( ! $todel ) {
if ( $user -> getNiveau02 () !== null ) {
$criteria = '(cn=' . $user -> getNiveau02 () -> getLabel () . ')' ;
$subbranch = $this -> baseniveau02 ;
$result = $this -> search ( $criteria , array ( 'memberuid' ), $subbranch );
// S'il n'est pas membre du Niveau02 on le rattache
if ( empty ( $result ) ||! $this -> in_array_r ( $user -> getUsername (), $result [ 0 ])) {
$dn = $this -> getNiveau02DN ( $user -> getNiveau02 () -> getLabel ());
$entry [ 'memberuid' ] = $user -> getUsername ();
$result = ldap_mod_add ( $connection , $dn , $entry );
if ( ! $result ) $this -> ldapError ();
}
}
}
return $result ;
}
public function deleteUser ( User $user ){
$dn = $this -> getUserDN ( $user -> getUsername ());
return $this -> deleteByDN ( $dn );
}
public function getObjectClassesUser () {
$oc = array (
'top' ,
'person' ,
'organizationalPerson' ,
'inetOrgPerson' ,
);
return $oc ;
}
public function listAttributesUser () {
return [
" uid " ,
" cn " ,
" givenname " ,
" sn " ,
" mail " ,
" displayname " ,
" telephonenumber " ,
" postaladdress " ,
" userpassword " ,
];
}
public function fillAttributesUser ( User $user , array & $attrs ) {
$attrs [ 'uid' ] = $user -> getUsername ();
$attrs [ 'cn' ] = $user -> getFirstname () . ' ' . $user -> getLastname ();
$attrs [ 'givenname' ] = $user -> getFirstname ();
$attrs [ 'sn' ] = $user -> getLastname ();
$attrs [ 'mail' ] = $user -> getEmail ();
$attrs [ 'displayname' ] = $user -> getFirstname () . ' ' . $user -> getLastname ();
$attrs [ 'telephonenumber' ] = $user -> getTelephonenumber ();
$attrs [ 'postaladdress' ] = $user -> getPostaladress ();
$attrs [ 'userpassword' ] = $user -> getPassword ();
}
public function getUserDN ( $username ) {
return $this -> username . '=' . $username . ',' . $this -> baseuser ;
}
//==================================================================================================================================================================
//== Function Niveau01==============================================================================================================================================
//==================================================================================================================================================================
public function findNiveau01 ( $ldapfilter ) {
$ldapentrys = $this -> search ( $ldapfilter ,[ $this -> groupgid , $this -> groupname , $this -> groupmember ], $this -> baseniveau01 );
return $ldapentrys ;
}
public function findNiveau01ismember ( $ldapfilter , $username ) {
$ldapentrys = $this -> findNiveau01 ( $ldapfilter );
foreach ( $ldapentrys as $ldapentry ) {
if ( is_array ( $ldapentry [ $this -> groupmember ])) {
if ( in_array ( $username , $ldapentry [ $this -> groupmember ])) return true ;
}
elseif ( $username == $ldapentry [ $this -> groupmember ]) return true ;
}
return false ;
}
public function addNiveau01 ( Niveau01 $niveau01 ) {
$connection = $this -> connect ();
$dn = $this -> getNiveau01DN ( $niveau01 -> getLabel ());
$attrs = array ();
$attrs [ 'objectclass' ] = $this -> getObjectClassesNiveau01 ();
$this -> fillAttributesNiveau01 ( $niveau01 , $attrs );
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
unset ( $attrs [ $key ]);
}
}
$result = ldap_add ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
return $result ;
}
public function ismodifyNiveau01 ( Niveau01 $niveau01 , $entry ){
$attrs = [];
$this -> fillAttributesNiveau01 ( $niveau01 , $attrs );
foreach ( $attrs as $key => $value ) {
if ( ! array_key_exists ( $key , $entry ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $entry ) && $value != $entry [ $key ]) return true ;
}
foreach ( $entry as $key => $value ) {
if ( ! array_key_exists ( $key , $attrs ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $attrs ) && $value != $attrs [ $key ]) return true ;
}
return false ;
}
public function modifyNiveau01 ( Niveau01 $niveau01 , $oldid ){
$dn = $this -> basedn ;
$connection = $this -> connect ();
$attrs = array ();
$this -> fillAttributesNiveau01 ( $niveau01 , $attrs );
unset ( $attrs [ " cn " ]);
$dn = $this -> getNiveau01DN ( $niveau01 -> getLabel ());
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ ldap_mod_del ( $connection , $dn , array ( $key => array ()));
unset ( $attrs [ $key ]);
}
}
if ( isset ( $oldid ) && $oldid != $niveau01 -> getLabel ()) {
$olddn = $this -> getNiveau01DN ( $oldid );
$this -> rename ( $olddn , " cn= " . $niveau01 -> getLabel (), $this -> baseniveau01 );
}
$result = ldap_modify ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
}
public function deleteNiveau01 ( Niveau01 $niveau01 ){
$dn = $this -> getNiveau01DN ( $niveau01 -> getLabel ());
return $this -> deleteByDN ( $dn );
}
private function getObjectClassesNiveau01 () {
$oc = array (
'top' ,
'posixGroup' ,
);
return $oc ;
}
public function listAttributesNiveau01 () {
return [
" cn " ,
" gidnumber " ,
" memberuid " ,
];
}
public function fillAttributesNiveau01 ( Niveau01 $niveau01 , array & $attrs ) {
$attrs [ 'cn' ] = $niveau01 -> getLabel ();
$attrs [ 'gidnumber' ] = $niveau01 -> getId ();
$attrs [ 'memberuid' ] = [];
foreach ( $niveau01 -> getUsers () as $user ) {
array_push ( $attrs [ 'memberuid' ], $user -> getUsername ());
}
sort ( $attrs [ 'memberuid' ]);
if ( count ( $attrs [ 'memberuid' ]) == 1 ) $attrs [ 'memberuid' ] = $attrs [ 'memberuid' ][ 0 ];
}
public function getNiveau01DN ( $id ) {
return 'cn=' . $id . ',' . $this -> baseniveau01 ;
}
//==================================================================================================================================================================
//== Function Niveau02==============================================================================================================================================
//==================================================================================================================================================================
public function addNiveau02 ( Niveau02 $niveau02 ) {
$connection = $this -> connect ();
$dn = $this -> getNiveau02DN ( $niveau02 -> getLabel ());
$attrs = array ();
$attrs [ 'objectclass' ] = $this -> getObjectClassesNiveau02 ();
$this -> fillAttributesNiveau02 ( $niveau02 , $attrs );
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
unset ( $attrs [ $key ]);
}
}
$result = ldap_add ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
return $result ;
}
public function ismodifyNiveau02 ( Niveau02 $niveau02 , $entry ){
$attrs = [];
$this -> fillAttributesNiveau02 ( $niveau02 , $attrs );
foreach ( $attrs as $key => $value ) {
if ( ! array_key_exists ( $key , $entry ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $entry ) && $value != $entry [ $key ]) return true ;
}
foreach ( $entry as $key => $value ) {
if ( ! array_key_exists ( $key , $attrs ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $attrs ) && $value != $attrs [ $key ]) return true ;
}
return false ;
}
public function modifyNiveau02 ( Niveau02 $niveau02 , $oldid ){
$dn = $this -> basedn ;
$connection = $this -> connect ();
$attrs = array ();
$this -> fillAttributesNiveau02 ( $niveau02 , $attrs );
unset ( $attrs [ " cn " ]);
$dn = $this -> getNiveau02DN ( $niveau02 -> getLabel ());
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ ldap_mod_del ( $connection , $dn , array ( $key => array ()));
unset ( $attrs [ $key ]);
}
}
if ( isset ( $oldid ) && $oldid != $niveau02 -> getLabel ()) {
$olddn = $this -> getNiveau02DN ( $oldid );
$this -> rename ( $olddn , " cn= " . $niveau02 -> getLabel (), $this -> baseniveau02 );
}
$result = ldap_modify ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
}
public function deleteNiveau02 ( Niveau02 $niveau02 ){
$dn = $this -> getNiveau02DN ( $niveau02 -> getLabel ());
return $this -> deleteByDN ( $dn );
}
private function getObjectClassesNiveau02 () {
$oc = array (
'top' ,
'posixGroup' ,
);
return $oc ;
}
public function listAttributesNiveau02 () {
return [
" cn " ,
" gidnumber " ,
" memberuid "
];
}
public function fillAttributesNiveau02 ( Niveau02 $niveau02 , array & $attrs ) {
$attrs [ 'cn' ] = $niveau02 -> getLabel ();
$attrs [ 'gidnumber' ] = $niveau02 -> getId ();
$attrs [ 'memberuid' ] = [];
foreach ( $niveau02 -> getUsers () as $user ) {
array_push ( $attrs [ 'memberuid' ], $user -> getUsername ());
}
sort ( $attrs [ 'memberuid' ]);
if ( count ( $attrs [ 'memberuid' ]) == 1 ) $attrs [ 'memberuid' ] = $attrs [ 'memberuid' ][ 0 ];
}
public function getNiveau02DN ( $id ) {
return 'cn=' . $id . ',' . $this -> baseniveau02 ;
}
//==================================================================================================================================================================
//== Function Group=================================================================================================================================================
//==================================================================================================================================================================
public function addGroup ( Group $group ) {
$connection = $this -> connect ();
$dn = $this -> getGroupDN ( $group -> getLabel ());
$attrs = array ();
$attrs [ 'objectclass' ] = $this -> getObjectClassesGroup ();
$this -> fillAttributesGroup ( $group , $attrs );
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
unset ( $attrs [ $key ]);
}
}
$result = ldap_add ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
return $result ;
}
public function ismodifyGroup ( Group $group , $entry ){
$attrs = [];
$this -> fillAttributesGroup ( $group , $attrs );
foreach ( $attrs as $key => $value ) {
if ( ! array_key_exists ( $key , $entry ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $entry ) && $value != $entry [ $key ]) return true ;
}
foreach ( $entry as $key => $value ) {
if ( ! array_key_exists ( $key , $attrs ) &&! empty ( $value )) return true ;
elseif ( array_key_exists ( $key , $attrs ) && $value != $attrs [ $key ]) return true ;
}
return false ;
}
public function modifyGroup ( Group $group , $oldid ){
$dn = $this -> basedn ;
$connection = $this -> connect ();
$attrs = array ();
$this -> fillAttributesGroup ( $group , $attrs );
unset ( $attrs [ " cn " ]);
$dn = $this -> getGroupDN ( $group -> getLabel ());
foreach ( $attrs as $key => $value ){
if ( empty ( $value )){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ ldap_mod_del ( $connection , $dn , array ( $key => array ()));
unset ( $attrs [ $key ]);
}
}
if ( isset ( $oldid ) && $oldid != $group -> getLabel ()) {
$olddn = $this -> getGroupDN ( $oldid );
$this -> rename ( $olddn , " cn= " . $group -> getLabel (), $this -> basegroup );
}
$result = ldap_modify ( $connection , $dn , $attrs );
if ( ! $result ) $this -> ldapError ();
}
public function deleteGroup ( Group $group ){
$dn = $this -> getGroupDN ( $group -> getLabel ());
return $this -> deleteByDN ( $dn );
}
private function getObjectClassesGroup () {
$oc = array (
'top' ,
'posixGroup' ,
);
return $oc ;
}
public function listAttributesGroup () {
return [
" cn " ,
" gidnumber " ,
" memberuid "
];
}
public function fillAttributesGroup ( Group $group , array & $attrs ) {
$attrs [ 'cn' ] = $group -> getLabel ();
$attrs [ 'gidnumber' ] = $group -> getId ();
$attrs [ 'memberuid' ] = [];
foreach ( $group -> getUsers () as $usergroup ) {
array_push ( $attrs [ 'memberuid' ], $usergroup -> getUser () -> getUsername ());
}
sort ( $attrs [ 'memberuid' ]);
if ( count ( $attrs [ 'memberuid' ]) == 1 ) $attrs [ 'memberuid' ] = $attrs [ 'memberuid' ][ 0 ];
}
public function getGroupDN ( $id ) {
return 'cn=' . $id . ',' . $this -> basegroup ;
}
//==================================================================================================================================================================
//== Function UserGroup=============================================================================================================================================
//==================================================================================================================================================================
function addUserGroup ( UserGroup $usergroup ) {
$dn = $this -> basedn ;
$connection = $this -> connect ();
// On recherche le group en cours
$criteria = '(cn=' . $usergroup -> getGroup () -> getLabel () . ')' ;
$subbranch = $this -> basegroup ;
$result = $this -> search ( $criteria , array ( 'memberuid' ), $subbranch );
if ( ! $this -> in_array_r ( $usergroup -> getUser () -> getUsername (), $result [ 0 ])) {
$dn = $this -> getGroupDN ( $usergroup -> getGroup () -> getLabel ());
$entry [ 'memberuid' ] = $usergroup -> getUser () -> getUsername ();
$result = ldap_mod_add ( $connection , $dn , $entry );
if ( ! $result ) $this -> ldapError ();
}
return $result ;
}
function delUserGroup ( UserGroup $usergroup ) {
$dn = $this -> basedn ;
$connection = $this -> connect ();
// On recherche le group en cours
$criteria = '(cn=' . $usergroup -> getGroup () -> getLabel () . ')' ;
$subbranch = $this -> basegroup ;
$result = $this -> search ( $criteria , array ( 'memberuid' ), $subbranch );
if ( $this -> in_array_r ( $usergroup -> getUser () -> getUsername (), $result [ 0 ])) {
$dn = $this -> getGroupDN ( $usergroup -> getGroup () -> getLabel ());
$entry [ 'memberuid' ] = $usergroup -> getUser () -> getUsername ();
$result = ldap_mod_del ( $connection , $dn , $entry );
if ( ! $result ) $this -> ldapError ();
}
return $result ;
}
}
